SessionAuthentication xref

View Javadoc

1   // ========================================================================
2   // Copyright (c) 2009-2009 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // All rights reserved. This program and the accompanying materials
5   // are made available under the terms of the Eclipse Public License v1.0
6   // and Apache License v2.0 which accompanies this distribution.
7   // The Eclipse Public License is available at 
8   // http://www.eclipse.org/legal/epl-v10.html
9   // The Apache License v2.0 is available at
10  // http://www.opensource.org/licenses/apache2.0.php
11  // You may elect to redistribute this code under either of these licenses. 
12  // ========================================================================
13  
14  
15  package org.eclipse.jetty.security.authentication;
16  
17  import java.io.Serializable;
18  
19  import javax.servlet.http.HttpSession;
20  import javax.servlet.http.HttpSessionAttributeListener;
21  import javax.servlet.http.HttpSessionBindingEvent;
22  
23  import org.eclipse.jetty.security.Authenticator;
24  import org.eclipse.jetty.security.UserAuthentication;
25  import org.eclipse.jetty.server.UserIdentity;
26  
27  public class SessionAuthentication extends UserAuthentication implements HttpSessionAttributeListener, Serializable
28  {
29      private static final long serialVersionUID = -4643200685888258706L;
30  
31      public final static String __J_AUTHENTICATED="org.eclipse.jetty.security.UserIdentity";
32      
33      HttpSession _session;
34      
35      public SessionAuthentication(HttpSession session,Authenticator authenticator, UserIdentity userIdentity)
36      {
37          super(authenticator,userIdentity);
38          _session=session;
39      }
40  
41      public void attributeAdded(HttpSessionBindingEvent event)
42      {
43      }
44  
45      public void attributeRemoved(HttpSessionBindingEvent event)
46      {
47          super.logout();
48      }
49      
50      public void attributeReplaced(HttpSessionBindingEvent event)
51      {
52          if (event.getValue()==null)
53              super.logout();
54      }
55  
56      public void logout() 
57      {    
58          _session.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
59      }
60      
61      public String toString()
62      {
63          return "Session"+super.toString();
64      }
65      
66  }