Package org.ametys.plugins.core.impl.authentication

Class RemoteUserCredentialProvider

java.lang.Object

org.ametys.runtime.plugin.component.AbstractLogEnabled

org.ametys.core.authentication.AbstractCredentialProvider

org.ametys.plugins.core.impl.authentication.RemoteUserCredentialProvider

All Implemented Interfaces:

CredentialProvider, NonBlockingCredentialProvider, LogEnabled, Component, Contextualizable

public class RemoteUserCredentialProvider
extends AbstractCredentialProvider
implements NonBlockingCredentialProvider, Contextualizable

This manager gets the credentials given by a J2EE filter authentication.
The filter must set the 'remote user' header into the request.

This manager can not get the password of the connected user: the user is already authentified. This manager should not be associated with an AuthenticableBaseUser

Field Summary

Fields

Modifier and Type	Field	Description
private static String	__PARAM_HEADER_NAME	Name of the parameter holding the header name
private static String	__PARAM_REALM	Name of the parameter holding the authentication realm
private Context	_context
protected String	_headerName	The header name
protected String	_realm	The realm

Constructor Summary

Constructors

Constructor	Description
RemoteUserCredentialProvider()

Method Summary

Modifier and Type	Method	Description
void	contextualize(Context context)
void	init(String id, String cpModelId, Map<String,Object> paramValues, String label)	Initialize the credential provider with given parameters' values.
UserIdentity	nonBlockingGetUserIdentity(Redirector redirector)	Method called by AuthenticateAction each time a request need authentication.
boolean	nonBlockingGrantAnonymousRequest()	Method called by AuthenticateAction before asking for credentials.
boolean	nonBlockingIsStillConnected(UserIdentity userIdentity, Redirector redirector)	Validates that the user specify is still connected
void	nonBlockingUserAllowed(UserIdentity userIdentity)	Method called by AuthenticateAction after authentication process succeeded
void	nonBlockingUserNotAllowed(Redirector redirector)	Method called by AuthenticateAction each a user could not get authenticated.

Methods inherited from class org.ametys.core.authentication.AbstractCredentialProvider

equals, getCredentialProviderModelId, getId, getLabel, getParameterValues, hashCode

Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled

getLogger, setLogger

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.ametys.core.authentication.CredentialProvider

getCredentialProviderModelId, getId, getLabel, getParameterValues, getUserIdentity, grantAnonymousRequest, isStillConnected, userAllowed, userNotAllowed

Field Detail

__PARAM_REALM

private static final String __PARAM_REALM

Name of the parameter holding the authentication realm

See Also:

Constant Field Values

__PARAM_HEADER_NAME

private static final String __PARAM_HEADER_NAME

Name of the parameter holding the header name

See Also:

Constant Field Values

_realm

protected String _realm

The realm

_headerName

protected String _headerName

The header name

_context

private Context _context

Constructor Detail

RemoteUserCredentialProvider

public RemoteUserCredentialProvider()

Method Detail

contextualize

public void contextualize(Context context)
                   throws ContextException

Specified by:

contextualize in interface Contextualizable

Throws:

ContextException

init

public void init(String id,
                 String cpModelId,
                 Map<String,Object> paramValues,
                 String label)

Description copied from interface: CredentialProvider

Initialize the credential provider with given parameters' values.

Specified by:

init in interface CredentialProvider

Overrides:

init in class AbstractCredentialProvider

Parameters:

id - The unique identifier

cpModelId - The id of credential provider extension point

paramValues - The parameters' values

label - The specific label of this instance. Can be null

nonBlockingIsStillConnected

public boolean nonBlockingIsStillConnected(UserIdentity userIdentity,
                                           Redirector redirector)
                                    throws Exception

Description copied from interface: NonBlockingCredentialProvider

Validates that the user specify is still connected

Specified by:

nonBlockingIsStillConnected in interface NonBlockingCredentialProvider

Parameters:

userIdentity - the user previously correctly identified with this credential provider

redirector - The cocoon redirector

Returns:

true if this CredentialProvider was in a valid state, false to restart authentication process

Throws:

Exception - If an error occurred

nonBlockingGrantAnonymousRequest

public boolean nonBlockingGrantAnonymousRequest()

Description copied from interface: NonBlockingCredentialProvider

Method called by AuthenticateAction before asking for credentials. This method is used to bypass authentication. If this method returns true, no authentication will be require. Use it with care, as it may lead to obvious security issues.

Specified by:

nonBlockingGrantAnonymousRequest in interface NonBlockingCredentialProvider

Returns:

true if the Request is not authenticated

nonBlockingGetUserIdentity

public UserIdentity nonBlockingGetUserIdentity(Redirector redirector)
                                        throws Exception

Description copied from interface: NonBlockingCredentialProvider

Method called by AuthenticateAction each time a request need authentication.

Specified by:

nonBlockingGetUserIdentity in interface NonBlockingCredentialProvider

Parameters:

redirector - the cocoon redirector.

Returns:

the UserIdentity corresponding to the user (with or without population specified), or null if user could not get authenticated.

Throws:

Exception - if something wrong occurs

nonBlockingUserNotAllowed

public void nonBlockingUserNotAllowed(Redirector redirector)
                               throws Exception

Description copied from interface: NonBlockingCredentialProvider

Method called by AuthenticateAction each a user could not get authenticated. This method implementation is responsible of redirecting response to appropriate url.

Specified by:

nonBlockingUserNotAllowed in interface NonBlockingCredentialProvider

Parameters:

redirector - the cocoon Redirector that can be used for redirecting response.

Throws:

Exception - if something wrong occurs

nonBlockingUserAllowed

public void nonBlockingUserAllowed(UserIdentity userIdentity)

Description copied from interface: NonBlockingCredentialProvider

Method called by AuthenticateAction after authentication process succeeded

Specified by:

nonBlockingUserAllowed in interface NonBlockingCredentialProvider

Parameters:

userIdentity - The user correctly connected