org.apache.sling.auth.openid.impl
Class OpenIDAuthenticationHandler

java.lang.Object
  extended by org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
      extended by org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
          extended by org.apache.sling.auth.openid.impl.OpenIDAuthenticationHandler
All Implemented Interfaces:
AuthenticationFeedbackHandler, AuthenticationHandler

public class OpenIDAuthenticationHandler
extends AbstractAuthenticationHandler

The AuthorizationHeaderAuthenticationHandler class implements the authorization steps based on the Authorization header of the HTTP request. This authenticator should eventually support both BASIC and DIGEST authentication methods.


Field Summary
static String DEFAULT_COOKIE_DOMAIN
           
static String DEFAULT_COOKIE_NAME
           
static String DEFAULT_COOKIE_SECRET_KEY
           
static String DEFAULT_EXTERNAL_URL_PREFIX
           
static String DEFAULT_LOGIN_IDENTIFIER_FORM_FIELD
           
static boolean DEFAULT_USE_COOKIE
           
static String PROP_COOKIE_DOMAIN
           
static String PROP_COOKIE_NAME
           
static String PROP_COOKIE_SECRET_KEY
           
static String PROP_EXTERNAL_URL_PREFIX
           
static String PROP_LOGIN_FORM
           
static String PROP_LOGIN_IDENTIFIER_FORM_FIELD
           
static String PROP_USE_COOKIE
           
 
Fields inherited from interface org.apache.sling.auth.core.spi.AuthenticationHandler
FAILURE_REASON, PATH_PROPERTY, REQUEST_LOGIN_PARAMETER, SERVICE_NAME, TYPE_PROPERTY
 
Constructor Summary
OpenIDAuthenticationHandler()
           
 
Method Summary
protected  void activate(org.osgi.service.component.ComponentContext componentContext)
           
 void authenticationFailed(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationInfo authInfo)
          This default implementation does nothing.
 boolean authenticationSucceeded(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, AuthenticationInfo authInfo)
          This default implementation calls the DefaultAuthenticationFeedbackHandler.handleRedirect(HttpServletRequest, HttpServletResponse) method to optionally redirect the request after successful authentication.
protected  void deactivate(org.osgi.service.component.ComponentContext componentContext)
           
 void dropCredentials(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Invalidates the request with the Relying Party if a user is actually available for the request.
 AuthenticationInfo extractCredentials(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Extracts credential data from the request if at all contained.
 boolean requestCredentials(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Sends status 401 (Unauthorized) with a WWW-Authenticate requesting standard HTTP header authentication with the Basic scheme and the configured realm name.
 
Methods inherited from class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
getAttributeOrParameter, getLoginResource, isValidateRequest, sendInvalid, sendRedirect, sendValid, setLoginResourceAttribute
 
Methods inherited from class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
handleRedirect
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PROP_LOGIN_FORM

public static final String PROP_LOGIN_FORM
See Also:
Constant Field Values

PROP_LOGIN_IDENTIFIER_FORM_FIELD

public static final String PROP_LOGIN_IDENTIFIER_FORM_FIELD
See Also:
Constant Field Values

DEFAULT_LOGIN_IDENTIFIER_FORM_FIELD

public static final String DEFAULT_LOGIN_IDENTIFIER_FORM_FIELD
See Also:
Constant Field Values

PROP_EXTERNAL_URL_PREFIX

public static final String PROP_EXTERNAL_URL_PREFIX
See Also:
Constant Field Values

DEFAULT_EXTERNAL_URL_PREFIX

public static final String DEFAULT_EXTERNAL_URL_PREFIX
See Also:
Constant Field Values

PROP_USE_COOKIE

public static final String PROP_USE_COOKIE
See Also:
Constant Field Values

DEFAULT_USE_COOKIE

public static final boolean DEFAULT_USE_COOKIE
See Also:
Constant Field Values

PROP_COOKIE_DOMAIN

public static final String PROP_COOKIE_DOMAIN
See Also:
Constant Field Values

DEFAULT_COOKIE_DOMAIN

public static final String DEFAULT_COOKIE_DOMAIN
See Also:
Constant Field Values

PROP_COOKIE_NAME

public static final String PROP_COOKIE_NAME
See Also:
Constant Field Values

DEFAULT_COOKIE_NAME

public static final String DEFAULT_COOKIE_NAME
See Also:
Constant Field Values

PROP_COOKIE_SECRET_KEY

public static final String PROP_COOKIE_SECRET_KEY
See Also:
Constant Field Values

DEFAULT_COOKIE_SECRET_KEY

public static final String DEFAULT_COOKIE_SECRET_KEY
See Also:
Constant Field Values
Constructor Detail

OpenIDAuthenticationHandler

public OpenIDAuthenticationHandler()
Method Detail

extractCredentials

public AuthenticationInfo extractCredentials(javax.servlet.http.HttpServletRequest request,
                                             javax.servlet.http.HttpServletResponse response)
Extracts credential data from the request if at all contained. This check is only based on the original request object, no URI translation has taken place yet.

The method returns any of the following values :

value description
null no user details were contained in the request
AuthenticationInfo.DOING_AUTH the handler is in an ongoing authentication exchange with the client. The request handling is terminated.
valid credentials The user sent credentials.

The method must not request credential information from the client, if they are not found in the request.

Note : The implementation should pay special attention to the fact, that the request may be for an included servlet, in which case the values for some URI specific values are contained in javax.servlet.include.* request attributes.

Parameters:
request - The request object containing the information for the authentication.
response - The response object which may be used to send the information on the request failure to the user.
Returns:
A valid Credentials instance identifying the request user, DOING_AUTH if the handler is in an authentication transaction with the client or null if the request does not contain authentication information. In case of DOING_AUTH, the method must have sent a response indicating that fact to the client.

requestCredentials

public boolean requestCredentials(javax.servlet.http.HttpServletRequest request,
                                  javax.servlet.http.HttpServletResponse response)
                           throws IOException
Sends status 401 (Unauthorized) with a WWW-Authenticate requesting standard HTTP header authentication with the Basic scheme and the configured realm name. If the response is already committed, an error message is logged but the 401 status is not sent.

Parameters:
request - The request object
response - The response object to which to send the request
Returns:
true is always returned by this handler
Throws:
IOException - if an error occurrs sending back the response.

dropCredentials

public void dropCredentials(javax.servlet.http.HttpServletRequest request,
                            javax.servlet.http.HttpServletResponse response)
Invalidates the request with the Relying Party if a user is actually available for the request.

Parameters:
request - The request object.
response - The response object to which to send the request.

authenticationFailed

public void authenticationFailed(javax.servlet.http.HttpServletRequest request,
                                 javax.servlet.http.HttpServletResponse response,
                                 AuthenticationInfo authInfo)
Description copied from class: DefaultAuthenticationFeedbackHandler
This default implementation does nothing.

Extensions of this class may overwrite to cleanup any internal state.

Specified by:
authenticationFailed in interface AuthenticationFeedbackHandler
Overrides:
authenticationFailed in class DefaultAuthenticationFeedbackHandler
Parameters:
request - The current request
response - The current response
authInfo - The AuthenticationInfo object used to authenticate the request.

authenticationSucceeded

public boolean authenticationSucceeded(javax.servlet.http.HttpServletRequest request,
                                       javax.servlet.http.HttpServletResponse response,
                                       AuthenticationInfo authInfo)
Description copied from class: DefaultAuthenticationFeedbackHandler
This default implementation calls the DefaultAuthenticationFeedbackHandler.handleRedirect(HttpServletRequest, HttpServletResponse) method to optionally redirect the request after successful authentication.

Extensions of this class may overwrite this method to perform additional cleanup etc.

Specified by:
authenticationSucceeded in interface AuthenticationFeedbackHandler
Overrides:
authenticationSucceeded in class DefaultAuthenticationFeedbackHandler
Parameters:
request - The current request
response - The current response
authInfo - The AuthenticationInfo object used to authenticate the request.
Returns:
the result of calling the DefaultAuthenticationFeedbackHandler.handleRedirect(HttpServletRequest, HttpServletResponse) method.

activate

protected void activate(org.osgi.service.component.ComponentContext componentContext)

deactivate

protected void deactivate(org.osgi.service.component.ComponentContext componentContext)


Copyright © 2007-2013 The Apache Software Foundation. All Rights Reserved.