public interface Login
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
LOGIN_PASSWORD |
static java.lang.String |
LOGIN_USER |
static java.lang.String |
LOGIN_USER_NAME |
Modifier and Type | Method and Description |
---|---|
Authenticator |
getAuthenticator()
Returns the configured authenticator
|
java.lang.String |
getAuthType()
Returns the authentication type.
|
java.security.Principal |
getUserPrincipal(HttpServletRequest request)
Returns the Principal associated with the current request.
|
boolean |
isLoginUsedForRequest(HttpServletRequest request)
Returns true if the login can be used for this request.
|
boolean |
isPasswordBased()
Returns true if username and password based authentication is supported.
|
boolean |
isUserInRole(java.security.Principal user,
java.lang.String role)
Returns true if the current user plays the named role.
|
java.security.Principal |
login(HttpServletRequest request,
HttpServletResponse response,
boolean isFail)
Logs a user in.
|
void |
logout(java.security.Principal user,
HttpServletRequest request,
HttpServletResponse response)
Logs the user out from the given request.
|
void |
sessionInvalidate(HttpSession session,
boolean isTimeout)
Called when the session invalidates.
|
static final java.lang.String LOGIN_USER_NAME
static final java.lang.String LOGIN_USER
static final java.lang.String LOGIN_PASSWORD
java.lang.String getAuthType()
getAuthType
is called
by HttpServletRequest.getAuthType
.Authenticator getAuthenticator()
boolean isLoginUsedForRequest(HttpServletRequest request)
java.security.Principal getUserPrincipal(HttpServletRequest request)
request
- servlet requestjava.security.Principal login(HttpServletRequest request, HttpServletResponse response, boolean isFail)
authenticate
sets the reponse error page and returns null.request
- servlet requestresponse
- servlet response for a failed authentication.isFail
- true if the authorization has failedboolean isPasswordBased()
BasicLogin
boolean isUserInRole(java.security.Principal user, java.lang.String role)
isUserInRole
is called in response to the
HttpServletRequest.isUserInRole
call.user
- the logged in userrole
- the role to checkvoid logout(java.security.Principal user, HttpServletRequest request, HttpServletResponse response)
Since there is no servlet API for logout, this must be called directly from user code. Resin stores the web-app's login object in the ServletContext attribute "caucho.login".
void sessionInvalidate(HttpSession session, boolean isTimeout)