TokenAuthenticationInvocationHandler (Atlassian Confluence 5.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.confluence.rpc.auth
Class TokenAuthenticationInvocationHandler

java.lang.Object
  com.atlassian.confluence.rpc.auth.TokenAuthenticationInvocationHandler

All Implemented Interfaces:: InvocationHandler

public class TokenAuthenticationInvocationHandler
extends Object
implements InvocationHandler
extends Object
implements InvocationHandler

An interceptor to handle token based authentication and login/logout.

For login and logout method calls on the target object, invokes TokenAuthenticationManager.login(String, String) or TokenAuthenticationManager.logout(String) instead.

For all other methods, uses the first argument as a token to look up an authenticated user in the TokenAuthenticationManager and set the AuthenticatedUserThreadLocal before executing the method.

Constructor Summary
`TokenAuthenticationInvocationHandler()`

Method Summary
`protected com.atlassian.user.User`	`getAuthenticatedUser(String token)` Determines which user is performing the request.
`Object`	`invoke(Object proxy, Method method, Object[] args)`
`protected Object`	`invokeAuthenticatedMethod(com.atlassian.user.User user, Method method, Object[] args)` Sets the authenticated user to the provided user before calling the method and restores the original user afterwards.
`static Object`	`makeAuthenticatingProxy(Object rpcService, Class publishedInterface)`
`void`	`setTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager)`
`void`	`setWrappedObject(Object wrappedObject)`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

TokenAuthenticationInvocationHandler

public TokenAuthenticationInvocationHandler()

Method Detail

makeAuthenticatingProxy

public static Object makeAuthenticatingProxy(Object rpcService,
                                             Class publishedInterface)

invoke

public Object invoke(Object proxy,
                     Method method,
                     Object[] args)
              throws Throwable

Specified by:: invoke in interface InvocationHandler

Throws:: Throwable

invokeAuthenticatedMethod

protected Object invokeAuthenticatedMethod(com.atlassian.user.User user,
                                           Method method,
                                           Object[] args)
                                    throws Throwable

Sets the authenticated user to the provided user before calling the method and restores the original user afterwards.

Parameters:: user - the user who is executing the method; method - the method to execute; args - any arguments to the method
Returns:: the result of executing the method
Throws:: Throwable - rethrows any exception thrown by the invoked method
See Also:: AuthenticatedUserThreadLocal

getAuthenticatedUser

protected com.atlassian.user.User getAuthenticatedUser(String token)
                                                throws InvalidSessionException,
                                                       NotPermittedException

Determines which user is performing the request. It attempts, in order:

a non-anonymous user registered against provided token, if it is not blank
a non-anonymous user authenticated by the normal security filters
finally, the default is the anonymous user.

Returns the authenticated user.

Parameters:: token - the authentication token
Returns:: an authenticated user
Throws:: InvalidSessionException - if the provided token is invalid; NotPermittedException - if we need to fall back to the anonymous user, but anonymous access to the remote API is disabled

setWrappedObject

public void setWrappedObject(Object wrappedObject)

setTokenAuthenticationManager

public void setTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager)