public class

Login

extends Object
java.lang.Object
   ↳ com.atlassian.jira.rest.auth.Login

Class Overview

Implement a REST resource for acquiring a session cookie.

Summary

Public Constructors
Login(LoginService loginService, JiraAuthenticationContext jiraAuthenticationContext, VelocityRequestContextFactory velocityRequestContextFactory, I18nHelper i18n)
Public Methods
Response currentUser()
Returns information about the currently authenticated user's session.
Response login(AuthParams credentials, HttpServletRequest request, HttpServletResponse response)
Creates a new session for a user in JIRA.
Response logout(HttpServletRequest request, HttpServletResponse response)
Logs the current user out of JIRA, destroying the existing session, if any.
Protected Methods
void stampDeniedReasonsOnResponse(HttpServletResponse response, Set<DeniedReason> deniedReasons)
Stamps the '{@value com.atlassian.jira.bc.security.login.DeniedReason#X_DENIED_HEADER}' header on the response object.
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public Login (LoginService loginService, JiraAuthenticationContext jiraAuthenticationContext, VelocityRequestContextFactory velocityRequestContextFactory, I18nHelper i18n)

Public Methods

public Response currentUser ()

Returns information about the currently authenticated user's session. If the caller is not authenticated they will get a 401 Unauthorized status code.

Returns
  • JSON containing information about the current user
Throws
URISyntaxException if the self URI is invalid somehow

public Response login (AuthParams credentials, HttpServletRequest request, HttpServletResponse response)

Creates a new session for a user in JIRA. Once a session has been successfully created it can be used to access any of JIRA's remote APIs and also the web UI by passing the appropriate HTTP Cookie header.

Note that it is generally preferrable to use HTTP BASIC authentication with the REST API. However, this resource may be used to mimic the behaviour of JIRA's log-in page (e.g. to display log-in errors to a user).

Parameters
credentials the username and password to authenticate
request injected by Jersey
response injected by Jersey
Returns
  • an AuthSuccess entity
Throws
AuthenticatorException if the DefaultAuthenticator explodes

public Response logout (HttpServletRequest request, HttpServletResponse response)

Logs the current user out of JIRA, destroying the existing session, if any.

Parameters
request injected by Jersey
response injected by Jersey
Returns
  • 401 if the called is not authenticated. NO_CONTENT if the successful.

Protected Methods

protected void stampDeniedReasonsOnResponse (HttpServletResponse response, Set<DeniedReason> deniedReasons)

Stamps the '{@value com.atlassian.jira.bc.security.login.DeniedReason#X_DENIED_HEADER}' header on the response object.

Parameters
response a HttpServletResponse
deniedReasons a Set of DeniedReason