Package org.ametys.site
Class FrontAuthenticateAction
- All Implemented Interfaces:
Initializable
,Component
,LogEnabled
,Serviceable
,ThreadSafe
,Action
- Direct Known Subclasses:
FrontBlockingCredentialProviderAction
The authenticate action for front side
-
Nested Class Summary
Nested classes/interfaces inherited from class org.ametys.core.authentication.AuthenticateAction
AuthenticateAction.TOKEN_MODE
-
Field Summary
Fields inherited from class org.ametys.core.authentication.AuthenticateAction
_acceptedUrlPatterns, _authenticateTokenManager, _currentUserProvider, _observationManager, _populationContextHelper, _userManager, _userPasswordManager, _userPopulationDAO, HEADER_TOKEN, PARAMETERS_PARAMETER_TOKEN, PARAMETERS_PARAMETER_TOKEN_CONTEXT, REQUEST_ATTRIBUTE_AUTHENTICATED, REQUEST_ATTRIBUTE_AVAILABLE_USER_POPULATIONS_LIST, REQUEST_ATTRIBUTE_CONTEXTS, REQUEST_ATTRIBUTE_CREDENTIAL_PROVIDER_INDEX, REQUEST_ATTRIBUTE_CREDENTIAL_PROVIDER_LIST, REQUEST_ATTRIBUTE_GRANTED, REQUEST_ATTRIBUTE_INTERNAL_ALLOWED, REQUEST_ATTRIBUTE_INVALID_POPULATION, REQUEST_ATTRIBUTE_LOGIN_URL, REQUEST_ATTRIBUTE_SHOULD_DISPLAY_USER_POPULATIONS_LIST, REQUEST_ATTRIBUTE_USER_POPULATION_ID, REQUEST_PARAMETER_CREDENTIALPROVIDER_INDEX, REQUEST_PARAMETER_NONBLOCING, REQUEST_PARAMETER_POPULATION_NAME, REQUEST_PARAMETER_TOKEN, REQUEST_PARAMETER_TOKEN_CONTEXT, SESSION_CONNECTING_CREDENTIALPROVIDER_INDEX, SESSION_CONNECTING_CREDENTIALPROVIDER_INDEX_LASTBLOCKINGKNOWN, SESSION_CONNECTING_CREDENTIALPROVIDER_MODE, SESSION_CONNECTING_USERPOPULATION_ID, SESSION_CREDENTIALPROVIDER, SESSION_CREDENTIALPROVIDER_MODE, SESSION_USERIDENTITY, SITEMAP_PARAMETER_TOKEN_MODE
Fields inherited from class org.apache.cocoon.acting.ServiceableAction
manager
Fields inherited from class org.apache.cocoon.acting.AbstractAction
EMPTY_MAP
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
_acceptedUrl
(Request request) Determine if the request is one of the authentication process (except the credential providers)_getContexts
(Request request, Parameters parameters) Get the authentication contextprotected CredentialProvider
_getCredentialProviderFromSession
(Request request) Get the credential provider used for the current connectionprotected Boolean
Get the credential provider mode used for the current connectionprotected UserIdentity
_getUserIdentityFromSession
(Request request) Get the user identity of the connected user from the session_getWeakPasswordURI
(Request request, UserIdentity userIdentity) Get the URI where the user should be redirected after a weak password is detectedprotected boolean
_handleLogout
(Redirector redirector, Map objectModel, String source, Parameters parameters) Test if user wants to logout and handle itprotected void
_setUserIdentityInSession
(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean blockingMode) Save user identity in requestprotected UserIdentity
_validateToken
(String token, String context) Validate the given tokenstatic CredentialProvider
getCredentialProviderFromSession
(Request request) Get the credential provider used for the current connectionstatic CredentialProvider
getCredentialProviderFromSession
(Request request, String siteName) Get the credential provider used for the current connectionstatic Boolean
Get the credential provider mode used for the current connectionstatic Boolean
getCredentialProviderModeFromSession
(Request request, String siteName) Get the credential provider mode used for the current connectionprotected String
getLoginURL
(Request request) Get the url for the redirector to display the login screenprotected String
getLogoutURL
(Request request) Get the url for the redirector to display the logout screenstatic UserIdentity
getUserIdentityFromSession
(Request request) Get the user identity of the connected user from the sessionstatic UserIdentity
getUserIdentityFromSession
(Request request, String siteName) Get the user identity of the connected user from the sessionstatic void
setUserIdentityInSession
(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean blockingMode) Save user identity in requestMethods inherited from class org.ametys.core.authentication.AuthenticateAction
_doProcess, _getAvailableUserPopulationsIds, _getChosenUserPopulationId, _getCurrentCredentialProviderIndex, _getCurrentCredentialProviderIndexFromParameter, _getTokenFromRequest, _getUserIdentity, _handleAuthenticationToken, _handleWeakPassword, _hasCredentialProviders, _internalRequest, _isCurrentCredentialProviderInBlockingMode, _logLoginEvent, _logLogoutEvent, _preFlightCheck, _prepareUserPopulationsAndCredentialProviders, _process, _resetConnectingStateToSession, _saveConnectingStateToSession, _validateCurrentlyConnectedUser, _validateCurrentlyConnectedUserIsInAuthorizedPopulation, act, getLoginURLParameters, initialize, renewSession, skipCurrentCredentialProvider
Methods inherited from class org.apache.cocoon.acting.ServiceableAction
service
Methods inherited from class org.apache.avalon.framework.logger.AbstractLogEnabled
enableLogging, getLogger, setupLogger, setupLogger, setupLogger
-
Field Details
-
_acceptedSiteUrlPatterns
url requires for authentication
-
-
Constructor Details
-
FrontAuthenticateAction
public FrontAuthenticateAction()
-
-
Method Details
-
_acceptedUrl
Description copied from class:AuthenticateAction
Determine if the request is one of the authentication process (except the credential providers)- Overrides:
_acceptedUrl
in classAuthenticateAction
- Parameters:
request
- The request- Returns:
- true to bypass this authentication
-
_setUserIdentityInSession
protected void _setUserIdentityInSession(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean blockingMode) Description copied from class:AuthenticateAction
Save user identity in request- Overrides:
_setUserIdentityInSession
in classAuthenticateAction
- Parameters:
request
- The requestuserIdentity
- The useridentity to savecredentialProvider
- The credential provider used to connectblockingMode
- The mode used for the credential provider
-
setUserIdentityInSession
public static void setUserIdentityInSession(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean blockingMode) Save user identity in request- Parameters:
request
- The requestuserIdentity
- The useridentity to savecredentialProvider
- The credential provider used to connectblockingMode
- The mode used for the credential provider
-
_getUserIdentityFromSession
Description copied from class:AuthenticateAction
Get the user identity of the connected user from the session- Overrides:
_getUserIdentityFromSession
in classAuthenticateAction
- Parameters:
request
- The request- Returns:
- The connected useridentity or null
-
_getWeakPasswordURI
Description copied from class:AuthenticateAction
Get the URI where the user should be redirected after a weak password is detected- Overrides:
_getWeakPasswordURI
in classAuthenticateAction
- Parameters:
request
- the current requestuserIdentity
- the user identity with a weak password- Returns:
- the absolute uri
-
getUserIdentityFromSession
Get the user identity of the connected user from the session- Parameters:
request
- The request- Returns:
- The connected useridentity or null
-
getUserIdentityFromSession
Get the user identity of the connected user from the session- Parameters:
request
- The requestsiteName
- The current site name- Returns:
- The connected useridentity or null
-
_getCredentialProviderFromSession
Description copied from class:AuthenticateAction
Get the credential provider used for the current connection- Overrides:
_getCredentialProviderFromSession
in classAuthenticateAction
- Parameters:
request
- The request- Returns:
- The credential provider used or null
-
getCredentialProviderFromSession
Get the credential provider used for the current connection- Parameters:
request
- The request- Returns:
- The credential provider used or null
-
getCredentialProviderFromSession
Get the credential provider used for the current connection- Parameters:
request
- The requestsiteName
- The current site name- Returns:
- The credential provider used or null
-
_getCredentialProviderModeFromSession
Description copied from class:AuthenticateAction
Get the credential provider mode used for the current connection- Overrides:
_getCredentialProviderModeFromSession
in classAuthenticateAction
- Parameters:
request
- The request- Returns:
- The credential provider mode used or null
-
getCredentialProviderModeFromSession
Get the credential provider mode used for the current connection- Parameters:
request
- The request- Returns:
- The credential provider mode used or null
-
getCredentialProviderModeFromSession
Get the credential provider mode used for the current connection- Parameters:
request
- The requestsiteName
- The current site name- Returns:
- The credential provider mode used or null
-
_getContexts
Description copied from class:AuthenticateAction
Get the authentication context- Overrides:
_getContexts
in classAuthenticateAction
- Parameters:
request
- The requestparameters
- The action parameters- Returns:
- The context
-
getLoginURL
Description copied from class:AuthenticateAction
Get the url for the redirector to display the login screen- Overrides:
getLoginURL
in classAuthenticateAction
- Parameters:
request
- The request- Returns:
- The url. Cannot be null or empty
-
getLogoutURL
Description copied from class:AuthenticateAction
Get the url for the redirector to display the logout screen- Overrides:
getLogoutURL
in classAuthenticateAction
- Parameters:
request
- The request- Returns:
- The url. Cannot be null or empty
-
_handleLogout
protected boolean _handleLogout(Redirector redirector, Map objectModel, String source, Parameters parameters) throws Exception Description copied from class:AuthenticateAction
Test if user wants to logout and handle it- Overrides:
_handleLogout
in classAuthenticateAction
- Parameters:
redirector
- The cocoon redirectorobjectModel
- The cocoon object modelsource
- The sitemap sourceparameters
- The sitemap parameters- Returns:
- true if the user was logged out
- Throws:
Exception
- if an error occurred
-
_validateToken
Description copied from class:AuthenticateAction
Validate the given token- Overrides:
_validateToken
in classAuthenticateAction
- Parameters:
token
- The non empty token to validatecontext
- the context on which the token should be validated- Returns:
- The corresponding user identity or null
-