| java.lang.Object org.restlet.Uniform org.restlet.Restlet org.restlet.Filter org.restlet.Guard
Method Summary | |
public void | accept(Request request, Response response) Accepts the call. | public int | authenticate(Request request) Indicates if the call is properly authenticated. | public boolean | authorize(Request request) Indicates if the request is authorized to pass through the Guard. | public void | challenge(Response response) Challenges the client by adding a challenge request to the response and
by setting the status to CLIENT_ERROR_UNAUTHORIZED. | protected boolean | checkSecret(String identifier, char[] secret) Indicates if the secret is valid for the given identifier. | public void | doHandle(Request request, Response response) Handles the call by distributing it to the next Restlet. | protected char[] | findSecret(String identifier) Finds the secret associated to a given identifier. | public void | forbid(Response response) Rejects the call due to a failed authentication or authorization. | public Map<String, char[]> | getSecrets() Returns the map of identifiers and secrets. |
Guard | public Guard(Context context, ChallengeScheme scheme, String realm)(Code) | | Constructor.
Parameters: context - The context. Parameters: scheme - The authentication scheme to use. Parameters: realm - The authentication realm. |
accept | public void accept(Request request, Response response)(Code) | | Accepts the call. By default, it is invoked it the request is
authenticated and authorized, and asks the attached Restlet to handle the
call.
Parameters: request - The request to accept. Parameters: response - The response to accept. |
authenticate | public int authenticate(Request request)(Code) | | Indicates if the call is properly authenticated. By default, this
delegates credential checking to checkSecret().
Parameters: request - The request to authenticate. -1 if the given credentials were invalid, 0 if no credentialswere found and 1 otherwise. See Also: Guard.checkSecret(String,char[]) |
authorize | public boolean authorize(Request request)(Code) | | Indicates if the request is authorized to pass through the Guard. This
method is only called if the call was sucessfully authenticated. It
always returns true by default. If specific checks are required, they
could be added by overriding this method.
Parameters: request - The request to authorize. True if the request is authorized. |
challenge | public void challenge(Response response)(Code) | | Challenges the client by adding a challenge request to the response and
by setting the status to CLIENT_ERROR_UNAUTHORIZED.
Parameters: response - The response to update. |
checkSecret | protected boolean checkSecret(String identifier, char[] secret)(Code) | | Indicates if the secret is valid for the given identifier. By default,
this returns true given the correct login/password couple as verified via
the findSecret() method.
Parameters: identifier - the identifier Parameters: secret - the identifier's secret true if the secret is valid for the given identifier |
doHandle | public void doHandle(Request request, Response response)(Code) | | Handles the call by distributing it to the next Restlet.
Parameters: request - The request to handle. Parameters: response - The response to update. |
findSecret | protected char[] findSecret(String identifier)(Code) | | Finds the secret associated to a given identifier. By default it looks up
into the secrets map, but this behavior can be overriden.
Parameters: identifier - The identifier to lookup. The secret associated to the identifier or null. |
forbid | public void forbid(Response response)(Code) | | Rejects the call due to a failed authentication or authorization. This
can be overriden to change the defaut behavior, for example to display an
error page. By default, if authentication is required, the challenge
method is invoked, otherwise the call status is set to
CLIENT_ERROR_FORBIDDEN.
Parameters: response - The reject response. |
getSecrets | public Map<String, char[]> getSecrets()(Code) | | Returns the map of identifiers and secrets.
The map of identifiers and secrets. |
|
|