|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.AggregateLifeCycle
org.eclipse.jetty.server.handler.AbstractHandler
org.eclipse.jetty.server.handler.AbstractHandlerContainer
org.eclipse.jetty.server.handler.HandlerWrapper
org.eclipse.jetty.security.SecurityHandler
public abstract class SecurityHandler
Abstract SecurityHandler.
Select and apply an Authenticator to a request.
The Authenticator may either be directly set on the handler
or will be create during AbstractLifeCycle.start() with a call to
either the default or set AuthenticatorFactory.
SecurityHandler has a set of initparameters that are used by the Authentication.Configuration. At startup, any context init parameters that start with "org.eclipse.jetty.security." that do not have values in the SecurityHandler init parameters, are copied.
| Nested Class Summary | |
|---|---|
class |
SecurityHandler.NotChecked
|
| Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle |
|---|
AbstractLifeCycle.AbstractLifeCycleListener |
| Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle |
|---|
LifeCycle.Listener |
| Field Summary | |
|---|---|
static Principal |
__NO_USER
|
static Principal |
__NOBODY
Nobody user. |
| Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper |
|---|
_handler |
| Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle |
|---|
_listeners, FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING |
| Constructor Summary | |
|---|---|
protected |
SecurityHandler()
|
| Method Summary | |
|---|---|
protected boolean |
checkSecurity(Request request)
|
protected abstract boolean |
checkUserDataPermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo)
|
protected abstract boolean |
checkWebResourcePermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo,
UserIdentity userIdentity)
|
protected void |
doStart()
|
protected void |
doStop()
|
protected IdentityService |
findIdentityService()
|
protected LoginService |
findLoginService()
|
Authenticator |
getAuthenticator()
|
Authenticator.Factory |
getAuthenticatorFactory()
|
String |
getAuthMethod()
|
static SecurityHandler |
getCurrentSecurityHandler()
|
IdentityService |
getIdentityService()
Get the identityService. |
String |
getInitParameter(String key)
Get a SecurityHandler init parameter |
Set<String> |
getInitParameterNames()
Get a SecurityHandler init parameter names |
LoginService |
getLoginService()
Get the loginService. |
String |
getRealmName()
|
void |
handle(String pathInContext,
Request baseRequest,
HttpServletRequest request,
HttpServletResponse response)
Handle a request. |
protected abstract boolean |
isAuthMandatory(Request baseRequest,
Response base_response,
Object constraintInfo)
|
boolean |
isCheckWelcomeFiles()
|
boolean |
isSessionRenewedOnAuthentication()
|
void |
logout(Authentication.User user)
|
protected abstract Object |
prepareConstraintInfo(String pathInContext,
Request request)
|
void |
setAuthenticator(Authenticator authenticator)
Set the authenticator. |
void |
setAuthenticatorFactory(Authenticator.Factory authenticatorFactory)
|
void |
setAuthMethod(String authMethod)
|
void |
setCheckWelcomeFiles(boolean authenticateWelcomeFiles)
|
void |
setIdentityService(IdentityService identityService)
Set the identityService. |
String |
setInitParameter(String key,
String value)
Set an initialization parameter. |
void |
setLoginService(LoginService loginService)
Set the loginService. |
void |
setRealmName(String realmName)
|
void |
setSessionRenewedOnAuthentication(boolean renew)
Set renew the session on Authentication. |
| Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper |
|---|
destroy, expandChildren, getHandler, getHandlers, getNestedHandlerByClass, setHandler, setServer |
| Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer |
|---|
dump, expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass |
| Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler |
|---|
dumpThis, getServer |
| Methods inherited from class org.eclipse.jetty.util.component.AggregateLifeCycle |
|---|
addBean, dump, dump, dump, dump, dumpStdErr, getBean, getBeans, getBeans, removeBean, removeBeans |
| Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle |
|---|
addLifeCycleListener, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
| Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle |
|---|
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop |
| Field Detail |
|---|
public static Principal __NO_USER
public static Principal __NOBODY
| Constructor Detail |
|---|
protected SecurityHandler()
| Method Detail |
|---|
public IdentityService getIdentityService()
getIdentityService in interface Authenticator.AuthConfigurationpublic void setIdentityService(IdentityService identityService)
identityService - the identityService to setpublic LoginService getLoginService()
getLoginService in interface Authenticator.AuthConfigurationpublic void setLoginService(LoginService loginService)
loginService - the loginService to setpublic Authenticator getAuthenticator()
public void setAuthenticator(Authenticator authenticator)
authenticator -
IllegalStateException - if the SecurityHandler is runningpublic Authenticator.Factory getAuthenticatorFactory()
public void setAuthenticatorFactory(Authenticator.Factory authenticatorFactory)
authenticatorFactory - the authenticatorFactory to set
IllegalStateException - if the SecurityHandler is runningpublic String getRealmName()
getRealmName in interface Authenticator.AuthConfigurationpublic void setRealmName(String realmName)
realmName - the realmName to set
IllegalStateException - if the SecurityHandler is runningpublic String getAuthMethod()
getAuthMethod in interface Authenticator.AuthConfigurationpublic void setAuthMethod(String authMethod)
authMethod - the authMethod to set
IllegalStateException - if the SecurityHandler is runningpublic boolean isCheckWelcomeFiles()
public void setCheckWelcomeFiles(boolean authenticateWelcomeFiles)
authenticateWelcomeFiles - True if forwards to welcome files are
authenticated
IllegalStateException - if the SecurityHandler is runningpublic String getInitParameter(String key)
Authenticator.AuthConfiguration
getInitParameter in interface Authenticator.AuthConfigurationkey - parameter name
getInitParameter(String)public Set<String> getInitParameterNames()
Authenticator.AuthConfiguration
getInitParameterNames in interface Authenticator.AuthConfigurationgetInitParameterNames()
public String setInitParameter(String key,
String value)
key - value -
IllegalStateException - if the SecurityHandler is runningprotected LoginService findLoginService()
protected IdentityService findIdentityService()
protected void doStart()
throws Exception
doStart in class HandlerWrapperException
protected void doStop()
throws Exception
doStop in class HandlerWrapperExceptionHandlerWrapper.doStop()protected boolean checkSecurity(Request request)
public boolean isSessionRenewedOnAuthentication()
isSessionRenewedOnAuthentication in interface Authenticator.AuthConfigurationAuthenticator.AuthConfiguration.isSessionRenewedOnAuthentication()public void setSessionRenewedOnAuthentication(boolean renew)
If set to true, then on authentication, the session associated with a reqeuest is invalidated and replaced with a new session.
Authenticator.AuthConfiguration.isSessionRenewedOnAuthentication()
public void handle(String pathInContext,
Request baseRequest,
HttpServletRequest request,
HttpServletResponse response)
throws IOException,
ServletException
Handler
handle in interface Handlerhandle in class HandlerWrapperpathInContext - The target of the request - either a URI or a name.baseRequest - The original unwrapped request object.request - The request either as the Request
object or a wrapper of that request. The HttpConnection.getCurrentConnection()
method can be used access the Request object if required.response - The response as the Response
object or a wrapper of that request. The HttpConnection.getCurrentConnection()
method can be used access the Response object if required.
IOException
ServletExceptionpublic static SecurityHandler getCurrentSecurityHandler()
public void logout(Authentication.User user)
protected abstract Object prepareConstraintInfo(String pathInContext,
Request request)
protected abstract boolean checkUserDataPermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo)
throws IOException
IOException
protected abstract boolean isAuthMandatory(Request baseRequest,
Response base_response,
Object constraintInfo)
protected abstract boolean checkWebResourcePermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo,
UserIdentity userIdentity)
throws IOException
IOException
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||