Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

wt.httpgw
Class HTTPAuthentication

java.lang.Object
  extended bywt.httpgw.HTTPAuthentication
All Implemented Interfaces:
AuthenticationHandler, CGIConstants
Direct Known Subclasses:
DemoAuthentication
public class HTTPAuthentication
extends Object
implements AuthenticationHandler, CGIConstants

HTTP Authentication service. Authentication is performed by having client call our login method through an authenticating HTTP gateway for which a Web server performs authentication.

Supported API: true
Extendable: true

Field Summary
private static String ANONYMOUS_USER
           
private static String GATEWAY_HOST
           
private static String previousClientHost
           
private static String REAUTH_FLAG_KEY
           
private static String RESOURCE
           
private static boolean SET_KEEPALIVE
           
private static boolean VERBOSE_SERVER
           
 
Fields inherited from interface wt.auth.AuthenticationHandler
versionID
 
Fields inherited from interface wt.httpgw.CGIConstants
CGI_ACCEPT, CGI_ACCEPT_CHARSET, CGI_ACCEPT_LANGUAGE, CGI_AUTH_TYPE, CGI_AUTHORIZATION, CGI_CONNECTION, CGI_CONTENT_LENGTH, CGI_CONTENT_TYPE, CGI_CONTEXT_PATH, CGI_DELETE_METHOD, CGI_GATEWAY_INTERFACE, CGI_GET_METHOD, CGI_HEAD_METHOD, CGI_HOST, CGI_IF_MODIFIED_SINCE, CGI_MULTIPART_BOUNDARY, CGI_PATH_INFO, CGI_PATH_TRANSLATED, CGI_POST_METHOD, CGI_PRAGMA, CGI_PROPERTY_PREFIX, CGI_PROTOCOL, CGI_PUT_METHOD, CGI_QUERY_STRING, CGI_REFERER, CGI_REMOTE_ADDR, CGI_REMOTE_HOST, CGI_REMOTE_IDENT, CGI_REMOTE_USER, CGI_REQUEST_METHOD, CGI_SCHEME, CGI_SCRIPT_NAME, CGI_SERVER_NAME, CGI_SERVER_PORT, CGI_SERVER_PROTOCOL, CGI_SERVER_SOFTWARE, CGI_SERVLET_SESSION, CGI_TRACE_METHOD, CGI_UA_COLOR, CGI_UA_CPU, CGI_UA_OS, CGI_UA_PIXELS, CGI_URI, CGI_URL, CGI_USER_AGENT, versionID
 
Constructor Summary
HTTPAuthentication()
           
 
Method Summary
 MethodAuthenticator bootstrap(MethodAuthenticator authenticator)
          Initialization method called from bootstrapping authenticator's init method.
protected static void checkAccess()
          Method to validate access to processRequest method.
 MethodAuthenticator getBootstrapAuthenticator()
          Get a bootstrap MethodAuthenticator capable of identifying the user.
 MethodAuthenticator getBootstrapAuthenticator(String session_id)
          Get a bootstrap MethodAuthenticator capable of identifying the user for the given session.
protected  void initSession(GatewayAuthenticator auth)
          Establish security context (or lack thereof) for a HTTP gateway method call.
static void login(HTTPRequest request, HTTPResponse response)
          Handle HTTP client request for login.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

RESOURCE

private static final String RESOURCE
See Also:
Constant Field Values

VERBOSE_SERVER

private static final boolean VERBOSE_SERVER

ANONYMOUS_USER

private static final String ANONYMOUS_USER

GATEWAY_HOST

private static String GATEWAY_HOST

SET_KEEPALIVE

private static final boolean SET_KEEPALIVE

REAUTH_FLAG_KEY

private static final String REAUTH_FLAG_KEY
See Also:
Constant Field Values

previousClientHost

private static String previousClientHost
Constructor Detail

HTTPAuthentication

public HTTPAuthentication()
Method Detail

getBootstrapAuthenticator

public MethodAuthenticator getBootstrapAuthenticator()
Get a bootstrap MethodAuthenticator capable of identifying the user. This method returns a HTTPLogin object that will perform login by calling our login method using an authenticated HTTP request.

Supported API: false

Specified by:
getBootstrapAuthenticator in interface AuthenticationHandler
Returns:
MethodAuthenticator object

getBootstrapAuthenticator

public MethodAuthenticator getBootstrapAuthenticator(String session_id)
Get a bootstrap MethodAuthenticator capable of identifying the user for the given session. This method returns a HTTPLogin object that will perform login by calling our login method using an authenticated HTTP request.

Supported API: false

Specified by:
getBootstrapAuthenticator in interface AuthenticationHandler
Parameters:
session_id - a string identifying the session to be authenticated
Returns:
MethodAuthenticator object

bootstrap

public MethodAuthenticator bootstrap(MethodAuthenticator authenticator)
Initialization method called from bootstrapping authenticator's init method. Called to establish authentication for HTTP gateway requests or to report failure of client HTTP login attempt.

Supported API: false

Specified by:
bootstrap in interface AuthenticationHandler
Parameters:
authenticator - the MethodAuthenticator being initialized
Returns:
replacement MethodAuthenticator or null if not our authenticator.
Throws:
AuthenticationException - if authentication failed

login

public static void login(HTTPRequest request,
                         HTTPResponse response)
                  throws IOException
Handle HTTP client request for login. Sends a serialized Authenticator object in response.

Supported API: false

Throws:
IOException

initSession

protected void initSession(GatewayAuthenticator auth)
Establish security context (or lack thereof) for a HTTP gateway method call.

Supported API: false

checkAccess

protected static void checkAccess()
Method to validate access to processRequest method. This implementation allows access only from clients that are running on the local (server) host or identified in the wt.httpgw.hostname property.

Supported API: false

Throws:
SecurityException - if check fails and/or access is denied
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD