org.nuxeo.ecm.platform.ui.web.auth.token

Class TokenAuthenticator

java.lang.Object

org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator

All Implemented Interfaces:

NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension

public class TokenAuthenticator
extends Object
implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension

Handles authentication with a token sent as a request header.

The user is retrieved with the TokenAuthenticationService.

This Authentication Plugin is configured to be used with the Trusting_LM LoginModule plugin => no password check will be done, a principal will be created from the userName if the user exists in the user directory.

Since:

5.7

Author:

Antoine Taillefer (ataillefer@nuxeo.com)

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALLOW_ANONYMOUS_KEY
protected boolean	allowAnonymous
protected static String	TOKEN_HEADER
protected static String	TOKEN_PARAM

Constructor Summary

Constructors

Constructor and Description
TokenAuthenticator()

Method Summary

Modifier and Type	Method and Description
List<String>	getUnAuthenticatedURLPrefix() Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.
protected String	getUserByToken(String token)
Boolean	handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Handles the Login Prompt.
Boolean	handleLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Handles logout operation.
UserIdentificationInfo	handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Retrieves user identification information from the request.
void	initPlugin(Map<String,String> parameters) Initializes the Plugin from parameters set in the XML descriptor.
Boolean	needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest) Defines if the authentication plugin needs to do a login prompt.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ALLOW_ANONYMOUS_KEY

public static final String ALLOW_ANONYMOUS_KEY

See Also:

Constant Field Values

TOKEN_HEADER

protected static final String TOKEN_HEADER

See Also:

Constant Field Values

TOKEN_PARAM

protected static final String TOKEN_PARAM

See Also:

Constant Field Values

allowAnonymous

protected boolean allowAnonymous

Constructor Detail

TokenAuthenticator

public TokenAuthenticator()

Method Detail

handleLoginPrompt

public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest,
                                 javax.servlet.http.HttpServletResponse httpResponse,
                                 String baseURL)

Description copied from interface: NuxeoAuthenticationPlugin

Handles the Login Prompt.

Specified by:

handleLoginPrompt in interface NuxeoAuthenticationPlugin

Parameters:

httpRequest - the request

httpResponse - the response

Returns:

true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise

handleRetrieveIdentity

public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest,
                                                     javax.servlet.http.HttpServletResponse httpResponse)

Description copied from interface: NuxeoAuthenticationPlugin

Retrieves user identification information from the request.

Specified by:

handleRetrieveIdentity in interface NuxeoAuthenticationPlugin

Parameters:

httpRequest - the request

httpResponse - the response

needLoginPrompt

public Boolean needLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest)

Description copied from interface: NuxeoAuthenticationPlugin

Defines if the authentication plugin needs to do a login prompt.

Specified by:

needLoginPrompt in interface NuxeoAuthenticationPlugin

Returns:

true if LoginPrompt is used

initPlugin

public void initPlugin(Map<String,String> parameters)

Description copied from interface: NuxeoAuthenticationPlugin

Initializes the Plugin from parameters set in the XML descriptor.

Specified by:

initPlugin in interface NuxeoAuthenticationPlugin

getUnAuthenticatedURLPrefix

public List<String> getUnAuthenticatedURLPrefix()

Description copied from interface: NuxeoAuthenticationPlugin

Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.

Specified by:

getUnAuthenticatedURLPrefix in interface NuxeoAuthenticationPlugin

getUserByToken

protected String getUserByToken(String token)

handleLogout

public Boolean handleLogout(javax.servlet.http.HttpServletRequest httpRequest,
                            javax.servlet.http.HttpServletResponse httpResponse)

Description copied from interface: NuxeoAuthenticationPluginLogoutExtension

Handles logout operation.

Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.

Specified by:

handleLogout in interface NuxeoAuthenticationPluginLogoutExtension

Returns:

true if caller must stop execution (ie: logout generated a redirect), false otherwise