|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.restlet.Restlet
org.restlet.routing.Filter
org.restlet.security.Authenticator
org.restlet.ext.openid.RedirectAuthenticator
public class RedirectAuthenticator
An authenticator that redirects the authentication to some external resource.
After successful authentication, it will do a redirect to the original
request resourceRef. The RedirectAuthenticator keeps track of state using a
session cookie which is not automatically cleaned.
The typical use case for this Authenticator
is to do remote
authentication using OpenID.
The RedirectAuthenticator has the following logic based on Verifier
returns:
Verifier.RESULT_VALID
it will clean up
any unneeded cookies and do a
Response.redirectPermanent(org.restlet.data.Reference)
to the
original resource
Verifier.RESULT_INVALID
or
Verifier.RESULT_UNKNOWN
it will clean up all cookies and call forbid
(default behavior to set Status.CLIENT_ERROR_FORBIDDEN
if no
errorResource has been set)
Field Summary | |
---|---|
static String |
DEFAULT_IDENTIFIER_COOKIE
The default name of the cookie that contains the identifier. |
static String |
DEFAULT_ORIGINAL_REF_COOKIE
The default name of the cookie that contains the original request's reference. |
static String |
ORIGINAL_REF_ATTRIBUTE
|
Fields inherited from class org.restlet.routing.Filter |
---|
CONTINUE, SKIP, STOP |
Constructor Summary | |
---|---|
RedirectAuthenticator(Context context,
Verifier verifier,
Restlet forbiddenResource)
Initialize a RedirectAuthenticator with a Verifier. |
|
RedirectAuthenticator(Context context,
Verifier verifier,
String identifierCookie,
String origRefCookie,
Restlet forbiddenResource)
Initializes a RedirectAuthenticator with a Verifier. |
Method Summary | |
---|---|
protected boolean |
authenticate(Request request,
Response response)
|
protected int |
authenticated(Request request,
Response response)
|
static void |
clearIdentifierCookie(String cookieId,
Request req,
Response res)
|
static void |
clearIdentiiferCookie(Request req,
Response res)
|
void |
forbid(String origRef,
Request request,
Response response)
Rejects the call due to a failed authentication or authorization. |
protected void |
handleUser(User user)
Handles the retrieved user from the verifier. |
protected int |
unauthenticated(Request request,
Response response)
|
Methods inherited from class org.restlet.security.Authenticator |
---|
beforeHandle, getEnroler, isMultiAuthenticating, isOptional, setEnroler, setMultiAuthenticating, setOptional |
Methods inherited from class org.restlet.routing.Filter |
---|
afterHandle, doHandle, getNext, handle, hasNext, setNext, setNext, start, stop |
Methods inherited from class org.restlet.Restlet |
---|
createFinder, finalize, getApplication, getAuthor, getContext, getDescription, getFinderClass, getLogger, getName, getOwner, handle, handle, handle, isStarted, isStopped, setAuthor, setContext, setDescription, setFinderClass, setName, setOwner |
Methods inherited from class java.lang.Object |
---|
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String DEFAULT_IDENTIFIER_COOKIE
public static final String DEFAULT_ORIGINAL_REF_COOKIE
public static final String ORIGINAL_REF_ATTRIBUTE
Constructor Detail |
---|
public RedirectAuthenticator(Context context, Verifier verifier, Restlet forbiddenResource)
context
- - Contextverifier
- - A Verifier that sets user identifier upon completionpublic RedirectAuthenticator(Context context, Verifier verifier, String identifierCookie, String origRefCookie, Restlet forbiddenResource)
context
- The context.verifier
- The verifier that sets user identifier upon completion.identifierCookie
- The name of the cookie that contains the identifier.origRefCookie
- The name of the cookie that contains the original request's
reference.forbiddenResource
- The Restlet that will handle the call in case of
authentication or authorization failure.Method Detail |
---|
public static void clearIdentifierCookie(String cookieId, Request req, Response res)
public static void clearIdentiiferCookie(Request req, Response res)
protected boolean authenticate(Request request, Response response)
authenticate
in class Authenticator
public void forbid(String origRef, Request request, Response response)
origRef
- The original ref stored by the RedirectAuthenticatorrequest
- The rejected request.response
- The reject response.protected void handleUser(User user)
user
- The user.protected int unauthenticated(Request request, Response response)
unauthenticated
in class Authenticator
protected int authenticated(Request request, Response response)
authenticated
in class Authenticator
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |