TokenAuthenticationInvocationHandler (Atlassian Confluence 5.4.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.confluence.rpc.auth
Class TokenAuthenticationInvocationHandler

java.lang.Object
  com.atlassian.confluence.rpc.auth.TokenAuthenticationInvocationHandler

All Implemented Interfaces:: java.lang.reflect.InvocationHandler

public class TokenAuthenticationInvocationHandler
extends java.lang.Object
implements java.lang.reflect.InvocationHandler
extends java.lang.Object
implements java.lang.reflect.InvocationHandler

An interceptor to handle token based authentication and login/logout.

For login and logout method calls on the target object, invokes TokenAuthenticationManager.login(String, String) or TokenAuthenticationManager.logout(String) instead.

For all other methods, uses the first argument as a token to look up an authenticated user in the TokenAuthenticationManager and set the AuthenticatedUserThreadLocal before executing the method.

Constructor Summary
`TokenAuthenticationInvocationHandler()`

Method Summary
`protected ConfluenceUser`	`getAuthenticatedUser(java.lang.String token)` Determines which user is performing the request.
`java.lang.Object`	`invoke(java.lang.Object proxy, java.lang.reflect.Method method, java.lang.Object[] args)`
`protected java.lang.Object`	`invokeAuthenticatedMethod(ConfluenceUser user, java.lang.reflect.Method method, java.lang.Object[] args)` Sets the authenticated user to the provided user before calling the method and restores the original user afterwards.
`static java.lang.Object`	`makeAuthenticatingProxy(java.lang.Object rpcService, java.lang.Class publishedInterface)`
`void`	`setTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager)`
`void`	`setWrappedObject(java.lang.Object wrappedObject)`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

TokenAuthenticationInvocationHandler

public TokenAuthenticationInvocationHandler()

Method Detail

makeAuthenticatingProxy

public static java.lang.Object makeAuthenticatingProxy(java.lang.Object rpcService,
                                                       java.lang.Class publishedInterface)

invoke

public java.lang.Object invoke(java.lang.Object proxy,
                               java.lang.reflect.Method method,
                               java.lang.Object[] args)
                        throws java.lang.Throwable

Specified by:: invoke in interface java.lang.reflect.InvocationHandler

Throws:: java.lang.Throwable

invokeAuthenticatedMethod

protected java.lang.Object invokeAuthenticatedMethod(ConfluenceUser user,
                                                     java.lang.reflect.Method method,
                                                     java.lang.Object[] args)
                                              throws java.lang.Throwable

Sets the authenticated user to the provided user before calling the method and restores the original user afterwards.

Parameters:: user - the user who is executing the method; method - the method to execute; args - any arguments to the method
Returns:: the result of executing the method
Throws:: java.lang.Throwable - rethrows any exception thrown by the invoked method
See Also:: AuthenticatedUserThreadLocal

getAuthenticatedUser

protected ConfluenceUser getAuthenticatedUser(java.lang.String token)
                                       throws InvalidSessionException,
                                              NotPermittedException

Determines which user is performing the request. It attempts, in order:

a non-anonymous user registered against provided token, if it is not blank
a non-anonymous user authenticated by the normal security filters
finally, the default is the anonymous user.

Returns the authenticated user.

Parameters:: token - the authentication token
Returns:: an authenticated user
Throws:: InvalidSessionException - if the provided token is invalid; NotPermittedException - if we need to fall back to the anonymous user, but anonymous access to the remote API is disabled

setWrappedObject

public void setWrappedObject(java.lang.Object wrappedObject)

setTokenAuthenticationManager

public void setTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager)