ServletProvider (ModeShape Distribution Public API Reference (2.7.0.Final))

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.modeshape.jcr.security
Class ServletProvider

java.lang.Object
  org.modeshape.jcr.security.ServletProvider

All Implemented Interfaces:: AuthenticationProvider

public class ServletProvider
extends Object
implements AuthenticationProvider
extends Object
implements AuthenticationProvider

An implementation of AuthenticationProvider that delegates to the HttpServletRequest referenced by the supplied ServletCredentials instances for all authentication and role-based authorization.

Note that this class can only be used if the HttpServletRequest class is on the classpath.

Nested Class Summary
`protected static class`	`ServletProvider.ServletSecurityContext`

Constructor Summary
`ServletProvider()`

Method Summary
`ExecutionContext`	`authenticate(Credentials credentials, String repositoryName, String workspaceName, ExecutionContext repositoryContext, Map<String,Object> sessionAttributes)` Authenticate the user that is using the supplied credentials.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

ServletProvider

public ServletProvider()

Method Detail

authenticate

public ExecutionContext authenticate(Credentials credentials,
                                     String repositoryName,
                                     String workspaceName,
                                     ExecutionContext repositoryContext,
                                     Map<String,Object> sessionAttributes)

Authenticate the user that is using the supplied credentials. If the supplied credentials are authenticated, this method should construct an ExecutionContext that reflects the authenticated environment, including the context's valid security context that will be used for authorization throughout.

Note that each provider is handed a map into which it can place name-value pairs that will be used in the Session attributes of the Session that results from this authentication attempt. ModeShape will ignore any attributes if this provider does not authenticate the credentials.

Specified by:: authenticate in interface AuthenticationProvider

Parameters:: credentials - the user's JCR credentials, which may be an AnonymousCredentials if authenticating as an anonymous user; repositoryName - the name of the JCR repository; never null; workspaceName - the name of the JCR workspace; never null; repositoryContext - the execution context of the repository, which may be wrapped by this method; sessionAttributes - the map of name-value pairs that will be placed into the Session attributes; never null
Returns:: the execution context for the authenticated user, or null if this provider could not authenticate the user
See Also:: AuthenticationProvider.authenticate(javax.jcr.Credentials, java.lang.String, java.lang.String, org.modeshape.graph.ExecutionContext, java.util.Map)