com.caucho.http.security
Class AuthenticatorAdapter

java.lang.Object
  |
  +--com.caucho.http.security.AuthenticatorAdapter
All Implemented Interfaces:
ServletAuthenticator

public class AuthenticatorAdapter
extends java.lang.Object
implements ServletAuthenticator

Adapter for old-style authentication.


Constructor Summary
AuthenticatorAdapter(Authenticator auth, RegistryNode registry, Application app)
           
 
Method Summary
 java.security.Principal getUserPrincipal(HttpServletRequest request, HttpServletResponse response, ServletContext application)
          Gets the authenticated user for the current request.
 void init()
          Initialize the authenticator.
 boolean isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.security.Principal user, java.lang.String role)
          Returns true if the user plays the named role.
 java.security.Principal login(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.lang.String user, java.lang.String password)
          Logs a user in with a user name and a password.
 java.security.Principal loginDigest(HttpServletRequest request, HttpServletResponse response, ServletContext app, java.lang.String user, java.lang.String realm, java.lang.String nonce, java.lang.String uri, java.lang.String qop, java.lang.String nc, java.lang.String cnonce, byte[] clientDigest)
          Returns the digest secret for Digest authentication.
 void logout(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.security.Principal user)
          Logs the user out from the given request.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthenticatorAdapter

public AuthenticatorAdapter(Authenticator auth,
                            RegistryNode registry,
                            Application app)
Method Detail

init

public void init()
          throws ServletException
Initialize the authenticator.
Specified by:
init in interface ServletAuthenticator

login

public java.security.Principal login(HttpServletRequest request,
                                     HttpServletResponse response,
                                     ServletContext application,
                                     java.lang.String user,
                                     java.lang.String password)
                              throws ServletException
Logs a user in with a user name and a password.
Specified by:
login in interface ServletAuthenticator
Parameters:
request - servlet request
response - servlet response, in case any cookie need sending.
application - servlet application
user - the user name.
password - the user's presented password.
Returns:
the logged in principal on success, null on failure.

loginDigest

public java.security.Principal loginDigest(HttpServletRequest request,
                                           HttpServletResponse response,
                                           ServletContext app,
                                           java.lang.String user,
                                           java.lang.String realm,
                                           java.lang.String nonce,
                                           java.lang.String uri,
                                           java.lang.String qop,
                                           java.lang.String nc,
                                           java.lang.String cnonce,
                                           byte[] clientDigest)
                                    throws ServletException
Description copied from interface: ServletAuthenticator
Returns the digest secret for Digest authentication. Some authenticators will store digest itself instead of storing the password.
 A1 = MD5(username + ':' + realm + ':' + password)
 A2 = MD5(method + ':' + uri)
 digest = MD5(A1 + ':' + nonce + A2)
 
Specified by:
loginDigest in interface ServletAuthenticator
Following copied from interface: com.caucho.http.security.ServletAuthenticator
Parameters:
request - the request trying to authenticate.
response - the response for setting headers and cookies.
application - the servlet context
username - the username
realm - the realm
Returns:
the digest

getUserPrincipal

public java.security.Principal getUserPrincipal(HttpServletRequest request,
                                                HttpServletResponse response,
                                                ServletContext application)
                                         throws ServletException
Gets the authenticated user for the current request. If the user has not logged in, just returns null.
Specified by:
getUserPrincipal in interface ServletAuthenticator
Parameters:
request - the request trying to authenticate.
application - the servlet context
Returns:
the authenticated user or null if none has logged in

isUserInRole

public boolean isUserInRole(HttpServletRequest request,
                            HttpServletResponse response,
                            ServletContext application,
                            java.security.Principal user,
                            java.lang.String role)
                     throws ServletException
Returns true if the user plays the named role.
Specified by:
isUserInRole in interface ServletAuthenticator
Parameters:
request - the request testing the role.
user - the user's Principal.
role - role name.

logout

public void logout(HttpServletRequest request,
                   HttpServletResponse response,
                   ServletContext application,
                   java.security.Principal user)
            throws ServletException
Logs the user out from the given request.

Generally only called from user code.

Specified by:
logout in interface ServletAuthenticator