|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface Login
Used to login and logout users in a servlet request. AbstractLogin handles the different login types like "basic" or "form". Normally, a Login will delegate the actual authentication to a ServletAuthenticator.
Field Summary | |
---|---|
static java.lang.String |
LOGIN_PASSWORD
|
static java.lang.String |
LOGIN_USER
|
static java.lang.String |
LOGIN_USER_NAME
|
Method Summary | |
---|---|
Authenticator |
getAuthenticator()
Returns the configured authenticator |
java.lang.String |
getAuthType()
Returns the authentication type. |
java.security.Principal |
getUserPrincipal(HttpServletRequest request)
Returns the Principal associated with the current request. |
boolean |
isLoginUsedForRequest(HttpServletRequest request)
Returns true if the login can be used for this request. |
boolean |
isPasswordBased()
Returns true if username and password based authentication is supported. |
boolean |
isUserInRole(java.security.Principal user,
java.lang.String role)
Returns true if the current user plays the named role. |
java.security.Principal |
login(HttpServletRequest request,
HttpServletResponse response,
boolean isFail)
Logs a user in. |
void |
logout(java.security.Principal user,
HttpServletRequest request,
HttpServletResponse response)
Logs the user out from the given request. |
void |
sessionInvalidate(HttpSession session,
boolean isTimeout)
Called when the session invalidates. |
Field Detail |
---|
static final java.lang.String LOGIN_USER_NAME
static final java.lang.String LOGIN_USER
static final java.lang.String LOGIN_PASSWORD
Method Detail |
---|
java.lang.String getAuthType()
getAuthType
is called
by HttpServletRequest.getAuthType
.
Authenticator getAuthenticator()
boolean isLoginUsedForRequest(HttpServletRequest request)
java.security.Principal getUserPrincipal(HttpServletRequest request)
request
- servlet request
java.security.Principal login(HttpServletRequest request, HttpServletResponse response, boolean isFail)
authenticate
sets the reponse error page and returns null.
request
- servlet requestresponse
- servlet response for a failed authentication.isFail
- true if the authorization has failed
boolean isPasswordBased()
BasicLogin
boolean isUserInRole(java.security.Principal user, java.lang.String role)
isUserInRole
is called in response to the
HttpServletRequest.isUserInRole
call.
user
- the logged in userrole
- the role to check
void logout(java.security.Principal user, HttpServletRequest request, HttpServletResponse response)
Since there is no servlet API for logout, this must be called directly from user code. Resin stores the web-app's login object in the ServletContext attribute "caucho.login".
void sessionInvalidate(HttpSession session, boolean isTimeout)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |