Package org.wildfly.security.mechanism.http

Class UsernamePasswordAuthenticationMechanism

java.lang.Object

org.wildfly.security.mechanism.http.UsernamePasswordAuthenticationMechanism

All Implemented Interfaces:

HttpServerAuthenticationMechanism

public abstract class UsernamePasswordAuthenticationMechanism
extends Object
implements HttpServerAuthenticationMechanism

A base class for HTTP mechanisms that operate on validation of plain text usernames and passwords.

Author:

Darran Lofthouse

Field Summary

Fields

Modifier and Type	Field	Description
protected final CallbackHandler	callbackHandler

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	UsernamePasswordAuthenticationMechanism(CallbackHandler callbackHandler)	Constructs a new UsernamePasswordAuthenticationMechanism instance.

Method Summary

Modifier and Type	Method	Description
protected boolean	authenticate(String realmName, String username, char[] password)	Authenticates the user for provided realm using their username and password.
protected boolean	authorize(String username)	Checks if the user is authorized.
protected void	fail()	Sends the information to the callbackHandler that the authorization failed.
protected void	succeed()	Sends the information to the callbackHandler that the authorization succeeded.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.wildfly.security.http.HttpServerAuthenticationMechanism

dispose, evaluateRequest, getMechanismName, getNegotiatedProperty, getNegotiationProperty

Field Details

callbackHandler

protected final CallbackHandler callbackHandler

Constructor Details

UsernamePasswordAuthenticationMechanism

protected UsernamePasswordAuthenticationMechanism(CallbackHandler callbackHandler)

Constructs a new UsernamePasswordAuthenticationMechanism instance.

Parameters:

callbackHandler - the CallbackHandler used for authentication.

Method Details

authenticate

protected boolean authenticate(String realmName,
 String username,
 char[] password)
                        throws HttpAuthenticationException

Authenticates the user for provided realm using their username and password.

Parameters:

realmName - the realm for which the user is authenticating.

username - the username of the authenticating user.

password - the password of the authenticating user.

Returns:

true if the user is authenticated for the realm, false otherwise.

Throws:

HttpAuthenticationException - if there was an IOException caused by the CallbackHandler.

authorize

protected boolean authorize(String username)
                     throws HttpAuthenticationException

Checks if the user is authorized.

Parameters:

username - the username to authorize.

Returns:

true if the user is authorized, false otherwise.

Throws:

HttpAuthenticationException - if there was an IOException caused by the CallbackHandler.

succeed

protected void succeed()
                throws IOException,
UnsupportedCallbackException

Sends the information to the callbackHandler that the authorization succeeded.

Throws:

IOException - if an input or output error occurs.

UnsupportedCallbackException - if the implementation of callbackHandler does not support the specified Callback type.

fail

protected void fail()
             throws IOException,
UnsupportedCallbackException

Sends the information to the callbackHandler that the authorization failed.

Throws:

IOException - if an input or output error occurs.

UnsupportedCallbackException - if the implementation of callbackHandler does not support the specified Callback type.