com.caucho.security
Class FormLogin

java.lang.Object
  extended by com.caucho.security.AbstractLogin
      extended by com.caucho.security.FormLogin
All Implemented Interfaces:
Login
Direct Known Subclasses:
FormLogin

@Service
public class FormLogin
extends AbstractLogin

Used to authenticate users in a servlet request. Applications will implement the Authenticator interface with a bean for authentication.

Since:
Resin 2.0.2

Field Summary
protected  java.lang.String _errorPage
           
protected  boolean _formURIPriority
           
protected  boolean _internalForward
           
protected  java.lang.String _loginPage
           
static java.lang.String LOGIN_CHECK
           
static java.lang.String LOGIN_SAVED_PATH
           
static java.lang.String LOGIN_SAVED_QUERY
           
 
Fields inherited from class com.caucho.security.AbstractLogin
_auth, _singleSignon, log
 
Fields inherited from interface com.caucho.security.Login
LOGIN_PASSWORD, LOGIN_USER_NAME, LOGIN_USER_PRINCIPAL
 
Constructor Summary
FormLogin()
           
 
Method Summary
 java.lang.String getAuthType()
          Returns the authentication type.
 java.lang.String getFormErrorPage()
          Gets the error page.
 java.lang.String getFormLoginPage()
          Gets the login page.
 boolean getFormURIPriority()
          Returns true if the form's j_uri has priority over the saved URL.
 boolean getInternalForward()
          Returns true if a successful login allows an internal forward instead of a redirect.
 java.security.Principal getUserPrincipalImpl(HttpServletRequest request)
          Logs a user in with a user name and a password.
 void init()
          Initialize
 boolean isLoginUsedForRequest(HttpServletRequest request)
          Returns true if the request has a matching login.
protected  boolean isSavedUserValid(HttpServletRequest request, java.security.Principal savedUser)
          Returns true if a new login overrides the saved user
 void loginChallenge(HttpServletRequest request, HttpServletResponse response)
          Logs a user in with a user name and a password.
 void loginSuccessResponse(java.security.Principal user, HttpServletRequest request, HttpServletResponse response)
          Updates after a successful login
 void setErrorPage(java.lang.String errorPage)
           
 void setFormErrorPage(java.lang.String formErrorPage)
          Sets the error page.
 void setFormLoginPage(java.lang.String formLoginPage)
          Sets the login page.
 void setFormURIPriority(boolean formPriority)
          True if the form's j_uri has priority over the saved URL.
 void setInternalForward(boolean internalForward)
          Set true if a successful login allows an internal forward instead of a redirect.
 void setLoginPage(java.lang.String loginPage)
           
 
Methods inherited from class com.caucho.security.AbstractLogin
findSavedUser, getAuthenticator, getLoginPrincipalImpl, getSingleSignon, getUserPrincipal, isLogoutOnSessionTimeout, isPasswordBased, isSessionSaveLogin, isUserInRole, login, login, logout, logoutImpl, saveUser, sessionInvalidate, setAuthenticator, setLogoutOnSessionTimeout, setSessionSaveLogin, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

LOGIN_CHECK

public static final java.lang.String LOGIN_CHECK
See Also:
Constant Field Values

LOGIN_SAVED_PATH

public static final java.lang.String LOGIN_SAVED_PATH
See Also:
Constant Field Values

LOGIN_SAVED_QUERY

public static final java.lang.String LOGIN_SAVED_QUERY
See Also:
Constant Field Values

_loginPage

protected java.lang.String _loginPage

_errorPage

protected java.lang.String _errorPage

_internalForward

protected boolean _internalForward

_formURIPriority

protected boolean _formURIPriority
Constructor Detail

FormLogin

public FormLogin()
Method Detail

setFormLoginPage

public void setFormLoginPage(java.lang.String formLoginPage)
                      throws ConfigException
Sets the login page.

Throws:
ConfigException

setLoginPage

public void setLoginPage(java.lang.String loginPage)

getFormLoginPage

public java.lang.String getFormLoginPage()
Gets the login page.


setFormErrorPage

public void setFormErrorPage(java.lang.String formErrorPage)
                      throws ConfigException
Sets the error page.

Throws:
ConfigException

setErrorPage

public void setErrorPage(java.lang.String errorPage)

getFormErrorPage

public java.lang.String getFormErrorPage()
Gets the error page.


getInternalForward

public boolean getInternalForward()
Returns true if a successful login allows an internal forward instead of a redirect.


setInternalForward

public void setInternalForward(boolean internalForward)
Set true if a successful login allows an internal forward instead of a redirect.


getFormURIPriority

public boolean getFormURIPriority()
Returns true if the form's j_uri has priority over the saved URL.


setFormURIPriority

public void setFormURIPriority(boolean formPriority)
True if the form's j_uri has priority over the saved URL.


init

@PostConstruct
public void init()
          throws ServletException
Initialize

Overrides:
init in class AbstractLogin
Throws:
ServletException

getAuthType

public java.lang.String getAuthType()
Returns the authentication type.

Specified by:
getAuthType in interface Login
Overrides:
getAuthType in class AbstractLogin

isLoginUsedForRequest

public boolean isLoginUsedForRequest(HttpServletRequest request)
Returns true if the request has a matching login.

Specified by:
isLoginUsedForRequest in interface Login
Overrides:
isLoginUsedForRequest in class AbstractLogin

getUserPrincipalImpl

public java.security.Principal getUserPrincipalImpl(HttpServletRequest request)
Logs a user in with a user name and a password.

Overrides:
getUserPrincipalImpl in class AbstractLogin
Parameters:
request - servlet request
Returns:
the logged in principal on success, null on failure.

isSavedUserValid

protected boolean isSavedUserValid(HttpServletRequest request,
                                   java.security.Principal savedUser)
Returns true if a new login overrides the saved user

Overrides:
isSavedUserValid in class AbstractLogin

loginSuccessResponse

public void loginSuccessResponse(java.security.Principal user,
                                 HttpServletRequest request,
                                 HttpServletResponse response)
                          throws ServletException,
                                 java.io.IOException
Updates after a successful login

Overrides:
loginSuccessResponse in class AbstractLogin
Parameters:
request - servlet request
response - servlet response, in case any cookie need sending.
Throws:
ServletException
java.io.IOException

loginChallenge

public void loginChallenge(HttpServletRequest request,
                           HttpServletResponse response)
                    throws ServletException,
                           java.io.IOException
Logs a user in with a user name and a password.

Overrides:
loginChallenge in class AbstractLogin
Parameters:
request - servlet request
response - servlet response, in case any cookie need sending.
application - servlet application
Throws:
ServletException
java.io.IOException