public interface Authenticator
Authenticator
interface defines the service interface of the
authenticator used by the Sling engine. This service provides a method to
find an AuthenticationHandler
and call its
requestAuthentication
or
dropAuthentication
methods.
This service is used by applications which want to provide functionality to their users to log into the application and log out from it.
A very simple login script (using ESP here) could be implemented like this:
var auth = sling.getService(org.apache.sling.commons.auth.Authenticator); if (auth != null) { try { auth.login(request, response); return; // we are done here } catch (e) { // probably no AuthenticationHandler available } } // Authenticator service is missing or no AuthenticationHandler ... do whatever you want to for error handling ...
Likewise implementing a logout script (ESP, too) is equally simple:
if (request.authType) { // not logged in at all, no need to logout } else { var auth = sling.getService(org.apache.sling.commons.auth.Authenticator); if (auth != null) { auth.logout(request, response); } else { // handle the case of no Authenticator to logout with } }
This interface is not intended to be implemented by applications but may be used to initiate the authentication process form a request processing servlet or script.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
LOGIN_RESOURCE
Name of the request attribute used by the
login(HttpServletRequest, HttpServletResponse) method to select
an AuthenticationHandler to
call. |
static java.lang.String |
SERVICE_NAME
The name under which this service is registered.
|
Modifier and Type | Method and Description |
---|---|
void |
login(HttpServletRequest request,
HttpServletResponse response)
Finds an
AuthenticationHandler
for the given request and call its
AuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse)
method to initiate an authentication process with the client to login to
Sling. |
void |
logout(HttpServletRequest request,
HttpServletResponse response)
Finds an
AuthenticationHandler
for the given request and call its
AuthenticationHandler.dropCredentials(HttpServletRequest, HttpServletResponse)
method to drop authentication credentials for the client to logout from
Sling. |
static final java.lang.String SERVICE_NAME
static final java.lang.String LOGIN_RESOURCE
login(HttpServletRequest, HttpServletResponse)
method to select
an AuthenticationHandler
to
call. If this request attribute is not set or is the empty string, the
request path info ( HttpServletRequest.getPathInfo()
) method
is used to get the path.
This request attribute can be used by frontend servlets/scripts which
call into login(HttpServletRequest, HttpServletResponse)
on
behalf of users.
void login(HttpServletRequest request, HttpServletResponse response)
AuthenticationHandler
for the given request and call its
AuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse)
method to initiate an authentication process with the client to login to
Sling.
This method must be called on an uncommitted response since the
implementation may want to reset the response to start the authentication
process with a clean response. If the response is already committed an
IllegalStateException
is thrown.
After this method has finished, request processing should be terminated and the response be considered committed and finished.
request
- The object representing the client request.response
- The object representing the response to the client.NoAuthenticationHandlerException
- If no authentication handler
claims responsibility to authenticate the request.java.lang.IllegalStateException
- If the response has already been committed.void logout(HttpServletRequest request, HttpServletResponse response)
AuthenticationHandler
for the given request and call its
AuthenticationHandler.dropCredentials(HttpServletRequest, HttpServletResponse)
method to drop authentication credentials for the client to logout from
Sling.
This method must be called on an uncommitted response since the
implementation may want to reset the response to restart the
authentication process with a clean response. If the response is already
committed an IllegalStateException
is thrown.
After this method has finished, request processing should be terminated and the response be considered committed and finished.
request
- The object representing the client request.response
- The object representing the response to the client.java.lang.IllegalStateException
- If the response has already been committed.Copyright © 2010 - 2020 Adobe. All Rights Reserved