com.atlassian.stash.auth.HttpAuthenticationHandler |
Implementations may also implement HttpLogoutHandler
, in which case they'll get a callback when the user
logs out.
Please note that the HTTP authentication APIs are currently considered to be BETA and are expected to change slightly in future releases. Breaking API changes will be avoided where possible, but may happen.
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Invoked by the system when authentication is attempted over HTTP.
| |||||||||||
Invoked by the system on requests that have an authenticated user.
|
Invoked by the system when authentication is attempted over HTTP. Implementations must
null
if the handler does not know how to authenticate the user from the request (for
instance when an expected SSO cookie is not present). By returning null
, other
handlers
will be attempted.
handlers
will be attempted.
handlers
will be invoked in
weight order
until a handler successfully
authenticates the StashUser user, or throws an com.atlassian.stash.user.AuthenticationException.authenticationContext | the authentication context that provides username, password, request details, etc. |
---|
null
when the handler opts out of authentication.AuthenticationException | when authentication fails. |
---|
Invoked by the system on requests that have an authenticated user. Implementations that need to check whether an external (SSO) session is still valid should implement that logic here.
This method is called for every incoming request after the user initially authenticated. Implementors should make the implementation of this method as lightweight as possible.authenticationContext | the authentication context that provides the authenticated user, request details, etc. |
---|
AuthenticationException | if the current authentication is no longer valid and the user must re-authenticate. |
---|