com.atlassian.crowd.integration.seraph
Class CrowdAuthenticator
java.lang.Object
com.atlassian.seraph.auth.AbstractAuthenticator
com.atlassian.seraph.auth.DefaultAuthenticator
com.atlassian.crowd.integration.seraph.CrowdAuthenticator
- All Implemented Interfaces:
- com.atlassian.seraph.auth.Authenticator, com.atlassian.seraph.Initable, java.io.Serializable
- Direct Known Subclasses:
- BambooAuthenticator, ConfluenceAuthenticator, JIRAAuthenticator
public abstract class CrowdAuthenticator
- extends com.atlassian.seraph.auth.DefaultAuthenticator
- See Also:
- Serialized Form
|
Field Summary |
protected static org.apache.log4j.Logger |
logger
|
| Fields inherited from class com.atlassian.seraph.auth.DefaultAuthenticator |
LOGGED_IN_KEY, LOGGED_OUT_KEY |
| Fields inherited from interface com.atlassian.seraph.auth.Authenticator |
DEFAULT_AUTHENTICATOR |
|
Method Summary |
protected boolean |
authenticate(java.security.Principal user,
java.lang.String password)
Override the super method, always return true so that authentication is not called twice when a user logs in. |
protected boolean |
autoLoginToCrowd(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Attempts to authenticate the request based on the auto-login cookie (if set). |
protected void |
fetchUserInCache(java.lang.String username)
Fetches a user with the given username in the cache, in case the user
exists, but cannot be found from the cache yet. |
java.security.Principal |
getUser(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
protected boolean |
isAuthenticated(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Checks to see if the request can be authenticated. |
boolean |
login(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse,
java.lang.String username,
java.lang.String password)
|
boolean |
login(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.String username,
java.lang.String password,
boolean cookie)
|
boolean |
logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
| Methods inherited from class com.atlassian.seraph.auth.DefaultAuthenticator |
authoriseUserAndEstablishSession, getAuthType, getElevatedSecurityGuard, getLogoutInterceptors, getRememberMeService, getRoleMapper, getUser, getUserFromBasicAuthentication, getUserFromCookie, getUserFromSession, init, isAuthorised, isPrincipalAlreadyInSessionContext, isUserInRole, putPrincipalInSessionContext, refreshPrincipalObtainedFromSession, removePrincipalFromSessionContext |
| Methods inherited from class com.atlassian.seraph.auth.AbstractAuthenticator |
destroy, getConfig, getRemoteUser, getUser |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
logger
protected static final org.apache.log4j.Logger logger
CrowdAuthenticator
public CrowdAuthenticator(CrowdHttpAuthenticator crowdHttpAuthenticator)
fetchUserInCache
protected void fetchUserInCache(java.lang.String username)
throws UserNotFoundException,
InvalidAuthenticationException,
OperationFailedException
- Fetches a user with the given username in the cache, in case the user
exists, but cannot be found from the cache yet.
By default this method will call
DefaultAuthenticator.getUser(String), but JIRA needs
to override it, because DefaultAuthenticator.getUser(String)
only checks the local cache when retrieving users.
- Parameters:
username - username of the user to be fetched
- Throws:
InvalidAuthenticationException - if the application or user authentication was not successful.
OperationFailedException - if the operation has failed for an unknown reason
UserNotFoundException
authenticate
protected boolean authenticate(java.security.Principal user,
java.lang.String password)
- Override the super method, always return true so that authentication is not called twice when a user logs in.
- Specified by:
authenticate in class com.atlassian.seraph.auth.DefaultAuthenticator
login
public boolean login(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.String username,
java.lang.String password,
boolean cookie)
throws com.atlassian.seraph.auth.AuthenticatorException
- Specified by:
login in interface com.atlassian.seraph.auth.Authenticator- Overrides:
login in class com.atlassian.seraph.auth.DefaultAuthenticator
- Throws:
com.atlassian.seraph.auth.AuthenticatorException
login
public boolean login(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse,
java.lang.String username,
java.lang.String password)
throws com.atlassian.seraph.auth.AuthenticatorException
- Specified by:
login in interface com.atlassian.seraph.auth.Authenticator- Overrides:
login in class com.atlassian.seraph.auth.AbstractAuthenticator
- Throws:
com.atlassian.seraph.auth.AuthenticatorException
logout
public boolean logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws com.atlassian.seraph.auth.AuthenticatorException
- Specified by:
logout in interface com.atlassian.seraph.auth.Authenticator- Overrides:
logout in class com.atlassian.seraph.auth.DefaultAuthenticator
- Throws:
com.atlassian.seraph.auth.AuthenticatorException
isAuthenticated
protected boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- Checks to see if the request can be authenticated. This method checks (in order):
-
Trusted Apps: it is possible that an earlier filter authenticated the request,
so check to see if this is the case.
-
Seraph-Remember Me: sees if the username and password are in the seraph remember-me
cookie
-
Crowd Authenticator: if a valid Crowd session-cookie (token) exists,
the HttpAuthenticator will authenticate the request as "valid".
-
AutoLogin Cookie: if a valid "remember me" persistent-cookie exists,
the username/password will be decoded from the cookie and the user
will be authenticated via the HttpAuthenticator. This will automatically
create a Crowd session-cookie (token) for the session.
If all checks fail authentication, the isAuthenticated method returns false, and the user is logged out.
- Parameters:
request - servlet request.response - servlet response.
- Returns:
- true if request can be authenticated.
autoLoginToCrowd
protected boolean autoLoginToCrowd(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- Attempts to authenticate the request based on the auto-login cookie (if set).
This will only authenticate to Crowd via HttpAuthenticator. This will not set
any session variables and the like.
- Parameters:
request - servlet request.response - servlet response.
- Returns:
- true if authentication via HttpAuthenticator using auto-login credentials successful.
getUser
public java.security.Principal getUser(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- Specified by:
getUser in interface com.atlassian.seraph.auth.Authenticator- Overrides:
getUser in class com.atlassian.seraph.auth.DefaultAuthenticator
Copyright © 2012 Atlassian. All Rights Reserved.