org.codice.ddf.security.handler.basic

Class AbstractBasicAuthenticationHandler

java.lang.Object

org.codice.ddf.security.handler.basic.AbstractBasicAuthenticationHandler

All Implemented Interfaces:

AuthenticationHandler

Direct Known Subclasses:

BasicAuthenticationHandler, WssBasicAuthenticationHandler

public abstract class AbstractBasicAuthenticationHandler
extends Object
implements AuthenticationHandler

Field Summary

Fields

Modifier and Type	Field and Description
static String	AUTHENTICATION_SCHEME_BASIC
protected static org.slf4j.Logger	LOGGER
static String	SOURCE

Constructor Summary

Constructors

Constructor and Description
AbstractBasicAuthenticationHandler()

Method Summary

Modifier and Type	Method and Description
protected BaseAuthenticationToken	extractAuthenticationInfo(javax.servlet.http.HttpServletRequest request)
protected BaseAuthenticationToken	extractAuthInfo(String authHeader, String realm) Extract the Authorization header and parse into a username/password token.
abstract String	getAuthenticationType() Authentication type String used to match this handler with the auth types configured for a specific context.
protected abstract BaseAuthenticationToken	getBaseAuthenticationToken(String realm, String username, String password)
HandlerResult	getNormalizedToken(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain, boolean resolve) Processes the incoming request to retrieve the username/password tokens.
HandlerResult	handleError(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain chain) Called when downstream authentication fails.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTHENTICATION_SCHEME_BASIC

public static final String AUTHENTICATION_SCHEME_BASIC

See Also:

Constant Field Values

SOURCE

public static final String SOURCE

See Also:

Constant Field Values

LOGGER

protected static final org.slf4j.Logger LOGGER

Constructor Detail

AbstractBasicAuthenticationHandler

public AbstractBasicAuthenticationHandler()

Method Detail

getAuthenticationType

public abstract String getAuthenticationType()

Description copied from interface: AuthenticationHandler

Authentication type String used to match this handler with the auth types configured for a specific context.

Specified by:

getAuthenticationType in interface AuthenticationHandler

Returns:

String representing the authentication type

getNormalizedToken

public HandlerResult getNormalizedToken(javax.servlet.ServletRequest request,
                                        javax.servlet.ServletResponse response,
                                        javax.servlet.FilterChain chain,
                                        boolean resolve)

Processes the incoming request to retrieve the username/password tokens. Handles responding to the client that authentication is needed if they are not present in the request. Returns the HandlerResult for the HTTP Request.

Specified by:

getNormalizedToken in interface AuthenticationHandler

Parameters:

request - http request to obtain attributes from and to pass into any local filter chains required

response - http response to return http responses or redirects

chain - original filter chain (should not be called from your handler)

resolve - flag with true implying that credentials should be obtained, false implying return if no credentials are found.

Returns:

handleError

public HandlerResult handleError(javax.servlet.ServletRequest servletRequest,
                                 javax.servlet.ServletResponse servletResponse,
                                 javax.servlet.FilterChain chain)
                          throws javax.servlet.ServletException

Description copied from interface: AuthenticationHandler

Called when downstream authentication fails. Should attempt to re-acquire credentials if appropriate. Returns a status indicating if appropriate action has been taken.

Specified by:

handleError in interface AuthenticationHandler

Parameters:

servletRequest - htt http response to return http responses or redirects

Returns:

result containing a status indicating if further action is necessary

Throws:

javax.servlet.ServletException

extractAuthenticationInfo

protected BaseAuthenticationToken extractAuthenticationInfo(javax.servlet.http.HttpServletRequest request)

extractAuthInfo

protected BaseAuthenticationToken extractAuthInfo(String authHeader,
                                                  String realm)

Extract the Authorization header and parse into a username/password token.

Parameters:

authHeader - the authHeader string from the HTTP request

Returns:

the initialized UPAuthenticationToken for this username, password, realm combination (or null)

getBaseAuthenticationToken

protected abstract BaseAuthenticationToken getBaseAuthenticationToken(String realm,
                                                                      String username,
                                                                      String password)