AuthenticationHelper (Alfresco 5.3.a-SNAPSHOT API)

java.lang.Object
- org.alfresco.web.app.servlet.AuthenticationHelper

```
public final class AuthenticationHelper
extends Object
```
Helper to authenticate the current user using available Ticket information.
User information is looked up in the Session. If found the ticket is retrieved and validated. If the ticket is invalid then a redirect is performed to the login page.
If no User info is found then a search will be made for a previous username stored in a Cookie value. If the username if found then a redirect to the Login page will occur. If no username is found then Guest access login will be attempted by the system. Guest access can be forced with the appropriate method call.

Author:

Kevin Roast

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`AUTHENTICATION_USER` session variables
`static String`	`LOGIN_BEAN` JSF bean IDs
`static String`	`SESSION_INVALIDATED`
`static String`	`SESSION_USERNAME`

Constructor Summary

Constructors
Constructor and Description

AuthenticationHelper()

Constructors
Constructor and Description
`AuthenticationHelper()`

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static AuthenticationStatus`	`authenticate(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean forceGuest)` Helper to authenticate the current user using session based Ticket information.
`static AuthenticationStatus`	`authenticate(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean forceGuest, boolean allowGuest)` Helper to authenticate the current user using session based Ticket information.
`static AuthenticationStatus`	`authenticate(ServletContext context, HttpServletRequest httpRequest, HttpServletResponse httpResponse, String ticket)` Helper to authenticate the current user using the supplied Ticket value.
`static Cookie`	`getAuthCookie(HttpServletRequest httpRequest)` Helper to return the Alfresco auth cookie.
`static String`	`getAuthCookieValue(Cookie authCookie)` Gets the decoded auth cookie value.
`static String`	`getRemoteUser(ServletContext sc, HttpServletRequest httpRequest)` Uses the remote user mapper, if one is configured, to extract a user ID from the request
`static RemoteUserMapper`	`getRemoteUserMapper(ServletContext sc)` Gets the remote user mapper if one is configured and active (i.e.
`static User`	`getUser(ServletContext sc, HttpServletRequest httpRequest, HttpServletResponse httpResponse)` Attempts to retrieve the User object stored in the current session.
`static User`	`portalGuestAuthenticate(org.springframework.web.context.WebApplicationContext ctx, AuthenticationService auth)` For no previous authentication or forced Guest - attempt Guest access
`static void`	`setupThread(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean useInterfaceLanguage)` Does all the stuff you need to do after successfully authenticating/validating a user ticket to set up the request thread.
`static User`	`setUser(ServletContext context, HttpServletRequest req, String currentUsername, String ticket, boolean externalAuth)` Creates an object for an authenticated user and stores it in the session.
`static void`	`setUsernameCookie(HttpServletRequest httpRequest, HttpServletResponse httpResponse, String username)` Setup the Alfresco auth cookie value.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- AUTHENTICATION_USER
```
public static final String AUTHENTICATION_USER
```
  session variables
  
  See Also:
  
  Constant Field Values
- SESSION_USERNAME
```
public static final String SESSION_USERNAME
```
  See Also:
  
  Constant Field Values
- SESSION_INVALIDATED
```
public static final String SESSION_INVALIDATED
```
  See Also:
  
  Constant Field Values
- LOGIN_BEAN
```
public static final String LOGIN_BEAN
```
  JSF bean IDs
  
  See Also:
  
  Constant Field Values

Constructor Detail
- AuthenticationHelper
```
public AuthenticationHelper()
```

Method Detail

setupThread

public static void setupThread(ServletContext sc,
                               HttpServletRequest req,
                               HttpServletResponse res,
                               boolean useInterfaceLanguage)

Does all the stuff you need to do after successfully authenticating/validating a user ticket to set up the request thread. A useful utility method for an authentication filter.

Parameters:: sc - the servlet context; req - the request; res - the response

authenticate

public static AuthenticationStatus authenticate(ServletContext sc,
                                                HttpServletRequest req,
                                                HttpServletResponse res,
                                                boolean forceGuest)
                                         throws IOException

Helper to authenticate the current user using session based Ticket information.

User information is looked up in the Session. If found the ticket is retrieved and validated. If no User info is found or the ticket is invalid then a redirect is performed to the login page.

Parameters:: forceGuest - True to force a Guest login attempt
Returns:: AuthenticationStatus result.
Throws:: IOException

authenticate

public static AuthenticationStatus authenticate(ServletContext sc,
                                                HttpServletRequest req,
                                                HttpServletResponse res,
                                                boolean forceGuest,
                                                boolean allowGuest)
                                         throws IOException

Helper to authenticate the current user using session based Ticket information.

User information is looked up in the Session. If found the ticket is retrieved and validated. If no User info is found or the ticket is invalid then a redirect is performed to the login page.

Parameters:: forceGuest - True to force a Guest login attempt; allowGuest - True to allow the Guest user if no user object represent
Returns:: AuthenticationStatus result.
Throws:: IOException

authenticate

public static AuthenticationStatus authenticate(ServletContext context,
                                                HttpServletRequest httpRequest,
                                                HttpServletResponse httpResponse,
                                                String ticket)
                                         throws IOException

Helper to authenticate the current user using the supplied Ticket value.

Returns:: true if authentication successful, false otherwise.
Throws:: IOException

setUser

public static User setUser(ServletContext context,
                           HttpServletRequest req,
                           String currentUsername,
                           String ticket,
                           boolean externalAuth)

Creates an object for an authenticated user and stores it in the session.

Parameters:: context - the servlet context; req - the request; currentUsername - the current user name; ticket - a validated ticket; externalAuth - was this user authenticated externally?
Returns:: the user object

portalGuestAuthenticate

public static User portalGuestAuthenticate(org.springframework.web.context.WebApplicationContext ctx,
                                           AuthenticationService auth)

For no previous authentication or forced Guest - attempt Guest access

Parameters:: ctx - WebApplicationContext; auth - AuthenticationService

getRemoteUser
```
public static String getRemoteUser(ServletContext sc,
                                   HttpServletRequest httpRequest)
```
Uses the remote user mapper, if one is configured, to extract a user ID from the request

Parameters:

sc - the servlet context

httpRequest - The HTTP request

Returns:

the user ID if a user has been externally authenticated or null otherwise.

getRemoteUserMapper
```
public static RemoteUserMapper getRemoteUserMapper(ServletContext sc)
```
Gets the remote user mapper if one is configured and active (i.e. external authentication is in use).

Parameters:

sc - the servlet context

Returns:

the remote user mapper if one is configured and active; otherwise null

getUser
```
public static User getUser(ServletContext sc,
                           HttpServletRequest httpRequest,
                           HttpServletResponse httpResponse)
```
Attempts to retrieve the User object stored in the current session.

Parameters:

sc - the servlet context

httpRequest - The HTTP request

httpResponse - The HTTP response

Returns:

The User object representing the current user or null if it could not be found

setUsernameCookie

public static void setUsernameCookie(HttpServletRequest httpRequest,
                                     HttpServletResponse httpResponse,
                                     String username)

Setup the Alfresco auth cookie value.

Parameters:: httpRequest -; httpResponse -; username -

getAuthCookie
```
public static Cookie getAuthCookie(HttpServletRequest httpRequest)
```
Helper to return the Alfresco auth cookie. The cookie saves the last used username value.

Parameters:

httpRequest -

Returns:

Cookie if found or null if not present

getAuthCookieValue
```
public static String getAuthCookieValue(Cookie authCookie)
```
Gets the decoded auth cookie value.

Parameters:

authCookie - the auth cookie

Returns:

the auth cookie value

Class AuthenticationHelper

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

AUTHENTICATION_USER

SESSION_USERNAME

SESSION_INVALIDATED

LOGIN_BEAN

Constructor Detail

AuthenticationHelper

Method Detail

setupThread

authenticate

authenticate

authenticate

setUser

portalGuestAuthenticate

getRemoteUser

getRemoteUserMapper

getUser

setUsernameCookie

getAuthCookie

getAuthCookieValue