lumis.portal.authentication.http
Class HttpHandshakeAuthenticator

Package class diagram package HttpHandshakeAuthenticator
java.lang.Object
  extended by lumis.portal.authentication.http.HttpHandshakeAuthenticator
All Implemented Interfaces:
IHttpAuthenticator
Direct Known Subclasses:
NtlmAuthenticator

@StableMinor(version="6.2",
             sinceVersion="4.0")
public abstract class HttpHandshakeAuthenticator
extends Object
implements IHttpAuthenticator

An abstract implementation of IHttpAuthenticator for making it easier to implement authenticators that require multiple http requests to complete the authentication.

Controls the current state, storing it in the http session. To use this class the methods doAuthentication(HttpServletRequest, HttpServletResponse) and requestAuthentication(HttpServletRequest, HttpServletResponse) must be implemented.

Since:
4.0.10
See Also:
lumis.portal.authentication.http

Field Summary
protected static String ATTRIBUTE_STATE
          Constant containing the name of the attribute used to store the state of the authentication in a session.
protected static byte STATE_AUTHENTICATED
          Constant used to represent the state where the authentication has been completed.
protected static byte STATE_FAILED
          Constant used to represent the state where the authentication has been tried but failed.
protected static byte STATE_NONE
          Constant used to represent the state where the authentication has not initiated.
protected static byte STATE_REQUESTED
          Constant used to represent the state where the authentication has been requested, but was not completed.
 
Constructor Summary
HttpHandshakeAuthenticator()
           
 
Method Summary
 String authenticate(HttpServletRequest request, HttpServletResponse response)
          Tries to authenticate the request, calling doAuthentication(HttpServletRequest, HttpServletResponse) or requestAuthentication(HttpServletRequest, HttpServletResponse) according to the current state.
protected abstract  String doAuthentication(HttpServletRequest request, HttpServletResponse response)
          Perform the user authentication for the given request.
protected  byte getAuthenticationState(HttpServletRequest request)
          Returns the authentication state for the given request.
protected abstract  void requestAuthentication(HttpServletRequest request, HttpServletResponse response)
          Request authentication from the browser.
protected  void setAuthenticationState(HttpServletRequest request, byte state)
          Sets the authentication state for the given request.
protected  boolean shouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest request, HttpServletResponse response)
          Indicates if the user should be tried to be authenticated only once each session.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ATTRIBUTE_STATE

protected static final String ATTRIBUTE_STATE
Constant containing the name of the attribute used to store the state of the authentication in a session. The value for this attribute must be one of the STATE constants.

Since:
4.0.10
See Also:
STATE_REQUESTED, STATE_AUTHENTICATED, Constant Field Values

STATE_NONE

protected static final byte STATE_NONE
Constant used to represent the state where the authentication has not initiated.

Since:
4.0.10

STATE_REQUESTED

protected static final byte STATE_REQUESTED
Constant used to represent the state where the authentication has been requested, but was not completed.

Since:
4.0.10

STATE_AUTHENTICATED

protected static final byte STATE_AUTHENTICATED
Constant used to represent the state where the authentication has been completed.

Since:
4.0.10

STATE_FAILED

protected static final byte STATE_FAILED
Constant used to represent the state where the authentication has been tried but failed.

Since:
4.0.10
Constructor Detail

HttpHandshakeAuthenticator

public HttpHandshakeAuthenticator()
Method Detail

getAuthenticationState

protected byte getAuthenticationState(HttpServletRequest request)
Returns the authentication state for the given request.

Parameters:
request - the http request.
Returns:
the state. One of the STATE constants.
Since:
4.0.10

setAuthenticationState

protected void setAuthenticationState(HttpServletRequest request,
                                      byte state)
Sets the authentication state for the given request.

Parameters:
request - the http request.
state - the state to set. One of the STATE constants.
Since:
4.0.10

shouldTryToAuthenticateOnlyOncePerSession

protected boolean shouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest request,
                                                            HttpServletResponse response)
Indicates if the user should be tried to be authenticated only once each session. The default implementation returns true. This affects when if authenticate(HttpServletRequest, HttpServletResponse) will ignore further authenticate attempts when an authentication has already been tried for the current session.

Returns:
true if should try to authenticate the request only once per session, false otherwise.
Since:
4.0.10

doAuthentication

protected abstract String doAuthentication(HttpServletRequest request,
                                           HttpServletResponse response)
                                    throws PortalException,
                                           ContinueOnNextRequestException
Perform the user authentication for the given request.

This method is called by authenticate(HttpServletRequest, HttpServletResponse) when the current state is STATE_REQUESTED. So this method implements the 'continuation' of the authentication, after it already began.

Parameters:
request - the http request.
response - the http response.
Returns:
the userId of the authenticated user, or null if the authentication failed.
Throws:
PortalException
ContinueOnNextRequestException - if the authentication is not complete and will continue on next request. This is useful when more requests are necessary to complete the authentication.
Since:
4.0.10

requestAuthentication

protected abstract void requestAuthentication(HttpServletRequest request,
                                              HttpServletResponse response)
                                       throws PortalException
Request authentication from the browser. The response must be set as necessary so the browser will respond with the necessary authentication information in its next request.

This method is called by authenticate(HttpServletRequest, HttpServletResponse) when an authentication is necessary but it is not in the STATE_REQUESTED state. So this method implements the 'beginning' of the authentication.

Parameters:
request - the http request.
response - the http response.
Throws:
PortalException
Since:
4.0.10

authenticate

public String authenticate(HttpServletRequest request,
                           HttpServletResponse response)
                    throws PortalException,
                           ContinueOnNextRequestException
Tries to authenticate the request, calling doAuthentication(HttpServletRequest, HttpServletResponse) or requestAuthentication(HttpServletRequest, HttpServletResponse) according to the current state.

If current state is STATE_REQUESTED, the doAuthentication method is called, and the state is changed according to the result of that method. Else if the current state is STATE_NONE or the shouldTryToAuthenticateOnlyOncePerSession(HttpServletRequest, HttpServletResponse) method returns false, the requestAuthentication method is called, the state is changed to STATE_REQUESTED and the ContinueOnNextRequestException exception is thrown. Else the authentication should not be tried and null is returned.

Specified by:
authenticate in interface IHttpAuthenticator
Parameters:
request - the http request.
response - the http response.
Returns:
the authenticated user id, or null if the authentication failed.
Throws:
ContinueOnNextRequestException - if the authentication did not complete and requires to wait the next request to be proceed. This method may set the response with some data, and throw this exception to await the next browser request after receiving the response set. This is useful for authentications that need more than one request to complete the authentication.
PortalException
Since:
4.0.10
See Also:
lumis.portal.authentication.http


Lumisportal  6.2.0.120405 - Copyright © 2006–2012 Lumis EIP Tecnologia da Informação LTDA. All Rights Reserved.