Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

net.sf.jguard.authentication.http
Class HttpAuthenticationUtils

java.lang.Object
  extended by net.sf.jguard.authentication.http.HttpAuthenticationUtils
All Implemented Interfaces:
java.util.EventListener, javax.servlet.http.HttpSessionActivationListener, javax.servlet.http.HttpSessionBindingListener
public class HttpAuthenticationUtils
extends java.lang.Object
implements javax.servlet.http.HttpSessionActivationListener, javax.servlet.http.HttpSessionBindingListener

Authentication utility class stored on the user's session.

Author:
Charles Gay this class was inspired by the article on jaas published at this address.

Constructor Summary
HttpAuthenticationUtils()
           
 
Method Summary
static boolean authenticate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, boolean afterRegistration)
          authenticate user and put the corresponding Subject in its session if succeed.
 javax.security.auth.Subject getSubject()
          retrieve the subject from the loginContext.
 void logout()
          logout the user with the related LoginContext.
 void refreshUser(JGuardCredential jcredUpdatedUser)
          refresh the user stored into the HttpAuthenticationUtils to reflect dynamically changes on connected users, including delete of users.
static void refreshUsers(JGuardCredential identityCredential, javax.servlet.ServletContext servletContext)
          refresh all users which match with the identityCredential.
static void refreshUsers(javax.security.auth.Subject subject, javax.servlet.ServletContext servletContext)
          refresh all users which match with the identityCredential present in the Subject updated.
 void sessionDidActivate(javax.servlet.http.HttpSessionEvent sessionEvent)
          method called by container when session is deserialized.
 void sessionWillPassivate(javax.servlet.http.HttpSessionEvent sessionEvent)
          method called by the container when session is serialized.
 void valueBound(javax.servlet.http.HttpSessionBindingEvent bindingEvent)
           
 void valueUnbound(javax.servlet.http.HttpSessionBindingEvent bindingEvent)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

HttpAuthenticationUtils

public HttpAuthenticationUtils()
Method Detail

getSubject

public javax.security.auth.Subject getSubject()
retrieve the subject from the loginContext.

Returns:
authenticated Subject, otherwise null.

logout

public void logout()
logout the user with the related LoginContext.

Parameters:
applicationName -
username - user login
password - user password

authenticate

public static boolean authenticate(javax.servlet.http.HttpServletRequest req,
                                   javax.servlet.http.HttpServletResponse res,
                                   boolean afterRegistration)
                            throws java.io.IOException
authenticate user and put the corresponding Subject in its session if succeed.

Parameters:
req -
res -
boolean - :true if user registration was made just before; false otherwise.
Returns:
authenticationresult: true if authentication succeed, false otherwise.
Throws:
java.io.IOException

sessionWillPassivate

public void sessionWillPassivate(javax.servlet.http.HttpSessionEvent sessionEvent)
method called by the container when session is serialized.

Specified by:
sessionWillPassivate in interface javax.servlet.http.HttpSessionActivationListener
Parameters:
sessionEvent -

sessionDidActivate

public void sessionDidActivate(javax.servlet.http.HttpSessionEvent sessionEvent)
method called by container when session is deserialized.

Specified by:
sessionDidActivate in interface javax.servlet.http.HttpSessionActivationListener
Parameters:
sessionEvent -

refreshUser

public void refreshUser(JGuardCredential jcredUpdatedUser)
                 throws AuthenticationException
refresh the user stored into the HttpAuthenticationUtils to reflect dynamically changes on connected users, including delete of users.

Parameters:
jcredUpdatedUser -
Throws:
AuthenticationException

valueBound

public void valueBound(javax.servlet.http.HttpSessionBindingEvent bindingEvent)
Specified by:
valueBound in interface javax.servlet.http.HttpSessionBindingListener

valueUnbound

public void valueUnbound(javax.servlet.http.HttpSessionBindingEvent bindingEvent)
Specified by:
valueUnbound in interface javax.servlet.http.HttpSessionBindingListener

refreshUsers

public static void refreshUsers(javax.security.auth.Subject subject,
                                javax.servlet.ServletContext servletContext)
                         throws AuthenticationException
refresh all users which match with the identityCredential present in the Subject updated. note that the identityCredential must'nt be changed.

Parameters:
subject - subject updated
servletContext -
Throws:
AuthenticationException

refreshUsers

public static void refreshUsers(JGuardCredential identityCredential,
                                javax.servlet.ServletContext servletContext)
                         throws AuthenticationException
refresh all users which match with the identityCredential.

Parameters:
servletContext -
identityCredential -
Throws:
AuthenticationException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD