Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.caucho.server.security
Class AbstractPasswordAuthenticator

java.lang.Object
  extended by com.caucho.server.security.AbstractAuthenticator
      extended by com.caucho.server.security.AbstractPasswordAuthenticator
All Implemented Interfaces:
ServletAuthenticator, HandleAware, java.io.Serializable
Direct Known Subclasses:
LdapAuthenticator, ManagementAuthenticator, PropertyAuthenticator, XmlAuthenticator
public abstract class AbstractPasswordAuthenticator
extends AbstractAuthenticator

Base class for authenticators which lookup passwords from a database. Implementations only need to override the getUser method and return a populated PasswordUser. Since PasswordUser already contains role information, the abstract authenticator can handle any authentication or authorization.

See Also:
Serialized Form

Field Summary
 
Fields inherited from class com.caucho.server.security.AbstractAuthenticator
_passwordDigest, _passwordDigestAlgorithm, _passwordDigestRealm, _principalCache, _principalCacheSize, LOGIN_NAME
 
Constructor Summary
AbstractPasswordAuthenticator()
           
 
Method Summary
protected  java.lang.String getDigestPassword(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.lang.String userName, java.lang.String realm)
          Default implementation of basic username/password login
protected  PasswordUser getUser(java.security.Principal principal)
          Returns the user based on a principal
protected abstract  PasswordUser getUser(java.lang.String userName)
          Abstract method to retrn a user based on the name
 boolean isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.security.Principal principal, java.lang.String role)
          Default implementation to return true if the user is in a role
protected  java.security.Principal loginImpl(HttpServletRequest request, HttpServletResponse response, ServletContext application, java.lang.String userName, java.lang.String password)
          Default implementation of basic username/password login
 
Methods inherited from class com.caucho.server.security.AbstractAuthenticator
addRoleMapping, digest, getDigestSecret, getLogoutOnSessionTimeout, getPasswordDigest, getPasswordDigest, getPasswordDigestAlgorithm, getPasswordDigestRealm, getPrincipalCacheSize, getUserPrincipal, getUserPrincipalImpl, init, login, loginDigest, loginDigestImpl, logout, logout, logout, setLogoutOnSessionTimeout, setPasswordDigest, setPasswordDigestAlgorithm, setPasswordDigestRealm, setPrincipalCacheSize, setSerializationHandle, stringToDigest, toString, writeReplace
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AbstractPasswordAuthenticator

public AbstractPasswordAuthenticator()
Method Detail

getUser

protected abstract PasswordUser getUser(java.lang.String userName)
Abstract method to retrn a user based on the name

Parameters:
userName - the string user name
Returns:
the populated PasswordUser value

getUser

protected PasswordUser getUser(java.security.Principal principal)
Returns the user based on a principal

loginImpl

protected java.security.Principal loginImpl(HttpServletRequest request,
                                            HttpServletResponse response,
                                            ServletContext application,
                                            java.lang.String userName,
                                            java.lang.String password)
                                     throws ServletException
Default implementation of basic username/password login

Overrides:
loginImpl in class AbstractAuthenticator
Throws:
ServletException

getDigestPassword

protected java.lang.String getDigestPassword(HttpServletRequest request,
                                             HttpServletResponse response,
                                             ServletContext application,
                                             java.lang.String userName,
                                             java.lang.String realm)
                                      throws ServletException
Default implementation of basic username/password login

Overrides:
getDigestPassword in class AbstractAuthenticator
Throws:
ServletException

isUserInRole

public boolean isUserInRole(HttpServletRequest request,
                            HttpServletResponse response,
                            ServletContext application,
                            java.security.Principal principal,
                            java.lang.String role)
                     throws ServletException
Default implementation to return true if the user is in a role

Specified by:
isUserInRole in interface ServletAuthenticator
Overrides:
isUserInRole in class AbstractAuthenticator
Parameters:
request - the servlet request
user - the user to test
role - the role to test
Throws:
ServletException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD