Class RemoteUserCredentialProvider
- java.lang.Object
-
- org.ametys.runtime.plugin.component.AbstractLogEnabled
-
- org.ametys.core.authentication.AbstractCredentialProvider
-
- org.ametys.plugins.core.impl.authentication.RemoteUserCredentialProvider
-
- All Implemented Interfaces:
CredentialProvider
,NonBlockingCredentialProvider
,LogEnabled
,Component
,Contextualizable
public class RemoteUserCredentialProvider extends AbstractCredentialProvider implements NonBlockingCredentialProvider, Contextualizable
This manager gets the credentials given by a J2EE filter authentication.
The filter must set the 'remote user' header into the request.
This manager can not get the password of the connected user: the user is already authentified. This manager should not be associated with anAuthenticableBaseUser
-
-
Field Summary
Fields Modifier and Type Field Description private static String
__PARAM_HEADER_NAME
Name of the parameter holding the header nameprivate static String
__PARAM_REALM
Name of the parameter holding the authentication realmprivate Context
_context
protected String
_headerName
The header nameprotected String
_realm
The realm
-
Constructor Summary
Constructors Constructor Description RemoteUserCredentialProvider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
contextualize(Context context)
void
init(String id, String cpModelId, Map<String,Object> paramValues, String label)
Initialize the credential provider with given parameters' values.UserIdentity
nonBlockingGetUserIdentity(Redirector redirector)
Method called by AuthenticateAction each time a request need authentication.boolean
nonBlockingGrantAnonymousRequest()
Method called by AuthenticateAction before asking for credentials.boolean
nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector)
Validates that the user specify is still connectedvoid
nonBlockingUserAllowed(UserIdentity userIdentity)
Method called by AuthenticateAction after authentication process succeededvoid
nonBlockingUserNotAllowed(Redirector redirector)
Method called by AuthenticateAction each a user could not get authenticated.-
Methods inherited from class org.ametys.core.authentication.AbstractCredentialProvider
equals, getCredentialProviderModelId, getId, getLabel, getParameterValues, hashCode
-
Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled
getLogger, setLogger
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.ametys.core.authentication.CredentialProvider
getCredentialProviderModelId, getId, getLabel, getParameterValues, getUserIdentity, grantAnonymousRequest, isStillConnected, userAllowed, userNotAllowed
-
-
-
-
Field Detail
-
__PARAM_REALM
private static final String __PARAM_REALM
Name of the parameter holding the authentication realm- See Also:
- Constant Field Values
-
__PARAM_HEADER_NAME
private static final String __PARAM_HEADER_NAME
Name of the parameter holding the header name- See Also:
- Constant Field Values
-
_headerName
protected String _headerName
The header name
-
-
Constructor Detail
-
RemoteUserCredentialProvider
public RemoteUserCredentialProvider()
-
-
Method Detail
-
contextualize
public void contextualize(Context context) throws ContextException
- Specified by:
contextualize
in interfaceContextualizable
- Throws:
ContextException
-
init
public void init(String id, String cpModelId, Map<String,Object> paramValues, String label)
Description copied from interface:CredentialProvider
Initialize the credential provider with given parameters' values.- Specified by:
init
in interfaceCredentialProvider
- Overrides:
init
in classAbstractCredentialProvider
- Parameters:
id
- The unique identifiercpModelId
- The id of credential provider extension pointparamValues
- The parameters' valueslabel
- The specific label of this instance. Can be null
-
nonBlockingIsStillConnected
public boolean nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector) throws Exception
Description copied from interface:NonBlockingCredentialProvider
Validates that the user specify is still connected- Specified by:
nonBlockingIsStillConnected
in interfaceNonBlockingCredentialProvider
- Parameters:
userIdentity
- the user previously correctly identified with this credential providerredirector
- The cocoon redirector- Returns:
- true if this CredentialProvider was in a valid state, false to restart authentication process
- Throws:
Exception
- If an error occurred
-
nonBlockingGrantAnonymousRequest
public boolean nonBlockingGrantAnonymousRequest()
Description copied from interface:NonBlockingCredentialProvider
Method called by AuthenticateAction before asking for credentials. This method is used to bypass authentication. If this method returns true, no authentication will be require. Use it with care, as it may lead to obvious security issues.- Specified by:
nonBlockingGrantAnonymousRequest
in interfaceNonBlockingCredentialProvider
- Returns:
- true if the Request is not authenticated
-
nonBlockingGetUserIdentity
public UserIdentity nonBlockingGetUserIdentity(Redirector redirector) throws Exception
Description copied from interface:NonBlockingCredentialProvider
Method called by AuthenticateAction each time a request need authentication.- Specified by:
nonBlockingGetUserIdentity
in interfaceNonBlockingCredentialProvider
- Parameters:
redirector
- the cocoon redirector.- Returns:
- the
UserIdentity
corresponding to the user (with or without population specified), or null if user could not get authenticated. - Throws:
Exception
- if something wrong occurs
-
nonBlockingUserNotAllowed
public void nonBlockingUserNotAllowed(Redirector redirector) throws Exception
Description copied from interface:NonBlockingCredentialProvider
Method called by AuthenticateAction each a user could not get authenticated. This method implementation is responsible of redirecting response to appropriate url.- Specified by:
nonBlockingUserNotAllowed
in interfaceNonBlockingCredentialProvider
- Parameters:
redirector
- the cocoon Redirector that can be used for redirecting response.- Throws:
Exception
- if something wrong occurs
-
nonBlockingUserAllowed
public void nonBlockingUserAllowed(UserIdentity userIdentity)
Description copied from interface:NonBlockingCredentialProvider
Method called by AuthenticateAction after authentication process succeeded- Specified by:
nonBlockingUserAllowed
in interfaceNonBlockingCredentialProvider
- Parameters:
userIdentity
- The user correctly connected
-
-