NAME

Wombat::Authenticator::AuthenticatorBase - internal authenticator base class

SYNOPSIS

DESCRIPTION

Convenience base implementation of Wombat::Valve that enforces the security-constraint elements in the web application deployment descriptor. This functionality is implemented as a Valve so that it can be omitted in environments that do not require these features. Individual implementations of each supported authentication method can subclass this base class as required. Subclasses MUST implement authenticate() and getName().

When this class is utilized, the Application to which it is attached must have an associated Realm that can be used for authenticating users and enumerating the roles to which they have been assigned.

This Valve is only useful when processing HTTP requests. Requests of any other type will simply be passed through.

ACCESSOR METHODS

setContainer($container)

Set the Application to which this Authenticator is attached.

Parameters:

$container

the Wombat::Core::Application to which this Authenticator is attached

Throws:

Servlet::Util::IllegalArgumentException

if the Container is not Wombat::Core::Application

PUBLIC METHODS

invoke ($request, $response, $context)

Perform request processing as required by this Valve.

Parameters

$request

the Wombat::Request to be processed

$response

the Wombat::Response to be created

$context

the Wombat::ValveContext allowing access to the next Valve in the Pipeline being processed

Throws:

Servlet::ServletException

if a servlet error occurs or is thrown by a subsequently invoked Valve, Filter or Servlet

Servlet::Util::IOException

if an input or output error occurs

PACKAGE METHODS

authenticate($request, $response, $config)

Authenticate the user making this request, based on the specified login configuration. Return true if any specified constraint has been satisfied, or false if we have created a response already.

Parameters:

$request

the Wombat::HttpRequest being processed

$response

the Wombat::HttpResponse being created

$constraint

the Wombat::Deploy::LoginConfig describing the authentication procedure

Throws:

Servlet::Util::IOException

if an input or output error occurs

checkAccess($request, $response, $constraint)

Perform access control based on the specified authorization constraint. Return true if this constraint was not violated and processing should continue, of false if we have created a response already.

Parameters:

$request

the Wombat::HttpRequest being processed

$response

the Wombat::HttpResponse being created

$constraint

the Wombat::Deploy::SecurityConstraint being checked

Throws:

Servlet::Util::IOException

if an input or output error occurs

checkUserData($request, $response, $constraint)

Enforce any user data constraint required by the security constraint guarding this request URI. Return true if this constraint was not violated and processing should continue, of false if we have created a response already.

Parameters:

$request

the Wombat::HttpRequest being processed

$response

the Wombat::HttpResponse being created

$constraint

the Wombat::Deploy::SecurityConstraint being checked

Throws:

Servlet::Util::IOException

if an input or output error occurs

findConstraint($request)

Return the Wombat::Deploy::SecurityConstraint configured to guard the request URI for this request, or undef if there is no constraint.

Parameters:

$request

the Wombat::HttpRequest being processed

getName()

Return a short name for this Authenticator implementation. Must be overridden by subclasses.

register($request, $response, $principal, $authType)

Register an authenticated Principal and authentication tyhpe in the request and in the current session (if there is one).

Parameters:

$request

the Wombat::HttpRequest being processed

$response

the Wombat::HttpResponse being created

$principal

the authenticated Servlet::Util::Principal to be registered

$uathType

the authentication type to be registered

SEE ALSO

Servlet::ServletException, Servlet::Util::Exception, Wombat::Core::Application, Wombat::Realm, Wombat::Valve::ValveBase, Wombat::ValveContext

AUTHOR

Brian Moseley, bcm@maz.org