public interface UserAuthenticator extends Module
The base interface for authenticators. Authenticators authenticate a user based on the received HTTP request. They may also hijack the request and even reply to it, for example to send back a login form. By completing the login form, the user will send the required login details to the authenticator and then it lets the user access other features.
The result of the authentication is returned as an AuthenticationResult object. This has three fields. The authenticated indicates tells whether authentication succeeded. The responded field indicates whether a response was sent in case the authentication didn't succeed. The response could be an error message or a login form or something similar. Finally the user field contains the authenticated user. The user field may be set even if authentication fails. This would be the case if the user provided a correct user name and password but the user doesn't have the required privileges. Also, the user is not necessarily set even if authentication succeeds. This would be the case if anonymous was allowed.
|Modifier and Type||Interface and Description|
A class containing information about the authentication.
|Modifier and Type||Method and Description|
Authenticates a user.
UserAuthenticator.AuthenticationResult authenticate(java.lang.String requiredRole, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, ModulesServlet.HttpMethod method) throws java.io.IOException, AuthenticationException
Authenticates a user. If requiredRole is non-null, the logged in user must be of that role for the authentication to succeed. Otherwise there are two possible options in how to implement the authentication. It may be required that the user provides valid login details for authentication to succeed. Or it could be that anonymous logins are also authorised and the authentication succeeds without the user field set in the result. What exactly happens is implementation specific, possibly even dependent on the authenticator initialisation parameters.
requiredRole- The role the user should have or null if no role is required.
req- The HTTP request.
resp- The HTTP response.
method- The method of the HTTP request.
Copyright 2004-2015 Wandora Team