List of usage examples for javax.servlet.http HttpServletRequest FORM_AUTH
String FORM_AUTH
To view the source code for javax.servlet.http HttpServletRequest FORM_AUTH.
Click Source Link
From source file:org.eclipse.orion.server.authentication.formopenid.FormOpenIdAuthenticationService.java
private void setNotAuthenticated(HttpServletRequest req, HttpServletResponse resp, Properties properties) throws IOException { resp.setHeader("WWW-Authenticate", HttpServletRequest.FORM_AUTH); //$NON-NLS-1$ resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // redirection from FormAuthenticationService.setNotAuthenticated String versionString = req.getHeader("Orion-Version"); //$NON-NLS-1$ Version version = versionString == null ? null : new Version(versionString); // TODO: This is a workaround for calls // that does not include the WebEclipse version header String xRequestedWith = req.getHeader("X-Requested-With"); //$NON-NLS-1$ if (version == null && !"XMLHttpRequest".equals(xRequestedWith)) { //$NON-NLS-1$ resp.sendRedirect(//from w ww .j a v a2s . c o m req.getContextPath() + "/mixloginstatic/LoginWindow.html?redirect=" + req.getRequestURL()); } else { resp.setContentType(ProtocolConstants.CONTENT_TYPE_JSON); JSONObject result = new JSONObject(); try { result.put("SignInLocation", req.getContextPath() + "/mixloginstatic/LoginWindow.html"); result.put("label", "Orion workspace server"); result.put("SignInKey", "FORMOpenIdUser"); } catch (JSONException e) { LogHelper.log(new Status(IStatus.ERROR, Activator.PI_AUTHENTICATION_SERVLETS, 1, "An error occured during authenitcation", e)); } resp.getWriter().print(result.toString()); } }
From source file:net.lightbody.bmp.proxy.jetty.jetty.servlet.FormAuthenticator.java
public String getAuthMethod() { return HttpServletRequest.FORM_AUTH; }
From source file:org.paxle.gui.impl.servlets.LoginView.java
@Override public Template handleRequest(HttpServletRequest request, HttpServletResponse response, Context context) throws Exception { Template template = null;// w w w .j ava 2s. c o m try { // Get the session HttpSession session = request.getSession(true); boolean doRedirect = false; if (request.getParameter("doLogin") != null) { // getting user-name + password String userName = request.getParameter("login.username"); String password = request.getParameter("login.password"); if (password == null) password = ""; // getting the userAdmin service IServiceManager manager = (IServiceManager) context.get(IServiceManager.SERVICE_MANAGER); UserAdmin uAdmin = (UserAdmin) manager.getService(UserAdmin.class.getName()); // auth user final User user = this.guiAuthManager.authenticatedAs(request, userName, password); if (user != null) { // remember login state session.setAttribute("logon.isDone", Boolean.TRUE); // set user-data into the session session.setAttribute(HttpContext.AUTHENTICATION_TYPE, HttpServletRequest.FORM_AUTH); session.setAttribute(HttpContext.AUTHORIZATION, uAdmin.getAuthorization(user)); session.setAttribute(HttpContext.REMOTE_USER, user); // keep user-settings in sync with user-language settings CookieTool cookieTool = (CookieTool) context.get("cookieTool"); if (cookieTool.get("l10n") != null) { @SuppressWarnings("unchecked") Dictionary<String, Object> userProps = user.getProperties(); userProps.put(UserView.USER_LANGUAGE, cookieTool.get("l10n").getValue()); } doRedirect = true; } else { context.put("errorMsg", "Unable to login. Username or password is invalid"); } } else if (request.getParameter("doLogout") != null) { session.removeAttribute("logon.isDone"); session.removeAttribute(HttpContext.AUTHENTICATION_TYPE); session.removeAttribute(HttpContext.AUTHORIZATION); session.removeAttribute(HttpContext.REMOTE_USER); doRedirect = true; } if (doRedirect) { // redirect to target if (session.getAttribute("login.target") != null) { response.sendRedirect((String) session.getAttribute("login.target")); session.removeAttribute("login.target"); } else if (request.getParameter("login.target") != null) { response.sendRedirect((String) request.getParameter("login.target")); request.removeAttribute("login.target"); } else { response.sendRedirect("/"); } } else { template = this.getTemplate("/resources/templates/LoginView.vm"); } } catch (Exception e) { this.logger.error(String.format("Unexpected '%s': %s", e.getClass().getName(), e.getMessage()), e); throw e; } return template; }
From source file:com.activecq.tools.auth.impl.PluggableAuthenticationHandlerImpl.java
/** * Extract the credentials contained inside the request, parameter or cookie * * @see com.day.cq.auth.impl.AbstractHTTPAuthHandler#authenticate(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) *//*from w w w .j a va2 s .c o m*/ @Override public AuthenticationInfo extractCredentials(HttpServletRequest request, HttpServletResponse response) { if (!this.enabled) { return null; } Credentials credentials; boolean useTrustCredentials = false; if (formAuthenticationService.accepts(request)) { credentials = formAuthenticationService.extractCredentials(request); request.setAttribute(HTTP_REQUEST_ATTR_AUTH_TYPE, AuthType.FORM); } else if (sessionAuthenticationService.accepts(request)) { credentials = sessionAuthenticationService.extractCredentials(request); request.setAttribute(HTTP_REQUEST_ATTR_AUTH_TYPE, AuthType.SESSION); useTrustCredentials = true; } else { return null; } if (credentials == null) { /* Remove invalid cookies to cut down on future processing. * This is executed for all failed attempts. If an authenticated * user tries to unsuccessfully login they will be logged out. */ // TODO Think on this; determine if this is the right course of action sessionAuthenticationService.dropCredentials(request, response); return null; } // Handle SimpleCredentials (Default CQ behavior, vs Custom Credentials) AuthenticationInfo info; if (credentials instanceof SimpleCredentials) { // Handle common case of using SimpleCredentials // This case is supported by the OOTB Adobe CQ CRXLoginModule SimpleCredentials simpleCredentials = (SimpleCredentials) credentials; if (useTrustCredentials) { // Set Trusted Credentials Attributes; Must match to what is in // repository.xml or ldap.config (if LDAP is used) simpleCredentials.setAttribute(trustCredentials, "ignore"); } info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH, simpleCredentials.getUserID()); // Set AuthenticationInfo Password if available if (simpleCredentials.getPassword() != null && simpleCredentials.getPassword().length > 0) { info.setPassword(simpleCredentials.getPassword()); } } else { // Handle the case where Authentication should be preformed against a // custom LoginModulePlugin (http://sling.apache.org/apidocs/sling6/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.html) info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH); } // Add the Credentials object to the AuthenticationInfo for processing by // the LoginModule/LoginModulePlugin info.put(JcrResourceConstants.AUTHENTICATION_INFO_CREDENTIALS, credentials); return info; }
From source file:net.lightbody.bmp.proxy.jetty.jetty.servlet.ServletHttpRequest.java
public String getAuthType() { String at = _httpRequest.getAuthType(); if (at == SecurityConstraint.__BASIC_AUTH) return HttpServletRequest.BASIC_AUTH; if (at == SecurityConstraint.__FORM_AUTH) return HttpServletRequest.FORM_AUTH; if (at == SecurityConstraint.__DIGEST_AUTH) return HttpServletRequest.DIGEST_AUTH; if (at == SecurityConstraint.__CERT_AUTH) return HttpServletRequest.CLIENT_CERT_AUTH; if (at == SecurityConstraint.__CERT_AUTH2) return HttpServletRequest.CLIENT_CERT_AUTH; return at;/*from w ww. j a va 2 s .c o m*/ }
From source file:org.apache.sling.auth.form.impl.FormAuthenticationHandler.java
/** * Returns <code>true</code> if this authentication handler should ignore * the call to//from w ww. j a va2 s. com * {@link #requestCredentials(HttpServletRequest, HttpServletResponse)}. * <p> * This method returns <code>true</code> if the * {@link #REQUEST_LOGIN_PARAMETER} is set to any value other than "Form" * (HttpServletRequest.FORM_AUTH). */ private boolean ignoreRequestCredentials(final HttpServletRequest request) { final String requestLogin = request.getParameter(REQUEST_LOGIN_PARAMETER); return requestLogin != null && !HttpServletRequest.FORM_AUTH.equals(requestLogin); }
From source file:org.apache.sling.auth.form.impl.FormAuthenticationHandler.java
private AuthenticationInfo extractRequestParameterAuthentication(HttpServletRequest request) { AuthenticationInfo info = null;/*from w w w. j a va 2 s . c o m*/ // only consider login form parameters if this is a POST request // to the j_security_check URL if (REQUEST_METHOD.equals(request.getMethod()) && request.getRequestURI().endsWith(REQUEST_URL_SUFFIX)) { String user = request.getParameter(PAR_J_USERNAME); String pwd = request.getParameter(PAR_J_PASSWORD); if (user != null && pwd != null) { info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH, user, pwd.toCharArray()); info.put(AuthConstants.AUTH_INFO_LOGIN, new Object()); // if this request is providing form credentials, we have to // make sure, that the request is redirected after successful // authentication, otherwise the request may be processed // as a POST request to the j_security_check page (unless // the j_validate parameter is set); but only if this is not // a validation request if (!AuthUtil.isValidateRequest(request)) { AuthUtil.setLoginResourceAttribute(request, request.getContextPath()); } } } return info; }
From source file:org.apache.sling.auth.form.impl.FormAuthenticationHandler.java
private AuthenticationInfo createAuthInfo(final String authData) { final String userId = getUserId(authData); if (userId == null) { return null; }//from w ww . java 2 s . com final AuthenticationInfo info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH, userId); if (jaasHelper.enabled()) { //JcrResourceConstants.AUTHENTICATION_INFO_CREDENTIALS info.put("user.jcr.credentials", new FormCredentials(userId, authData)); } else { info.put(attrCookieAuthData, authData); } return info; }