com.atlassian.seraph.auth
Interface Authenticator

All Superinterfaces:
Initable
All Known Implementing Classes:
AbstractAuthenticator, DefaultAuthenticator

public interface Authenticator
extends Initable

An Authenticator is used to authenticate users, log them in, log them out and check their roles.


Field Summary
static String DEFAULT_AUTHENTICATOR
          Deprecated. DefaultAuthenticator is no longer a concrete class and there should be no reason to use this constant. Since v2.4.0
 
Method Summary
 void destroy()
           
 String getRemoteUser(javax.servlet.http.HttpServletRequest request)
          Gets the username of the Principal authenticated for the given HttpServletRequest.
 Principal getUser(javax.servlet.http.HttpServletRequest request)
          Gets the Principal authenticated for the given HttpServletRequest.
 Principal getUser(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Gets the Principal for the HttpServletRequest.
 boolean isUserInRole(javax.servlet.http.HttpServletRequest request, String role)
          Deprecated. Use RoleMapper directly
 boolean login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password)
          Tries to authenticate a user.
 boolean login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String username, String password, boolean storeCookie)
          Tries to authenticate a user.
 boolean logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
           
 
Methods inherited from interface com.atlassian.seraph.Initable
init
 

Field Detail

DEFAULT_AUTHENTICATOR

static final String DEFAULT_AUTHENTICATOR
Deprecated. DefaultAuthenticator is no longer a concrete class and there should be no reason to use this constant. Since v2.4.0
See Also:
Constant Field Values
Method Detail

destroy

void destroy()

getRemoteUser

String getRemoteUser(javax.servlet.http.HttpServletRequest request)
Gets the username of the Principal authenticated for the given HttpServletRequest.

Parameters:
request -
response -
Returns:
username or null if no user has been authenticated

getUser

Principal getUser(javax.servlet.http.HttpServletRequest request)
Gets the Principal authenticated for the given HttpServletRequest.

Parameters:
request -
response -
Returns:
principal or null if no user has been authenticated

getUser

Principal getUser(javax.servlet.http.HttpServletRequest request,
                  javax.servlet.http.HttpServletResponse response)
Gets the Principal for the HttpServletRequest. The RememberMeToken will be regenerated for the HttpServletResponse if the token is invalid.

Parameters:
request -
response -
Returns:
principal or null if no user has been authenticated

isUserInRole

boolean isUserInRole(javax.servlet.http.HttpServletRequest request,
                     String role)
Deprecated. Use RoleMapper directly


login

boolean login(javax.servlet.http.HttpServletRequest request,
              javax.servlet.http.HttpServletResponse response,
              String username,
              String password)
              throws AuthenticatorException
Tries to authenticate a user.

Parameters:
request - the HttpServletRequest
response - the HttpServletResponse
username - the user name to check against the password
password - the password to authenticate the user with
Returns:
Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.
Throws:
AuthenticatorException - if an error occurs that stops the user from being authenticated (eg remote communication failure).

login

boolean login(javax.servlet.http.HttpServletRequest request,
              javax.servlet.http.HttpServletResponse response,
              String username,
              String password,
              boolean storeCookie)
              throws AuthenticatorException
Tries to authenticate a user.

Parameters:
request - the HttpServletRequest
response - the HttpServletResponse
username - the user name to check against the password
password - the password to authenticate the user with
storeCookie - whether to set a remember me cookie on successful login
Returns:
Whether the user was authenticated. This should only return false if we were able to actually test and fail the login attempt.
Throws:
AuthenticatorException - if an error occurs that stops the user from being authenticated (eg remote communication failure).

logout

boolean logout(javax.servlet.http.HttpServletRequest request,
               javax.servlet.http.HttpServletResponse response)
               throws AuthenticatorException
Throws:
AuthenticatorException


Copyright © 2013 Atlassian. All Rights Reserved.