com.atlassian.sal.api.auth

Interface AuthenticationListener

All Known Implementing Classes:

SeraphAuthenticationListener

public interface AuthenticationListener

Allows the underlying framework to take some actions on authentication events.

Since:

2.0

Method Summary

Modifier and Type	Method and Description
void	authenticationError(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Called when there is a failure in trying to process the request, such as an IO failure.
void	authenticationFailure(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Called when the signature cannot be validated or the user cannot be resolved or does not have permission to access the resource.
void	authenticationNotAttempted(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Called if it was determined that authentication should not be attempted, usually because the AuthenticationController.shouldAttemptAuthentication(HttpServletRequest) returned false.
void	authenticationSuccess(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Called when the signature is validated and the user is resolved and permissions are verified.

Method Detail

authenticationSuccess

void authenticationSuccess(Authenticator.Result result,
                           javax.servlet.http.HttpServletRequest request,
                           javax.servlet.http.HttpServletResponse response)

Called when the signature is validated and the user is resolved and permissions are verified. Responsible for preparing the HTTP request or session such that the application sees the user as logged in for the rest of this request.

Will also be called in the event of a "verified" request - where the request has been verified to come from a remote system that is trusted due to 2LO but where an impersonating user is not configured.

Parameters:

result - Authentication result containing the user

request - Current HTTP request being processed

response - HTTP response for the current request, provided so the application can set any headers it might need set

authenticationFailure

void authenticationFailure(Authenticator.Result result,
                           javax.servlet.http.HttpServletRequest request,
                           javax.servlet.http.HttpServletResponse response)

Called when the signature cannot be validated or the user cannot be resolved or does not have permission to access the resource.

Parameters:

result - Authentication result containing the details of the failure

request - Current HTTP request being processed

response - HTTP response for the current request, provided so the application can set any headers it might need set

authenticationError

void authenticationError(Authenticator.Result result,
                         javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response)

Called when there is a failure in trying to process the request, such as an IO failure.

Parameters:

result - Authentication result containing the details of the error

request - Current HTTP request being processed

response - HTTP response for the current request, provided so the application can set any headers it might need set

authenticationNotAttempted

void authenticationNotAttempted(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response)

Called if it was determined that authentication should not be attempted, usually because the AuthenticationController.shouldAttemptAuthentication(HttpServletRequest) returned false.

Parameters:

request - Current HTTP request being processed

response - HTTP response for the current request, provided so the application can set any headers it might need set