Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.shindig.auth
Class UrlParameterAuthenticationHandler

java.lang.Object
  extended by org.apache.shindig.auth.UrlParameterAuthenticationHandler
All Implemented Interfaces:
AuthenticationHandler
public class UrlParameterAuthenticationHandler
extends Object
implements AuthenticationHandler

Produces security tokens by extracting the "st" parameter from the request url or post body.

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.apache.shindig.auth.AuthenticationHandler
AuthenticationHandler.InvalidAuthenticationException
 
Field Summary
 
Fields inherited from interface org.apache.shindig.auth.AuthenticationHandler
STASHED_BODY
 
Constructor Summary
UrlParameterAuthenticationHandler(SecurityTokenCodec securityTokenCodec)
           
 
Method Summary
protected  String getActiveUrl(javax.servlet.http.HttpServletRequest request)
           
protected  Map<String,String> getMappedParameters(javax.servlet.http.HttpServletRequest request)
           
 String getName()
           
protected  SecurityTokenCodec getSecurityTokenCodec()
           
 SecurityToken getSecurityTokenFromRequest(javax.servlet.http.HttpServletRequest request)
          Produce a security token extracted from the HTTP request.
 String getWWWAuthenticateHeader(String realm)
          Return a String to be used for a WWW-Authenticate header.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UrlParameterAuthenticationHandler

@Inject
public UrlParameterAuthenticationHandler(SecurityTokenCodec securityTokenCodec)
Method Detail

getName

public String getName()
Specified by:
getName in interface AuthenticationHandler
Returns:
The name of the authentication handler. This value is bound to the security token and can be used to determine the authentication mechanism by which the security token was created. The value is expected to be one of the values in AuthenticationMode but string is used here to allow containers to have custom authentication modes

getSecurityTokenFromRequest

public SecurityToken getSecurityTokenFromRequest(javax.servlet.http.HttpServletRequest request)
                                          throws AuthenticationHandler.InvalidAuthenticationException
Description copied from interface: AuthenticationHandler
Produce a security token extracted from the HTTP request.

Specified by:
getSecurityTokenFromRequest in interface AuthenticationHandler
Parameters:
request - The request to extract a token from.
Returns:
A valid security token for the request, or null if it wasn't possible to authenticate.
Throws:
AuthenticationHandler.InvalidAuthenticationException

getWWWAuthenticateHeader

public String getWWWAuthenticateHeader(String realm)
Description copied from interface: AuthenticationHandler
Return a String to be used for a WWW-Authenticate header. This will be called if the call to getSecurityTokenFromRequest returns null. If non-null/non-blank it will be added to the Response. See Section 6.1.3 of the Portable Contacts Specification

Specified by:
getWWWAuthenticateHeader in interface AuthenticationHandler
Parameters:
realm - the name of the realm to use for the authenticate header
Returns:
Header value for a WWW-Authenticate Header

getSecurityTokenCodec

protected SecurityTokenCodec getSecurityTokenCodec()

getMappedParameters

protected Map<String,String> getMappedParameters(javax.servlet.http.HttpServletRequest request)

getActiveUrl

protected String getActiveUrl(javax.servlet.http.HttpServletRequest request)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2007-2012. All Rights Reserved.