com.caucho.security

Class FormLogin

java.lang.Object

com.caucho.security.AbstractLogin

com.caucho.security.FormLogin

All Implemented Interfaces:

Login

Direct Known Subclasses:

FormLogin

@Service
public class FormLogin
extends AbstractLogin

Used to authenticate users in a servlet request. Applications will implement the Authenticator interface with a bean for authentication.

Since:

Resin 2.0.2

Field Summary

Fields

Modifier and Type	Field and Description
protected java.lang.String	_errorPage
protected boolean	_formURIPriority
protected boolean	_internalForward
protected java.lang.String	_loginPage
static java.lang.String	LOGIN_CHECK
static java.lang.String	LOGIN_SAVED_PATH
static java.lang.String	LOGIN_SAVED_QUERY

Fields inherited from class com.caucho.security.AbstractLogin

_auth, _singleSignon

Fields inherited from interface com.caucho.security.Login

LOGIN_PASSWORD, LOGIN_USER, LOGIN_USER_NAME

Constructor Summary

Constructors

Constructor and Description
FormLogin()

Method Summary

Modifier and Type	Method and Description
java.lang.String	getAuthType() Returns the authentication type.
java.lang.String	getFormErrorPage() Gets the error page.
java.lang.String	getFormLoginPage() Gets the login page.
boolean	getFormURIPriority() Returns true if the form's j_uri has priority over the saved URL.
boolean	getInternalForward() Returns true if a successful login allows an internal forward instead of a redirect.
java.security.Principal	getUserPrincipalImpl(HttpServletRequest request) Logs a user in with a user name and a password.
void	init() Initialize
boolean	isLoginUsedForRequest(HttpServletRequest request) Returns true if the request has a matching login.
protected boolean	isSavedUserValid(HttpServletRequest request, java.security.Principal savedUser) Returns true if a new login overrides the saved user
void	loginChallenge(HttpServletRequest request, HttpServletResponse response) Logs a user in with a user name and a password.
void	loginSuccessResponse(java.security.Principal user, HttpServletRequest request, HttpServletResponse response) Updates after a successful login
void	setErrorPage(java.lang.String errorPage)
void	setFormErrorPage(java.lang.String formErrorPage) Sets the error page.
void	setFormLoginPage(java.lang.String formLoginPage) Sets the login page.
void	setFormURIPriority(boolean formPriority) True if the form's j_uri has priority over the saved URL.
void	setInternalForward(boolean internalForward) Set true if a successful login allows an internal forward instead of a redirect.
void	setLoginPage(java.lang.String loginPage)

Methods inherited from class com.caucho.security.AbstractLogin

findSavedUser, getAuthenticator, getLoginPrincipalImpl, getSingleSignon, getUserPrincipal, isLogoutOnSessionTimeout, isPasswordBased, isSessionSaveLogin, isUserInRole, login, login, logout, logoutImpl, saveUser, sessionInvalidate, setAuthenticator, setLogoutOnSessionTimeout, setSessionSaveLogin, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

LOGIN_CHECK

public static final java.lang.String LOGIN_CHECK

See Also:

Constant Field Values

LOGIN_SAVED_PATH

public static final java.lang.String LOGIN_SAVED_PATH

See Also:

Constant Field Values

LOGIN_SAVED_QUERY

public static final java.lang.String LOGIN_SAVED_QUERY

See Also:

Constant Field Values

_loginPage

protected java.lang.String _loginPage

_errorPage

protected java.lang.String _errorPage

_internalForward

protected boolean _internalForward

_formURIPriority

protected boolean _formURIPriority

Constructor Detail

FormLogin

public FormLogin()

Method Detail

setFormLoginPage

public void setFormLoginPage(java.lang.String formLoginPage)
                      throws ConfigException

Sets the login page.

Throws:

ConfigException

setLoginPage

public void setLoginPage(java.lang.String loginPage)

getFormLoginPage

public java.lang.String getFormLoginPage()

Gets the login page.

setFormErrorPage

public void setFormErrorPage(java.lang.String formErrorPage)
                      throws ConfigException

Sets the error page.

Throws:

ConfigException

setErrorPage

public void setErrorPage(java.lang.String errorPage)

getFormErrorPage

public java.lang.String getFormErrorPage()

Gets the error page.

getInternalForward

public boolean getInternalForward()

Returns true if a successful login allows an internal forward instead of a redirect.

setInternalForward

public void setInternalForward(boolean internalForward)

Set true if a successful login allows an internal forward instead of a redirect.

getFormURIPriority

public boolean getFormURIPriority()

Returns true if the form's j_uri has priority over the saved URL.

setFormURIPriority

public void setFormURIPriority(boolean formPriority)

True if the form's j_uri has priority over the saved URL.

init

@PostConstruct
public void init()
                         throws ServletException

Initialize

Overrides:

init in class AbstractLogin

Throws:

ServletException

getAuthType

public java.lang.String getAuthType()

Returns the authentication type.

Specified by:

getAuthType in interface Login

Overrides:

getAuthType in class AbstractLogin

isLoginUsedForRequest

public boolean isLoginUsedForRequest(HttpServletRequest request)

Returns true if the request has a matching login.

Specified by:

isLoginUsedForRequest in interface Login

Overrides:

isLoginUsedForRequest in class AbstractLogin

getUserPrincipalImpl

public java.security.Principal getUserPrincipalImpl(HttpServletRequest request)

Logs a user in with a user name and a password.

Overrides:

getUserPrincipalImpl in class AbstractLogin

Parameters:

request - servlet request

Returns:

the logged in principal on success, null on failure.

isSavedUserValid

protected boolean isSavedUserValid(HttpServletRequest request,
                                   java.security.Principal savedUser)

Returns true if a new login overrides the saved user

Overrides:

isSavedUserValid in class AbstractLogin

loginSuccessResponse

public void loginSuccessResponse(java.security.Principal user,
                                 HttpServletRequest request,
                                 HttpServletResponse response)
                          throws ServletException,
                                 java.io.IOException

Updates after a successful login

Overrides:

loginSuccessResponse in class AbstractLogin

Parameters:

request - servlet request

response - servlet response, in case any cookie need sending.

Throws:

ServletException

java.io.IOException

loginChallenge

public void loginChallenge(HttpServletRequest request,
                           HttpServletResponse response)
                    throws ServletException,
                           java.io.IOException

Logs a user in with a user name and a password.

Overrides:

loginChallenge in class AbstractLogin

Parameters:

request - servlet request

response - servlet response, in case any cookie need sending.

application - servlet application

Throws:

ServletException

java.io.IOException