com.atlassian.jira.rest.auth
Class Login

java.lang.Object
  com.atlassian.jira.rest.auth.Login

public class Login
extends Object

Implement a REST resource for acquiring a session cookie.

Since:

v4.2

Constructor Summary

Login(LoginService loginService, JiraAuthenticationContext jiraAuthenticationContext, VelocityRequestContextFactory velocityRequestContextFactory, I18nHelper i18n)

Method Summary

javax.ws.rs.core.Response	currentUser() Returns information about the currently authenticated user's session.
javax.ws.rs.core.Response	login(com.atlassian.jira.rest.auth.AuthParams credentials, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Creates a new session for a user in JIRA.
javax.ws.rs.core.Response	logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Logs the current user out of JIRA, destroying the existing session, if any.
protected void	stampDeniedReasonsOnResponse(javax.servlet.http.HttpServletResponse response, Set<DeniedReason> deniedReasons) Stamps the '"X-Authentication-Denied-Reason"' header on the response object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Login

public Login(LoginService loginService,
             JiraAuthenticationContext jiraAuthenticationContext,
             VelocityRequestContextFactory velocityRequestContextFactory,
             I18nHelper i18n)

Method Detail

currentUser

public javax.ws.rs.core.Response currentUser()
                                      throws URISyntaxException

Returns information about the currently authenticated user's session. If the caller is not authenticated they will get a 401 Unauthorized status code.

Returns:

JSON containing information about the current user

Throws:

URISyntaxException - if the self URI is invalid somehow

login

public javax.ws.rs.core.Response login(com.atlassian.jira.rest.auth.AuthParams credentials,
                                       @Context
                                       javax.servlet.http.HttpServletRequest request,
                                       @Context
                                       javax.servlet.http.HttpServletResponse response)

Creates a new session for a user in JIRA. Once a session has been successfully created it can be used to access any of JIRA's remote APIs and also the web UI by passing the appropriate HTTP Cookie header.

Note that it is generally preferrable to use HTTP BASIC authentication with the REST API. However, this resource may be used to mimic the behaviour of JIRA's log-in page (e.g. to display log-in errors to a user).

Parameters:

credentials - the username and password to authenticate

request - injected by Jersey

response - injected by Jersey

Returns:

an AuthSuccess entity

Throws:

com.atlassian.seraph.auth.AuthenticatorException - if the DefaultAuthenticator explodes

logout

public javax.ws.rs.core.Response logout(@Context
                                        javax.servlet.http.HttpServletRequest request,
                                        @Context
                                        javax.servlet.http.HttpServletResponse response)

Logs the current user out of JIRA, destroying the existing session, if any.

Parameters:

request - injected by Jersey

response - injected by Jersey

Returns:

401 if the called is not authenticated. NO_CONTENT if the successful.

stampDeniedReasonsOnResponse

protected void stampDeniedReasonsOnResponse(javax.servlet.http.HttpServletResponse response,
                                            Set<DeniedReason> deniedReasons)

Stamps the '"X-Authentication-Denied-Reason"' header on the response object.

Parameters:

response - a HttpServletResponse

deniedReasons - a Set of DeniedReason