com.atlassian.crowd.integration.http
public interface CrowdHttpAuthenticator
authenticate: authenticate a user.isAuthenticated: determine if a request is authenticated.getUser: retrieve the user for an authenticated request.logout: sign the user out.HttpAuthenticatorFactory to get an
instance of a class, or use an IoC container (like Spring)
to manage the underlying implementation as a singleton.| Modifier and Type | Method and Description |
|---|---|
User |
authenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
String username,
String password)
Authenticates the user based on provided credentials.
|
User |
authenticateWithoutValidatingPassword(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
String username)
Authenticates the user without validating password.
|
AuthenticationState |
checkAuthenticated(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Tests whether a request is authenticated via SSO.
|
String |
getToken(javax.servlet.http.HttpServletRequest request)
Retrieves the Crowd authentication token from the request.
|
User |
getUser(javax.servlet.http.HttpServletRequest request)
Attempts to retrieve the currently authenticated User from the request.
|
boolean |
isAuthenticated(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Deprecated.
since 2.8.3. Use
checkAuthenticated(HttpServletRequest, HttpServletResponse) instead. |
void |
logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Logs out the authenticated user.
|
@Nullable User getUser(javax.servlet.http.HttpServletRequest request) throws InvalidTokenException, ApplicationPermissionException, InvalidAuthenticationException, OperationFailedException
request - HTTP request, possibly containing a Crowd SSO cookie.User or null if the there is no authenticated user.InvalidTokenException - if the token in the request is not valid.ApplicationPermissionException - if the application is not permitted to perform the requested operation on the server.InvalidAuthenticationException - if the application and password are not valid.OperationFailedException - if the operation has failed for an unknown reason.@Nonnull User authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password) throws ApplicationPermissionException, InvalidAuthenticationException, OperationFailedException, ApplicationAccessDeniedException, ExpiredCredentialException, InactiveAccountException, InvalidTokenException
request - request to set the Crowd SSO tokenresponse - response to set the Crowd SSO token cookieusername - username to authenticatepassword - password of the userApplicationPermissionException - if the application is not permitted to perform the requested operation on the server.InvalidAuthenticationException - if the application and password are not valid.OperationFailedException - if the operation has failed for an unknown reason.ApplicationAccessDeniedExceptionExpiredCredentialExceptionInactiveAccountExceptionInvalidTokenException@Nonnull User authenticateWithoutValidatingPassword(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username) throws ApplicationPermissionException, InvalidAuthenticationException, OperationFailedException, ApplicationAccessDeniedException, InactiveAccountException, InvalidTokenException
request - request to set the Crowd SSO tokenresponse - response to set the Crowd SSO token cookieusername - username to authenticateApplicationPermissionException - if the application is not permitted to perform the requested operation on the server.InvalidAuthenticationException - if the application and password are not valid.OperationFailedException - if the operation has failed for an unknown reason.ApplicationAccessDeniedExceptionInactiveAccountExceptionInvalidTokenException@Deprecated boolean isAuthenticated(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws OperationFailedException
checkAuthenticated(HttpServletRequest, HttpServletResponse) instead.request - HttpServletRequestresponse - HttpServletResponsetrue if and only if the request has been authenticated.OperationFailedException - if the operation has failed for an unknown reason.@Nonnull AuthenticationState checkAuthenticated(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws OperationFailedException
request - HttpServletRequestresponse - HttpServletResponseOperationFailedException - if the operation has failed for an unknown reason.void logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws ApplicationPermissionException,
InvalidAuthenticationException,
OperationFailedException
request - request contains the Crowd SSO token to invalidate and hence log the user out.response - response returns a request to remove the token cookie from the user browser.ApplicationPermissionException - if the application is not permitted to perform the requested operation on the server.InvalidAuthenticationException - if the application and password are not valid.OperationFailedException - if the operation has failed for an unknown reason.@Nullable String getToken(javax.servlet.http.HttpServletRequest request)
request - request to look for the Crowd SSO token.IllegalArgumentException - if the request is nullCopyright © 2015 Atlassian. All Rights Reserved.