NAME
Wombat::Authenticator::AuthenticatorBase - internal authenticator base class
SYNOPSIS
DESCRIPTION
Convenience base implementation of Wombat::Valve that enforces the security-constraint elements in the web application deployment descriptor. This functionality is implemented as a Valve so that it can be omitted in environments that do not require these features. Individual implementations of each supported authentication method can subclass this base class as required. Subclasses MUST implement authenticate() and getName().
When this class is utilized, the Application to which it is attached must have an associated Realm that can be used for authenticating users and enumerating the roles to which they have been assigned.
This Valve is only useful when processing HTTP requests. Requests of any other type will simply be passed through.
ACCESSOR METHODS
- setContainer($container)
-
Set the Application to which this Authenticator is attached.
Parameters:
Throws:
PUBLIC METHODS
- invoke ($request, $response, $context)
-
Perform request processing as required by this Valve.
Parameters
- $request
-
the Wombat::Request to be processed
- $response
-
the Wombat::Response to be created
- $context
-
the Wombat::ValveContext allowing access to the next Valve in the Pipeline being processed
Throws:
PACKAGE METHODS
- authenticate($request, $response, $config)
-
Authenticate the user making this request, based on the specified login configuration. Return true if any specified constraint has been satisfied, or false if we have created a response already.
Parameters:
- $request
-
the Wombat::HttpRequest being processed
- $response
-
the Wombat::HttpResponse being created
- $constraint
-
the Wombat::Deploy::LoginConfig describing the authentication procedure
Throws:
- checkAccess($request, $response, $constraint)
-
Perform access control based on the specified authorization constraint. Return true if this constraint was not violated and processing should continue, of false if we have created a response already.
Parameters:
- $request
-
the Wombat::HttpRequest being processed
- $response
-
the Wombat::HttpResponse being created
- $constraint
-
the Wombat::Deploy::SecurityConstraint being checked
Throws:
- checkUserData($request, $response, $constraint)
-
Enforce any user data constraint required by the security constraint guarding this request URI. Return true if this constraint was not violated and processing should continue, of false if we have created a response already.
Parameters:
- $request
-
the Wombat::HttpRequest being processed
- $response
-
the Wombat::HttpResponse being created
- $constraint
-
the Wombat::Deploy::SecurityConstraint being checked
Throws:
- findConstraint($request)
-
Return the Wombat::Deploy::SecurityConstraint configured to guard the request URI for this request, or
undefif there is no constraint.Parameters:
- getName()
-
Return a short name for this Authenticator implementation. Must be overridden by subclasses.
- register($request, $response, $principal, $authType)
-
Register an authenticated Principal and authentication tyhpe in the request and in the current session (if there is one).
Parameters:
SEE ALSO
Servlet::ServletException, Servlet::Util::Exception, Wombat::Core::Application, Wombat::Realm, Wombat::Valve::ValveBase, Wombat::ValveContext
AUTHOR
Brian Moseley, bcm@maz.org