public final class AuthenticationHelper extends Object
User information is looked up in the Session. If found the ticket is retrieved and validated. If the ticket is invalid then a redirect is performed to the login page.
If no User info is found then a search will be made for a previous username stored in a Cookie value. If the username if found then a redirect to the Login page will occur. If no username is found then Guest access login will be attempted by the system. Guest access can be forced with the appropriate method call.
Modifier and Type | Field and Description |
---|---|
static String |
AUTHENTICATION_USER
session variables
|
static String |
LOGIN_BEAN
JSF bean IDs
|
static String |
SESSION_INVALIDATED |
static String |
SESSION_USERNAME |
Constructor and Description |
---|
AuthenticationHelper() |
Modifier and Type | Method and Description |
---|---|
static AuthenticationStatus |
authenticate(ServletContext sc,
HttpServletRequest req,
HttpServletResponse res,
boolean forceGuest)
Helper to authenticate the current user using session based Ticket information.
|
static AuthenticationStatus |
authenticate(ServletContext sc,
HttpServletRequest req,
HttpServletResponse res,
boolean forceGuest,
boolean allowGuest)
Helper to authenticate the current user using session based Ticket information.
|
static AuthenticationStatus |
authenticate(ServletContext context,
HttpServletRequest httpRequest,
HttpServletResponse httpResponse,
String ticket)
Helper to authenticate the current user using the supplied Ticket value.
|
static Cookie |
getAuthCookie(HttpServletRequest httpRequest)
Helper to return the Alfresco auth cookie.
|
static String |
getAuthCookieValue(Cookie authCookie)
Gets the decoded auth cookie value.
|
static String |
getRemoteUser(ServletContext sc,
HttpServletRequest httpRequest)
Uses the remote user mapper, if one is configured, to extract a user ID from the request
|
static RemoteUserMapper |
getRemoteUserMapper(ServletContext sc)
Gets the remote user mapper if one is configured and active (i.e.
|
static User |
getUser(ServletContext sc,
HttpServletRequest httpRequest,
HttpServletResponse httpResponse)
Attempts to retrieve the User object stored in the current session.
|
static User |
portalGuestAuthenticate(org.springframework.web.context.WebApplicationContext ctx,
AuthenticationService auth)
For no previous authentication or forced Guest - attempt Guest access
|
static void |
setupThread(ServletContext sc,
HttpServletRequest req,
HttpServletResponse res,
boolean useInterfaceLanguage)
Does all the stuff you need to do after successfully authenticating/validating a user ticket to set up the request
thread.
|
static User |
setUser(ServletContext context,
HttpServletRequest req,
String currentUsername,
String ticket,
boolean externalAuth)
Creates an object for an authenticated user and stores it in the session.
|
static void |
setUsernameCookie(HttpServletRequest httpRequest,
HttpServletResponse httpResponse,
String username)
Setup the Alfresco auth cookie value.
|
public static final String AUTHENTICATION_USER
public static final String SESSION_USERNAME
public static final String SESSION_INVALIDATED
public static final String LOGIN_BEAN
public static void setupThread(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean useInterfaceLanguage)
sc
- the servlet contextreq
- the requestres
- the responsepublic static AuthenticationStatus authenticate(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean forceGuest) throws IOException
User information is looked up in the Session. If found the ticket is retrieved and validated. If no User info is found or the ticket is invalid then a redirect is performed to the login page.
forceGuest
- True to force a Guest login attemptIOException
public static AuthenticationStatus authenticate(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean forceGuest, boolean allowGuest) throws IOException
User information is looked up in the Session. If found the ticket is retrieved and validated. If no User info is found or the ticket is invalid then a redirect is performed to the login page.
forceGuest
- True to force a Guest login attemptallowGuest
- True to allow the Guest user if no user object representIOException
public static AuthenticationStatus authenticate(ServletContext context, HttpServletRequest httpRequest, HttpServletResponse httpResponse, String ticket) throws IOException
IOException
public static User setUser(ServletContext context, HttpServletRequest req, String currentUsername, String ticket, boolean externalAuth)
context
- the servlet contextreq
- the requestcurrentUsername
- the current user nameticket
- a validated ticketexternalAuth
- was this user authenticated externally?public static User portalGuestAuthenticate(org.springframework.web.context.WebApplicationContext ctx, AuthenticationService auth)
ctx
- WebApplicationContextauth
- AuthenticationServicepublic static String getRemoteUser(ServletContext sc, HttpServletRequest httpRequest)
sc
- the servlet contexthttpRequest
- The HTTP requestnull
otherwise.public static RemoteUserMapper getRemoteUserMapper(ServletContext sc)
sc
- the servlet contextnull
public static User getUser(ServletContext sc, HttpServletRequest httpRequest, HttpServletResponse httpResponse)
sc
- the servlet contexthttpRequest
- The HTTP requesthttpResponse
- The HTTP responsepublic static void setUsernameCookie(HttpServletRequest httpRequest, HttpServletResponse httpResponse, String username)
httpRequest
- httpResponse
- username
- public static Cookie getAuthCookie(HttpServletRequest httpRequest)
httpRequest
- Copyright © 2005–2017 Alfresco Software. All rights reserved.