Package com.jalios.jcms.authentication.handlers

Class HttpBasicAuthenticationHandler

    • Field Detail

      • ORDER_BASIC_HTTP_HANDLER

        public static final int ORDER_BASIC_HTTP_HANDLER
        Order used by the HttpBasicAuthenticationHandler
        See Also:
        Constant Field Values

    • Method Detail

      • loadProperties

        public void loadProperties()
        Description copied from class: AuthenticationHandler
        This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
        You can use it to reload properties that might have been changed.
        This method is called during initialization of the AuthenticationManager
        Overrides:
        loadProperties in class AuthenticationHandler

      • login

        public void login​(AuthenticationContext ctxt)
           throws java.io.IOException
        Description copied from class: AuthenticationHandler
        Authenticate a member.
        This method is invoked by the authentication chain on each request.
        A typical implementation of this method would follow the following pattern :
        1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
        2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
        3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
        4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
        5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

        Default implementation is to invoke the next handler in the chain.
        Overrides:
        login in class AuthenticationHandler
        Parameters:
        ctxt - the AuthenticationContext used for this login
        Throws:
        java.io.IOException

      • checkAuthenticationFromHTTPAuthorization

        public static final Member checkAuthenticationFromHTTPAuthorization​(javax.servlet.http.HttpServletRequest request)
                                                             throws java.io.IOException
        Returns the member corresponding to the HTTP Authorization header available in the request.
        http://www.ietf.org/rfc/rfc2617.txt
        We only handle the "Basic" Authentication Scheme.
        Parameters:
        request - the request where to look for HTTP Authorization header
        Returns:
        the authenticated member or null if not found
        Throws:
        java.io.IOException - if the underneath login operation with the userId/password could not be performed
        Since:
        jcms-5.5.0

      • setHttpBasicAuthorizationHeader

        public static final void setHttpBasicAuthorizationHeader​(javax.servlet.http.HttpServletResponse response,
                                                         java.lang.String realm)
        Set a 401 status code (UNAUTHORIZED) and add the "WWW-Authenticate" header to the given response using the given realm.
        Use this methods to request an HTTP Authorization using the "Basic" Authentication Scheme.
        Parameters:
        response - the HttpServletResponse of which to set status and add header
        realm - the Basic Realm to set in the response
        Since:
        jcms-5.5.0