AuthenticationHandler (Apache Shindig Common Code 2012-2.8.0-COIN API)

All Known Implementing Classes:

AnonymousAuthenticationHandler, UrlParameterAuthenticationHandler
```
public interface AuthenticationHandler
```
Implements a specific authentication mechanism and produces a SecurityToken when authentication is successful.

Nested Class Summary

Nested Classes
Modifier and Type	Interface and Description
`static class`	`AuthenticationHandler.InvalidAuthenticationException` An exception thrown by an AuthenticationHandler in the situation where a malformed credential or token is passed.

Field Summary

Fields
Modifier and Type Field and Description

static String STASHED_BODY
Some authentication handlers need to read the request body to perform verification.

Fields
Modifier and Type	Field and Description
`static String`	`STASHED_BODY` Some authentication handlers need to read the request body to perform verification.

Method Summary

Methods
Modifier and Type	Method and Description
`String`	`getName()`
`SecurityToken`	`getSecurityTokenFromRequest(javax.servlet.http.HttpServletRequest request)` Produce a security token extracted from the HTTP request.
`String`	`getWWWAuthenticateHeader(String realm)` Return a String to be used for a WWW-Authenticate header.

- Field Detail
  - STASHED_BODY
```
static final String STASHED_BODY
```
    Some authentication handlers need to read the request body to perform verification. Because the servlet stream can only be read once, making the content unavailable to the receiving servlet. An authentication handler that fully reads the body should stash the raw content byte array using request.setAttribute(STASHED_BODY, )
    
    See Also:
    Constant Field Values
- Method Detail
  - getName
```
String getName()
```
    Returns:
    The name of the authentication handler. This value is bound to the security token and can be used to determine the authentication mechanism by which the security token was created. The value is expected to be one of the values in AuthenticationMode but string is used here to allow containers to have custom authentication modes
  - getSecurityTokenFromRequest
```
SecurityToken getSecurityTokenFromRequest(javax.servlet.http.HttpServletRequest request)
                                          throws AuthenticationHandler.InvalidAuthenticationException
```
    Produce a security token extracted from the HTTP request.
    
    Parameters:
    request - The request to extract a token from.
    
    Returns:
    A valid security token for the request, or null if it wasn't possible to authenticate.
    
    Throws:
    
    AuthenticationHandler.InvalidAuthenticationException
  - getWWWAuthenticateHeader
```
String getWWWAuthenticateHeader(String realm)
```
    Return a String to be used for a WWW-Authenticate header. This will be called if the call to getSecurityTokenFromRequest returns null. If non-null/non-blank it will be added to the Response. See Section 6.1.3 of the Portable Contacts Specification
    
    Parameters:
    realm - the name of the realm to use for the authenticate header
    
    Returns:
    Header value for a WWW-Authenticate Header

Interface AuthenticationHandler

Nested Class Summary

Field Summary

Method Summary

Field Detail

STASHED_BODY

Method Detail

getName

getSecurityTokenFromRequest

getWWWAuthenticateHeader