FormAuthenticationHandler (Winstone 0.9.10-jenkins-47 API)

java.lang.Object
- winstone.auth.BaseAuthenticationHandler
- - winstone.auth.FormAuthenticationHandler

All Implemented Interfaces:

AuthenticationHandler
```
public class FormAuthenticationHandler
extends BaseAuthenticationHandler
```
Handles FORM based authentication configurations. Fairly simple ... it just redirects any unauthorized requests to the login page, and any bad logins to the error page. The auth values are stored in the session in a special slot.

Version:

$Id: FormAuthenticationHandler.java,v 1.7 2006/12/13 14:07:43 rickknowles Exp $

Author:

Rick Knowles

Field Summary
- Fields inherited from class winstone.auth.BaseAuthenticationHandler
  AUTH_RESOURCES, constraints, realm, realmName

Constructor Summary

Constructors
Constructor and Description
`FormAuthenticationHandler(org.w3c.dom.Node loginConfigNode, java.util.List constraintNodes, java.util.Set rolesAllowed, AuthenticationRealm realm)` Constructor for the FORM authenticator

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`processAuthentication(ServletRequest request, ServletResponse response, java.lang.String pathRequested)` Evaluates any authentication constraints, intercepting if auth is required.
`protected void`	`requestAuthentication(HttpServletRequest request, HttpServletResponse response, java.lang.String pathRequested)` Call this once we know that we need to authenticate
`protected boolean`	`validatePossibleAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, java.lang.String pathRequested)` Check the response - is it a response to the login page ?

Methods inherited from class winstone.auth.BaseAuthenticationHandler
doRoleCheck, setNoCache

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- FormAuthenticationHandler
```
public FormAuthenticationHandler(org.w3c.dom.Node loginConfigNode,
                         java.util.List constraintNodes,
                         java.util.Set rolesAllowed,
                         AuthenticationRealm realm)
```
  Constructor for the FORM authenticator
  
  Parameters:
  realm - The realm against which we are authenticating
  constraints - The array of security constraints that might apply
  resources - The list of resource strings for messages
  realmName - The name of the realm this handler claims

Method Detail

processAuthentication
```
public boolean processAuthentication(ServletRequest request,
                            ServletResponse response,
                            java.lang.String pathRequested)
                              throws java.io.IOException,
                                     ServletException
```
Evaluates any authentication constraints, intercepting if auth is required. The relevant authentication handler subclass's logic is used to actually authenticate.

Specified by:

processAuthentication in interface AuthenticationHandler

Overrides:

processAuthentication in class BaseAuthenticationHandler

Returns:
A boolean indicating whether to continue after this request

Throws:

java.io.IOException

ServletException

requestAuthentication

protected void requestAuthentication(HttpServletRequest request,
                         HttpServletResponse response,
                         java.lang.String pathRequested)
                              throws ServletException,
                                     java.io.IOException

Call this once we know that we need to authenticate

Specified by:: requestAuthentication in class BaseAuthenticationHandler
Throws:: ServletException; java.io.IOException

validatePossibleAuthenticationResponse

protected boolean validatePossibleAuthenticationResponse(HttpServletRequest request,
                                             HttpServletResponse response,
                                             java.lang.String pathRequested)
                                                  throws ServletException,
                                                         java.io.IOException

Check the response - is it a response to the login page ?

Specified by:: validatePossibleAuthenticationResponse in class BaseAuthenticationHandler
Returns:: A boolean indicating whether to continue with the request or not
Throws:: ServletException; java.io.IOException

Class FormAuthenticationHandler

Field Summary

Fields inherited from class winstone.auth.BaseAuthenticationHandler

Constructor Summary

Method Summary

Methods inherited from class winstone.auth.BaseAuthenticationHandler

Methods inherited from class java.lang.Object

Constructor Detail

FormAuthenticationHandler

Method Detail

processAuthentication

requestAuthentication

validatePossibleAuthenticationResponse