Java Doc for AbstractAuthenticator.java in  » EJB-Server-resin-3.1.5 » resin » com » caucho » server » security » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation
1. 6.0 JDK Core
2. 6.0 JDK Modules
3. 6.0 JDK Modules com.sun
4. 6.0 JDK Modules com.sun.java
5. 6.0 JDK Modules sun
6. 6.0 JDK Platform
7. Ajax
8. Apache Harmony Java SE
9. Aspect oriented
10. Authentication Authorization
11. Blogger System
12. Build
13. Byte Code
14. Cache
15. Chart
16. Chat
17. Code Analyzer
18. Collaboration
19. Content Management System
20. Database Client
21. Database DBMS
22. Database JDBC Connection Pool
23. Database ORM
24. Development
25. EJB Server geronimo
26. EJB Server GlassFish
27. EJB Server JBoss 4.2.1
28. EJB Server resin 3.1.5
29. ERP CRM Financial
30. ESB
31. Forum
32. GIS
33. Graphic Library
34. Groupware
35. HTML Parser
36. IDE
37. IDE Eclipse
38. IDE Netbeans
39. Installer
40. Internationalization Localization
41. Inversion of Control
42. Issue Tracking
43. J2EE
44. JBoss
45. JMS
46. JMX
47. Library
48. Mail Clients
49. Net
50. Parser
51. PDF
52. Portal
53. Profiler
54. Project Management
55. Report
56. RSS RDF
57. Rule Engine
58. Science
59. Scripting
60. Search Engine
61. Security
62. Sevlet Container
63. Source Control
64. Swing Library
65. Template Engine
66. Test Coverage
67. Testing
68. UML
69. Web Crawler
70. Web Framework
71. Web Mail
72. Web Server
73. Web Services
74. Web Services apache cxf 2.0.1
75. Web Services AXIS2
76. Wiki Engine
77. Workflow Engines
78. XML
79. XML UI
Java
Java Tutorial
Java Open Source
Jar File Download
Java Articles
Java Products
Java by API
Photoshop Tutorials
Maya Tutorials
Flash Tutorials
3ds-Max Tutorials
Illustrator Tutorials
GIMP Tutorials
C# / C Sharp
C# / CSharp Tutorial
C# / CSharp Open Source
ASP.Net
ASP.NET Tutorial
JavaScript DHTML
JavaScript Tutorial
JavaScript Reference
HTML / CSS
HTML CSS Reference
C / ANSI-C
C Tutorial
C++
C++ Tutorial
Ruby
PHP
Python
Python Tutorial
Python Open Source
SQL Server / T-SQL
SQL Server / T-SQL Tutorial
Oracle PL / SQL
Oracle PL/SQL Tutorial
PostgreSQL
SQL / MySQL
MySQL Tutorial
VB.Net
VB.Net Tutorial
Flash / Flex / ActionScript
VBA / Excel / Access / Word
XML
XML Tutorial
Microsoft Office PowerPoint 2007 Tutorial
Microsoft Office Excel 2007 Tutorial
Microsoft Office Word 2007 Tutorial
Java Source Code / Java Documentation » EJB Server resin 3.1.5 » resin » com.caucho.server.security 
Source Cross Reference  Class Diagram Java Document (Java Doc) 


java.lang.Object
   com.caucho.server.security.AbstractAuthenticator

All known Subclasses:   com.caucho.server.security.AnonymousAuthenticator,  com.caucho.server.security.NullAuthenticator,  com.caucho.server.security.JaasAuthenticator,  com.caucho.server.security.JdbcAuthenticator,  com.caucho.server.security.AbstractPasswordAuthenticator,  com.caucho.http.security.AbstractAuthenticator,
AbstractAuthenticator
public class AbstractAuthenticator implements ServletAuthenticator,HandleAware,java.io.Serializable(Code)
All applications should extend AbstractAuthenticator to implement their custom authenticators. While this isn't absolutely required, it protects implementations from API changes.

The AbstractAuthenticator provides a single-signon cache. Users logged into one web-app will share the same principal.


Inner Class :static class PrincipalEntry

Field Summary
final static  L10NL
    
final public static  StringLOGIN_NAME
    
protected  PasswordDigest_passwordDigest
    
protected  String_passwordDigestAlgorithm
    
protected  String_passwordDigestRealm
    
protected  LruCache<String, PrincipalEntry>_principalCache
    
protected  int_principalCacheSize
    


Method Summary
public  voidaddRoleMapping(Principal principal, String role)
     Adds a role mapping.
protected  byte[]digest(String value)
    
protected  StringgetDigestPassword(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm)
     Returns the password for authenticators too lazy to calculate the digest.
protected  byte[]getDigestSecret(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm, String algorithm)
     Returns the digest secret for Digest authentication.
public  booleangetLogoutOnSessionTimeout()
     Returns true if the user should be logged out on a session timeout.
public  PasswordDigestgetPasswordDigest()
    
public  StringgetPasswordDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password)
     Returns the digest view of the password.
public  StringgetPasswordDigestAlgorithm()
    
public  StringgetPasswordDigestRealm()
    
public  intgetPrincipalCacheSize()
     Returns the size of the principal cache.
public  PrincipalgetUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application)
     Grab the user from the request, assuming the user has already logged in.
protected  PrincipalgetUserPrincipalImpl(HttpServletRequest request, ServletContext application)
     Gets the user from a persistent cookie, uaing authenticateCookie to actually look the cookie up.
public  voidinit()
     Initialize the authenticator with the application.
public  booleanisUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user, String role)
     Returns true if the user plays the named role.
public  Principallogin(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password)
     Logs the user in with any appropriate password.
public  PrincipalloginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest)
     Validates the user when using HTTP Digest authentication. DigestLogin will call this method.
public  PrincipalloginDigestImpl(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest)
     Validates the user when HTTP Digest authentication. The HTTP Digest authentication uses the following algorithm to calculate the digest.
protected  PrincipalloginImpl(HttpServletRequest request, HttpServletResponse response, ServletContext application, String user, String password)
     Authenticate (login) the user.
public  voidlogout(ServletContext application, HttpSession timeoutSession, String sessionId, Principal user)
     Logs the user out from the session.
public  voidlogout(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user)
     Logs the user out from the session.
public  voidlogout(ServletContext application, String sessionId, Principal user)
     Logs the user out from the session.
public  voidsetLogoutOnSessionTimeout(boolean logout)
     Sets true if the principal should logout when the session times out.
public  voidsetPasswordDigest(PasswordDigest digest)
     Sets the password digest.
public  voidsetPasswordDigestAlgorithm(String digest)
     Sets the password digest algorithm.
public  voidsetPasswordDigestRealm(String realm)
     Sets the password digest realm.
public  voidsetPrincipalCacheSize(int size)
     Sets the size of the principal cache.
public  voidsetSerializationHandle(Object handle)
    
protected  byte[]stringToDigest(String digest)
    
public  StringtoString()
    
public  ObjectwriteReplace()
    

Field Detail
L
final static L10N L(Code)



LOGIN_NAME
final public static String LOGIN_NAME(Code)



_passwordDigest
protected PasswordDigest _passwordDigest(Code)



_passwordDigestAlgorithm
protected String _passwordDigestAlgorithm(Code)



_passwordDigestRealm
protected String _passwordDigestRealm(Code)



_principalCache
protected LruCache<String, PrincipalEntry> _principalCache(Code)



_principalCacheSize
protected int _principalCacheSize(Code)





Method Detail
addRoleMapping
public void addRoleMapping(Principal principal, String role)(Code)
Adds a role mapping.



digest
protected byte[] digest(String value) throws ServletException(Code)



getDigestPassword
protected String getDigestPassword(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm) throws ServletException(Code)
Returns the password for authenticators too lazy to calculate the digest.



getDigestSecret
protected byte[] getDigestSecret(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm, String algorithm) throws ServletException(Code)
Returns the digest secret for Digest authentication.



getLogoutOnSessionTimeout
public boolean getLogoutOnSessionTimeout()(Code)
Returns true if the user should be logged out on a session timeout.



getPasswordDigest
public PasswordDigest getPasswordDigest()(Code)
Returns the password digest



getPasswordDigest
public String getPasswordDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) throws ServletException(Code)
Returns the digest view of the password. The default uses the PasswordDigest class if available, and returns the plaintext password if not.



getPasswordDigestAlgorithm
public String getPasswordDigestAlgorithm()(Code)
Returns the password digest algorithm



getPasswordDigestRealm
public String getPasswordDigestRealm()(Code)
Returns the password digest realm



getPrincipalCacheSize
public int getPrincipalCacheSize()(Code)
Returns the size of the principal cache.



getUserPrincipal
public Principal getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application) throws ServletException(Code)
Grab the user from the request, assuming the user has already logged in. In other words, overriding methods could use cookies or the session to find the logged in principal, but shouldn't try to log the user in with form parameters.
Parameters:
  request - the servlet request. a Principal representing the user or null if none has logged in.



getUserPrincipalImpl
protected Principal getUserPrincipalImpl(HttpServletRequest request, ServletContext application) throws ServletException(Code)
Gets the user from a persistent cookie, uaing authenticateCookie to actually look the cookie up.



init
public void init() throws ServletException(Code)
Initialize the authenticator with the application.



isUserInRole
public boolean isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user, String role) throws ServletException(Code)
Returns true if the user plays the named role.
Parameters:
  request - the servlet request
Parameters:
  user - the user to test
Parameters:
  role - the role to test



login
public Principal login(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) throws ServletException(Code)
Logs the user in with any appropriate password.



loginDigest
public Principal loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) throws ServletException(Code)
Validates the user when using HTTP Digest authentication. DigestLogin will call this method. Most other AbstractLogin implementations, like BasicLogin and FormLogin, will use getUserPrincipal instead.

The HTTP Digest authentication uses the following algorithm to calculate the digest. The digest is then compared to the client digest.

 A1 = MD5(username + ':' + realm + ':' + password)
 A2 = MD5(method + ':' + uri)
 digest = MD5(A1 + ':' + nonce + A2)
 

Parameters:
  request - the request trying to authenticate.
Parameters:
  response - the response for setting headers and cookies.
Parameters:
  app - the servlet context
Parameters:
  user - the username
Parameters:
  realm - the authentication realm
Parameters:
  nonce - the nonce passed to the client during the challenge
Parameters:
  uri - te protected uri
Parameters:
  qop -
Parameters:
  nc -
Parameters:
  cnonce - the client nonce
Parameters:
  clientDigest - the client's calculation of the digest the logged in principal if successful



loginDigestImpl
public Principal loginDigestImpl(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) throws ServletException(Code)
Validates the user when HTTP Digest authentication. The HTTP Digest authentication uses the following algorithm to calculate the digest. The digest is then compared to the client digest.
 A1 = MD5(username + ':' + realm + ':' + password)
 A2 = MD5(method + ':' + uri)
 digest = MD5(A1 + ':' + nonce + A2)
 

Parameters:
  request - the request trying to authenticate.
Parameters:
  response - the response for setting headers and cookies.
Parameters:
  app - the servlet context
Parameters:
  user - the username
Parameters:
  realm - the authentication realm
Parameters:
  nonce - the nonce passed to the client during the challenge
Parameters:
  uri - te protected uri
Parameters:
  qop -
Parameters:
  nc -
Parameters:
  cnonce - the client nonce
Parameters:
  clientDigest - the client's calculation of the digest the logged in principal if successful



loginImpl
protected Principal loginImpl(HttpServletRequest request, HttpServletResponse response, ServletContext application, String user, String password) throws ServletException(Code)
Authenticate (login) the user.



logout
public void logout(ServletContext application, HttpSession timeoutSession, String sessionId, Principal user) throws ServletException(Code)
Logs the user out from the session.
Parameters:
  application - the application
Parameters:
  timeoutSession - the session timing out, null if not a timeout logout
Parameters:
  user - the logged in user



logout
public void logout(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user) throws ServletException(Code)
Logs the user out from the session.
Parameters:
  request - the servlet request



logout
public void logout(ServletContext application, String sessionId, Principal user) throws ServletException(Code)
Logs the user out from the session.
Parameters:
  request - the servlet request



setLogoutOnSessionTimeout
public void setLogoutOnSessionTimeout(boolean logout)(Code)
Sets true if the principal should logout when the session times out.



setPasswordDigest
public void setPasswordDigest(PasswordDigest digest)(Code)
Sets the password digest. The password digest of the form: "algorithm-format", e.g. "MD5-base64".



setPasswordDigestAlgorithm
public void setPasswordDigestAlgorithm(String digest)(Code)
Sets the password digest algorithm. The password digest of the form: "algorithm-format", e.g. "MD5-base64".



setPasswordDigestRealm
public void setPasswordDigestRealm(String realm)(Code)
Sets the password digest realm.



setPrincipalCacheSize
public void setPrincipalCacheSize(int size)(Code)
Sets the size of the principal cache.



setSerializationHandle
public void setSerializationHandle(Object handle)(Code)
Sets the serialization handle



stringToDigest
protected byte[] stringToDigest(String digest)(Code)



toString
public String toString()(Code)



writeReplace
public Object writeReplace()(Code)
Serialize to the handle



Methods inherited from java.lang.Object
native protected Object clone() throws CloneNotSupportedException(Code)(Java Doc)
public boolean equals(Object obj)(Code)(Java Doc)
protected void finalize() throws Throwable(Code)(Java Doc)
final native public Class getClass()(Code)(Java Doc)
native public int hashCode()(Code)(Java Doc)
final native public void notify()(Code)(Java Doc)
final native public void notifyAll()(Code)(Java Doc)
public String toString()(Code)(Java Doc)
final native public void wait(long timeout) throws InterruptedException(Code)(Java Doc)
final public void wait(long timeout, int nanos) throws InterruptedException(Code)(Java Doc)
final public void wait() throws InterruptedException(Code)(Java Doc)

www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.