Class TokenAuthenticator
java.lang.Object
org.nuxeo.ecm.platform.ui.web.auth.token.TokenAuthenticator
- All Implemented Interfaces:
NuxeoAuthenticationPlugin
,NuxeoAuthenticationPluginLogoutExtension
public class TokenAuthenticator
extends Object
implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension
Handles authentication with a token sent as a request header.
The user is retrieved with the TokenAuthenticationService
.
- Since:
- 5.7
- Author:
- Antoine Taillefer ([email protected])
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionReturns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.protected String
getUserByToken
(String token) handleLoginPrompt
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Handles the Login Prompt.handleLogout
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Handles logout operation.handleRetrieveIdentity
(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Retrieves user identification information from the request.void
initPlugin
(Map<String, String> parameters) Initializes the Plugin from parameters set in the XML descriptor.needLoginPrompt
(javax.servlet.http.HttpServletRequest httpRequest) Defines if the authentication plugin needs to do a login prompt.
-
Field Details
-
ALLOW_ANONYMOUS_KEY
- See Also:
-
TOKEN_HEADER
- See Also:
-
TOKEN_PARAM
- See Also:
-
allowAnonymous
protected boolean allowAnonymous
-
-
Constructor Details
-
TokenAuthenticator
public TokenAuthenticator()
-
-
Method Details
-
handleLoginPrompt
public Boolean handleLoginPrompt(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String baseURL) Description copied from interface:NuxeoAuthenticationPlugin
Handles the Login Prompt.- Specified by:
handleLoginPrompt
in interfaceNuxeoAuthenticationPlugin
- Parameters:
httpRequest
- the requesthttpResponse
- the response- Returns:
- true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise
-
handleRetrieveIdentity
public UserIdentificationInfo handleRetrieveIdentity(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Description copied from interface:NuxeoAuthenticationPlugin
Retrieves user identification information from the request.- Specified by:
handleRetrieveIdentity
in interfaceNuxeoAuthenticationPlugin
- Parameters:
httpRequest
- the requesthttpResponse
- the response
-
needLoginPrompt
Description copied from interface:NuxeoAuthenticationPlugin
Defines if the authentication plugin needs to do a login prompt.- Specified by:
needLoginPrompt
in interfaceNuxeoAuthenticationPlugin
- Returns:
- true if LoginPrompt is used
-
initPlugin
Description copied from interface:NuxeoAuthenticationPlugin
Initializes the Plugin from parameters set in the XML descriptor.- Specified by:
initPlugin
in interfaceNuxeoAuthenticationPlugin
-
getUnAuthenticatedURLPrefix
Description copied from interface:NuxeoAuthenticationPlugin
Returns the list of prefix for unauthenticated URLs, typically the URLs associated to login prompt.- Specified by:
getUnAuthenticatedURLPrefix
in interfaceNuxeoAuthenticationPlugin
-
getUserByToken
-
handleLogout
public Boolean handleLogout(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse) Description copied from interface:NuxeoAuthenticationPluginLogoutExtension
Handles logout operation.Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.
- Specified by:
handleLogout
in interfaceNuxeoAuthenticationPluginLogoutExtension
- Returns:
- true if caller must stop execution (ie: logout generated a redirect), false otherwise
-