public interface WebConsoleSecurityProvider2 extends WebConsoleSecurityProvider
WebConsoleSecurityProvider2
extends the
WebConsoleSecurityProvider
interface allowing for full control of
the authentication process to access the Web Console.
If a registered WebConsoleSecurityProvider
service implements this
interface the authenticate(HttpServletRequest, HttpServletResponse)
method is called instead of the
WebConsoleSecurityProvider.authenticate(String, String)
method.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
USER_ATTRIBUTE
The name of the request attribute providing the object representing the
authenticated user.
|
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(HttpServletRequest request,
HttpServletResponse response)
Authenticates the given request or asks the client for credentials.
|
authorize
static final java.lang.String USER_ATTRIBUTE
WebConsoleSecurityProvider.authorize(Object, String)
to
authorize access for certain roles.boolean authenticate(HttpServletRequest request, HttpServletResponse response)
Implementations of this method are expected to respect and implement
the semantics of the HttpContext.handleSecurity
method
as specified in the OSGi HTTP Service specification.
If this method returns true
it is assumed the request
provided valid credentials identifying the user as accepted to access
the web console. In addition, the USER_ATTRIBUTE
request
attribute must be set to a non-null
object reference
identifying the authenticated user.
If this method returns false
the request to the web console
is terminated without any more response sent back to the client. That is
the implementation is expected to have informed the client in case of
non-granted access.
authenticate
in interface WebConsoleSecurityProvider
request
- The request objectresponse
- The response objecttrue
If the request provided valid credentials."Copyright © 2010 - 2020 Adobe Systems Incorporated. All Rights Reserved"