org.eclipse.jetty.security.authentication
Class FormAuthenticator
java.lang.Object
org.eclipse.jetty.security.authentication.LoginAuthenticator
org.eclipse.jetty.security.authentication.FormAuthenticator
- All Implemented Interfaces:
- Authenticator
public class FormAuthenticator
- extends LoginAuthenticator
FORM Authenticator.
This authenticator implements form authentication will use dispatchers to
the login page if the __FORM_DISPATCH init parameter is set to true.
Otherwise it will redirect.
The form authenticator redirects unauthenticated requests to a log page
which should use a form to gather username/password from the user and send them
to the /j_security_check URI within the context. FormAuthentication uses
SessionAuthentication to wrap Authentication results so that they
are associated with the session.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
__FORM_LOGIN_PAGE
public static final String __FORM_LOGIN_PAGE
- See Also:
- Constant Field Values
__FORM_ERROR_PAGE
public static final String __FORM_ERROR_PAGE
- See Also:
- Constant Field Values
__FORM_DISPATCH
public static final String __FORM_DISPATCH
- See Also:
- Constant Field Values
__J_URI
public static final String __J_URI
- See Also:
- Constant Field Values
__J_POST
public static final String __J_POST
- See Also:
- Constant Field Values
__J_SECURITY_CHECK
public static final String __J_SECURITY_CHECK
- See Also:
- Constant Field Values
__J_USERNAME
public static final String __J_USERNAME
- See Also:
- Constant Field Values
__J_PASSWORD
public static final String __J_PASSWORD
- See Also:
- Constant Field Values
FormAuthenticator
public FormAuthenticator()
FormAuthenticator
public FormAuthenticator(String login,
String error,
boolean dispatch)
setConfiguration
public void setConfiguration(Authenticator.AuthConfiguration configuration)
- Description copied from interface:
Authenticator
- Configure the Authenticator
- Specified by:
setConfiguration in interface Authenticator- Overrides:
setConfiguration in class LoginAuthenticator
- See Also:
LoginAuthenticator.setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)
getAuthMethod
public String getAuthMethod()
- Returns:
- The name of the authentication method
validateRequest
public Authentication validateRequest(ServletRequest req,
ServletResponse res,
boolean mandatory)
throws ServerAuthException
- Description copied from interface:
Authenticator
- Validate a response
- Parameters:
req - The requestres - The responsemandatory - True if authentication is mandatory.
- Returns:
- An Authentication. If Authentication is successful, this will be a
Authentication.User. If a response has
been sent by the Authenticator (which can be done for both successful and unsuccessful authentications), then the result will
implement Authentication.ResponseSent. If Authentication is not manditory, then a
Authentication.Deferred may be returned.
- Throws:
ServerAuthException
isJSecurityCheck
public boolean isJSecurityCheck(String uri)
isLoginOrErrorPage
public boolean isLoginOrErrorPage(String pathInContext)
secureResponse
public boolean secureResponse(ServletRequest req,
ServletResponse res,
boolean mandatory,
Authentication.User validatedUser)
throws ServerAuthException
- Returns:
- true if response is secure
- Throws:
ServerAuthException
Copyright © 1995-2011 Mort Bay Consulting. All Rights Reserved.