com.ecyrd.jspwiki.auth.login
Class CookieAssertionLoginModule

java.lang.Object
  extended by com.ecyrd.jspwiki.auth.login.AbstractLoginModule
      extended by com.ecyrd.jspwiki.auth.login.CookieAssertionLoginModule
All Implemented Interfaces:
LoginModule

public class CookieAssertionLoginModule
extends AbstractLoginModule

Logs in a user based on assertion of a name supplied in a cookie. If the cookie is not found, authentication fails.

This module must be used with a CallbackHandler (such as WebContainerCallbackHandler) that supports the following Callback types:

  1. HttpRequestCallback- supplies the cookie, which should contain a user name.

After authentication, a generic WikiPrincipal based on the username will be created and associated with the Subject. Principals Role.ALL and Role.ASSERTED will be added.

Since:
2.3
Version:
$Revision: 1.5 $ $Date: 2005/11/08 18:27:51 $
Author:
Andrew Jaquith
See Also:


Field Summary
protected static org.apache.log4j.Logger log
           
static String PREFS_COOKIE_NAME
          The name of the cookie that gets stored to the user browser.
static String PROMPT
           
 
Fields inherited from class com.ecyrd.jspwiki.auth.login.AbstractLoginModule
m_handler, m_options, m_previousWikiPrincipals, m_principals, m_principalsToOverwrite, m_principalsToRemove, m_state, m_subject, NULL
 
Constructor Summary
CookieAssertionLoginModule()
           
 
Method Summary
static void clearUserCookie(javax.servlet.http.HttpServletResponse response)
           
static String getUserCookie(javax.servlet.http.HttpServletRequest request)
          Returns the username cookie value.
 boolean login()
          Logs in the user by calling back to the registered CallbackHandler with an HttpRequestCallback.
static void setUserCookie(javax.servlet.http.HttpServletResponse response, String name)
          Sets the username cookie.
 
Methods inherited from class com.ecyrd.jspwiki.auth.login.AbstractLoginModule
abort, commit, initialize, logout
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

PREFS_COOKIE_NAME

public static final String PREFS_COOKIE_NAME
The name of the cookie that gets stored to the user browser.

See Also:
Constant Field Values

PROMPT

public static final String PROMPT
See Also:
Constant Field Values

log

protected static org.apache.log4j.Logger log
Constructor Detail

CookieAssertionLoginModule

public CookieAssertionLoginModule()
Method Detail

login

public boolean login()
              throws LoginException
Logs in the user by calling back to the registered CallbackHandler with an HttpRequestCallback. The CallbackHandler must supply the current servlet HTTP request as its response.

Specified by:
login in interface LoginModule
Specified by:
login in class AbstractLoginModule
Returns:
the result of the login; if the subject Principal set already possesses Role.AUTHENTICATED, always returns false to indicate that this module should be ignored. Otherwise, if a cookie is found, this method returns true. If not found, this method throws a FailedLoginException.
Throws:
LoginException - if the authentication fails
See Also:
LoginModule.login()

getUserCookie

public static String getUserCookie(javax.servlet.http.HttpServletRequest request)
Returns the username cookie value.

Parameters:
request -
Returns:
the username, as retrieved from the cookie

setUserCookie

public static void setUserCookie(javax.servlet.http.HttpServletResponse response,
                                 String name)
Sets the username cookie.


clearUserCookie

public static void clearUserCookie(javax.servlet.http.HttpServletResponse response)