public interface WebConsoleSecurityProvider2 extends WebConsoleSecurityProvider
WebConsoleSecurityProvider2 extends the
WebConsoleSecurityProvider interface allowing for full control of
the authentication process to access the Web Console.
If a registered WebConsoleSecurityProvider service implements this
interface the authenticate(HttpServletRequest, HttpServletResponse)
method is called instead of the
WebConsoleSecurityProvider.authenticate(String, String) method.
| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
USER_ATTRIBUTE
The name of the request attribute providing the object representing the
authenticated user.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
authenticate(HttpServletRequest request,
HttpServletResponse response)
Authenticates the given request or asks the client for credentials.
|
authenticate, authorizestatic final java.lang.String USER_ATTRIBUTE
WebConsoleSecurityProvider.authorize(Object, String) to
authorize access for certain roles.boolean authenticate(HttpServletRequest request, HttpServletResponse response)
Implementations of this method are expected to respect and implement
the semantics of the HttpContext.handleSecurity method
as specified in the OSGi HTTP Service specification.
If this method returns true it is assumed the request
provided valid credentials identifying the user as accepted to access
the web console. In addition, the USER_ATTRIBUTE request
attribute must be set to a non-null object reference
identifying the authenticated user.
If this method returns false the request to the web console
is terminated without any more response sent back to the client. That is
the implementation is expected to have informed the client in case of
non-granted access.
request - The request objectresponse - The response objecttrue If the request provided valid credentials.Copyright © 2010 - 2020 Adobe. All Rights Reserved