com.anwrt.anycontent.authentication
Class AuthenticationManager

java.lang.Object
  com.anwrt.anycontent.authentication.AuthenticationManager

Direct Known Subclasses:

BasicAuthenticationManager, CASUserAuthenticationManager, RemoteUserAuthenticationManager

public abstract class AuthenticationManager

extends java.lang.Object

Abstract superclass of all AuthenticationManager.
The role of an AuthenticationManager is to provide system with user credentials.
Implementations may cover HTTP authentication, SSO, ...

Constructor Summary

AuthenticationManager()

Method Summary

abstract boolean	accept(Request request) Mathod called by AuthenticateAction before asking for credentials.
abstract void	allowed(Request request, Response response, Redirector redirector) Mathod called by AuthenticateAction after authentication process succeeded
abstract void	configure(Configuration configuration) Configuration of this AuthenticationManager.
abstract Credentials	getCredentials(java.util.Map objectModel, Redirector redirector) Method called by AuthenticateAction each time a request need authentication.
abstract void	notAllowed(Request request, Response response, Redirector redirector) Method called by AuthenticateAction each a user could not get authenticated.
protected void	redirect(Request request, Redirector redirector, java.lang.String redirectUrl, boolean internal) Helper method provided for request redirection in notAllowed method For internal redirect (i.e. forward), set internal to true, for a classical "sendRedirect", set internal to false.
abstract boolean	validate(java.util.Map objectModel, Redirector redirector) Validates this AuthenticationManager.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthenticationManager

public AuthenticationManager()

Method Detail

configure

public abstract void configure(Configuration configuration)
                        throws ConfigurationException

Configuration of this AuthenticationManager.
This method is called at init time by the system.

Parameters:

configuration - the Configuration persisted in the WEB-INF/config/authentication.xml file

Throws:

ConfigurationException - if something wring occurs during configuration (bad parameters values, ...)

validate

public abstract boolean validate(java.util.Map objectModel,
                                 Redirector redirector)
                          throws java.lang.Exception

Validates this AuthenticationManager. It may declares itself as invalid, due to some environment status.
In this cas, the whole authentication process is restarted.

Parameters:

objectModel - the cocoon object model.

redirector - the cocoon Redirector that can be used for redirecting response.

Returns:

true if this AuthenticationManager was in a valid state, false otherwise

Throws:

java.lang.Exception - if something wrong occurs

accept

public abstract boolean accept(Request request)

Mathod called by AuthenticateAction before asking for credentials. This method is used to bypass authentication. If this method returns true, no authentication will be require. Use it with care, as it may lead to obvious security issues.

Parameters:

request - the current Request

Returns:

true if the Request is not authenticated

getCredentials

public abstract Credentials getCredentials(java.util.Map objectModel,
                                           Redirector redirector)
                                    throws java.lang.Exception

Method called by AuthenticateAction each time a request need authentication.

Parameters:

objectModel - the cocoon object model.

redirector - the cocoon redirector.

Returns:

the UserPrincipal corresponding to the user, or null if user could not get authenticated.

Throws:

java.lang.Exception - if something wrong occurs

notAllowed

public abstract void notAllowed(Request request,
                                Response response,
                                Redirector redirector)
                         throws java.lang.Exception

Method called by AuthenticateAction each a user could not get authenticated. This method implementation is responsible of redirecting response to appropriate url.

Parameters:

request - the HttpRequest.

response - the HttpResponse.

redirector - the cocoon Redirector that can be used for redirecting response.

Throws:

java.lang.Exception - if something wrong occurs

allowed

public abstract void allowed(Request request,
                             Response response,
                             Redirector redirector)

Mathod called by AuthenticateAction after authentication process succeeded

Parameters:

request - the HttpRequest.

response - the HttpResponse.

redirector - the cocoon Redirector that can be used for redirecting response.

redirect

protected final void redirect(Request request,
                              Redirector redirector,
                              java.lang.String redirectUrl,
                              boolean internal)
                       throws ProcessingException,
                              java.io.IOException

Helper method provided for request redirection in notAllowed method For internal redirect (i.e. forward), set internal to true, for a classical "sendRedirect", set internal to false.

Parameters:

request - the HttpRequest.

redirector - the cocoon redirector.

redirectUrl - the application relative url we want to redirect to.

internal - true for silent internal redirection.

Throws:

java.io.IOException - probleme while reading resource

ProcessingException - problem while processing redirection