List of handleSecurity() Examples

Examples of handleSecurity()

org.apache.sling.auth.core.AuthenticationSupport.handleSecurity()
Handles security on behalf of a custom OSGi Http Service HttpContext instance extracting credentials from the request using any registered {@link org.apache.sling.auth.core.spi.AuthenticationHandler} services.If the credentials can be extracted and used to log into the JCR repository this method sets the request attributes required by the OSGi Http Service specification plus the {@link #REQUEST_ATTRIBUTE_RESOLVER}attribute. @param request The HTTP request to be authenticated @param response The HTTP response to send any response to in case ofproblems. @return true if authentication succeeded and the requestattributes are set. If false is returned the request is immediately terminated and no request attributes are set.
org.osgi.service.http.HttpContext.handleSecurity()
etf.org/rfc/rfc2617.txt).
If the request requires a secure connection and the {@code getScheme}method in the request does not return 'https' or some other acceptable secure protocol, then this method should set the status in the response object to Forbidden(403) and return {@code false}.
When this method returns {@code false}, the Http Service will send the response back to the client, thereby completing the request. When this method returns {@code true}, the Http Service will proceed with servicing the request.
If the specified request has been authenticated, this method must set the {@link #AUTHENTICATION_TYPE} request attribute to the type ofauthentication used, and the {@link #REMOTE_USER} request attribute tothe remote user (request attributes are set using the {@code setAttribute} method on the request). If this method does notperform any authentication, it must not set these attributes.
If the authenticated user is also authorized to access certain resources, this method must set the {@link #AUTHORIZATION} request attribute to the{@code Authorization} object obtained from the{@code org.osgi.service.useradmin.UserAdmin} service.
The servlet responsible for servicing the specified request determines the authentication type and remote user by calling the {@code getAuthType} and {@code getRemoteUser} methods, respectively, onthe request. @param request the HTTP request @param response the HTTP response @return {@code true} if the request should be serviced, {@code false} ifthe request should not be serviced and Http Service will send the response back to the client. @throws java.io.IOException may be thrown by this method. If this occurs,the Http Service will terminate the request and close the socket.

Examples of org.apache.sling.auth.core.AuthenticationSupport.handleSecurity()


            final String wsp = getWorkspace(request.getPathInfo());
            if (wsp != null) {
                request.setAttribute("j_workspace", wsp);
            }
            return localAuthenticator.handleSecurity(request, response);
        }
        // send 503/SERVICE UNAVAILABLE, flush to ensure delivery
        response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
        response.flushBuffer();

View Full Code Here

Examples of org.apache.sling.auth.core.AuthenticationSupport.handleSecurity()


            // SLING-559: ensure correct parameter handling according to
            // ParameterSupport
            request = ParameterSupport.getParameterSupportRequestWrapper(request);


            return authenticator.handleSecurity(request, response);


        }


        log.error("handleSecurity: AuthenticationSupport service missing. Cannot authenticate request.");
        log.error("handleSecurity: Possible reason is missing Repository service. Check AuthenticationSupport dependencies.");

View Full Code Here

Examples of org.apache.sling.auth.core.AuthenticationSupport.handleSecurity()


    public boolean handleSecurity(final HttpServletRequest request, final HttpServletResponse response)
            throws IOException {
        final AuthenticationSupport localAuthenticator = this.authenticator;
        if (localAuthenticator != null) {
            final boolean authResult = localAuthenticator.handleSecurity(request, response);
            if (authResult) {
                if (this.allowedUserIds.size() == 0) {
                    return true;
                } else {
                    final String userId = (String) request.getAttribute(HttpContext.REMOTE_USER);

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

                return;
            }


            // Perform a security check before dispatching the request.
            HttpContext httpContext = registration.getHttpContext();
            if (!httpContext.handleSecurity(request, response)) {
                return;
            }


            // It is possible that in the time between getting the registration
            // and invoking it that the bundle that registered it has been

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

                HttpServletResponse resp = (HttpServletResponse) invocation.getArguments()[1];
                resp.setStatus(HttpServletResponse.SC_OK);
                return null;
            }
        }).when(servlet).service(request, response);
        when(context.handleSecurity(request, response)).thenReturn(true);
        when(request.getPathInfo()).thenReturn("/a/b/c");


        dispatcher.register(registration);
        dispatcher.service(request, response);

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

        ServletDispatcher dispatcher = new ServletDispatcher();
        Servlet servlet = mock(Servlet.class);
        HttpContext context = mock(HttpContext.class);
        ServletRegistration registration = new ServletRegistration("/a/b", servlet, context);


        when(context.handleSecurity(request, response)).thenAnswer(new Answer()
        {
            public Boolean answer(InvocationOnMock invocation)
            {
                HttpServletResponse resp = (HttpServletResponse) invocation.getArguments()[1];
                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

                HttpServletResponse resp = (HttpServletResponse) invocation.getArguments()[1];
                resp.setStatus(HttpServletResponse.SC_OK);
                return null;
            }
        }).when(servlet).service(request, response);
        when(context.handleSecurity(request, response)).thenReturn(true);
        when(request.getPathInfo()).thenReturn("/a/b/c");


        dispatcher.register(registration);
        dispatcher.service(request, response);

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

        Servlet servlet = mock(Servlet.class);
        HttpContext context = mock(HttpContext.class);
        ServletRegistration registration = new ServletRegistration("/a/b", servlet, context);


        doThrow(new NullPointerException()).when(servlet).service(request, response);
        when(context.handleSecurity(request, response)).thenReturn(true);
        when(request.getPathInfo()).thenReturn("/a/b/c");


        dispatcher.register(registration);
        dispatcher.service(request, response);

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

        Servlet servlet = mock(Servlet.class);
        HttpContext context = mock(HttpContext.class);
        ServletRegistration registration = new ServletRegistration("/a/b", servlet, context);


        doThrow(new ServletException()).when(servlet).service(request, response);
        when(context.handleSecurity(request, response)).thenReturn(true);
        when(request.getPathInfo()).thenReturn("/a/b/c");


        dispatcher.register(registration);
        try
        {

View Full Code Here

Examples of org.osgi.service.http.HttpContext.handleSecurity()

                HttpServletResponse resp = (HttpServletResponse) invocation.getArguments()[1];
                resp.setStatus(HttpServletResponse.SC_OK);
                return null;
            }
        }).when(servlet).service(request, response);
        when(context.handleSecurity(request, response)).thenReturn(true);
        when(request.getPathInfo()).thenReturn("/a/b/c");


        dispatcher.register(registration);
        dispatcher.service(request, response);

View Full Code Here

0 1

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.