org.apache.archiva.security
Class ArchivaServletAuthenticator
java.lang.Object
org.apache.archiva.security.ArchivaServletAuthenticator
- All Implemented Interfaces:
- ServletAuthenticator
@Service(value="servletAuthenticator")
public class ArchivaServletAuthenticator
- extends Object
- implements ServletAuthenticator
|
Field Summary |
private org.slf4j.Logger |
log
|
private org.apache.archiva.redback.system.SecuritySystem |
securitySystem
|
|
Method Summary |
org.apache.archiva.redback.system.SecuritySystem |
getSecuritySystem()
|
boolean |
isAuthenticated(javax.servlet.http.HttpServletRequest request,
org.apache.archiva.redback.authentication.AuthenticationResult result)
Authentication check for users. |
boolean |
isAuthorized(javax.servlet.http.HttpServletRequest request,
org.apache.archiva.redback.system.SecuritySession securitySession,
String repositoryId,
String permission)
Authorization check for valid users. |
boolean |
isAuthorized(String principal,
String repoId,
String permission)
Authorization check specific for user guest, which doesn't go through
HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
since no credentials are attached to the request. |
void |
setSecuritySystem(org.apache.archiva.redback.system.SecuritySystem securitySystem)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
log
private org.slf4j.Logger log
securitySystem
@Inject
private org.apache.archiva.redback.system.SecuritySystem securitySystem
ArchivaServletAuthenticator
public ArchivaServletAuthenticator()
isAuthenticated
public boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
org.apache.archiva.redback.authentication.AuthenticationResult result)
throws org.apache.archiva.redback.authentication.AuthenticationException,
org.apache.archiva.redback.policy.AccountLockedException,
org.apache.archiva.redback.policy.MustChangePasswordException
- Description copied from interface:
ServletAuthenticator
- Authentication check for users.
- Specified by:
isAuthenticated in interface ServletAuthenticator
- Returns:
-
- Throws:
org.apache.archiva.redback.authentication.AuthenticationException
org.apache.archiva.redback.policy.AccountLockedException
org.apache.archiva.redback.policy.MustChangePasswordException
isAuthorized
public boolean isAuthorized(javax.servlet.http.HttpServletRequest request,
org.apache.archiva.redback.system.SecuritySession securitySession,
String repositoryId,
String permission)
throws org.apache.archiva.redback.authorization.AuthorizationException,
org.apache.archiva.redback.authorization.UnauthorizedException
- Description copied from interface:
ServletAuthenticator
- Authorization check for valid users.
- Specified by:
isAuthorized in interface ServletAuthenticator
- Returns:
-
- Throws:
org.apache.archiva.redback.authorization.AuthorizationException
org.apache.archiva.redback.authorization.UnauthorizedException
isAuthorized
public boolean isAuthorized(String principal,
String repoId,
String permission)
throws org.apache.archiva.redback.authorization.UnauthorizedException
- Description copied from interface:
ServletAuthenticator
- Authorization check specific for user guest, which doesn't go through
HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
since no credentials are attached to the request.
See also MRM-911
- Specified by:
isAuthorized in interface ServletAuthenticator
- Returns:
-
- Throws:
org.apache.archiva.redback.authorization.UnauthorizedException
getSecuritySystem
public org.apache.archiva.redback.system.SecuritySystem getSecuritySystem()
setSecuritySystem
public void setSecuritySystem(org.apache.archiva.redback.system.SecuritySystem securitySystem)
Copyright © 2006-2013 The Apache Software Foundation. All Rights Reserved.