public final class NonLoginAuthenticator extends AuthenticatorBase
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, ssoasyncSupported, container, containerLog, nextmserverAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT| Constructor and Description |
|---|
NonLoginAuthenticator() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
authenticate(Request request,
HttpServletResponse response)
Authenticate the user making this request, based on the fact that no
login-config has been defined for the container. |
protected String |
getAuthMethod()
Return the authentication method, which is vendor-specific and
not defined by HttpServletRequest.
|
associate, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getRealmName, getRequestCertificates, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, login, logout, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternalbackgroundProcess, event, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toStringdestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregisteraddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stoppublic boolean authenticate(Request request, HttpServletResponse response) throws IOException
Authenticate the user making this request, based on the fact that no
login-config has been defined for the container.
This implementation means "login the user even though there is no self-contained way to establish a security Principal for that user".
This method is called by the AuthenticatorBase super class to
establish a Principal for the user BEFORE the container security
constraints are examined, i.e. it is not yet known whether the user
will eventually be permitted to access the requested resource.
Therefore, it is necessary to always return true to
indicate the user has not failed authentication.
There are two cases:
auth-method to authenticate the
user, so leave Request's Principal as null.
Note: AuthenticatorBase will later examine the security constraints
to determine whether the resource is accessible by a user
without a security Principal and Role (i.e. unauthenticated).
authenticate in interface Authenticatorauthenticate in class AuthenticatorBaserequest - Request we are processingresponse - Response we are creatingIOException - if an input/output error occursprotected String getAuthMethod()
getAuthMethod in class AuthenticatorBaseCopyright © 2000-2014 Apache Software Foundation. All Rights Reserved.