com.uwyn.rife.authentication.elements
Class Authenticated

java.lang.Object
  com.uwyn.rife.engine.ElementSupport
      com.uwyn.rife.engine.Element
          com.uwyn.rife.authentication.elements.Identified
              com.uwyn.rife.authentication.elements.Authenticated

All Implemented Interfaces:

SessionAttributes, ContinuableObject, ElementAware, Cloneable

Direct Known Subclasses:

RoleUserAuthenticated

public abstract class Authenticated
extends Identified
implements SessionAttributes

Requires that the user have a valid authentication session before access to a child element is allowed. This class contains the logic for restoring remembered sessions and displaying a template (typically a login form) if the user is not authenticated.

The following properties may be set:

enforce_authenticated (default = true)

Controls whether access to child elements is allowed for users who don't have valid authentication sessions. If this property is false, a user with no authentication session is allowed to access the child element, but there is no user identity information available.

The child element implementation may distinguish an anonymous user from an authenticated one by calling {@link #getRequestAttribute(String) getRequestAttribute(Identified.IDENTITY_ATTRIBUTE_NAME)}.

This is similar to using an {@link Identified} element, but expired sessions will automatically be recreated if the user has the appropriate "remember me" cookie set and "remember me" is enabled.

To customize the behavior of the authentication, it's the easiest to override one of the hook methods.

Since:

1.6

Version:

$Revision: 3654 $

Author:

Steven Grimm (koreth[remove] at midwinter dot com), Geert Bevin (gbevin[remove] at uwyn dot com)

Field Summary

protected String

mTemplateName

Fields inherited from class com.uwyn.rife.authentication.elements.Identified

IDENTITY_ATTRIBUTE_NAME

Constructor Summary

protected

Authenticated()

Method Summary

protected void	acceptedCredentials(Credentials credentials) Hook method that is called when valid credentials have been accepted by the CredentialsManager that backs this authentication element.
protected void	authenticated(long userId) Hook method that is called after a new authentication session has been successfully created.
boolean	childTriggered(String name, String[] values) Called by the engine when a child trigger occurs, this method should never be called explicitly.
static String	createAuthenticationRequestAttributeName(ElementInfo elementInfo, String name, String value) Creates a name for the current authentication context that can be used to cache the authentication process' result as a request attribute.
protected void	entrance(Template template) Hook method that is called after the template instance has been instantiated.
ElementInfo	getAuthElement() Returns the ElementInfo of this authentication element.
String	getAuthenticatedElementId() Returns the ID of this authentication element.
Class<? extends Credentials>	getCredentialsClass() Returns the class that is used for handling the credentials.
SessionValidator	getSessionValidator() Returns the class that is used for handling the credentials.
protected void	initializeAuthentication() Hook method that is called at the start of the element's execution.
void	processElement() The default entry point that will be called when a request arrives.
protected void	refusedCredentials(Template template, Credentials credentials) Hook method that is called when valid credentials have been rejected by the CredentialsManager that backs this authentication element.
protected void	sessionCreationError(Template template, Credentials credentials) Hook method that is called when the SessionManager couldn't create a new authentication session of valid and accepted credentials.
protected void	sessionNotValid(String childTriggerName, String[] childTriggerValues, int validityId) Hook method that is called when the SessionValidator doesn't accept the authentication ID that a user provides after having been logged in.
protected void	setTemplateName(String name) Allows a custom template name to be set.
protected void	unvalidatedCredentials(Template template, Credentials credentials) Hook method that is called on login form submission when validation of the credentials produces validation errors.
protected void	validatedCredentials(Credentials credentials) Hook method that is called on login form submission when the credentials are validated without errors

Methods inherited from class com.uwyn.rife.authentication.elements.Identified

getAuthElementId, getIdentity, setIdentityAttribute

Methods inherited from class com.uwyn.rife.engine.Element

clone, noticeElement

Methods inherited from class com.uwyn.rife.engine.ElementSupport

addDateHeader, addHeader, addIntHeader, addOutputValue, addOutputValue, addOutputValue, addOutputValue, addOutputValue, addOutputValue, addOutputValue, addOutputValue, addOutputValue, addOutputValues, answer, answer, call, child, clearBuffer, clearNamedOutputBean, clearOutput, clearOutputBean, clearOutputBean, cloneContinuations, containsHeader, defer, duringStepBack, enableTextBuffer, encodeHtml, encodeXml, evaluateExpressionRoleUserTags, exit, fillSubmissionBean, fillSubmissionBean, fillSubmissionBean, fillSubmissionBean, flush, forward, generateEmptyForm, generateEmptyForm, generateForm, generateForm, getContentType, getContinuationId, getCookie, getCookieValue, getCookieValue, getCookieValueBoolean, getCookieValueBoolean, getCookieValueDouble, getCookieValueDouble, getCookieValueFloat, getCookieValueFloat, getCookieValueInt, getCookieValueInt, getCookieValueLong, getCookieValueLong, getCookieValues, getDateHeader, getDeclarationName, getDeployer, getDeploymentClass, getElementContext, getElementInfo, getEmbedData, getEmbedDifferentiator, getEmbeddingElement, getEmbeddingTemplate, getEmbedProperties, getEmbedValue, getExitFormParameters, getExitFormParameters, getExitFormParametersJavascript, getExitFormUrl, getExitFormUrl, getExitQueryUrl, getExitQueryUrl, getExitQueryUrl, getExitQueryUrl, getHeader, getHeaderNames, getHeaders, getHtmlTemplate, getHtmlTemplate, getHtmlTemplate, getHtmlTemplate, getHtmlTemplate, getHttpServletRequest, getHttpServletResponse, getInitConfig, getInput, getInput, getInputBean, getInputBean, getInputBoolean, getInputBoolean, getInputDate, getInputDate, getInputDouble, getInputDouble, getInputFloat, getInputFloat, getInputInt, getInputInt, getInputLong, getInputLong, getInputSerializable, getInputSerializable, getInputValues, getIntHeader, getMethod, getNamedInputBean, getNamedSubmissionBean, getNamedSubmissionBean, getOutput, getOutputStream, getParameter, getParameter, getParameterBoolean, getParameterBoolean, getParameterDouble, getParameterDouble, getParameterDoubleValues, getParameterFloat, getParameterFloat, getParameterFloatValues, getParameterInt, getParameterInt, getParameterIntValues, getParameterLong, getParameterLong, getParameterLongValues, getParameterNames, getParameterNames, getParameterValues, getPathInfo, getProperty, getProperty, getPropertyString, getPropertyString, getPropertyTyped, getPropertyTyped, getProtocol, getRemoteAddr, getRemoteHost, getRemoteUser, getRequestAttribute, getRequestAttributeNames, getRequestCharacterEncoding, getRequestLocale, getRequestLocales, getResponseCharacterEncoding, getResponseLocale, getScheme, getServerName, getServerPort, getServerRootUrl, getServletContext, getSite, getSourceName, getSubmission, getSubmissionBean, getSubmissionBean, getSubmissionBean, getSubmissionBean, getSubmissionFormParameters, getSubmissionFormParameters, getSubmissionFormParametersJavascript, getSubmissionFormUrl, getSubmissionFormUrl, getSubmissionQueryUrl, getSubmissionQueryUrl, getSubmissionQueryUrl, getSubmissionQueryUrl, getTarget, getTxtTemplate, getTxtTemplate, getTxtTemplate, getTxtTemplate, getTxtTemplate, getUploadedFile, getUploadedFileNames, getUploadedFileNames, getUploadedFiles, getWebappRootUrl, getXhtmlTemplate, getXhtmlTemplate, getXhtmlTemplate, getXhtmlTemplate, getXhtmlTemplate, getXmlTemplate, getXmlTemplate, getXmlTemplate, getXmlTemplate, getXmlTemplate, hasCookie, hasEmbedData, hasEmbedValue, hasInputValue, hasParameterValue, hasProperty, hasRequestAttribute, hasSubmission, hasSubmission, hasUploadedFile, initialize, isEmbedded, isFileEmpty, isInputEmpty, isParameterEmpty, isPropertyEmpty, isSecure, isTextBufferEnabled, pause, preventCaching, print, print, processEmbeddedElement, processEmbeddedElement, processEmbeddedElement, processEmbeddedElement, processTemplate, prohibitRawAccess, redirect, removeForm, removeForm, removeRequestAttribute, selectInputParameter, selectParameter, selectSubmissionParameter, selectSubmissionParameter, sendError, sendError, sendRedirect, setChildTrigger, setCloneContinuations, setContentLength, setContentType, setCookie, setDateHeader, setDeploymentClass, setElementContext, setExitForm, setExitForm, setExitForm, setExitForm, setExitQuery, setExitQuery, setExitQuery, setExitQuery, setHeader, setInitializer, setIntHeader, setNamedOutputBean, setOutput, setOutput, setOutput, setOutput, setOutput, setOutput, setOutput, setOutput, setOutput, setOutput, setOutputBean, setOutputBean, setProhibitRawAccess, setRequestAttribute, setResponseLocale, setStatus, setSubmissionBean, setSubmissionBean, setSubmissionForm, setSubmissionForm, setSubmissionForm, setSubmissionForm, setSubmissionQuery, setSubmissionQuery, setSubmissionQuery, setSubmissionQuery, stepBack

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.uwyn.rife.authentication.SessionAttributes

getAttribute, hasAttribute

Field Detail

mTemplateName

protected String mTemplateName

Constructor Detail

Authenticated

protected Authenticated()

Method Detail

getAuthenticatedElementId

public String getAuthenticatedElementId()

Returns the ID of this authentication element.

Returns:

this authentication element's ID

Since:

1.0

getAuthElement

public ElementInfo getAuthElement()

Returns the ElementInfo of this authentication element.

Overrides:

getAuthElement in class Identified

Returns:

this authentication element's ElementInfo

Since:

1.0

getCredentialsClass

public Class<? extends Credentials> getCredentialsClass()

Returns the class that is used for handling the credentials.

Returns:

this credentials' class

Since:

1.0

getSessionValidator

public SessionValidator getSessionValidator()

Returns the class that is used for handling the credentials.

Returns:

the credentials' class

Since:

1.0

setTemplateName

protected void setTemplateName(String name)

Allows a custom template name to be set.

This method is typically called during the implementation of method hooks to change the template that will be used by this authentication element.

Parameters:

name - the name of the template

Since:

1.0

initializeAuthentication

protected void initializeAuthentication()

Hook method that is called at the start of the element's execution.

Since:

1.0

entrance

protected void entrance(Template template)

Hook method that is called after the template instance has been instantiated.

Parameters:

template - the template instance that has been instantiated

Since:

1.0

unvalidatedCredentials

protected void unvalidatedCredentials(Template template,
                                      Credentials credentials)

Hook method that is called on login form submission when validation of the credentials produces validation errors.

Parameters:

template - this authentication element's template

credentials - the credentials object that was invalid

Since:

1.0

validatedCredentials

protected void validatedCredentials(Credentials credentials)

Hook method that is called on login form submission when the credentials are validated without errors

Parameters:

credentials - the credentials object that was valid

Since:

1.0

acceptedCredentials

protected void acceptedCredentials(Credentials credentials)

Hook method that is called when valid credentials have been accepted by the CredentialsManager that backs this authentication element.

Parameters:

credentials - the credentials object that was accepted

Since:

1.0

authenticated

protected void authenticated(long userId)

Hook method that is called after a new authentication session has been successfully created.

Parameters:

userId - the user ID of the user that was successfully authenticated

Since:

1.0

refusedCredentials

protected void refusedCredentials(Template template,
                                  Credentials credentials)

Hook method that is called when valid credentials have been rejected by the CredentialsManager that backs this authentication element.

This can for example happen when the password is not correct.

Note that there is already a default implementation of this hook method that simply adds a validation error to the credentials object. If you want to preserve this when you implement your own hook method, you need to call the super class's method in your implementation.

Parameters:

template - this authentication element's template

credentials - the credentials object that was rejected

Since:

1.0

sessionCreationError

protected void sessionCreationError(Template template,
                                    Credentials credentials)

Hook method that is called when the SessionManager couldn't create a new authentication session of valid and accepted credentials.

Note that there is already a default implementation of this hook method that simply adds a validation error to the credentials object. If you want to preserve this when you implement your own hook method, you need to call the super class's method in your implementation.

Parameters:

template - this authentication element's template

credentials - the credentials object that was used when creating the authentication session

Since:

1.0

sessionNotValid

protected void sessionNotValid(String childTriggerName,
                               String[] childTriggerValues,
                               int validityId)

Hook method that is called when the SessionValidator doesn't accept the authentication ID that a user provides after having been logged in.

This can happen for example happen when the maximum duration has expired, when the authentication ID has been tampered with, or when the authentication ID isn't known anymore by the backing store.

Parameters:

childTriggerName - the name of the child trigger that contains the authentication ID

childTriggerValues - the values of the child trigger with the authentication ID

validityId - a number that indicates the validation state of the session, as used by the SessionValidator, more information can be found here: SessionValidator.validateSession(java.lang.String, java.lang.String, com.uwyn.rife.authentication.SessionAttributes)

Since:

1.0

processElement

public void processElement()

Description copied from interface: ElementAware

The default entry point that will be called when a request arrives.

Specified by:

processElement in interface ElementAware

Overrides:

processElement in class Identified

childTriggered

public boolean childTriggered(String name,
                              String[] values)

Description copied from class: ElementSupport

Called by the engine when a child trigger occurs, this method should never be called explicitly.

The default implementation executes the ElementChildTrigger that has been registered with ElementSupport.setChildTrigger(com.uwyn.rife.engine.ElementChildTrigger).

Overrides:

childTriggered in class Identified

Parameters:

name - the name of the variable that initiated the child trigger

values - the values of the variable that initiated the child trigger

Returns:

true if the execution should be interrupted and step down the inheritance stack (ie. when the activation of the child has been triggered); or

false if the execution should just continue

See Also:

ElementSupport.setChildTrigger(ElementChildTrigger)

createAuthenticationRequestAttributeName

public static String createAuthenticationRequestAttributeName(ElementInfo elementInfo,
                                                              String name,
                                                              String value)
                                                       throws EngineException

Creates a name for the current authentication context that can be used to cache the authentication process' result as a request attribute. This name is built from the authentication element's ID, the name of the authentication var and its value.

Parameters:

elementInfo - the authentication element information

name - the name of the authentication variable

value - the value of the authentication variable

Returns:

the created name

Throws:

EngineException

Since:

1.5