com.jalios.jcms.authentication.handlers

Class AuthKeyAuthenticationHandler

java.lang.Object

com.jalios.jcms.authentication.AuthenticationHandler

com.jalios.jcms.authentication.handlers.AuthKeyAuthenticationHandler

All Implemented Interfaces:

PluginComponent, java.lang.Comparable<AuthenticationHandler>

public class AuthKeyAuthenticationHandler
extends AuthenticationHandler

Authenticates users using an "authentication key" parameter valid only for the request for which it is processed.

The Authentication key parameter name can be configured by changing property "auth-mgr.authkey-name", see getAuthKeyName().
Default duration of AuthenticationKey can be configured by changing property "auth-mgr.authkey-duration", see getDefaultAuthKeyDuration().

Since:

jcms-5.7.4

Version:

$Revision: 51105 $

Author:

Olivier Jaquemet

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	AUTHENTICATION_FROM_AUTHKEY Name of request attribute indicating that this request was authenticated using AuthKey
static int	ORDER_AUTHKEY_HANDLER Order used by the AuthKeyAuthenticationHandler
static java.lang.String	REVISION

Fields inherited from class com.jalios.jcms.authentication.AuthenticationHandler

channel, GENERIC_BAD_AUTHENTICATION_MSG

Method Summary

Methods

Modifier and Type	Method and Description
static Member	checkAuthenticationFromAuthKey(javax.servlet.http.HttpServletRequest request) Returns the member corresponding to the credentials given in the authkey parameter, if any.
static java.lang.String	getAuthKeyName() Retrieves the authentication key parameter name.
static java.lang.String	getAuthKeyServerSeed() Retrieves the server seed used in auth key digest.
static java.lang.String	getAuthKeyValue(java.lang.String url, Member member) Retrieves a valid authentication key parameter value for the specified URL.
static java.lang.String	getAuthKeyValue(java.lang.String url, Member member, AuthKeyHints hints) Retrieves a valid authentication key parameter value for the specified URL.
static java.lang.String	getAuthKeyValue(java.lang.String url, Member member, long duration) Retrieves a valid authentication key parameter value for the specified URL.
static long	getDefaultAuthKeyDuration() Retrieves the default authentication key duration (expiration time) to be used when no expiration duration as been specified.
static AuthKeyAuthenticationHandler	getInstance()
static java.lang.String	getUrlWithAddedAuthKeyParam(javax.servlet.http.HttpServletRequest request, Member member) Retrieve the absolute url of the specified request with a valid authentication key parameter name/value appended.
static java.lang.String	getUrlWithAddedAuthKeyParam(javax.servlet.http.HttpServletRequest request, Member member, long duration) Retrieve the absolute url of the specified request with a valid authentication key parameter name/value appended.
static java.lang.String	getUrlWithAddedAuthKeyParam(java.lang.String url, Member member) Append a valid authentication key parameter name/value to the specified URL.
static java.lang.String	getUrlWithAddedAuthKeyParam(java.lang.String url, Member member, AuthKeyHints hints, boolean escapeAmpersand) Append a valid authentication key parameter name/value to the specified URL.
static java.lang.String	getUrlWithAddedAuthKeyParam(java.lang.String url, Member member, long duration) Append a valid authentication key parameter name/value to the specified URL.
static java.lang.String	getUrlWithAddedAuthKeyParam(java.lang.String url, Member member, long duration, boolean escapeAmpersand) Append a valid authentication key parameter name/value to the specified URL.
static boolean	isAuthenticatedWithAuthKey(javax.servlet.http.HttpServletRequest request) Check if the specified request was authenticated using an AuthKey
static Member	isValidAuthKey(java.lang.String url, java.lang.String authKey, javax.servlet.http.HttpServletRequest request) Checks if the given auth key is valid and if it is, returns the member to login.
void	loadProperties() This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
void	login(AuthenticationContext ctxt) Authenticate a member.

Methods inherited from class com.jalios.jcms.authentication.AuthenticationHandler

compareTo, equals, getOrder, init, logout, setOrder

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REVISION

public static final java.lang.String REVISION

See Also:

Constant Field Values

AUTHENTICATION_FROM_AUTHKEY

public static final java.lang.String AUTHENTICATION_FROM_AUTHKEY

Name of request attribute indicating that this request was authenticated using AuthKey

Since:

jcms-7.1

See Also:

isAuthenticatedWithAuthKey(HttpServletRequest), Constant Field Values

ORDER_AUTHKEY_HANDLER

public static final int ORDER_AUTHKEY_HANDLER

Order used by the AuthKeyAuthenticationHandler

See Also:

Constant Field Values

Method Detail

getInstance

public static final AuthKeyAuthenticationHandler getInstance()

loadProperties

public void loadProperties()

Description copied from class: AuthenticationHandler

This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManager

Overrides:

loadProperties in class AuthenticationHandler

login

public void login(AuthenticationContext ctxt)
           throws java.io.IOException

Description copied from class: AuthenticationHandler

Authenticate a member.
This method is invoked by the authentication chain on each request.
A typical implementation of this method would follow the following pattern :

1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

Default implementation is to invoke the next handler in the chain.

Overrides:

login in class AuthenticationHandler

Parameters:

ctxt - the AuthenticationContext used for this login

Throws:

java.io.IOException

isAuthenticatedWithAuthKey

public static boolean isAuthenticatedWithAuthKey(javax.servlet.http.HttpServletRequest request)

Check if the specified request was authenticated using an AuthKey

Parameters:

request - the current HttpServletRequest, may be null

Returns:

true if request was authenticated with autkey, false otherwise

Since:

jcms-7.1

checkAuthenticationFromAuthKey

public static final Member checkAuthenticationFromAuthKey(javax.servlet.http.HttpServletRequest request)

Returns the member corresponding to the credentials given in the authkey parameter, if any.

Parameters:

request - the request where to look for authkey param

Returns:

the authenticated member or null if not found

Since:

jcms-5.7.4

getUrlWithAddedAuthKeyParam

public static final java.lang.String getUrlWithAddedAuthKeyParam(javax.servlet.http.HttpServletRequest request,
                                           Member member)

Retrieve the absolute url of the specified request with a valid authentication key parameter name/value appended. The default duration is used.

If the specified member is null, the url of the request is returned.

If there are existing parameter(s) to the specified request, the html entity &amp; will be used for the ampersand required to append the parameter.

Parameters:

request - the request for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url

Returns:

an absolute URL with the added authentication key value that can be used to access the exact same URL without being logged,

Throws:

java.lang.IllegalArgumentException - if request is null

Since:

jcms-5.7.4

getUrlWithAddedAuthKeyParam

public static final java.lang.String getUrlWithAddedAuthKeyParam(javax.servlet.http.HttpServletRequest request,
                                           Member member,
                                           long duration)

Retrieve the absolute url of the specified request with a valid authentication key parameter name/value appended. The default duration is used.

If the specified member is null, the url of the request is returned.

If there are existing parameter(s) to the specified request, the html entity &amp; will be used for the ampersand required to append the parameter.

Parameters:

request - the request for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url

duration - a duration (in millisecond) after which the returned authkey will be expired (no longer valid). If set to 0, no expiration is used, if set to -1 (or any negative number) default expiration time is used.

Returns:

an absolute URL with the added authentication key value that can be used to access the exact same URL without being logged,

Throws:

java.lang.IllegalArgumentException - if request is null

Since:

jcms-5.7.4

getUrlWithAddedAuthKeyParam

public static final java.lang.String getUrlWithAddedAuthKeyParam(java.lang.String url,
                                           Member member)

Append a valid authentication key parameter name/value to the specified URL.

If the specified member is null, the url is returned untouched.

If there are existing parameter(s) to the specified url, the html entity &amp; will be used for the ampersand required to append the parameter.

Parameters:

url - the absolute URL for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url

Returns:

an absolute URL with the added authentication key value that can be used to access the exact same URL without being logged,

Throws:

java.lang.IllegalArgumentException - if url is null

Since:

jcms-5.7.4

getUrlWithAddedAuthKeyParam

public static final java.lang.String getUrlWithAddedAuthKeyParam(java.lang.String url,
                                           Member member,
                                           long duration)

Append a valid authentication key parameter name/value to the specified URL.

If the specified member is null, the url is returned untouched.

If there are existing parameter(s) to the specified url, the html entity &amp; will be used for the ampersand required to append the parameter.

Parameters:

url - the absolute URL for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url

duration - a duration (in millisecond) after which the returned authkey will be expired (no longer valid). If set to 0, no expiration is used, if set to -1 (or any negative number) default expiration time is used.

Returns:

an absolute URL with the added authentication key value that can be used to access the exact same URL without being logged

Throws:

java.lang.IllegalArgumentException - if url is null

Since:

jcms-5.7.4

getUrlWithAddedAuthKeyParam

public static final java.lang.String getUrlWithAddedAuthKeyParam(java.lang.String url,
                                           Member member,
                                           long duration,
                                           boolean escapeAmpersand)

Append a valid authentication key parameter name/value to the specified URL.

If the specified member is null, the url is returned untouched.

Parameters:

url - the absolute URL for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url

duration - a duration (in millisecond) after which the returned authkey will be expired (no longer valid). If set to 0, no expiration is used, if set to -1 (or any negative number) default expiration time is used.

escapeAmpersand - will use "&amp;" if true, "&" if false

Returns:

an absolute URL with the added authentication key value that can be used to access the exact same URL without being logged

Throws:

java.lang.IllegalArgumentException - if url is null

Since:

jcms-5.7.4

getUrlWithAddedAuthKeyParam

public static final java.lang.String getUrlWithAddedAuthKeyParam(java.lang.String url,
                                           Member member,
                                           AuthKeyHints hints,
                                           boolean escapeAmpersand)

Append a valid authentication key parameter name/value to the specified URL.

If the specified member is null, the url is returned untouched.

Parameters:

url - the absolute URL for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url

hints - the specific parameters

escapeAmpersand - will use "&amp;" if true, "&" if false

Returns:

an absolute URL with the added authentication key value that can be used to access the exact same URL without being logged

Throws:

java.lang.IllegalArgumentException - if url is null

Since:

jcms-6.0

getDefaultAuthKeyDuration

public static final long getDefaultAuthKeyDuration()

Retrieves the default authentication key duration (expiration time) to be used when no expiration duration as been specified.
Default is one year and can be changed using property "auth-mgr.authkey-duration".
Warning : this default duration is only used when developper did not specified an explicit duration when generating the authkey value or url.

Returns:

a duration in milliseconds

Since:

jcms-5.7.4

getAuthKeyName

public static final java.lang.String getAuthKeyName()

Retrieves the authentication key parameter name.
Default is "authKey" and can be changed using property "auth-mgr.authkey-name".

Returns:

the authentication key parameter name

Since:

jcms-5.7.4

getAuthKeyServerSeed

public static final java.lang.String getAuthKeyServerSeed()

Retrieves the server seed used in auth key digest.
Default is "" and can be changed using property "auth-mgr.authkey-server-seed".

Returns:

the authentication key parameter name

Since:

jcms-8.0.0

getAuthKeyValue

public static final java.lang.String getAuthKeyValue(java.lang.String url,
                               Member member)

Retrieves a valid authentication key parameter value for the specified URL. The default duration is used.

Parameters:

url - the absolute URL for which an authentication key will be computed

member - the member that will be allowed to access the resource of the specified url, MUST NOT be null

Returns:

an authentication key value that can be used to access the exact same URL without being logged

Throws:

java.lang.IllegalArgumentException - if url or member is null

Since:

jcms-5.7.4

getAuthKeyValue

public static final java.lang.String getAuthKeyValue(java.lang.String url,
                               Member member,
                               long duration)

Retrieves a valid authentication key parameter value for the specified URL.

Parameters:

url - the absolute URL for which an authentication key will be computed, MUST NOT be null

member - the member that will be allowed to access the resource of the specified url, MUST NOT be null

duration - a duration (in millisecond) after which the returned authkey will be expired (no longer valid). If set to 0, no expiration is used, if set to -1 (or any negative number) default expiration time is used.

Returns:

an authentication key value that can be used to access the exact same URL without being logged

Throws:

java.lang.IllegalArgumentException - if url or member is null

Since:

jcms-5.7.4

getAuthKeyValue

public static final java.lang.String getAuthKeyValue(java.lang.String url,
                               Member member,
                               AuthKeyHints hints)

Retrieves a valid authentication key parameter value for the specified URL.

Parameters:

url - the absolute URL for which an authentication key will be computed, MUST NOT be null

member - the member that will be allowed to access the resource of the specified url, MUST NOT be null

hints - additional parameter set in this javabean

Returns:

an authentication key value that can be used to access the exact same URL without being logged

Throws:

java.lang.IllegalArgumentException - if url or member is null

Since:

jcms-5.7.4

isValidAuthKey

public static final Member isValidAuthKey(java.lang.String url,
                    java.lang.String authKey,
                    javax.servlet.http.HttpServletRequest request)

Checks if the given auth key is valid and if it is, returns the member to login.

Parameters:

url - the absolute url against which the auth key will be checked

authKey - the authentication key to checks

request - the current request

Returns:

the Member authorized to login, or null otherwise

Since:

jcms-5.7.4