Package lumis.portal.authentication.http
Class HttpHandshakeAuthenticator
- java.lang.Object
-
- lumis.portal.authentication.http.HttpHandshakeAuthenticator
-
- All Implemented Interfaces:
IHttpAuthenticator
- Direct Known Subclasses:
SpnegoAuthenticator
@StableMinor(version="14.0", sinceVersion="4.0") public abstract class HttpHandshakeAuthenticator extends Object implements IHttpAuthenticator
An abstract implementation ofIHttpAuthenticatorfor making it easier to implement authenticators that require multiple http requests to complete the authentication.Controls the current state, storing it in the http session. To use this class the methods
doAuthentication(HttpServletRequest, HttpServletResponse)andrequestAuthentication(HttpServletRequest, HttpServletResponse)must be implemented.- Since:
- 4.0.10
- Version:
- $Revision: 24477 $ $Date: 2021-04-28 11:30:36 -0300 (Wed, 28 Apr 2021) $
- See Also:
lumis.portal.authentication.http
-
-
Field Summary
Fields Modifier and Type Field Description protected static StringATTRIBUTE_STATEConstant containing the name of the attribute used to store the state of the authentication in a session.protected static byteSTATE_AUTHENTICATEDConstant used to represent the state where the authentication has been completed.protected static byteSTATE_FAILEDConstant used to represent the state where the authentication has been tried but failed.protected static byteSTATE_NONEConstant used to represent the state where the authentication has not initiated.protected static byteSTATE_REQUESTEDConstant used to represent the state where the authentication has been requested, but was not completed.
-
Constructor Summary
Constructors Constructor Description HttpHandshakeAuthenticator()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description Stringauthenticate(HttpServletRequest request, HttpServletResponse response)Tries to authenticate the request, callingdoAuthentication(HttpServletRequest, HttpServletResponse)orrequestAuthentication(HttpServletRequest, HttpServletResponse)according to the current state.protected abstract StringdoAuthentication(HttpServletRequest request, HttpServletResponse response)Perform the user authentication for the given request.protected bytegetAuthenticationState(HttpServletRequest request)Returns the authentication state for the given request.protected abstract voidrequestAuthentication(HttpServletRequest request, HttpServletResponse response)Request authentication from the browser.protected voidsetAuthenticationState(HttpServletRequest request, byte state)Sets the authentication state for the given request.protected booleanshouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest request, HttpServletResponse response)Indicates if the user should be tried to be authenticated only once each session.
-
-
-
Field Detail
-
ATTRIBUTE_STATE
protected static final String ATTRIBUTE_STATE
Constant containing the name of the attribute used to store the state of the authentication in a session. The value for this attribute must be one of the STATE constants.- Since:
- 4.0.10
- See Also:
STATE_REQUESTED,STATE_AUTHENTICATED, Constant Field Values
-
STATE_NONE
protected static final byte STATE_NONE
Constant used to represent the state where the authentication has not initiated.- Since:
- 4.0.10
-
STATE_REQUESTED
protected static final byte STATE_REQUESTED
Constant used to represent the state where the authentication has been requested, but was not completed.- Since:
- 4.0.10
-
STATE_AUTHENTICATED
protected static final byte STATE_AUTHENTICATED
Constant used to represent the state where the authentication has been completed.- Since:
- 4.0.10
-
STATE_FAILED
protected static final byte STATE_FAILED
Constant used to represent the state where the authentication has been tried but failed.- Since:
- 4.0.10
-
-
Method Detail
-
getAuthenticationState
protected byte getAuthenticationState(HttpServletRequest request)
Returns the authentication state for the given request.- Parameters:
request- the http request.- Returns:
- the state. One of the STATE constants.
- Since:
- 4.0.10
-
setAuthenticationState
protected void setAuthenticationState(HttpServletRequest request, byte state)
Sets the authentication state for the given request.- Parameters:
request- the http request.state- the state to set. One of the STATE constants.- Since:
- 4.0.10
-
shouldTryToAuthenticateOnlyOncePerSession
protected boolean shouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest request, HttpServletResponse response)
Indicates if the user should be tried to be authenticated only once each session. The default implementation returns true. This affects when ifauthenticate(HttpServletRequest, HttpServletResponse)will ignore further authenticate attempts when an authentication has already been tried for the current session.- Returns:
- true if should try to authenticate the request only once per session, false otherwise.
- Since:
- 4.0.10
-
doAuthentication
protected abstract String doAuthentication(HttpServletRequest request, HttpServletResponse response) throws PortalException, ContinueOnNextRequestException
Perform the user authentication for the given request.This method is called by
authenticate(HttpServletRequest, HttpServletResponse)when the current state isSTATE_REQUESTED. So this method implements the 'continuation' of the authentication, after it already began.- Parameters:
request- the http request.response- the http response.- Returns:
- the userId of the authenticated user, or null if the authentication failed.
- Throws:
PortalExceptionContinueOnNextRequestException- if the authentication is not complete and will continue on next request. This is useful when more requests are necessary to complete the authentication.- Since:
- 4.0.10
-
requestAuthentication
protected abstract void requestAuthentication(HttpServletRequest request, HttpServletResponse response) throws PortalException
Request authentication from the browser. The response must be set as necessary so the browser will respond with the necessary authentication information in its next request.This method is called by
authenticate(HttpServletRequest, HttpServletResponse)when an authentication is necessary but it is not in theSTATE_REQUESTEDstate. So this method implements the 'beginning' of the authentication.- Parameters:
request- the http request.response- the http response.- Throws:
PortalException- Since:
- 4.0.10
-
authenticate
public String authenticate(HttpServletRequest request, HttpServletResponse response) throws PortalException, ContinueOnNextRequestException
Tries to authenticate the request, callingdoAuthentication(HttpServletRequest, HttpServletResponse)orrequestAuthentication(HttpServletRequest, HttpServletResponse)according to the current state.If current state is
STATE_REQUESTED, thedoAuthenticationmethod is called, and the state is changed according to the result of that method. Else if the current state isSTATE_NONEor theshouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest, HttpServletResponse)method returns false, therequestAuthenticationmethod is called, the state is changed toSTATE_REQUESTEDand theContinueOnNextRequestExceptionexception is thrown. Else the authentication should not be tried andnullis returned.- Specified by:
authenticatein interfaceIHttpAuthenticator- Parameters:
request- the http request.response- the http response.- Returns:
- the authenticated user id, or
nullif the authentication failed. - Throws:
ContinueOnNextRequestException- if the authentication did not complete and requires to wait the next request to proceed. This method may set the response with some data, and throw this exception to await the next browser request after receiving the response set. This is useful for authentications that need more than one request to complete the authentication.PortalException- Since:
- 4.0.10
- See Also:
lumis.portal.authentication.http
-
-