Logs in the user by attempting to populate a WikiSession Subject from a web servlet request by examining the request for the presence of container credentials and user cookies. The processing logic is as follows:
userPrincipal
, container remoteUser
, or authentication cookie. If the user is authenticated, this method fires event {@link com.ecyrd.jspwiki.event.WikiSecurityEvent#LOGIN_AUTHENTICATED}with two parameters: a Principal representing the login principal, and the current WikiSession. In addition, if the authorizer is of type WebContainerAuthorizer, this method iterates through the container roles returned by {@link com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer#getRoles()}, tests for membership in each one, and adds those that pass to the Subject's principal set.WikiPrincipal(cookievalue)
, and the current WikiSession.WikiPrincipal(remoteAddress)
, and the current WikiSession true
(because anonymous login, at least, will always succeed)
@throws com.ecyrd.jspwiki.auth.WikiSecurityException if the user cannot be logged in for any reason
@since 2.3
|
|