WebConsoleSecurityProvider2 (The Adobe Experience Manager SDK 2022.11.9850.20221116T162329Z-220900)

All Superinterfaces:

WebConsoleSecurityProvider

All Known Subinterfaces:

WebConsoleSecurityProvider3
```
@Deprecated(since="2021-04-30")
public interface WebConsoleSecurityProvider2
extends WebConsoleSecurityProvider
```
Deprecated.
The Apache Felix Webconsole is not supported in Cloud environments.

The WebConsoleSecurityProvider2 extends the WebConsoleSecurityProvider interface allowing for full control of the authentication process to access the Web Console.
If a registered WebConsoleSecurityProvider service implements this interface the authenticate(HttpServletRequest, HttpServletResponse) method is called instead of the WebConsoleSecurityProvider.authenticate(String, String) method.

Since:

3.1.2; Web Console Bundle 3.1.4

Field Summary

Fields
Modifier and Type Field Description

static java.lang.String USER_ATTRIBUTE
Deprecated.

The name of the request attribute providing the object representing the authenticated user.

Method Summary

All Methods Instance Methods Abstract Methods Deprecated Methods
Modifier and Type	Method	Description
`boolean`	`authenticate(HttpServletRequest request, HttpServletResponse response)`	Deprecated. Authenticates the given request or asks the client for credentials.

Methods inherited from interface org.apache.felix.webconsole.WebConsoleSecurityProvider
authenticate, authorize

- Field Detail
  - USER_ATTRIBUTE
```
static final java.lang.String USER_ATTRIBUTE
```
    Deprecated.
    
    The name of the request attribute providing the object representing the authenticated user. This object is used to call the WebConsoleSecurityProvider.authorize(Object, String) to authorize access for certain roles.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - authenticate
```
boolean authenticate(HttpServletRequest request,
                     HttpServletResponse response)
```
    Deprecated.
    
    Authenticates the given request or asks the client for credentials.
    Implementations of this method are expected to respect and implement the semantics of the HttpContext.handleSecurity method as specified in the OSGi HTTP Service specification.
    If this method returns true it is assumed the request provided valid credentials identifying the user as accepted to access the web console. In addition, the USER_ATTRIBUTE request attribute must be set to a non-null object reference identifying the authenticated user.
    If this method returns false the request to the web console is terminated without any more response sent back to the client. That is the implementation is expected to have informed the client in case of non-granted access.
    
    Parameters:
    
    request - The request object
    
    response - The response object
    
    Returns:
    
    true If the request provided valid credentials.