Package com.atlassian.confluence.user

Class ConfluenceAuthenticator

    • Field Summary

      • Fields inherited from class com.atlassian.seraph.auth.DefaultAuthenticator

        LOGGED_IN_KEY, LOGGED_IN_USER_ID_KEY, LOGGED_OUT_KEY

    • Constructor Detail

      • ConfluenceAuthenticator

        public ConfluenceAuthenticator()

    • Method Detail

      • logout

        public boolean logout​(javax.servlet.http.HttpServletRequest request,
                      javax.servlet.http.HttpServletResponse response)
               throws com.atlassian.seraph.auth.AuthenticatorException
        Specified by:
        logout in interface com.atlassian.seraph.auth.Authenticator
        Overrides:
        logout in class com.atlassian.seraph.auth.DefaultAuthenticator
        Throws:
        com.atlassian.seraph.auth.AuthenticatorException

      • login

        public boolean login​(javax.servlet.http.HttpServletRequest httpServletRequest,
                     javax.servlet.http.HttpServletResponse httpServletResponse,
                     String username,
                     String password,
                     boolean setRememberMeCookie)
              throws com.atlassian.seraph.auth.AuthenticatorException
        Specified by:
        login in interface com.atlassian.seraph.auth.Authenticator
        Overrides:
        login in class com.atlassian.seraph.auth.DefaultAuthenticator
        Throws:
        com.atlassian.seraph.auth.AuthenticatorException

      • authenticate

        protected boolean authenticate​(Principal user,
                               String password)
                        throws com.atlassian.seraph.auth.AuthenticatorException
        Specified by:
        authenticate in class com.atlassian.seraph.auth.DefaultAuthenticator
        Throws:
        com.atlassian.seraph.auth.AuthenticatorException

      • isPrincipalAlreadyInSessionContext

        protected boolean isPrincipalAlreadyInSessionContext​(javax.servlet.http.HttpServletRequest httpServletRequest,
                                                     Principal principal)
        Overrides:
        isPrincipalAlreadyInSessionContext in class com.atlassian.seraph.auth.DefaultAuthenticator

      • putPrincipalInSessionContext

        protected void putPrincipalInSessionContext​(javax.servlet.http.HttpServletRequest httpServletRequest,
                                            Principal principal)
        Overrides:
        putPrincipalInSessionContext in class com.atlassian.seraph.auth.DefaultAuthenticator

      • getUserFromSession

        protected Principal getUserFromSession​(javax.servlet.http.HttpServletRequest httpServletRequest)
        Use this implementation of this method from DefaultAuthenticator in Seraph 4.1.0. The implementation of this method made a breaking change in Seraph 4.1.2, so that that refreshPrincipalObtainedFromSession(HttpServletRequest, Principal) methods is no longer called. Reinstating the original implementation fixes it.

        Note that we'll need to retain this override until such a time as Seraph correctly identifies session attributes using user keys rather than user names.

        Overrides:
        getUserFromSession in class com.atlassian.seraph.auth.DefaultAuthenticator

      • refreshPrincipalObtainedFromSession

        protected Principal refreshPrincipalObtainedFromSession​(javax.servlet.http.HttpServletRequest httpServletRequest,
                                                        Principal principal)
        For error request processing, we skip refreshing the principal, since that requires a database connection, and we may be getting errors because of database connection pool exhaustion. For the purposes of error page rendering, we don't need to be too picky about refreshing the user from the database - as long as we have one in the session we just use that.
        Overrides:
        refreshPrincipalObtainedFromSession in class com.atlassian.seraph.auth.DefaultAuthenticator

      • getEventPublisher

        protected com.atlassian.event.api.EventPublisher getEventPublisher()

      • setUserAccessor

        public void setUserAccessor​(UserAccessor userAccessor)

      • getUserAccessor

        protected UserAccessor getUserAccessor()

      • getUser

        protected ConfluenceUser getUser​(String uid)
        Specified by:
        getUser in class com.atlassian.seraph.auth.DefaultAuthenticator

      • authoriseUserAndEstablishSession

        protected boolean authoriseUserAndEstablishSession​(javax.servlet.http.HttpServletRequest httpServletRequest,
                                                   javax.servlet.http.HttpServletResponse httpServletResponse,
                                                   Principal principal)
        Overrides:
        authoriseUserAndEstablishSession in class com.atlassian.seraph.auth.DefaultAuthenticator