public class ServletProvider extends Object implements AuthenticationProvider
AuthenticationProvider
that delegates to the HttpServletRequest
referenced by the supplied
ServletCredentials
instances for all authentication and role-based authorization.
Note that this class can only be used if the HttpServletRequest
class is on the classpath.
Modifier and Type | Class and Description |
---|---|
protected static class |
ServletProvider.ServletSecurityContext |
Constructor and Description |
---|
ServletProvider() |
Modifier and Type | Method and Description |
---|---|
ExecutionContext |
authenticate(Credentials credentials,
String repositoryName,
String workspaceName,
ExecutionContext repositoryContext,
Map<String,Object> sessionAttributes)
Authenticate the user that is using the supplied credentials.
|
public ExecutionContext authenticate(Credentials credentials, String repositoryName, String workspaceName, ExecutionContext repositoryContext, Map<String,Object> sessionAttributes)
AuthenticationProvider
ExecutionContext
that reflects the authenticated environment, including the context's valid
security context
that will be used for authorization throughout.
Note that each provider is handed a map into which it can place name-value pairs that will be used in the
Session attributes
of the Session that results from this authentication attempt.
ModeShape will ignore any attributes if this provider does not authenticate the credentials.
authenticate
in interface AuthenticationProvider
credentials
- the user's JCR credentials, which may be an AnonymousCredentials
if authenticating as an
anonymous userrepositoryName
- the name of the JCR repository; never nullworkspaceName
- the name of the JCR workspace; never nullrepositoryContext
- the execution context of the repository, which may be wrapped by this methodsessionAttributes
- the map of name-value pairs that will be placed into the Session attributes
; never nullCopyright © 2008–2016 JBoss, a division of Red Hat. All rights reserved.