Examples of com.caucho.security.AbstractLogin$PrincipalEntry

com.caucho.security.AbstractLogin
Used to authenticate users in a servlet request. AbstractLogin handles the different login types like "basic" or "form". Normally, a Login will delegate the actual authentication to a ServletAuthenticator.
The Login is primarily responsible for extracting the credentials from the request (typically username and password) and passing those to the ServletAuthenticator.
The Servlet API calls the Login in two contexts: directly from ServletRequest.getUserPrincipal(), and during security checking. When called from the Servlet API, the login class can't change the response. In other words, if an application calls getUserPrincipal(), the Login class can't return a forbidden error page. When the servlet engine calls authenticate(), the login class can return an error page (or forward internally.)
Normally, Login implementations will defer the actual authentication to a ServletAuthenticator class. That way, both "basic" and "form" login can use the same DatabaseAuthenticator. Some applications, like SSL client certificate login, may want to combine the Login and authentication into one class.
Login instances are configured through bean introspection. Adding a public setFoo(String foo) method will be configured with the following login-config:
```
 <myfoo:CustomLogin xmlns:myfoo="urn:java:com.foo.myfoo"> <foo>bar</foo> </myfoo:CustomLogin> 
```
@since Resin 4.0.0

      /*
        if (auth == null)
        throw new ServletException(L.l("Login needs an authenticator resource with JNDI name java:comp/env/caucho/auth"));
      */


      AbstractLogin login;


      if (_customType != null) {
        login = (AbstractLogin) _customType.newInstance();


        if (_init != null)
          _init.configure(login);
      }
      else if (_authMethod.equalsIgnoreCase("basic")) {
        BasicLogin basicLogin = new BasicLogin();
        basicLogin.setRealmName(_realmName);
        login = basicLogin;
      }
      else if (_authMethod.equalsIgnoreCase("digest")) {
        DigestLogin digestLogin = new DigestLogin();
        digestLogin.setRealmName(_realmName);
        login = digestLogin;
      }
      else if (_authMethod.equalsIgnoreCase("client-cert")) {
        ClientCertLogin certLogin = new ClientCertLogin();
        login = certLogin;
      }
      else if (_authMethod.equalsIgnoreCase("form")) {
        login = new FormLogin();


        if (_formLoginConfig == null)
          throw new ConfigException(L.l("'form' authentication requires form-login"));


        _formLoginConfig.configure(login);
      }
      else
        throw new ConfigException(L.l("'{0}' is an unknown auth-type.",
                                       _authMethod));


      if (_authenticator != null)
        login.setAuthenticator(_authenticator);


      InjectManager manager = InjectManager.create();
      InjectionTarget inject = manager.createInjectionTarget(login.getClass());
      inject.inject(login, manager.createCreationalContext(null));


      login.init();


      return login;
    } catch (Exception e) {
      throw ConfigException.create(e);
    }

View Full Code Here

      /*
        if (auth == null)
        throw new ServletException(L.l("Login needs an authenticator resource with JNDI name java:comp/env/caucho/auth"));
      */


      AbstractLogin login;


      if (_customType != null) {
        login = (AbstractLogin) _customType.newInstance();


        if (_init != null)
          _init.configure(login);
      }
      else if (_authMethod.equalsIgnoreCase("basic")) {
        BasicLogin basicLogin = new BasicLogin();
        basicLogin.setRealmName(_realmName);
        login = basicLogin;
      }
      else if (_authMethod.equalsIgnoreCase("digest")) {
        DigestLogin digestLogin = new DigestLogin();
        digestLogin.setRealmName(_realmName);
        login = digestLogin;
      }
      else if (_authMethod.equalsIgnoreCase("client-cert")) {
        ClientCertLogin certLogin = new ClientCertLogin();
        login = certLogin;
      }
      else if (_authMethod.equalsIgnoreCase("form")) {
        login = new FormLogin();


        if (_formLoginConfig == null)
          throw new ConfigException(L.l("'form' authentication requires form-login"));


        _formLoginConfig.configure(login);
      }
      else
        throw new ConfigException(L.l("'{0}' is an unknown auth-type.",
                                       _authMethod));


      if (_authenticator != null)
        login.setAuthenticator(_authenticator);


      InjectManager manager = InjectManager.create();
      InjectionTarget inject = manager.createInjectionTarget(login.getClass());
      inject.inject(login, manager.createCreationalContext(null));


      login.init();


      return login;
    } catch (Exception e) {
      throw ConfigException.create(e);
    }

View Full Code Here

TOP

Related Classes of com.caucho.security.AbstractLogin$PrincipalEntry

com.caucho.server.security.LoginConfig

com.caucho.server.session.SessionImpl

javax.servlet.http.HttpSession

java.security.Principal

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.