water.webserver.jetty8.security

Class FormAuthenticator

java.lang.Object

org.eclipse.jetty.security.authentication.LoginAuthenticator

water.webserver.jetty8.security.FormAuthenticator

All Implemented Interfaces:

org.eclipse.jetty.security.Authenticator

public class FormAuthenticator
extends org.eclipse.jetty.security.authentication.LoginAuthenticator

FORM Authenticator.

This authenticator implements form authentication will use dispatchers to the login page if the __FORM_DISPATCH init parameter is set to true. Otherwise it will redirect.

The form authenticator redirects unauthenticated requests to a log page which should use a form to gather username/password from the user and send them to the /j_security_check URI within the context. FormAuthentication uses SessionAuthentication to wrap Authentication results so that they are associated with the session.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	FormAuthenticator.FormAuthentication This Authentication represents a just completed Form authentication.
protected static class	FormAuthenticator.FormRequest
protected static class	FormAuthenticator.FormResponse

Nested classes/interfaces inherited from interface org.eclipse.jetty.security.Authenticator

org.eclipse.jetty.security.Authenticator.AuthConfiguration, org.eclipse.jetty.security.Authenticator.Factory

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	__FORM_DISPATCH
static java.lang.String	__FORM_ERROR_PAGE
static java.lang.String	__FORM_LOGIN_PAGE
static java.lang.String	__J_PASSWORD
static java.lang.String	__J_POST
static java.lang.String	__J_SECURITY_CHECK
static java.lang.String	__J_URI
static java.lang.String	__J_USERNAME

Fields inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator

_identityService, _loginService

Constructor Summary

Constructors

Constructor and Description
FormAuthenticator()
FormAuthenticator(java.lang.String login, java.lang.String error, boolean dispatch, boolean useRelativeRedirects)

Method Summary

Modifier and Type	Method and Description
boolean	getAlwaysSaveUri()
java.lang.String	getAuthMethod()
boolean	getUseRelativeRedirects()
boolean	isJSecurityCheck(java.lang.String uri)
boolean	isLoginOrErrorPage(java.lang.String pathInContext)
org.eclipse.jetty.server.UserIdentity	login(java.lang.String username, java.lang.Object password, javax.servlet.ServletRequest request)
boolean	secureResponse(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory, org.eclipse.jetty.server.Authentication.User validatedUser)
void	setAlwaysSaveUri(boolean alwaysSave) If true, uris that cause a redirect to a login page will always be remembered.
void	setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration configuration)
org.eclipse.jetty.server.Authentication	validateRequest(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, boolean mandatory)

Methods inherited from class org.eclipse.jetty.security.authentication.LoginAuthenticator

getLoginService, renewSession

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

__FORM_LOGIN_PAGE

public static final java.lang.String __FORM_LOGIN_PAGE

See Also:

Constant Field Values

__FORM_ERROR_PAGE

public static final java.lang.String __FORM_ERROR_PAGE

See Also:

Constant Field Values

__FORM_DISPATCH

public static final java.lang.String __FORM_DISPATCH

See Also:

Constant Field Values

__J_URI

public static final java.lang.String __J_URI

See Also:

Constant Field Values

__J_POST

public static final java.lang.String __J_POST

See Also:

Constant Field Values

__J_SECURITY_CHECK

public static final java.lang.String __J_SECURITY_CHECK

See Also:

Constant Field Values

__J_USERNAME

public static final java.lang.String __J_USERNAME

See Also:

Constant Field Values

__J_PASSWORD

public static final java.lang.String __J_PASSWORD

See Also:

Constant Field Values

Constructor Detail

FormAuthenticator

public FormAuthenticator()

FormAuthenticator

public FormAuthenticator(java.lang.String login,
                         java.lang.String error,
                         boolean dispatch,
                         boolean useRelativeRedirects)

Method Detail

setAlwaysSaveUri

public void setAlwaysSaveUri(boolean alwaysSave)

If true, uris that cause a redirect to a login page will always be remembered. If false, only the first uri that leads to a login page redirect is remembered. See https://bugs.eclipse.org/bugs/show_bug.cgi?id=379909

Parameters:

alwaysSave -

getAlwaysSaveUri

public boolean getAlwaysSaveUri()

getUseRelativeRedirects

public boolean getUseRelativeRedirects()

setConfiguration

public void setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration configuration)

Specified by:

setConfiguration in interface org.eclipse.jetty.security.Authenticator

Overrides:

setConfiguration in class org.eclipse.jetty.security.authentication.LoginAuthenticator

See Also:

LoginAuthenticator.setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)

getAuthMethod

public java.lang.String getAuthMethod()

login

public org.eclipse.jetty.server.UserIdentity login(java.lang.String username,
                                                   java.lang.Object password,
                                                   javax.servlet.ServletRequest request)

Overrides:

login in class org.eclipse.jetty.security.authentication.LoginAuthenticator

validateRequest

public org.eclipse.jetty.server.Authentication validateRequest(javax.servlet.ServletRequest req,
                                                               javax.servlet.ServletResponse res,
                                                               boolean mandatory)
                                                        throws org.eclipse.jetty.security.ServerAuthException

Throws:

org.eclipse.jetty.security.ServerAuthException

isJSecurityCheck

public boolean isJSecurityCheck(java.lang.String uri)

isLoginOrErrorPage

public boolean isLoginOrErrorPage(java.lang.String pathInContext)

secureResponse

public boolean secureResponse(javax.servlet.ServletRequest req,
                              javax.servlet.ServletResponse res,
                              boolean mandatory,
                              org.eclipse.jetty.server.Authentication.User validatedUser)
                       throws org.eclipse.jetty.security.ServerAuthException

Throws:

org.eclipse.jetty.security.ServerAuthException