public final class NonLoginAuthenticator extends AuthenticatorBase
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso
asyncSupported, container, containerLog, next
mserver
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
Constructor and Description |
---|
NonLoginAuthenticator() |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(Request request,
HttpServletResponse response,
LoginConfig config)
Authenticate the user making this request, based on the fact that no
login-config has been defined for the container. |
protected java.lang.String |
getAuthMethod()
Return the authentication method, which is vendor-specific and
not defined by HttpServletRequest.
|
java.lang.String |
getInfo()
Return descriptive information about this Valve implementation.
|
associate, authenticate, checkForCachedAuthentication, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getRequestCertificates, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, login, logout, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal
backgroundProcess, event, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop
public java.lang.String getInfo()
getInfo
in interface Valve
getInfo
in class AuthenticatorBase
public boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws java.io.IOException
Authenticate the user making this request, based on the fact that no
login-config
has been defined for the container.
This implementation means "login the user even though there is no self-contained way to establish a security Principal for that user".
This method is called by the AuthenticatorBase super class to
establish a Principal for the user BEFORE the container security
constraints are examined, i.e. it is not yet known whether the user
will eventually be permitted to access the requested resource.
Therefore, it is necessary to always return true
to
indicate the user has not failed authentication.
There are two cases:
auth-method
to authenticate the
user, so leave Request's Principal as null.
Note: AuthenticatorBase will later examine the security constraints
to determine whether the resource is accessible by a user
without a security Principal and Role (i.e. unauthenticated).
authenticate
in interface Authenticator
authenticate
in class AuthenticatorBase
request
- Request we are processingresponse
- Response we are creatingconfig
- Login configuration describing how authentication
should be performedjava.io.IOException
- if an input/output error occursprotected java.lang.String getAuthMethod()
getAuthMethod
in class AuthenticatorBase
Copyright © 2000-2015 Apache Software Foundation. All Rights Reserved.