com.caucho.security
Class ClientCertLogin
java.lang.Object
com.caucho.security.AbstractLogin
com.caucho.security.ClientCertLogin
- All Implemented Interfaces:
- Login
- Direct Known Subclasses:
- ClientCertLogin
public class ClientCertLogin
- extends AbstractLogin
Implements the "CLIENT-CERT" auth-method. CLIENT-CERT uses the
SSL authentication with WWW-Authenticate and SC_UNAUTHORIZE.
Methods inherited from class com.caucho.security.AbstractLogin |
findSavedUser, getAuthenticator, getLoginPrincipalImpl, getSingleSignon, getUserPrincipalImpl, init, isLoginUsedForRequest, isLogoutOnSessionTimeout, isPasswordBased, isSavedUserValid, isSessionSaveLogin, isUserInRole, login, login, loginChallenge, loginSuccessResponse, logout, logoutImpl, saveUser, sessionInvalidate, setAuthenticator, setLogoutOnSessionTimeout, setSessionSaveLogin, toString |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
ClientCertLogin
public ClientCertLogin()
getAuthType
public java.lang.String getAuthType()
- Returns the authentication type.
- Specified by:
getAuthType
in interface Login
- Overrides:
getAuthType
in class AbstractLogin
authenticate
public java.security.Principal authenticate(HttpServletRequest request,
HttpServletResponse response,
ServletContext application)
throws ServletException,
java.io.IOException
- Logs a user in with a user name and a password. Basic authentication
extracts the user and password from the authorization header. If
the user/password is missing, authenticate will send a basic challenge.
- Parameters:
request
- servlet requestresponse
- servlet response, in case any cookie need sending.application
- servlet application
- Returns:
- the logged in principal on success, null on failure.
- Throws:
ServletException
java.io.IOException
getUserPrincipal
public java.security.Principal getUserPrincipal(HttpServletRequest request)
- Description copied from class:
AbstractLogin
- Returns the Principal associated with the current request.
getUserPrincipal is called in response to the Request.getUserPrincipal
call. Login.getUserPrincipal can't modify the response or return
an error page.
authenticate is used for the security checks.
- Specified by:
getUserPrincipal
in interface Login
- Overrides:
getUserPrincipal
in class AbstractLogin
- Parameters:
request
- servlet request
- Returns:
- the logged in principal on success, null on failure.
getUserPrincipal
public java.security.Principal getUserPrincipal(HttpServletRequest request,
HttpServletResponse response,
ServletContext application)
- Returns the current user with the user name and password.
- Parameters:
request
- servlet requestresponse
- servlet response, in case any cookie need sending.application
- servlet application
- Returns:
- the logged in principal on success, null on failure.