|
Logs in a user by extracting authentication data from an Http servlet
session. First, the module tries to extract a Principal object out of the
request directly using the servlet requests's getUserPrincipal()
method. If one is found, authentication succeeds. If there is no
Principal in the request, try calling getRemoteUser() . If
the remoteUser exists but the UserDatabase can't find a matching
profile, a generic WikiPrincipal is created with this value. If neither
userPrincipal nor remoteUser exist in the request, the login fails.
This module must be used with a CallbackHandler that supports the following
Callback types:
-
HttpRequestCallback - supplies the Http request object, from
which the getRemoteUser and getUserPrincipal are extracted
-
UserDatabaseCallback - supplies the user database for looking up
the value of getRemoteUser
After authentication, the Subject will contain principals
com.ecyrd.jspwiki.auth.authorize.Role.ALL and
com.ecyrd.jspwiki.auth.authorize.Role.AUTHENTICATED ,
plus the Principal that represents the logged-in user.
author: Andrew Jaquith since: 2.3 |