com.atlassian.crowd.integration.seraph
Class CrowdAuthenticator
java.lang.Object
com.atlassian.seraph.auth.AbstractAuthenticator
com.atlassian.seraph.auth.DefaultAuthenticator
com.atlassian.crowd.integration.seraph.CrowdAuthenticator
- All Implemented Interfaces:
- com.atlassian.seraph.auth.Authenticator, com.atlassian.seraph.Initable, java.io.Serializable
- Direct Known Subclasses:
- BambooAuthenticator, ConfluenceAuthenticator, JIRAAuthenticator
public abstract class CrowdAuthenticator
- extends com.atlassian.seraph.auth.DefaultAuthenticator
- See Also:
- Serialized Form
Field Summary |
protected static org.apache.log4j.Logger |
logger
|
Fields inherited from class com.atlassian.seraph.auth.DefaultAuthenticator |
LOGGED_IN_KEY, LOGGED_OUT_KEY |
Fields inherited from interface com.atlassian.seraph.auth.Authenticator |
DEFAULT_AUTHENTICATOR |
Method Summary |
protected boolean |
authenticate(java.security.Principal user,
java.lang.String password)
Override the super method, always return true so that authentication is not called twice when a user logs in. |
protected boolean |
autoLoginToCrowd(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Attempts to authenticate the request based on the auto-login cookie (if set). |
protected void |
fetchUserInCache(java.lang.String username)
Fetches a user with the given username in the cache, in case the user
exists, but cannot be found from the cache yet. |
java.security.Principal |
getUser(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
protected boolean |
isAuthenticated(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Checks to see if the request can be authenticated. |
boolean |
login(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse,
java.lang.String username,
java.lang.String password)
|
boolean |
login(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.String username,
java.lang.String password,
boolean cookie)
|
boolean |
logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
Methods inherited from class com.atlassian.seraph.auth.DefaultAuthenticator |
authoriseUserAndEstablishSession, getAuthType, getElevatedSecurityGuard, getLogoutInterceptors, getRememberMeService, getRoleMapper, getUser, getUserFromBasicAuthentication, getUserFromCookie, getUserFromSession, init, isAuthorised, isUserInRole, putPrincipalInSessionContext, removePrincipalFromSessionContext |
Methods inherited from class com.atlassian.seraph.auth.AbstractAuthenticator |
destroy, getConfig, getRemoteUser, getUser |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
logger
protected static final org.apache.log4j.Logger logger
CrowdAuthenticator
public CrowdAuthenticator(CrowdHttpAuthenticator crowdHttpAuthenticator)
fetchUserInCache
protected void fetchUserInCache(java.lang.String username)
- Fetches a user with the given username in the cache, in case the user
exists, but cannot be found from the cache yet.
By default this method will call
DefaultAuthenticator.getUser(String)
, but JIRA needs
to override it, because DefaultAuthenticator.getUser(String)
only checks the local cache when retrieving users.
- Parameters:
username
- username of the user to be fetched
- Throws:
InvalidAuthenticationException
- if the application or user authentication was not successful.
OperationFailedException
- if the operation has failed for an unknown reason
authenticate
protected boolean authenticate(java.security.Principal user,
java.lang.String password)
- Override the super method, always return true so that authentication is not called twice when a user logs in.
- Overrides:
authenticate
in class com.atlassian.seraph.auth.DefaultAuthenticator
login
public boolean login(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.String username,
java.lang.String password,
boolean cookie)
throws com.atlassian.seraph.auth.AuthenticatorException
- Specified by:
login
in interface com.atlassian.seraph.auth.Authenticator
- Overrides:
login
in class com.atlassian.seraph.auth.DefaultAuthenticator
- Throws:
com.atlassian.seraph.auth.AuthenticatorException
login
public boolean login(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse,
java.lang.String username,
java.lang.String password)
throws com.atlassian.seraph.auth.AuthenticatorException
- Specified by:
login
in interface com.atlassian.seraph.auth.Authenticator
- Overrides:
login
in class com.atlassian.seraph.auth.AbstractAuthenticator
- Throws:
com.atlassian.seraph.auth.AuthenticatorException
logout
public boolean logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws com.atlassian.seraph.auth.AuthenticatorException
- Specified by:
logout
in interface com.atlassian.seraph.auth.Authenticator
- Overrides:
logout
in class com.atlassian.seraph.auth.DefaultAuthenticator
- Throws:
com.atlassian.seraph.auth.AuthenticatorException
isAuthenticated
protected boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- Checks to see if the request can be authenticated. This method checks (in order):
-
Trusted Apps: it is possible that an earlier filter authenticated the request,
so check to see if this is the case.
-
Seraph-Remember Me: sees if the username and password are in the seraph remember-me
cookie
-
Crowd Authenticator: if a valid Crowd session-cookie (token) exists,
the HttpAuthenticator will authenticate the request as "valid".
-
AutoLogin Cookie: if a valid "remember me" persistent-cookie exists,
the username/password will be decoded from the cookie and the user
will be authenticated via the HttpAuthenticator. This will automatically
create a Crowd session-cookie (token) for the session.
If all checks fail authentication, the isAuthenticated method returns false, and the user is logged out.
- Parameters:
request
- servlet request.response
- servlet response.
- Returns:
- true if request can be authenticated.
autoLoginToCrowd
protected boolean autoLoginToCrowd(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- Attempts to authenticate the request based on the auto-login cookie (if set).
This will only authenticate to Crowd via HttpAuthenticator. This will not set
any session variables and the like.
- Parameters:
request
- servlet request.response
- servlet response.
- Returns:
- true if authentication via HttpAuthenticator using auto-login credentials successful.
getUser
public java.security.Principal getUser(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- Specified by:
getUser
in interface com.atlassian.seraph.auth.Authenticator
- Overrides:
getUser
in class com.atlassian.seraph.auth.DefaultAuthenticator
Copyright © 2010 Atlassian. All Rights Reserved.