@Version("1.2.3")
Package org.apache.sling.auth.core.spi
Provides API to be implemented by provides of authentication
mechanisms. The most important interface (and service definition) is
the
AuthenticationHandler
interface with the
AbstractAuthenticationHandler
being an abstract base implementation from which concrete
implementations may inherit.-
Interface Summary Interface Description AuthenticationFeedbackHandler TheAuthenticationFeedbackHandler
may be implemented byAuthenticationHandler
services to request being informed on the success or failure of authentication.AuthenticationHandler TheAuthenticationHandler
interface defines the service API used by the authentication implementation to support plugin various ways of extracting credentials from the request.AuthenticationInfoPostProcessor Service interface which allows bundles to modify theAuthenticationInfo
object right after oneAuthenticationHandler
has returned an {AuthenticationInfo
from theAuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse)
method or an anonymousAuthenticationInfo
has been created. -
Class Summary Class Description AbstractAuthenticationFormServlet TheAbstractAuthenticationFormServlet
provides a basic implementation of a simple servlet to render a login form for authentication purposes.AbstractAuthenticationHandler Deprecated. since Bundle 1.0.8;AuthenticationHandler
implementations should extendDefaultAuthenticationFeedbackHandler
directly and use the utility methods in theAuthUtil
class.AuthenticationInfo TheAuthenticationInfo
conveys any authentication credentials and/or details extracted by theAuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method from the request.DefaultAuthenticationFeedbackHandler -
Enum Summary Enum Description AuthenticationHandler.FAILURE_REASON_CODES This enum indicates the supported detailed login failure reason codes:invalid_login
: indicates username/password mismatch.password_expired
: indicates password has expired or was never set and change initial password is enabledaccount_locked
: the account was disabled or lockedaccount_not_found
: the account was not found (not the same as username password mismatch)expired_token
: the token credentials used have expired