org.alfresco.repo.webdav.auth

Class BaseAuthenticationFilter

java.lang.Object

org.alfresco.repo.webdav.auth.BaseAuthenticationFilter

Direct Known Subclasses:

AuthenticationFilter, BaseSSOAuthenticationFilter, HTTPRequestAuthenticationFilter, WebscriptCookieAuthenticationFilter, WebScriptSSOAuthenticationFilter

public abstract class BaseAuthenticationFilter
extends Object

A base class for authentication filters. Handles management of the session user.

Author:

dward

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	ARG_TICKET The name of the ticket argument.
static String	AUTHENTICATION_USER The default session attribute used to cache the user.
protected AuthenticationComponent	authenticationComponent The authentication component.
protected AuthenticationListener	authenticationListener The authentication listener.
protected AuthenticationService	authenticationService The authentication service.
protected static String	NO_AUTH_REQUIRED Indication by an up-stream filter that no authentication checks are required.
protected org.alfresco.service.cmr.repository.NodeService	nodeService The node service.
protected PersonService	personService The person service.
protected RemoteUserMapper	remoteUserMapper The remote user mapper.
protected TransactionService	transactionService The transaction service.

Constructor Summary

Constructors

Constructor and Description
BaseAuthenticationFilter()

Method Summary

Modifier and Type	Method and Description
protected SessionUser	createUserEnvironment(HttpSession session, String userName) Callback to create the User environment as appropriate for a filter impl
protected SessionUser	createUserEnvironment(HttpSession session, String userName, String ticket, boolean externalAuth) Callback to create the User environment as appropriate for a filter impl.
protected SessionUser	createUserObject(String userName, String ticket, org.alfresco.service.cmr.repository.NodeRef personNode, org.alfresco.service.cmr.repository.NodeRef homeSpaceRef) Create the user object that will be stored in the session.
protected <T> T	doInSystemTransaction(RetryingTransactionHelper.RetryingTransactionCallback<T> callback) Executes a callback in a transaction as the system user
protected abstract org.apache.commons.logging.Log	getLogger() Return the logger.
protected SessionUser	getSessionUser(ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean externalAuth) Callback to get the specific impl of the Session User for a filter.
protected String	getUserAttributeName() Return the user object session attribute name.
protected boolean	handleLoginForm(HttpServletRequest req, HttpServletResponse res) Handles the login form directly, allowing management of the session user.
protected void	invalidateSession(HttpServletRequest req) Remove the user from the session and expire the session - after failed ticket auth.
void	setAuthenticationComponent(AuthenticationComponent authenticationComponent) Sets the authentication component.
void	setAuthenticationListener(AuthenticationListener authenticationListener) Sets the authentication listener.
void	setAuthenticationService(AuthenticationService authenticationService) Sets the authentication service.
void	setNodeService(org.alfresco.service.cmr.repository.NodeService nodeService) Sets the node service.
void	setPersonService(PersonService personService) Sets the person service.
void	setRemoteUserMapper(RemoteUserMapper remoteUserMapper) Sets the remote user mapper.
void	setTransactionService(TransactionService transactionService) Sets the transaction service.
protected void	setUserAttributeName(String userAttr) Set the user object attribute name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NO_AUTH_REQUIRED

protected static final String NO_AUTH_REQUIRED

Indication by an up-stream filter that no authentication checks are required.

See Also:

Constant Field Values

AUTHENTICATION_USER

public static final String AUTHENTICATION_USER

The default session attribute used to cache the user. Subclasses may override this with setUserAttributeName(String).

See Also:

Constant Field Values

ARG_TICKET

protected static final String ARG_TICKET

The name of the ticket argument.

See Also:

Constant Field Values

authenticationService

protected AuthenticationService authenticationService

The authentication service.

personService

protected PersonService personService

The person service.

nodeService

protected org.alfresco.service.cmr.repository.NodeService nodeService

The node service.

transactionService

protected TransactionService transactionService

The transaction service.

authenticationComponent

protected AuthenticationComponent authenticationComponent

The authentication component.

remoteUserMapper

protected RemoteUserMapper remoteUserMapper

The remote user mapper.

authenticationListener

protected AuthenticationListener authenticationListener

The authentication listener.

Constructor Detail

BaseAuthenticationFilter

public BaseAuthenticationFilter()

Method Detail

setAuthenticationService

public void setAuthenticationService(AuthenticationService authenticationService)

Sets the authentication service.

Parameters:

authenticationService - the authService to set

setPersonService

public void setPersonService(PersonService personService)

Sets the person service.

Parameters:

personService - the personService to set

setNodeService

public void setNodeService(org.alfresco.service.cmr.repository.NodeService nodeService)

Sets the node service.

Parameters:

nodeService - the nodeService to set

setTransactionService

public void setTransactionService(TransactionService transactionService)

Sets the transaction service.

Parameters:

transactionService - the transactionService to set

setAuthenticationComponent

public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)

Sets the authentication component.

Parameters:

authenticationComponent - the authentication component

setAuthenticationListener

public void setAuthenticationListener(AuthenticationListener authenticationListener)

Sets the authentication listener.

Parameters:

authenticationListener - AuthenticationListener

setRemoteUserMapper

public void setRemoteUserMapper(RemoteUserMapper remoteUserMapper)

Sets the remote user mapper.

Parameters:

remoteUserMapper - the remote user mapper

createUserObject

protected SessionUser createUserObject(String userName,
                                       String ticket,
                                       org.alfresco.service.cmr.repository.NodeRef personNode,
                                       org.alfresco.service.cmr.repository.NodeRef homeSpaceRef)

Create the user object that will be stored in the session.

Parameters:

userName - String

ticket - String

personNode - NodeRef

homeSpaceRef - NodeRef

Returns:

SessionUser

getSessionUser

protected SessionUser getSessionUser(ServletContext servletContext,
                                     HttpServletRequest httpServletRequest,
                                     HttpServletResponse httpServletResponse,
                                     boolean externalAuth)

Callback to get the specific impl of the Session User for a filter.

Parameters:

servletContext - the servlet context

httpServletRequest - the http servlet request

httpServletResponse - the http servlet response

externalAuth - has the user been authenticated by SSO?

Returns:

User from the session

invalidateSession

protected void invalidateSession(HttpServletRequest req)

Remove the user from the session and expire the session - after failed ticket auth.

Parameters:

req - HttpServletRequest

doInSystemTransaction

protected <T> T doInSystemTransaction(RetryingTransactionHelper.RetryingTransactionCallback<T> callback)

Executes a callback in a transaction as the system user

Parameters:

callback - the callback

Returns:

the return value from the callback

getUserAttributeName

protected final String getUserAttributeName()

Return the user object session attribute name.

Returns:

the user object session attribute name

setUserAttributeName

protected final void setUserAttributeName(String userAttr)

Set the user object attribute name.

Parameters:

userAttr - the user object session attribute name

createUserEnvironment

protected SessionUser createUserEnvironment(HttpSession session,
                                            String userName,
                                            String ticket,
                                            boolean externalAuth)
                                     throws IOException,
                                            ServletException

Callback to create the User environment as appropriate for a filter impl.

Parameters:

session - HttpSession

userName - String

ticket - the ticket

externalAuth - has the user been authenticated by SSO?

Returns:

SessionUser

Throws:

IOException - Signals that an I/O exception has occurred.

ServletException - the servlet exception

createUserEnvironment

protected SessionUser createUserEnvironment(HttpSession session,
                                            String userName)
                                     throws IOException,
                                            ServletException

Callback to create the User environment as appropriate for a filter impl

Parameters:

session - HttpSession

userName - String

Returns:

SessionUser

Throws:

IOException

ServletException

getLogger

protected abstract org.apache.commons.logging.Log getLogger()

Return the logger.

Returns:

Log

handleLoginForm

protected boolean handleLoginForm(HttpServletRequest req,
                                  HttpServletResponse res)
                           throws IOException,
                                  ServletException

Handles the login form directly, allowing management of the session user.

Parameters:

req - the request

res - the response

Throws:

IOException - Signals that an I/O exception has occurred.

ServletException - on error