com.atlassian.crowd.integration.http.util

Interface CrowdHttpTokenHelper

All Known Implementing Classes:

CrowdHttpTokenHelperImpl

public interface CrowdHttpTokenHelper

Helper class for Crowd SSO token operations.

Method Summary

Modifier and Type	Method and Description
String	getCrowdToken(javax.servlet.http.HttpServletRequest request, String tokenName) Retrieves the Crowd authentication token from the request either via: a request attribute (not request parameter), OR a cookie on the request
UserAuthenticationContext	getUserAuthenticationContext(javax.servlet.http.HttpServletRequest request, String username, String password, ClientProperties clientProperties) Returns the user authentication context from a request.
CrowdHttpValidationFactorExtractor	getValidationFactorExtractor() Returns the ValidationFactor extractor.
void	removeCrowdToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, ClientProperties clientProperties, CookieConfiguration cookieConfig) Removes the Crowd SSO token.
void	setCrowdToken(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String token, ClientProperties clientProperties, CookieConfiguration cookieConfig) Sets the Crowd SSO token in: the request: as an attribute, so the user is authenticated for the span of the request. the response: as a cookie, so the user is authenticated for subsequent requests. Also sets the last session validation date/time.

Method Detail

getCrowdToken

String getCrowdToken(javax.servlet.http.HttpServletRequest request,
                     String tokenName)

Retrieves the Crowd authentication token from the request either via:

1. a request attribute (not request parameter), OR
2. a cookie on the request

Parameters:

request - request to look for the Crowd SSO token.

tokenName - name of the request attribute and cookie for the Crowd SSO token.

Returns:

value of the token if found, otherwise null.

Throws:

IllegalArgumentException - if the request or tokenName is null

removeCrowdToken

void removeCrowdToken(javax.servlet.http.HttpServletRequest request,
                      javax.servlet.http.HttpServletResponse response,
                      ClientProperties clientProperties,
                      CookieConfiguration cookieConfig)

Removes the Crowd SSO token. Deletes the token cookie by session the cookie in the response to max age of 0; and removes the token attributes from the request.

Parameters:

request - request to invalidate the client for.

response - response to invalidate the cookie for. Can be null.

clientProperties - properties of the client

cookieConfig - cookie configuration. Can be null if response is null since no cookie will be set.

setCrowdToken

void setCrowdToken(javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response,
                   String token,
                   ClientProperties clientProperties,
                   CookieConfiguration cookieConfig)

Sets the Crowd SSO token in:

1. the request: as an attribute, so the user is authenticated for the span of the request.
2. the response: as a cookie, so the user is authenticated for subsequent requests.

Also sets the last session validation date/time.

Parameters:

request - request to set the attribute and session attribute for.

response - response to set the cookie for. Can be null.

token - token value to use.

clientProperties - properties of the client

cookieConfig - Cookie configuration

getUserAuthenticationContext

UserAuthenticationContext getUserAuthenticationContext(javax.servlet.http.HttpServletRequest request,
                                                       String username,
                                                       String password,
                                                       ClientProperties clientProperties)

Returns the user authentication context from a request.

Parameters:

request - HttpRequest object

username - user's name

password - user's password

clientProperties - properties of the client

Returns:

UserAuthenticationContext.

getValidationFactorExtractor

CrowdHttpValidationFactorExtractor getValidationFactorExtractor()

Returns the ValidationFactor extractor.

Returns:

validation factor extractor