Class CacheAwareCrowdHttpAuthenticator
java.lang.Object
com.atlassian.crowd.integration.http.CacheAwareCrowdHttpAuthenticator
- All Implemented Interfaces:
CrowdHttpAuthenticator
CacheAwareCrowdHttpAuthenticator ensures that a user exists in the cache when a user is retrieved from the server or
is authenticated.
-
Constructor Summary
ConstructorsConstructorDescriptionCacheAwareCrowdHttpAuthenticator(CrowdHttpAuthenticator delegate, AuthenticatorUserCache userCache) -
Method Summary
Modifier and TypeMethodDescriptionauthenticate(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String username, String password) Authenticates the user based on provided credentials.authenticateWithoutValidatingPassword(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String username) Authenticates the user without validating password.checkAuthenticated(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Tests whether a request is authenticated via SSO.getToken(jakarta.servlet.http.HttpServletRequest request) Retrieves the Crowd authentication token from the request.getUser(jakarta.servlet.http.HttpServletRequest request) Attempts to retrieve the currently authenticated User from the request.voidlogout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Logs out the authenticated user.
-
Constructor Details
-
CacheAwareCrowdHttpAuthenticator
public CacheAwareCrowdHttpAuthenticator(CrowdHttpAuthenticator delegate, AuthenticatorUserCache userCache)
-
-
Method Details
-
getUser
public User getUser(jakarta.servlet.http.HttpServletRequest request) throws InvalidTokenException, InvalidAuthenticationException, ApplicationPermissionException, OperationFailedException Description copied from interface:CrowdHttpAuthenticatorAttempts to retrieve the currently authenticated User from the request. This will attempt to find the Crowd SSO token via:- a request attribute (not the request parameter), OR
- a cookie on the request
- Specified by:
getUserin interfaceCrowdHttpAuthenticator- Parameters:
request- HTTP request, possibly containing a Crowd SSO cookie.- Returns:
- authenticated
Userornullif the there is no authenticated user. - Throws:
InvalidTokenException- if the token in the request is not valid.InvalidAuthenticationException- if the application and password are not valid.ApplicationPermissionException- if the application is not permitted to perform the requested operation on the server.OperationFailedException- if the operation has failed for an unknown reason.
-
authenticate
public User authenticate(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String username, String password) throws InvalidTokenException, ApplicationAccessDeniedException, InvalidAuthenticationException, ExpiredCredentialException, ApplicationPermissionException, InactiveAccountException, OperationFailedException Description copied from interface:CrowdHttpAuthenticatorAuthenticates the user based on provided credentials.Validation factors (such as IP address) are extracted from the request.
If the user is successfully authenticated, the Crowd SSO token is placed in:
- the request: as an attribute, so the user is authenticated for the span of the request.
- the response: as a cookie, so the user is authenticated for subsequent requests.
If the credentials fail authentication, any existing Crowd SSO token is removed from:
- the request attribute.
- the response as a cookie as a cookie with a max-age of 0.
- Specified by:
authenticatein interfaceCrowdHttpAuthenticator- Parameters:
request- request to set the Crowd SSO tokenresponse- response to set the Crowd SSO token cookieusername- username to authenticatepassword- password of the user- Returns:
- the authenticated user if the authentication was successful, otherwise an exception is thrown.
- Throws:
InvalidAuthenticationException- if the application and password are not valid.ApplicationPermissionException- if the application is not permitted to perform the requested operation on the server.OperationFailedException- if the operation has failed for an unknown reason.InvalidTokenExceptionApplicationAccessDeniedExceptionExpiredCredentialExceptionInactiveAccountException
-
authenticateWithoutValidatingPassword
public User authenticateWithoutValidatingPassword(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String username) throws InvalidAuthenticationException, OperationFailedException, InvalidTokenException, ApplicationAccessDeniedException, ApplicationPermissionException, InactiveAccountException Description copied from interface:CrowdHttpAuthenticatorAuthenticates the user without validating password.Validation factors (such as IP address) are extracted from the request.
If the user is successfully authenticated, the Crowd SSO token is placed in:
- the request: as an attribute, so the user is authenticated for the span of the request.
- the response: as a cookie, so the user is authenticated for subsequent requests.
If authentication fails, any existing Crowd SSO token is removed from:
- the request attribute.
- the response as a cookie as a cookie with a max-age of 0.
- Specified by:
authenticateWithoutValidatingPasswordin interfaceCrowdHttpAuthenticator- Parameters:
request- request to set the Crowd SSO tokenresponse- response to set the Crowd SSO token cookieusername- username to authenticate- Returns:
- the authenticated user if the authentication was successful, otherwise an exception is thrown.
- Throws:
InvalidAuthenticationException- if the application and password are not valid.OperationFailedException- if the operation has failed for an unknown reason.ApplicationPermissionException- if the application is not permitted to perform the requested operation on the server.InvalidTokenExceptionApplicationAccessDeniedExceptionInactiveAccountException
-
checkAuthenticated
public AuthenticationState checkAuthenticated(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws OperationFailedException Description copied from interface:CrowdHttpAuthenticatorTests whether a request is authenticated via SSO. This only tests against the Crowd server if the validation interval is exceeded, this value is obtained from crowd.properties AND that there is a valid token present for the user in the Crowd Cookie. The last validated date/time attribute of the request session is updated.- Specified by:
checkAuthenticatedin interfaceCrowdHttpAuthenticator- Parameters:
request- HttpServletRequestresponse- HttpServletResponse- Returns:
- details of whether the request is authenticated
- Throws:
OperationFailedException- if the operation has failed for an unknown reason.
-
logout
public void logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws InvalidAuthenticationException, ApplicationPermissionException, OperationFailedException Description copied from interface:CrowdHttpAuthenticatorLogs out the authenticated user. Removes the cookie from the response and request attribute. Invalidates the token on the server.- Specified by:
logoutin interfaceCrowdHttpAuthenticator- Parameters:
request- request contains the Crowd SSO token to invalidate and hence log the user out.response- response returns a request to remove the token cookie from the user browser.- Throws:
InvalidAuthenticationException- if the application and password are not valid.ApplicationPermissionException- if the application is not permitted to perform the requested operation on the server.OperationFailedException- if the operation has failed for an unknown reason.
-
getToken
Description copied from interface:CrowdHttpAuthenticatorRetrieves the Crowd authentication token from the request.- Specified by:
getTokenin interfaceCrowdHttpAuthenticator- Parameters:
request- request to look for the Crowd SSO token.- Returns:
- value of the token if found, otherwise null.
-