com.atlassian.seraph.auth

Interface Authenticator

All Superinterfaces:

Initable

All Known Implementing Classes:

AbstractAuthenticator, DefaultAuthenticator

public interface Authenticator
extends Initable

An Authenticator is used to authenticate users, log them in, log them out and check their roles.

Method Summary

Modifier and Type	Method and Description
void	destroy()
String	getRemoteUser(javax.servlet.http.HttpServletRequest request) Gets the username of the Principal authenticated for the given HttpServletRequest.
Principal	getUser(javax.servlet.http.HttpServletRequest request) Gets the Principal authenticated for the given HttpServletRequest.
Principal	getUser(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Gets the Principal for the HttpServletRequest.
boolean	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password) Tries to authenticate a user.
boolean	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password, boolean storeCookie) Tries to authenticate a user.
boolean	logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

Methods inherited from interface com.atlassian.seraph.Initable

init

Method Detail

destroy

void destroy()

getRemoteUser

String getRemoteUser(javax.servlet.http.HttpServletRequest request)

Gets the username of the Principal authenticated for the given HttpServletRequest.

Parameters:

request -

Returns:

username or null if no user has been authenticated

getUser

Principal getUser(javax.servlet.http.HttpServletRequest request)

Gets the Principal authenticated for the given HttpServletRequest.

Parameters:

request -

Returns:

principal or null if no user has been authenticated

getUser

Principal getUser(javax.servlet.http.HttpServletRequest request,
                  javax.servlet.http.HttpServletResponse response)

Gets the Principal for the HttpServletRequest. The RememberMeToken will be regenerated for the HttpServletResponse if the token is invalid.

Parameters:

request -

response -

Returns:

principal or null if no user has been authenticated

login

boolean login(javax.servlet.http.HttpServletRequest request,
              javax.servlet.http.HttpServletResponse response,
              String username,
              String password)
       throws AuthenticatorException

Tries to authenticate a user.

Parameters:

request - the HttpServletRequest

response - the HttpServletResponse

username - the user name to check against the password

password - the password to authenticate the user with

Returns:

Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.

Throws:

AuthenticatorException - if an error occurs that stops the user from being authenticated (eg remote communication failure).

login

boolean login(javax.servlet.http.HttpServletRequest request,
              javax.servlet.http.HttpServletResponse response,
              String username,
              String password,
              boolean storeCookie)
       throws AuthenticatorException

Tries to authenticate a user.

Parameters:

request - the HttpServletRequest

response - the HttpServletResponse

username - the user name to check against the password

password - the password to authenticate the user with

storeCookie - whether to set a remember me cookie on successful login

Returns:

Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.

Throws:

AuthenticatorException - if an error occurs that stops the user from being authenticated (eg remote communication failure).

logout

boolean logout(javax.servlet.http.HttpServletRequest request,
               javax.servlet.http.HttpServletResponse response)
        throws AuthenticatorException

Throws:

AuthenticatorException