IHTTPAuthenticator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

electric.servlet.authenticators
Interface IHTTPAuthenticator

All Known Implementing Classes:: BasicAuthenticator, DigestAuthenticator

public interface IHTTPAuthenticator

IHTTPAuthenticator. An HTTP authenticator knows how to extract credentials from an HTTP request, and how to authenticate them (probably against an IRealm)

Author:: webMethods

Method Summary
`boolean`	`authenticate(InboundHTTPRequest request, OutboundHTTPResponse response, java.lang.String relativePath, electric.servlet.security.WebResourceCollection webResourceCollection)` Authenticate a request.
`java.lang.String`	`getAuthMethod()`
`boolean`	`sendNoAuthenticationResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, IRealm realm)` Send an HTTP response that indicates that this request was not authenticated.
`void`	`setContext(HTTPContext context)` Authenticators are per-servlet-context.

Method Detail

getAuthMethod

public java.lang.String getAuthMethod()

Returns:: a servlet-spec compatible string indicating the authentication method in use

setContext

public void setContext(HTTPContext context)

Authenticators are per-servlet-context.

Parameters:: context -

sendNoAuthenticationResponse

public boolean sendNoAuthenticationResponse(javax.servlet.http.HttpServletRequest request,
                                            javax.servlet.http.HttpServletResponse response,
                                            IRealm realm)
                                     throws java.io.IOException

Send an HTTP response that indicates that this request was not authenticated. Normally, this means a "401" Unauthorized and the client will retry with the appropriate credentials, but it could be a Forbidden, or something totally different, it's up to the authenticator to decide. This is broken out for the benefit of the special "GuardAuthorizer"

Parameters:: request -; response -; realm -
Returns:: whether to retry the request
Throws:: java.io.IOException
See Also:: GuardAuthorizer

authenticate

public boolean authenticate(InboundHTTPRequest request,
                            OutboundHTTPResponse response,
                            java.lang.String relativePath,
                            electric.servlet.security.WebResourceCollection webResourceCollection)
                     throws java.io.IOException

Authenticate a request. Return true if authentication successful and processing should continue to the authorization step, false if the authenticator has handled the response itself and the httpcontext should short-circuit processing and return immediately.

Parameters:: request - servlet request passed into httpcontext.service; response - servlet response passed into httpcontext.service; relativePath - httpcontext to which the request was directed
Returns:: true if authentication succeeds, false if it fails or is "in progress"
Throws:: java.io.IOException