Class SecurityHandler

    • Field Detail

      • __NO_USER

        public static final java.security.Principal __NO_USER
      • __NOBODY

        public static final java.security.Principal __NOBODY
        Nobody user. The Nobody UserPrincipal is used to indicate a partial state of authentication. A request with a Nobody UserPrincipal will be allowed past all authentication constraints - but will not be considered an authenticated request. It can be used by Authenticators such as FormAuthenticator to allow access to logon and error pages within an authenticated URI tree.
    • Constructor Detail

      • SecurityHandler

        protected SecurityHandler()
    • Method Detail

      • setIdentityService

        public void setIdentityService​(IdentityService identityService)
        Set the identityService.
        Parameters:
        identityService - the identityService to set
      • setLoginService

        public void setLoginService​(LoginService loginService)
        Set the loginService.
        Parameters:
        loginService - the loginService to set
      • setAuthenticator

        public void setAuthenticator​(Authenticator authenticator)
        Set the authenticator.
        Parameters:
        authenticator - the authenticator
        Throws:
        java.lang.IllegalStateException - if the SecurityHandler is running
      • getAuthenticatorFactory

        public Authenticator.Factory getAuthenticatorFactory()
        Returns:
        the authenticatorFactory
      • setAuthenticatorFactory

        public void setAuthenticatorFactory​(Authenticator.Factory authenticatorFactory)
        Parameters:
        authenticatorFactory - the authenticatorFactory to set
        Throws:
        java.lang.IllegalStateException - if the SecurityHandler is running
      • setRealmName

        public void setRealmName​(java.lang.String realmName)
        Parameters:
        realmName - the realmName to set
        Throws:
        java.lang.IllegalStateException - if the SecurityHandler is running
      • setAuthMethod

        public void setAuthMethod​(java.lang.String authMethod)
        Parameters:
        authMethod - the authMethod to set
        Throws:
        java.lang.IllegalStateException - if the SecurityHandler is running
      • isCheckWelcomeFiles

        public boolean isCheckWelcomeFiles()
        Returns:
        True if forwards to welcome files are authenticated
      • setCheckWelcomeFiles

        public void setCheckWelcomeFiles​(boolean authenticateWelcomeFiles)
        Parameters:
        authenticateWelcomeFiles - True if forwards to welcome files are authenticated
        Throws:
        java.lang.IllegalStateException - if the SecurityHandler is running
      • setInitParameter

        public java.lang.String setInitParameter​(java.lang.String key,
                                                 java.lang.String value)
        Set an initialization parameter.
        Parameters:
        key - the init key
        value - the init value
        Returns:
        previous value
        Throws:
        java.lang.IllegalStateException - if the SecurityHandler is running
      • findLoginService

        protected LoginService findLoginService()
                                         throws java.lang.Exception
        Throws:
        java.lang.Exception
      • doStart

        protected void doStart()
                        throws java.lang.Exception
        Description copied from class: ContainerLifeCycle
        Starts the managed lifecycle beans in the order they were added.
        Overrides:
        doStart in class AbstractHandler
        Throws:
        java.lang.Exception
      • doStop

        protected void doStop()
                       throws java.lang.Exception
        Description copied from class: ContainerLifeCycle
        Stops the managed lifecycle beans in the reverse order they were added.
        Overrides:
        doStop in class AbstractHandler
        Throws:
        java.lang.Exception
      • checkSecurity

        protected boolean checkSecurity​(Request request)
      • setSessionRenewedOnAuthentication

        public void setSessionRenewedOnAuthentication​(boolean renew)
        Set renew the session on Authentication.

        If set to true, then on authentication, the session associated with a reqeuest is invalidated and replaced with a new session.

        Parameters:
        renew - true to renew the authentication on session
        See Also:
        Authenticator.AuthConfiguration.isSessionRenewedOnAuthentication()
      • handle

        public void handle​(java.lang.String pathInContext,
                           Request baseRequest,
                           javax.servlet.http.HttpServletRequest request,
                           javax.servlet.http.HttpServletResponse response)
                    throws java.io.IOException,
                           javax.servlet.ServletException
        Description copied from interface: Handler
        Handle a request.
        Specified by:
        handle in interface Handler
        Overrides:
        handle in class HandlerWrapper
        Parameters:
        pathInContext - The target of the request - either a URI or a name.
        baseRequest - The original unwrapped request object.
        request - The request either as the Request object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getRequest() method can be used access the Request object if required.
        response - The response as the Response object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getResponse() method can be used access the Response object if required.
        Throws:
        java.io.IOException - if unable to handle the request or response processing
        javax.servlet.ServletException - if unable to handle the request or response due to underlying servlet issue
      • getCurrentSecurityHandler

        public static SecurityHandler getCurrentSecurityHandler()
      • prepareConstraintInfo

        protected abstract RoleInfo prepareConstraintInfo​(java.lang.String pathInContext,
                                                          Request request)
      • checkUserDataPermissions

        protected abstract boolean checkUserDataPermissions​(java.lang.String pathInContext,
                                                            Request request,
                                                            Response response,
                                                            RoleInfo constraintInfo)
                                                     throws java.io.IOException
        Throws:
        java.io.IOException
      • isAuthMandatory

        protected abstract boolean isAuthMandatory​(Request baseRequest,
                                                   Response baseResponse,
                                                   java.lang.Object constraintInfo)
      • checkWebResourcePermissions

        protected abstract boolean checkWebResourcePermissions​(java.lang.String pathInContext,
                                                               Request request,
                                                               Response response,
                                                               java.lang.Object constraintInfo,
                                                               UserIdentity userIdentity)
                                                        throws java.io.IOException
        Throws:
        java.io.IOException