com.caucho.http.security
Class AuthenticatorAdapter

java.lang.Object
  |
  +--com.caucho.http.security.AuthenticatorAdapter

All Implemented Interfaces:

ServletAuthenticator

public class AuthenticatorAdapter

extends java.lang.Object

implements ServletAuthenticator

Adapter for old-style authentication.

Constructor Summary

AuthenticatorAdapter(Authenticator auth, RegistryNode registry, Application app)

Method Summary

java.security.Principal	getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application) Gets the authenticated user for the current request.
void	init() Initialize the authenticator.
boolean	isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.security.Principal user, java.lang.String role) Returns true if the user plays the named role.
java.security.Principal	login(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.lang.String user, java.lang.String password) Logs a user in with a user name and a password.
java.security.Principal	loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, java.lang.String user, java.lang.String realm, java.lang.String nonce, java.lang.String uri, java.lang.String qop, java.lang.String nc, java.lang.String cnonce, byte[] clientDigest) Returns the digest secret for Digest authentication.
void	logout(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.security.Principal user) Logs the user out from the given request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthenticatorAdapter

public AuthenticatorAdapter(Authenticator auth,
                            RegistryNode registry,
                            Application app)

Method Detail

init

public void init()
          throws ServletException

Initialize the authenticator.

Specified by:

init in interface ServletAuthenticator

login

public java.security.Principal login(HttpServletRequest request,
                                     HttpServletResponse response,
                                     ServletContext application,
                                     java.lang.String user,
                                     java.lang.String password)
                              throws ServletException

Logs a user in with a user name and a password.

Specified by:

login in interface ServletAuthenticator

Parameters:

request - servlet request

response - servlet response, in case any cookie need sending.

application - servlet application

user - the user name.

password - the user's presented password.

Returns:

the logged in principal on success, null on failure.

loginDigest

public java.security.Principal loginDigest(HttpServletRequest request,
                                           HttpServletResponse response,
                                           ServletContext app,
                                           java.lang.String user,
                                           java.lang.String realm,
                                           java.lang.String nonce,
                                           java.lang.String uri,
                                           java.lang.String qop,
                                           java.lang.String nc,
                                           java.lang.String cnonce,
                                           byte[] clientDigest)
                                    throws ServletException

Description copied from interface: ServletAuthenticator

Returns the digest secret for Digest authentication. Some authenticators will store digest itself instead of storing the password.

 A1 = MD5(username + ':' + realm + ':' + password)
 A2 = MD5(method + ':' + uri)
 digest = MD5(A1 + ':' + nonce + A2)
 

Specified by:

loginDigest in interface ServletAuthenticator

Following copied from interface: com.caucho.http.security.ServletAuthenticator

Parameters:

request - the request trying to authenticate.

response - the response for setting headers and cookies.

application - the servlet context

username - the username

realm - the realm

Returns:

the digest

getUserPrincipal

public java.security.Principal getUserPrincipal(HttpServletRequest request,
                                                HttpServletResponse response,
                                                ServletContext application)
                                         throws ServletException

Gets the authenticated user for the current request. If the user has not logged in, just returns null.

Specified by:

getUserPrincipal in interface ServletAuthenticator

Parameters:

request - the request trying to authenticate.

application - the servlet context

Returns:

the authenticated user or null if none has logged in

isUserInRole

public boolean isUserInRole(HttpServletRequest request,
                            HttpServletResponse response,
                            ServletContext application,
                            java.security.Principal user,
                            java.lang.String role)
                     throws ServletException

Returns true if the user plays the named role.

Specified by:

isUserInRole in interface ServletAuthenticator

Parameters:

request - the request testing the role.

user - the user's Principal.

role - role name.

logout

public void logout(HttpServletRequest request,
                   HttpServletResponse response,
                   ServletContext application,
                   java.security.Principal user)
            throws ServletException

Logs the user out from the given request.

Generally only called from user code.

Specified by:

logout in interface ServletAuthenticator