com.atlassian.seraph.auth

Class AbstractAuthenticator

java.lang.Object

com.atlassian.seraph.auth.AbstractAuthenticator

All Implemented Interfaces:

Authenticator, Initable, Serializable

Direct Known Subclasses:

DefaultAuthenticator

public abstract class AbstractAuthenticator
extends Object
implements Authenticator, Serializable

An abstract implementation of Authenticator that implements a lot of base methods

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
AbstractAuthenticator()

Method Summary

Modifier and Type	Method and Description
void	destroy()
protected SecurityConfig	getConfig()
String	getRemoteUser(javax.servlet.http.HttpServletRequest request) Gets the username of the Principal authenticated for the given HttpServletRequest.
Principal	getUser(javax.servlet.http.HttpServletRequest request) Gets the Principal authenticated for the given HttpServletRequest.
abstract Principal	getUser(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Gets the Principal for the HttpServletRequest.
void	init(Map<String,String> params, SecurityConfig config) Initialise the configuration object with the given "init-params".
boolean	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password) Tries to authenticate a user.
abstract boolean	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password, boolean cookie) Tries to authenticate a user.
abstract boolean	logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractAuthenticator

public AbstractAuthenticator()

Method Detail

init

public void init(Map<String,String> params,
                 SecurityConfig config)

Description copied from interface: Initable

Initialise the configuration object with the given "init-params".

Specified by:

init in interface Initable

Parameters:

params - The map of "init-params" extracted from the Seraph config file. This is guaranteed not null.

config - The Seraph SecurityConfig class that is initialising the config objects. This object will only be partially initialised at this time.

destroy

public void destroy()

Specified by:

destroy in interface Authenticator

getRemoteUser

public String getRemoteUser(javax.servlet.http.HttpServletRequest request)

Description copied from interface: Authenticator

Gets the username of the Principal authenticated for the given HttpServletRequest.

Specified by:

getRemoteUser in interface Authenticator

Returns:

username or null if no user has been authenticated

getUser

public Principal getUser(javax.servlet.http.HttpServletRequest request)

Description copied from interface: Authenticator

Gets the Principal authenticated for the given HttpServletRequest.

Specified by:

getUser in interface Authenticator

Returns:

principal or null if no user has been authenticated

getUser

public abstract Principal getUser(javax.servlet.http.HttpServletRequest request,
                                  javax.servlet.http.HttpServletResponse response)

Description copied from interface: Authenticator

Gets the Principal for the HttpServletRequest. The RememberMeToken will be regenerated for the HttpServletResponse if the token is invalid.

Specified by:

getUser in interface Authenticator

Returns:

principal or null if no user has been authenticated

login

public boolean login(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response,
                     String username,
                     String password)
              throws AuthenticatorException

Description copied from interface: Authenticator

Tries to authenticate a user.

Specified by:

login in interface Authenticator

Parameters:

request - the HttpServletRequest

response - the HttpServletResponse

username - the user name to check against the password

password - the password to authenticate the user with

Returns:

Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.

Throws:

AuthenticatorException - if an error occurs that stops the user from being authenticated (eg remote communication failure).

login

public abstract boolean login(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response,
                              String username,
                              String password,
                              boolean cookie)
                       throws AuthenticatorException

Description copied from interface: Authenticator

Tries to authenticate a user.

Specified by:

login in interface Authenticator

Parameters:

request - the HttpServletRequest

response - the HttpServletResponse

username - the user name to check against the password

password - the password to authenticate the user with

cookie - whether to set a remember me cookie on successful login

Returns:

Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.

Throws:

AuthenticatorException - if an error occurs that stops the user from being authenticated (eg remote communication failure).

logout

public abstract boolean logout(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response)
                        throws AuthenticatorException

Specified by:

logout in interface Authenticator

Throws:

AuthenticatorException

getConfig

protected SecurityConfig getConfig()