public class TokenAuthenticator extends Object implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension
The user is retrieved with the TokenAuthenticationService
.
This Authentication Plugin is configured to be used with the Trusting_LM LoginModule
plugin => no password
check will be done, a principal will be created from the userName if the user exists in the user directory.
Modifier and Type | Field and Description |
---|---|
static String |
ALLOW_ANONYMOUS_KEY |
protected boolean |
allowAnonymous |
protected static String |
TOKEN_HEADER |
protected static String |
TOKEN_PARAM |
Constructor and Description |
---|
TokenAuthenticator() |
Modifier and Type | Method and Description |
---|---|
List<String> |
getUnAuthenticatedURLPrefix()
Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.
|
protected String |
getUserByToken(String token) |
Boolean |
handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest,
javax.servlet.http.HttpServletResponse httpResponse,
String baseURL)
Handles the Login Prompt.
|
Boolean |
handleLogout(javax.servlet.http.HttpServletRequest httpRequest,
javax.servlet.http.HttpServletResponse httpResponse)
Handles logout operation.
|
UserIdentificationInfo |
handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest,
javax.servlet.http.HttpServletResponse httpResponse)
Retrieves user identification information from the request.
|
void |
initPlugin(Map<String,String> parameters)
Initializes the Plugin from parameters set in the XML descriptor.
|
Boolean |
needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)
Defines if the authentication plugin needs to do a login prompt.
|
public static final String ALLOW_ANONYMOUS_KEY
protected static final String TOKEN_HEADER
protected static final String TOKEN_PARAM
protected boolean allowAnonymous
public TokenAuthenticator()
public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL)
NuxeoAuthenticationPlugin
handleLoginPrompt
in interface NuxeoAuthenticationPlugin
httpRequest
- the requesthttpResponse
- the responsepublic UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
NuxeoAuthenticationPlugin
handleRetrieveIdentity
in interface NuxeoAuthenticationPlugin
httpRequest
- the requesthttpResponse
- the responsepublic Boolean needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)
NuxeoAuthenticationPlugin
needLoginPrompt
in interface NuxeoAuthenticationPlugin
public void initPlugin(Map<String,String> parameters)
NuxeoAuthenticationPlugin
initPlugin
in interface NuxeoAuthenticationPlugin
public List<String> getUnAuthenticatedURLPrefix()
NuxeoAuthenticationPlugin
getUnAuthenticatedURLPrefix
in interface NuxeoAuthenticationPlugin
protected String getUserByToken(String token)
public Boolean handleLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)
NuxeoAuthenticationPluginLogoutExtension
Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.
handleLogout
in interface NuxeoAuthenticationPluginLogoutExtension
Copyright © 2016 Nuxeo SA. All rights reserved.