Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.plumtree.uiinfrastructure.login
Class Authenticator

java.lang.Object
  extended by com.plumtree.uiinfrastructure.login.Authenticator
All Implemented Interfaces:
IAuthenticator
public class Authenticator
extends java.lang.Object
implements IAuthenticator

This is the main authenticator module, the single entry point for performing authentication. Internally, it communicates with other authentication modules (TokenAuthenticator, HTTPBasicAuthenticator and SSOAuthenticator) to decide which authentication method is applicable to current request, and it may fail over to a different authentication method if one method fails (e.g., if login token auth fails, it will try HTTP basic auth, and if that fails, it will log in as guest).

Author:
Don Hayler, Mike Jahr (SSO), Julie Fournier (Security Modes), William Adjie-Winoto (Writing this new class)

Field Summary
static java.lang.String GUESTLOGIN_GUESTUSERID
           
static java.lang.String GUESTLOGIN_GUESTUSERNAME
           
static java.lang.String GUESTLOGIN_REDIRECTONLOGOUT
           
static java.lang.String GUESTLOGIN_REDIRECTTOLOGIN
           
static java.lang.String GUESTLOGIN_SSOVENDOR
           
static java.lang.String LOGINPAGESPACE_ATTR_KEY
           
protected  HTTPBasicAuthenticator m_HTTPBasicAuth
           
protected  SSOAuthenticator m_SSOAuth
           
protected  TokenAuthenticator m_TokenAuth
           
 
Method Summary
static Redirect GetGuestLoginRedirect(IApplication application, ISessionManager sessionManager, IXPRequest request, java.lang.Object userSession)
          This method calculates the appropriate login page for the guest user.
static Redirect GetGuestLoginRedirect(RequestData _requestData)
          This method calculates the appropriate login page for the guest user.
static Authenticator GetInstance()
           
 Redirect GetOrSendLoginChallenge(RequestData requestData)
          Returns a Redirect object to the login page, or issues an HTTP redirect to the login page.
 LoginResult Login(RequestData requestData)
          Performs the login operation.
 boolean Logout(RequestData requestData)
          Performs the logout operation.
 boolean UseThisAuth(RequestData requestData)
          Since this is the main authenticator module, it always returns a boolean true.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

GUESTLOGIN_GUESTUSERNAME

public static final java.lang.String GUESTLOGIN_GUESTUSERNAME
See Also:
Constant Field Values

GUESTLOGIN_GUESTUSERID

public static final java.lang.String GUESTLOGIN_GUESTUSERID
See Also:
Constant Field Values

GUESTLOGIN_SSOVENDOR

public static final java.lang.String GUESTLOGIN_SSOVENDOR
See Also:
Constant Field Values

GUESTLOGIN_REDIRECTTOLOGIN

public static final java.lang.String GUESTLOGIN_REDIRECTTOLOGIN
See Also:
Constant Field Values

GUESTLOGIN_REDIRECTONLOGOUT

public static final java.lang.String GUESTLOGIN_REDIRECTONLOGOUT
See Also:
Constant Field Values

LOGINPAGESPACE_ATTR_KEY

public static final java.lang.String LOGINPAGESPACE_ATTR_KEY
See Also:
Constant Field Values

m_TokenAuth

protected TokenAuthenticator m_TokenAuth

m_HTTPBasicAuth

protected HTTPBasicAuthenticator m_HTTPBasicAuth

m_SSOAuth

protected SSOAuthenticator m_SSOAuth
Method Detail

GetInstance

public static Authenticator GetInstance()

Login

public LoginResult Login(RequestData requestData)
Performs the login operation. It will first try with login token auth. If the token does not exist or it fails, it will check if HTTP basic auth is appropriate for this request. If all fail, the user will be logged in as guest user.

Specified by:
Login in interface IAuthenticator
Parameters:
requestData - the request
Returns:
LoginResult containing the status of the login operation, as well as the supporting information, including the generated PTSession, and any Redirect generated by Login Action PEI.
See Also:
com.plumtree.uiinfrastructure.login.IAuthenticator#Login(com.plumtree.uiinfrastructure.application.RequestData)

GetOrSendLoginChallenge

public Redirect GetOrSendLoginChallenge(RequestData requestData)
Returns a Redirect object to the login page, or issues an HTTP redirect to the login page. In the latter case, the method returns null. The way this method works: first it will check for the SSO setting whether SSO is enabled. It will also check whether HTTP Basic should override SSO (for WebDAV cases). Depending on the setting of the two, either SSO login challenge or HTTP Basic login challenge will be sent (in which case this method returns null). If neither SSO nor HTTP basic is appropriate for current request, then a default-login-page Redirect object is returned.

Specified by:
GetOrSendLoginChallenge in interface IAuthenticator
Parameters:
requestData - the request
Returns:
the Redirect to the login page, or null if the login challenge has been sent out directly using the XPResponse in the requestData.
See Also:
com.plumtree.uiinfrastructure.login.IAuthenticator#GetOrSendLoginChallenge(com.plumtree.uiinfrastructure.application.RequestData)

GetGuestLoginRedirect

public static Redirect GetGuestLoginRedirect(RequestData _requestData)
This method calculates the appropriate login page for the guest user.

Parameters:
_requestData - The current request data.
Returns:
Redirect to the appropriate guest user login page.

GetGuestLoginRedirect

public static Redirect GetGuestLoginRedirect(IApplication application,
                                             ISessionManager sessionManager,
                                             IXPRequest request,
                                             java.lang.Object userSession)
This method calculates the appropriate login page for the guest user.

Parameters:
application -
sessionManager -
request -
userSession -
Returns:
Redirect to the appropriate guest user login page.

Logout

public boolean Logout(RequestData requestData)
Performs the logout operation. Currently only the SSO uses this, as the other authentication methods perfom the logout operations from within the Login activity space. For ths SSO case, this method sends an HTTP redirect to the SSO logout URL.

Specified by:
Logout in interface IAuthenticator
Parameters:
requestData - the request
Returns:
a boolean indicating whether the user has been logged out (and/or redirected to a logout URL) or not. If it is true, the Interpreter shall not do any further processing of the request.
See Also:
com.plumtree.uiinfrastructure.login.IAuthenticator#Logout(com.plumtree.uiinfrastructure.application.RequestData)

UseThisAuth

public boolean UseThisAuth(RequestData requestData)
Since this is the main authenticator module, it always returns a boolean true.

Specified by:
UseThisAuth in interface IAuthenticator
Returns:
a boolean indicating whether the authentication method is applicable to the request in the requestData
See Also:
com.plumtree.uiinfrastructure.login.IAuthenticator#UseThisAuth(com.plumtree.uiinfrastructure.application.RequestData)
Overview  Package   Class  Tree  Deprecated  Index  Help 


Copyright © 2002,2003,2004,2005 Plumtree Software, Inc., All Rights Reserved.
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD