Package org.ametys.site

Class FrontAuthenticateAction

java.lang.Object

org.apache.avalon.framework.logger.AbstractLogEnabled

org.apache.cocoon.acting.AbstractAction

org.apache.cocoon.acting.ServiceableAction

org.ametys.core.authentication.AuthenticateAction

org.ametys.site.FrontAuthenticateAction

All Implemented Interfaces:

Initializable, Component, LogEnabled, Serviceable, ThreadSafe, Action

Direct Known Subclasses:

FrontBlockingCredentialProviderAction

public class FrontAuthenticateAction
extends AuthenticateAction

The authenticate action for front side

Nested Class Summary

Nested classes/interfaces inherited from class org.ametys.core.authentication.AuthenticateAction

AuthenticateAction.TOKEN_MODE

Field Summary

Fields

Modifier and Type	Field	Description
protected Collection<Pattern>	_acceptedSiteUrlPatterns	url requires for authentication

Fields inherited from class org.ametys.core.authentication.AuthenticateAction

_acceptedUrlPatterns, _authenticateTokenManager, _currentUserProvider, _observationManager, _populationContextHelper, _userManager, _userPasswordManager, _userPopulationDAO, _userStatusManager, HEADER_TOKEN, PARAMETERS_PARAMETER_TOKEN, PARAMETERS_PARAMETER_TOKEN_CONTEXT, REQUEST_ATTRIBUTE_AUTHENTICATED, REQUEST_ATTRIBUTE_AVAILABLE_USER_POPULATIONS_LIST, REQUEST_ATTRIBUTE_CONTEXTS, REQUEST_ATTRIBUTE_CREDENTIAL_PROVIDER_INDEX, REQUEST_ATTRIBUTE_CREDENTIAL_PROVIDER_LIST, REQUEST_ATTRIBUTE_GRANTED, REQUEST_ATTRIBUTE_INTERNAL_ALLOWED, REQUEST_ATTRIBUTE_INVALID_POPULATION, REQUEST_ATTRIBUTE_LOGIN_URL, REQUEST_ATTRIBUTE_SHOULD_DISPLAY_USER_POPULATIONS_LIST, REQUEST_ATTRIBUTE_USER_POPULATION_ID, REQUEST_PARAMETER_CREDENTIALPROVIDER_INDEX, REQUEST_PARAMETER_NONBLOCING, REQUEST_PARAMETER_POPULATION_NAME, REQUEST_PARAMETER_TOKEN, REQUEST_PARAMETER_TOKEN_CONTEXT, SESSION_CONNECTING_CREDENTIALPROVIDER_INDEX, SESSION_CONNECTING_CREDENTIALPROVIDER_INDEX_LASTBLOCKINGKNOWN, SESSION_CONNECTING_CREDENTIALPROVIDER_MODE, SESSION_CONNECTING_USERPOPULATION_ID, SESSION_CREDENTIALPROVIDER, SESSION_CREDENTIALPROVIDER_MODE, SESSION_USERIDENTITY, SITEMAP_PARAMETER_TOKEN_MODE

Fields inherited from class org.apache.cocoon.acting.ServiceableAction

manager

Fields inherited from class org.apache.cocoon.acting.AbstractAction

EMPTY_MAP

Fields inherited from interface org.apache.cocoon.acting.Action

ROLE

Constructor Summary

Constructors

Constructor	Description
FrontAuthenticateAction()

Method Summary

Modifier and Type	Method	Description
protected boolean	_acceptedUrl(Request request)	Determine if the request is one of the authentication process (except the credential providers)
protected List<String>	_getContexts(Request request, Parameters parameters)	Get the authentication context
protected CredentialProvider	_getCredentialProviderFromSession(Request request)	Get the credential provider used for the current connection
protected Boolean	_getCredentialProviderModeFromSession(Request request)	Get the credential provider mode used for the current connection
protected UserIdentity	_getUserIdentityFromSession(Request request)	Get the user identity of the connected user from the session
protected Optional<String>	_getWeakPasswordURI(Request request, UserIdentity userIdentity)	Get the URI where the user should be redirected after a weak password is detected
protected boolean	_handleLogout(Redirector redirector, Map objectModel, String source, Parameters parameters)	Test if user wants to logout and handle it
protected void	_setUserIdentityInSession(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean blockingMode)	Save user identity in request
protected UserIdentity	_validateToken(String token, String context)	Validate the given token
static CredentialProvider	getCredentialProviderFromSession(Request request)	Get the credential provider used for the current connection
static CredentialProvider	getCredentialProviderFromSession(Request request, String siteName)	Get the credential provider used for the current connection
static Boolean	getCredentialProviderModeFromSession(Request request)	Get the credential provider mode used for the current connection
static Boolean	getCredentialProviderModeFromSession(Request request, String siteName)	Get the credential provider mode used for the current connection
protected String	getLoginURL(Request request)	Get the url for the redirector to display the login screen
protected String	getLogoutURL(Request request)	Get the url for the redirector to display the logout screen
static UserIdentity	getUserIdentityFromSession(Request request)	Get the user identity of the connected user from the session
static UserIdentity	getUserIdentityFromSession(Request request, String siteName)	Get the user identity of the connected user from the session
static void	setUserIdentityInSession(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean blockingMode)	Save user identity in request

Methods inherited from class org.ametys.core.authentication.AuthenticateAction

_doProcess, _getAvailableUserPopulationsIds, _getChosenUserPopulationId, _getCurrentCredentialProviderIndex, _getCurrentCredentialProviderIndexFromParameter, _getTokenFromRequest, _getUserIdentity, _handleAuthenticationToken, _handleWeakPassword, _hasCredentialProviders, _internalRequest, _isCurrentCredentialProviderInBlockingMode, _logLoginEvent, _logLogoutEvent, _preFlightCheck, _prepareUserPopulationsAndCredentialProviders, _process, _resetConnectingStateToSession, _saveConnectingStateToSession, _validateCurrentlyConnectedUser, _validateCurrentlyConnectedUserIsInAuthorizedPopulation, act, getLoginURLParameters, initialize, renewSession, skipCurrentCredentialProvider

Methods inherited from class org.apache.cocoon.acting.ServiceableAction

service

Methods inherited from class org.apache.avalon.framework.logger.AbstractLogEnabled

enableLogging, getLogger, setupLogger, setupLogger, setupLogger

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

_acceptedSiteUrlPatterns

protected Collection<Pattern> _acceptedSiteUrlPatterns

url requires for authentication

Constructor Details

FrontAuthenticateAction

public FrontAuthenticateAction()

Method Details

_acceptedUrl

protected boolean _acceptedUrl(Request request)

Description copied from class: AuthenticateAction

Determine if the request is one of the authentication process (except the credential providers)

Overrides:

_acceptedUrl in class AuthenticateAction

Parameters:

request - The request

Returns:

true to bypass this authentication

_setUserIdentityInSession

protected void _setUserIdentityInSession(Request request,
 UserIdentity userIdentity,
 CredentialProvider credentialProvider,
 boolean blockingMode)

Description copied from class: AuthenticateAction

Save user identity in request

Overrides:

_setUserIdentityInSession in class AuthenticateAction

Parameters:

request - The request

userIdentity - The useridentity to save

credentialProvider - The credential provider used to connect

blockingMode - The mode used for the credential provider

setUserIdentityInSession

public static void setUserIdentityInSession(Request request,
 UserIdentity userIdentity,
 CredentialProvider credentialProvider,
 boolean blockingMode)

Save user identity in request

Parameters:

request - The request

userIdentity - The useridentity to save

credentialProvider - The credential provider used to connect

blockingMode - The mode used for the credential provider

_getUserIdentityFromSession

protected UserIdentity _getUserIdentityFromSession(Request request)

Description copied from class: AuthenticateAction

Get the user identity of the connected user from the session

Overrides:

_getUserIdentityFromSession in class AuthenticateAction

Parameters:

request - The request

Returns:

The connected useridentity or null

_getWeakPasswordURI

protected Optional<String> _getWeakPasswordURI(Request request,
 UserIdentity userIdentity)

Description copied from class: AuthenticateAction

Get the URI where the user should be redirected after a weak password is detected

Overrides:

_getWeakPasswordURI in class AuthenticateAction

Parameters:

request - the current request

userIdentity - the user identity with a weak password

Returns:

the absolute uri

getUserIdentityFromSession

public static UserIdentity getUserIdentityFromSession(Request request)

Get the user identity of the connected user from the session

Parameters:

request - The request

Returns:

The connected useridentity or null

getUserIdentityFromSession

public static UserIdentity getUserIdentityFromSession(Request request,
 String siteName)

Get the user identity of the connected user from the session

Parameters:

request - The request

siteName - The current site name

Returns:

The connected useridentity or null

_getCredentialProviderFromSession

protected CredentialProvider _getCredentialProviderFromSession(Request request)

Description copied from class: AuthenticateAction

Get the credential provider used for the current connection

Overrides:

_getCredentialProviderFromSession in class AuthenticateAction

Parameters:

request - The request

Returns:

The credential provider used or null

getCredentialProviderFromSession

public static CredentialProvider getCredentialProviderFromSession(Request request)

Get the credential provider used for the current connection

Parameters:

request - The request

Returns:

The credential provider used or null

getCredentialProviderFromSession

public static CredentialProvider getCredentialProviderFromSession(Request request,
 String siteName)

Get the credential provider used for the current connection

Parameters:

request - The request

siteName - The current site name

Returns:

The credential provider used or null

_getCredentialProviderModeFromSession

protected Boolean _getCredentialProviderModeFromSession(Request request)

Description copied from class: AuthenticateAction

Get the credential provider mode used for the current connection

Overrides:

_getCredentialProviderModeFromSession in class AuthenticateAction

Parameters:

request - The request

Returns:

The credential provider mode used or null

getCredentialProviderModeFromSession

public static Boolean getCredentialProviderModeFromSession(Request request)

Get the credential provider mode used for the current connection

Parameters:

request - The request

Returns:

The credential provider mode used or null

getCredentialProviderModeFromSession

public static Boolean getCredentialProviderModeFromSession(Request request,
 String siteName)

Get the credential provider mode used for the current connection

Parameters:

request - The request

siteName - The current site name

Returns:

The credential provider mode used or null

_getContexts

protected List<String> _getContexts(Request request,
 Parameters parameters)

Description copied from class: AuthenticateAction

Get the authentication context

Overrides:

_getContexts in class AuthenticateAction

Parameters:

request - The request

parameters - The action parameters

Returns:

The context

getLoginURL

protected String getLoginURL(Request request)

Description copied from class: AuthenticateAction

Get the url for the redirector to display the login screen

Overrides:

getLoginURL in class AuthenticateAction

Parameters:

request - The request

Returns:

The url. Cannot be null or empty

getLogoutURL

protected String getLogoutURL(Request request)

Description copied from class: AuthenticateAction

Get the url for the redirector to display the logout screen

Overrides:

getLogoutURL in class AuthenticateAction

Parameters:

request - The request

Returns:

The url. Cannot be null or empty

_handleLogout

protected boolean _handleLogout(Redirector redirector,
 Map objectModel,
 String source,
 Parameters parameters)
                         throws Exception

Description copied from class: AuthenticateAction

Test if user wants to logout and handle it

Overrides:

_handleLogout in class AuthenticateAction

Parameters:

redirector - The cocoon redirector

objectModel - The cocoon object model

source - The sitemap source

parameters - The sitemap parameters

Returns:

true if the user was logged out

Throws:

Exception - if an error occurred

_validateToken

protected UserIdentity _validateToken(String token,
 String context)

Description copied from class: AuthenticateAction

Validate the given token

Overrides:

_validateToken in class AuthenticateAction

Parameters:

token - The non empty token to validate

context - the context on which the token should be validated

Returns:

The corresponding user identity or null