Class HttpHandshakeAuthenticator
- java.lang.Object
-
- lumis.portal.authentication.http.HttpHandshakeAuthenticator
-
- All Implemented Interfaces:
IHttpAuthenticator
- Direct Known Subclasses:
SpnegoAuthenticator
@StableMinor(version="14.2", sinceVersion="4.0") public abstract class HttpHandshakeAuthenticator extends Object implements IHttpAuthenticator
An abstract implementation ofIHttpAuthenticator
for making it easier to implement authenticators that require multiple http requests to complete the authentication.Controls the current state, storing it in the http session. To use this class the methods
doAuthentication(HttpServletRequest, HttpServletResponse)
andrequestAuthentication(HttpServletRequest, HttpServletResponse)
must be implemented.- Since:
- 4.0.10
- Version:
- $Revision: 24985 $ $Date: 2022-05-02 23:04:30 -0300 (Mon, 02 May 2022) $
- See Also:
lumis.portal.authentication.http
-
-
Field Summary
Fields Modifier and Type Field Description protected static String
ATTRIBUTE_STATE
Constant containing the name of the attribute used to store the state of the authentication in a session.protected static byte
STATE_AUTHENTICATED
Constant used to represent the state where the authentication has been completed.protected static byte
STATE_FAILED
Constant used to represent the state where the authentication has been tried but failed.protected static byte
STATE_NONE
Constant used to represent the state where the authentication has not initiated.protected static byte
STATE_REQUESTED
Constant used to represent the state where the authentication has been requested, but was not completed.
-
Constructor Summary
Constructors Constructor Description HttpHandshakeAuthenticator()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description String
authenticate(HttpServletRequest request, HttpServletResponse response)
Tries to authenticate the request, callingdoAuthentication(HttpServletRequest, HttpServletResponse)
orrequestAuthentication(HttpServletRequest, HttpServletResponse)
according to the current state.protected abstract String
doAuthentication(HttpServletRequest request, HttpServletResponse response)
Perform the user authentication for the given request.protected byte
getAuthenticationState(HttpServletRequest request)
Returns the authentication state for the given request.protected abstract void
requestAuthentication(HttpServletRequest request, HttpServletResponse response)
Request authentication from the browser.protected void
setAuthenticationState(HttpServletRequest request, byte state)
Sets the authentication state for the given request.protected boolean
shouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest request, HttpServletResponse response)
Indicates if the user should be tried to be authenticated only once each session.
-
-
-
Field Detail
-
ATTRIBUTE_STATE
protected static final String ATTRIBUTE_STATE
Constant containing the name of the attribute used to store the state of the authentication in a session. The value for this attribute must be one of the STATE constants.- Since:
- 4.0.10
- See Also:
STATE_REQUESTED
,STATE_AUTHENTICATED
, Constant Field Values
-
STATE_NONE
protected static final byte STATE_NONE
Constant used to represent the state where the authentication has not initiated.- Since:
- 4.0.10
-
STATE_REQUESTED
protected static final byte STATE_REQUESTED
Constant used to represent the state where the authentication has been requested, but was not completed.- Since:
- 4.0.10
-
STATE_AUTHENTICATED
protected static final byte STATE_AUTHENTICATED
Constant used to represent the state where the authentication has been completed.- Since:
- 4.0.10
-
STATE_FAILED
protected static final byte STATE_FAILED
Constant used to represent the state where the authentication has been tried but failed.- Since:
- 4.0.10
-
-
Method Detail
-
getAuthenticationState
protected byte getAuthenticationState(HttpServletRequest request)
Returns the authentication state for the given request.- Parameters:
request
- the http request.- Returns:
- the state. One of the STATE constants.
- Since:
- 4.0.10
-
setAuthenticationState
protected void setAuthenticationState(HttpServletRequest request, byte state)
Sets the authentication state for the given request.- Parameters:
request
- the http request.state
- the state to set. One of the STATE constants.- Since:
- 4.0.10
-
shouldTryToAuthenticateOnlyOncePerSession
protected boolean shouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest request, HttpServletResponse response)
Indicates if the user should be tried to be authenticated only once each session. The default implementation returns true. This affects when ifauthenticate(HttpServletRequest, HttpServletResponse)
will ignore further authenticate attempts when an authentication has already been tried for the current session.- Returns:
- true if should try to authenticate the request only once per session, false otherwise.
- Since:
- 4.0.10
-
doAuthentication
protected abstract String doAuthentication(HttpServletRequest request, HttpServletResponse response) throws PortalException, ContinueOnNextRequestException
Perform the user authentication for the given request.This method is called by
authenticate(HttpServletRequest, HttpServletResponse)
when the current state isSTATE_REQUESTED
. So this method implements the 'continuation' of the authentication, after it already began.- Parameters:
request
- the http request.response
- the http response.- Returns:
- the userId of the authenticated user, or null if the authentication failed.
- Throws:
PortalException
ContinueOnNextRequestException
- if the authentication is not complete and will continue on next request. This is useful when more requests are necessary to complete the authentication.- Since:
- 4.0.10
-
requestAuthentication
protected abstract void requestAuthentication(HttpServletRequest request, HttpServletResponse response) throws PortalException
Request authentication from the browser. The response must be set as necessary so the browser will respond with the necessary authentication information in its next request.This method is called by
authenticate(HttpServletRequest, HttpServletResponse)
when an authentication is necessary but it is not in theSTATE_REQUESTED
state. So this method implements the 'beginning' of the authentication.- Parameters:
request
- the http request.response
- the http response.- Throws:
PortalException
- Since:
- 4.0.10
-
authenticate
public String authenticate(HttpServletRequest request, HttpServletResponse response) throws PortalException, ContinueOnNextRequestException
Tries to authenticate the request, callingdoAuthentication(HttpServletRequest, HttpServletResponse)
orrequestAuthentication(HttpServletRequest, HttpServletResponse)
according to the current state.If current state is
STATE_REQUESTED
, thedoAuthentication
method is called, and the state is changed according to the result of that method. Else if the current state isSTATE_NONE
or theshouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest, HttpServletResponse)
method returns false, therequestAuthentication
method is called, the state is changed toSTATE_REQUESTED
and theContinueOnNextRequestException
exception is thrown. Else the authentication should not be tried andnull
is returned.- Specified by:
authenticate
in interfaceIHttpAuthenticator
- Parameters:
request
- the http request.response
- the http response.- Returns:
- the authenticated user id, or
null
if the authentication failed. - Throws:
ContinueOnNextRequestException
- if the authentication did not complete and requires to wait the next request to proceed. This method may set the response with some data, and throw this exception to await the next browser request after receiving the response set. This is useful for authentications that need more than one request to complete the authentication.PortalException
- Since:
- 4.0.10
- See Also:
lumis.portal.authentication.http
-
-