| java.lang.Object com.caucho.server.security.AbstractAuthenticator
All known Subclasses: com.caucho.server.security.AnonymousAuthenticator, com.caucho.server.security.NullAuthenticator, com.caucho.server.security.JaasAuthenticator, com.caucho.server.security.JdbcAuthenticator, com.caucho.server.security.AbstractPasswordAuthenticator, com.caucho.http.security.AbstractAuthenticator,
AbstractAuthenticator | public class AbstractAuthenticator implements ServletAuthenticator,HandleAware,java.io.Serializable(Code) | | All applications should extend AbstractAuthenticator to implement
their custom authenticators. While this isn't absolutely required,
it protects implementations from API changes.
The AbstractAuthenticator provides a single-signon cache. Users
logged into one web-app will share the same principal.
|
Inner Class :static class PrincipalEntry | |
Method Summary | |
public void | addRoleMapping(Principal principal, String role) Adds a role mapping. | protected byte[] | digest(String value) | protected String | getDigestPassword(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm) Returns the password for authenticators too lazy to calculate the
digest. | protected byte[] | getDigestSecret(HttpServletRequest request, HttpServletResponse response, ServletContext application, String username, String realm, String algorithm) Returns the digest secret for Digest authentication. | public boolean | getLogoutOnSessionTimeout() Returns true if the user should be logged out on a session timeout. | public PasswordDigest | getPasswordDigest() | public String | getPasswordDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) Returns the digest view of the password. | public String | getPasswordDigestAlgorithm() | public String | getPasswordDigestRealm() | public int | getPrincipalCacheSize() Returns the size of the principal cache. | public Principal | getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application) Grab the user from the request, assuming the user has
already logged in. | protected Principal | getUserPrincipalImpl(HttpServletRequest request, ServletContext application) Gets the user from a persistent cookie, uaing authenticateCookie
to actually look the cookie up. | public void | init() Initialize the authenticator with the application. | public boolean | isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user, String role) Returns true if the user plays the named role. | public Principal | login(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String password) Logs the user in with any appropriate password. | public Principal | loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) Validates the user when using HTTP Digest authentication.
DigestLogin will call this method. | public Principal | loginDigestImpl(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) Validates the user when HTTP Digest authentication.
The HTTP Digest authentication uses the following algorithm
to calculate the digest. | protected Principal | loginImpl(HttpServletRequest request, HttpServletResponse response, ServletContext application, String user, String password) Authenticate (login) the user. | public void | logout(ServletContext application, HttpSession timeoutSession, String sessionId, Principal user) Logs the user out from the session. | public void | logout(HttpServletRequest request, HttpServletResponse response, ServletContext application, Principal user) Logs the user out from the session. | public void | logout(ServletContext application, String sessionId, Principal user) Logs the user out from the session. | public void | setLogoutOnSessionTimeout(boolean logout) Sets true if the principal should logout when the session times out. | public void | setPasswordDigest(PasswordDigest digest) Sets the password digest. | public void | setPasswordDigestAlgorithm(String digest) Sets the password digest algorithm. | public void | setPasswordDigestRealm(String realm) Sets the password digest realm. | public void | setPrincipalCacheSize(int size) Sets the size of the principal cache. | public void | setSerializationHandle(Object handle) | protected byte[] | stringToDigest(String digest) | public String | toString() | public Object | writeReplace() |
_passwordDigestAlgorithm | protected String _passwordDigestAlgorithm(Code) | | |
_passwordDigestRealm | protected String _passwordDigestRealm(Code) | | |
_principalCache | protected LruCache<String, PrincipalEntry> _principalCache(Code) | | |
_principalCacheSize | protected int _principalCacheSize(Code) | | |
getLogoutOnSessionTimeout | public boolean getLogoutOnSessionTimeout()(Code) | | Returns true if the user should be logged out on a session timeout.
|
getPasswordDigestAlgorithm | public String getPasswordDigestAlgorithm()(Code) | | Returns the password digest algorithm
|
getPasswordDigestRealm | public String getPasswordDigestRealm()(Code) | | Returns the password digest realm
|
getPrincipalCacheSize | public int getPrincipalCacheSize()(Code) | | Returns the size of the principal cache.
|
getUserPrincipal | public Principal getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application) throws ServletException(Code) | | Grab the user from the request, assuming the user has
already logged in. In other words, overriding methods could
use cookies or the session to find the logged in principal, but
shouldn't try to log the user in with form parameters.
Parameters: request - the servlet request. a Principal representing the user or null if none has logged in. |
loginDigest | public Principal loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) throws ServletException(Code) | | Validates the user when using HTTP Digest authentication.
DigestLogin will call this method. Most other AbstractLogin
implementations, like BasicLogin and FormLogin, will use
getUserPrincipal instead.
The HTTP Digest authentication uses the following algorithm
to calculate the digest. The digest is then compared to
the client digest.
A1 = MD5(username + ':' + realm + ':' + password)
A2 = MD5(method + ':' + uri)
digest = MD5(A1 + ':' + nonce + A2)
Parameters: request - the request trying to authenticate. Parameters: response - the response for setting headers and cookies. Parameters: app - the servlet context Parameters: user - the username Parameters: realm - the authentication realm Parameters: nonce - the nonce passed to the client during the challenge Parameters: uri - te protected uri Parameters: qop - Parameters: nc - Parameters: cnonce - the client nonce Parameters: clientDigest - the client's calculation of the digest the logged in principal if successful |
loginDigestImpl | public Principal loginDigestImpl(HttpServletRequest request, HttpServletResponse response, ServletContext app, String user, String realm, String nonce, String uri, String qop, String nc, String cnonce, byte[] clientDigest) throws ServletException(Code) | | Validates the user when HTTP Digest authentication.
The HTTP Digest authentication uses the following algorithm
to calculate the digest. The digest is then compared to
the client digest.
A1 = MD5(username + ':' + realm + ':' + password)
A2 = MD5(method + ':' + uri)
digest = MD5(A1 + ':' + nonce + A2)
Parameters: request - the request trying to authenticate. Parameters: response - the response for setting headers and cookies. Parameters: app - the servlet context Parameters: user - the username Parameters: realm - the authentication realm Parameters: nonce - the nonce passed to the client during the challenge Parameters: uri - te protected uri Parameters: qop - Parameters: nc - Parameters: cnonce - the client nonce Parameters: clientDigest - the client's calculation of the digest the logged in principal if successful |
logout | public void logout(ServletContext application, HttpSession timeoutSession, String sessionId, Principal user) throws ServletException(Code) | | Logs the user out from the session.
Parameters: application - the application Parameters: timeoutSession - the session timing out, null if not a timeout logout Parameters: user - the logged in user |
setLogoutOnSessionTimeout | public void setLogoutOnSessionTimeout(boolean logout)(Code) | | Sets true if the principal should logout when the session times out.
|
setPasswordDigest | public void setPasswordDigest(PasswordDigest digest)(Code) | | Sets the password digest. The password digest of the form:
"algorithm-format", e.g. "MD5-base64".
|
setPasswordDigestAlgorithm | public void setPasswordDigestAlgorithm(String digest)(Code) | | Sets the password digest algorithm. The password digest of the form:
"algorithm-format", e.g. "MD5-base64".
|
setPasswordDigestRealm | public void setPasswordDigestRealm(String realm)(Code) | | Sets the password digest realm.
|
setPrincipalCacheSize | public void setPrincipalCacheSize(int size)(Code) | | Sets the size of the principal cache.
|
setSerializationHandle | public void setSerializationHandle(Object handle)(Code) | | Sets the serialization handle
|
stringToDigest | protected byte[] stringToDigest(String digest)(Code) | | |
writeReplace | public Object writeReplace()(Code) | | Serialize to the handle
|
|
|