public final class NonLoginAuthenticator extends AuthenticatorBase
Lifecycle.SingleUse
alwaysUseSession, AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, REALM_NAME, securePagesWithPragma, secureRandomAlgorithm, secureRandomClass, secureRandomProvider, sessionIdGenerator, sm, sso
asyncSupported, container, containerLog, next
mserver
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
Constructor and Description |
---|
NonLoginAuthenticator() |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(Request request,
HttpServletResponse response)
Authenticate the user making this request, based on the fact that no
login-config has been defined for the container. |
protected String |
getAuthMethod()
Return the authentication method, which is vendor-specific and
not defined by HttpServletRequest.
|
associate, checkForCachedAuthentication, doLogin, getAlwaysUseSession, getCache, getChangeSessionIdOnAuthentication, getContainer, getDisableProxyCaching, getRealmName, getRequestCertificates, getSecurePagesWithPragma, getSecureRandomAlgorithm, getSecureRandomClass, getSecureRandomProvider, invoke, login, logout, notify, reauthenticateFromSSO, register, setAlwaysUseSession, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, setSecureRandomAlgorithm, setSecureRandomClass, setSecureRandomProvider, startInternal, stopInternal
backgroundProcess, getDomainInternal, getNext, getObjectNameKeyProperties, initInternal, isAsyncSupported, setAsyncSupported, setNext, toString
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop
public boolean authenticate(Request request, HttpServletResponse response) throws IOException
Authenticate the user making this request, based on the fact that no
login-config
has been defined for the container.
This implementation means "login the user even though there is no self-contained way to establish a security Principal for that user".
This method is called by the AuthenticatorBase super class to
establish a Principal for the user BEFORE the container security
constraints are examined, i.e. it is not yet known whether the user
will eventually be permitted to access the requested resource.
Therefore, it is necessary to always return true
to
indicate the user has not failed authentication.
There are two cases:
auth-method
to authenticate the
user, so leave Request's Principal as null.
Note: AuthenticatorBase will later examine the security constraints
to determine whether the resource is accessible by a user
without a security Principal and Role (i.e. unauthenticated).
request
- Request we are processingresponse
- Response we are creatingIOException
- if an input/output error occursprotected String getAuthMethod()
getAuthMethod
in class AuthenticatorBase
Copyright © 2000-2016 Apache Software Foundation. All Rights Reserved.