io.milton.http.http11.auth

Class LoginResponseHandler

java.lang.Object

io.milton.http.AbstractWrappingResponseHandler

io.milton.http.http11.auth.LoginResponseHandler

All Implemented Interfaces:

Bufferable, ETagGenerator, Http11ResponseHandler, WebDavResponseHandler

public class LoginResponseHandler
extends AbstractWrappingResponseHandler

This decorates a wrapped response handler, and gives it the ability to generate login pages. When activated, this will suppress the http authorisation status code and instead render a login page. Note that the conditions under which a login page is produced in place of a http challenge are quite specific and should not interfere with non web browser user agents. This will usually be used together with FormAuthenticationHandler and CookieAuthenticationHandler to provide a complete authentication mechanism integrated into the normal milton life cycle

Author:

brad

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	LoginResponseHandler.ContentTypeLoginPageTypeHandler Default implementation which uses some sensible rules about content types etc
static interface	LoginResponseHandler.LoginPageTypeHandler

Field Summary

Fields

Modifier and Type	Field and Description
static String	ATT_DISABLE

Fields inherited from class io.milton.http.AbstractWrappingResponseHandler

wrapped

Constructor Summary

Constructors

Constructor and Description
LoginResponseHandler(WebDavResponseHandler wrapped, ResourceFactory resourceFactory, LoginResponseHandler.LoginPageTypeHandler loginPageTypeHandler)

Method Summary

Modifier and Type	Method and Description
List<String>	getExcludePaths()
String	getLoginPage()
ResourceFactory	getResourceFactory()
boolean	isEnabled()
void	respondUnauthorised(Resource resource, Response response, Request request) If responding with a login page, the request attribute "authReason" is set to either "required", indicating that the user must login; or "notPermitted" indicating that the user is currently logged in but does not have permission
static void	setDisableHtmlResponse(Request r) Called when authentication has detected a user type which is not compatible with form authentication.
void	setEnabled(boolean enabled)
void	setExcludePaths(List<String> excludePaths)
void	setLoginPage(String loginPage)

Methods inherited from class io.milton.http.AbstractWrappingResponseHandler

generateEtag, getBuffering, getWrapped, respondBadRequest, respondConflict, respondContent, respondCreated, respondDeleteFailed, respondExpectationFailed, respondForbidden, respondHead, respondInsufficientStorage, respondLocked, respondMethodNotAllowed, respondMethodNotImplemented, respondNoContent, respondNotFound, respondNotModified, respondPartialContent, respondPartialContent, respondPreconditionFailed, respondPropFind, respondPropFind, respondRedirect, respondServerError, respondWithOptions, responseMultiStatus, setBuffering, setWrapped

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ATT_DISABLE

public static final String ATT_DISABLE

See Also:

Constant Field Values

Constructor Detail

LoginResponseHandler

public LoginResponseHandler(WebDavResponseHandler wrapped,
                            ResourceFactory resourceFactory,
                            LoginResponseHandler.LoginPageTypeHandler loginPageTypeHandler)

Method Detail

setDisableHtmlResponse

public static void setDisableHtmlResponse(Request r)

Called when authentication has detected a user type which is not compatible with form authentication. This will prevent a html form being presented, so the user will be forced to login via Basic or Diget

Parameters:

r -

respondUnauthorised

public void respondUnauthorised(Resource resource,
                                Response response,
                                Request request)

If responding with a login page, the request attribute "authReason" is set to either "required", indicating that the user must login; or "notPermitted" indicating that the user is currently logged in but does not have permission

Specified by:

respondUnauthorised in interface Http11ResponseHandler

Overrides:

respondUnauthorised in class AbstractWrappingResponseHandler

Parameters:

resource -

response -

request -

getLoginPage

public String getLoginPage()

setLoginPage

public void setLoginPage(String loginPage)

getResourceFactory

public ResourceFactory getResourceFactory()

getExcludePaths

public List<String> getExcludePaths()

setExcludePaths

public void setExcludePaths(List<String> excludePaths)

isEnabled

public boolean isEnabled()

setEnabled

public void setEnabled(boolean enabled)