Package io.milton.http.http11.auth

Class CookieAuthenticationHandler

java.lang.Object
io.milton.http.http11.auth.CookieAuthenticationHandler
All Implemented Interfaces:
AuthenticationHandler
public class CookieAuthenticationHandler extends Object implements AuthenticationHandler
This wraps a bunch of other authentication handlers, so if any of those successfully login the user then this will generate a cookie which can be used subsequently. Note that it is usually not correct to wrap a Digest auth handler because that would then defeat the purpose of digest authentication. However, this can and should wrap Basic and Form authentication handlers
Author:
brad

  • Field Details

  • Constructor Details

  • Method Details

    • credentialsPresent

      public boolean credentialsPresent(Request request)
      Description copied from interface: AuthenticationHandler
      Determine if there are login credentials present. Should not attempt to validate credentials. Should only determine if something has been provided
      Specified by:
      credentialsPresent in interface AuthenticationHandler
      Returns:

    • supports

      public boolean supports(Resource r, Request request)
      Description copied from interface: AuthenticationHandler
      Returns true if this supports authenticating with the given Auth data on the given resource. Only the first AuthenticationHandler which returns true for supports will be used for authentication. Ie supports implementations should be mutually exclusive
      Specified by:
      supports in interface AuthenticationHandler
      Parameters:
      r - - the resource being access
      Returns:

    • authenticate

      public Object authenticate(Resource resource, Request request)
      Description copied from interface: AuthenticationHandler
      Authenticate the details in the request for access to the given resource.
      Specified by:
      authenticate in interface AuthenticationHandler
      Returns:

    • setLoginCookies

      public void setLoginCookies(DiscretePrincipal user, Request request)
      Sets cookies to make the given user the currently logged in user for any subsequent requests. And also makes that user the current on-behalf-of user in CurrentUserService
      Parameters:
      user -
      request -

    • setLoginCookies

      public void setLoginCookies(String userUrl, Request request)

    • appendChallenges

      public void appendChallenges(Resource resource, Request request, List<String> challenges)
      Description copied from interface: AuthenticationHandler
      Create a challenge for this authentication method. This should be completely formatted as per http://tools.ietf.org/html/rfc2617 and appended to the given list of challenges. It is allowable to append more then one challenge if appropriate
      Specified by:
      appendChallenges in interface AuthenticationHandler
      challenges - - the list of challenges to append to, or not, as appropriate

    • isCompatible

      public boolean isCompatible(Resource resource, Request request)
      Description copied from interface: AuthenticationHandler
      Returns true if this authentication handler is compatible with the given resource This is used when authorisation has failed, in generating challenge responses If you don't want to add a challenge response, return false
      Specified by:
      isCompatible in interface AuthenticationHandler
      Returns:
      - true if this can authenticate the resource, and it should issue a http challenge

    • getUserUrl

      public String getUserUrl(Request request)
      Find a previous login token in the request, and if present verify its authenticity via a signing cookie
      Parameters:
      request -
      Returns:

    • getUserUrlFromRequest

      public String getUserUrlFromRequest(Request request)

    • getHashFromRequest

      public String getHashFromRequest(Request request)

    • getUrlSigningHash

      public String getUrlSigningHash(String userUrl, Request request)
      The hmac signs a message in the form nonce || userUrl, where the nonce is requested from the nonceProvider This method returns a signing token in the form nonce || hmac
      Parameters:
      userUrl -
      request -
      Returns:

    • getUrlSigningHash

      public String getUrlSigningHash(String userUrl, Request request, String host)

    • getLoginToken

      public String getLoginToken(String userUrl, Request request)

    • getLoginToken

      public String getLoginToken(String userUrl, Request request, String host)

    • getLoginToken

      public String getLoginToken(String userUrl, String urlSigningHash)

    • encodeUserUrl

      public String encodeUserUrl(String userUrl)

    • getCookieNameUserUrlHash

      public String getCookieNameUserUrlHash()

    • getCookieNameUserUrl

      public String getCookieNameUserUrl()

    • getUserUrlAttName

      public String getUserUrlAttName()

    • getLoginTokenName

      public String getLoginTokenName()

    • setUserUrlAttName

      public void setUserUrlAttName(String userUrlAttName)

    • setUseLongLivedCookies

      public void setUseLongLivedCookies(boolean useLongLivedCookies)

    • isUseLongLivedCookies

      public boolean isUseLongLivedCookies()