Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.abstracthorizon.danube.http.auth
Class JAASAuthenticator

java.lang.Object
  extended by org.abstracthorizon.danube.http.auth.JAASAuthenticator
All Implemented Interfaces:
ConnectionHandler
public class JAASAuthenticator
extends Object
implements ConnectionHandler

This wrapper forces JAAS authentication to happen at client side: if "Authorization" header is missing it would return 401 code requesting one. This class performs only basic http authentication.

When user is authenticated Subject object is placed in the user session under AUTHORIZATION_DATA_ATTRIBUTE name. That is only going to happen if session manager is passed to this object.

Author:
Daniel Sendula

Nested Class Summary
protected  class JAASAuthenticator.AuthData
          Class holding cached authorisation data
 
Field Summary
static String AUTHORIZATION_DATA_ATTRIBUTE
          Authorisation data session attribute
static String AUTHORIZATION_REQUEST_HEADER
          Client request header for authorisation
static String AUTHORIZATION_RESPONSE_HEADER
          Server response header for authorisation
protected  Map<String,JAASAuthenticator.AuthData> cachedAuth
          Cache to hold authorisation information for a while
protected  int cacheTimeout
          Cache timeout
static int DEFAULT_CACHE_TIMEOUT
          Default cache timeout
static int DEFAULT_MINIMUM_SCAN_PERIOD
          Default minimum scan period
protected  ConnectionHandler handler
          Wrapped handler
protected  long lastScan
          When was cache scanned last time for expired entries
protected  org.slf4j.Logger logger
          Logger
protected  LoginContext loginContext
          Login context
protected  String loginContextName
          Login context name
protected  int minScanPeriod
          Minimum scan period
protected  String realm
          Realm name
protected  HTTPSessionManager sessionManager
          Session manager
 
Constructor Summary
JAASAuthenticator()
          Constructor
JAASAuthenticator(ConnectionHandler handler)
          Constructor
 
Method Summary
protected  Subject authorise(String base64)
          Obtains subject object from base 64 encoded username and password
 int getCacheTimeout()
          Returns cache timeout
 ConnectionHandler getHandler()
          Returns wrapped handler
 LoginContext getLoginContext()
          Returns login context
 String getLoginContextName()
          Returns login context name
 int getMinimumScanPeriod()
          Return minimum scan period
 String getRealm()
          Returns realm to be used.
 HTTPSessionManager getSessionManager()
          Returns session manaager
 void handleConnection(Connection connection)
          This method creates sets context path to be same as context path up to here plus this component's path.
 void setCacheTimeout(int cacheTimeout)
          Sets cache timeout
 void setHandler(ConnectionHandler handler)
          Sets wrapped handler
 void setLoginContext(LoginContext loginContext)
          Sets login context
 void setLoginContextName(String loginContextName)
          Sets login context name
 void setMinimumScanPeriod(int minScanPeriod)
          Sets minimum scan period
 void setRealm(String realm)
          Sets realm.
 void setSessionManager(HTTPSessionManager sessionManager)
          Sets session manager
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected final org.slf4j.Logger logger
Logger

AUTHORIZATION_DATA_ATTRIBUTE

public static final String AUTHORIZATION_DATA_ATTRIBUTE
Authorisation data session attribute

See Also:
Constant Field Values

AUTHORIZATION_REQUEST_HEADER

public static final String AUTHORIZATION_REQUEST_HEADER
Client request header for authorisation

See Also:
Constant Field Values

AUTHORIZATION_RESPONSE_HEADER

public static final String AUTHORIZATION_RESPONSE_HEADER
Server response header for authorisation

See Also:
Constant Field Values

DEFAULT_CACHE_TIMEOUT

public static final int DEFAULT_CACHE_TIMEOUT
Default cache timeout

See Also:
Constant Field Values

DEFAULT_MINIMUM_SCAN_PERIOD

public static final int DEFAULT_MINIMUM_SCAN_PERIOD
Default minimum scan period

See Also:
Constant Field Values

handler

protected ConnectionHandler handler
Wrapped handler

sessionManager

protected HTTPSessionManager sessionManager
Session manager

realm

protected String realm
Realm name

loginContextName

protected String loginContextName
Login context name

loginContext

protected LoginContext loginContext
Login context

cachedAuth

protected Map<String,JAASAuthenticator.AuthData> cachedAuth
Cache to hold authorisation information for a while

cacheTimeout

protected int cacheTimeout
Cache timeout

minScanPeriod

protected int minScanPeriod
Minimum scan period

lastScan

protected long lastScan
When was cache scanned last time for expired entries

Constructor Detail

JAASAuthenticator

public JAASAuthenticator()
Constructor

JAASAuthenticator

public JAASAuthenticator(ConnectionHandler handler)
Constructor

Method Detail

handleConnection

public void handleConnection(Connection connection)
                      throws ConnectionException
This method creates sets context path to be same as context path up to here plus this component's path. Component's path is reset to "/"

Specified by:
handleConnection in interface ConnectionHandler
Parameters:
connection - socket connection
Throws:
ConnectionException

authorise

protected Subject authorise(String base64)
Obtains subject object from base 64 encoded username and password

Parameters:
base64 - base 64 encoded username and password
Returns:
subject or null

getHandler

public ConnectionHandler getHandler()
Returns wrapped handler

Returns:
wrapped handler

setHandler

public void setHandler(ConnectionHandler handler)
Sets wrapped handler

Parameters:
handler - wrapped handler

getSessionManager

public HTTPSessionManager getSessionManager()
Returns session manaager

Returns:
http session manager

setSessionManager

public void setSessionManager(HTTPSessionManager sessionManager)
Sets session manager

Parameters:
sessionManager - http session manager

getRealm

public String getRealm()
Returns realm to be used. If not set then component path will be used.

Returns:
realm

setRealm

public void setRealm(String realm)
Sets realm.

Parameters:
realm - realm

getLoginContextName

public String getLoginContextName()
Returns login context name

Returns:
login context name

setLoginContextName

public void setLoginContextName(String loginContextName)
Sets login context name

Parameters:
loginContextName - login context name

getLoginContext

public LoginContext getLoginContext()
Returns login context

Returns:
login context

setLoginContext

public void setLoginContext(LoginContext loginContext)
Sets login context

Parameters:
loginContext - login context

getCacheTimeout

public int getCacheTimeout()
Returns cache timeout

Returns:
cache timeout

setCacheTimeout

public void setCacheTimeout(int cacheTimeout)
Sets cache timeout

Parameters:
cacheTimeout - cache timeout

getMinimumScanPeriod

public int getMinimumScanPeriod()
Return minimum scan period

Returns:
minimum scan period

setMinimumScanPeriod

public void setMinimumScanPeriod(int minScanPeriod)
Sets minimum scan period

Parameters:
minScanPeriod - minimum scan period
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005-2009 Abstract Horizon. All Rights Reserved.