Authenticator (The Adobe AEM Quickstart and Web Application.)

public interface Authenticator

The Authenticator interface defines the service interface of the authenticator used by the Sling engine. This service provides a method to find an AuthenticationHandler and call its requestAuthentication or dropAuthentication methods.

This service is used by applications which want to provide functionality to their users to log into the application and log out from it.

A very simple login script (using ESP here) could be implemented like this:

 var auth = sling.getService(org.apache.sling.commons.auth.Authenticator);
 if (auth != null) {
     try {
         auth.login(request, response);
         return; // we are done here
     } catch (e) {
         // probably no AuthenticationHandler available
     }
 }
 // Authenticator service is missing or no AuthenticationHandler
 ... do whatever you want to for error handling ...

Likewise implementing a logout script (ESP, too) is equally simple:

 if (request.authType) {
     // not logged in at all, no need to logout
 } else {
     var auth = sling.getService(org.apache.sling.commons.auth.Authenticator);
     if (auth != null) {
         auth.logout(request, response);
     } else {
         // handle the case of no Authenticator to logout with
     }
 }

This interface is not intended to be implemented by applications but may be used to initiate the authentication process form a request processing servlet or script.

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`LOGIN_RESOURCE` Name of the request attribute used by the `login(HttpServletRequest, HttpServletResponse)` method to select an `AuthenticationHandler` to call.
`static java.lang.String`	`SERVICE_NAME` The name under which this service is registered.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`void`	`login(HttpServletRequest request, HttpServletResponse response)` Finds an `AuthenticationHandler` for the given request and call its `AuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse)` method to initiate an authentication process with the client to login to Sling.
`void`	`logout(HttpServletRequest request, HttpServletResponse response)` Finds an `AuthenticationHandler` for the given request and call its `AuthenticationHandler.dropCredentials(HttpServletRequest, HttpServletResponse)` method to drop authentication credentials for the client to logout from Sling.

- Field Detail
  - SERVICE_NAME
```
static final java.lang.String SERVICE_NAME
```
    The name under which this service is registered.
    
    See Also:
    
    Constant Field Values
  - LOGIN_RESOURCE
```
static final java.lang.String LOGIN_RESOURCE
```
    Name of the request attribute used by the login(HttpServletRequest, HttpServletResponse) method to select an AuthenticationHandler to call. If this request attribute is not set or is the empty string, the request path info ( HttpServletRequest.getPathInfo()) method is used to get the path.
    This request attribute can be used by frontend servlets/scripts which call into login(HttpServletRequest, HttpServletResponse) on behalf of users.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - login
```
void login(HttpServletRequest request,
           HttpServletResponse response)
```
    Finds an AuthenticationHandler for the given request and call its AuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse) method to initiate an authentication process with the client to login to Sling.
    This method must be called on an uncommitted response since the implementation may want to reset the response to start the authentication process with a clean response. If the response is already committed an IllegalStateException is thrown.
    After this method has finished, request processing should be terminated and the response be considered committed and finished.
    
    Parameters:
    
    request - The object representing the client request.
    
    response - The object representing the response to the client.
    
    Throws:
    
    NoAuthenticationHandlerException - If no authentication handler claims responsibility to authenticate the request.
    
    java.lang.IllegalStateException - If the response has already been committed.
  - logout
```
void logout(HttpServletRequest request,
            HttpServletResponse response)
```
    Finds an AuthenticationHandler for the given request and call its AuthenticationHandler.dropCredentials(HttpServletRequest, HttpServletResponse) method to drop authentication credentials for the client to logout from Sling.
    This method must be called on an uncommitted response since the implementation may want to reset the response to restart the authentication process with a clean response. If the response is already committed an IllegalStateException is thrown.
    After this method has finished, request processing should be terminated and the response be considered committed and finished.
    
    Parameters:
    
    request - The object representing the client request.
    
    response - The object representing the response to the client.
    
    Throws:
    
    java.lang.IllegalStateException - If the response has already been committed.

Interface Authenticator

Field Summary

Method Summary

Field Detail

SERVICE_NAME

LOGIN_RESOURCE

Method Detail

login

logout