org.apache.archiva.security

Class ArchivaServletAuthenticator

java.lang.Object

org.apache.archiva.security.ArchivaServletAuthenticator

All Implemented Interfaces:

ServletAuthenticator

@Service(value="servletAuthenticator")
public class ArchivaServletAuthenticator
extends Object
implements ServletAuthenticator

Constructor Summary

Constructors

Constructor and Description
ArchivaServletAuthenticator()

Method Summary

Modifier and Type	Method and Description
org.apache.archiva.redback.system.SecuritySystem	getSecuritySystem()
boolean	isAuthenticated(javax.servlet.http.HttpServletRequest request, org.apache.archiva.redback.authentication.AuthenticationResult result) Authentication check for users.
boolean	isAuthorized(javax.servlet.http.HttpServletRequest request, org.apache.archiva.redback.system.SecuritySession securitySession, String repositoryId, String permission) Authorization check for valid users.
boolean	isAuthorized(String principal, String repoId, String permission) Authorization check specific for user guest, which doesn't go through HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response ) since no credentials are attached to the request.
void	setSecuritySystem(org.apache.archiva.redback.system.SecuritySystem securitySystem)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ArchivaServletAuthenticator

public ArchivaServletAuthenticator()

Method Detail

isAuthenticated

public boolean isAuthenticated(javax.servlet.http.HttpServletRequest request,
                               org.apache.archiva.redback.authentication.AuthenticationResult result)
                        throws org.apache.archiva.redback.authentication.AuthenticationException,
                               org.apache.archiva.redback.policy.AccountLockedException,
                               org.apache.archiva.redback.policy.MustChangePasswordException

Description copied from interface: ServletAuthenticator

Authentication check for users.

Specified by:

isAuthenticated in interface ServletAuthenticator

Returns:

Throws:

org.apache.archiva.redback.authentication.AuthenticationException

org.apache.archiva.redback.policy.AccountLockedException

org.apache.archiva.redback.policy.MustChangePasswordException

isAuthorized

public boolean isAuthorized(javax.servlet.http.HttpServletRequest request,
                            org.apache.archiva.redback.system.SecuritySession securitySession,
                            String repositoryId,
                            String permission)
                     throws org.apache.archiva.redback.authorization.AuthorizationException,
                            org.apache.archiva.redback.authorization.UnauthorizedException

Description copied from interface: ServletAuthenticator

Authorization check for valid users.

Specified by:

isAuthorized in interface ServletAuthenticator

Returns:

Throws:

org.apache.archiva.redback.authorization.AuthorizationException

org.apache.archiva.redback.authorization.UnauthorizedException

isAuthorized

public boolean isAuthorized(String principal,
                            String repoId,
                            String permission)
                     throws org.apache.archiva.redback.authorization.UnauthorizedException

Description copied from interface: ServletAuthenticator

Authorization check specific for user guest, which doesn't go through HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse response ) since no credentials are attached to the request. See also MRM-911

Specified by:

isAuthorized in interface ServletAuthenticator

Returns:

Throws:

org.apache.archiva.redback.authorization.UnauthorizedException

getSecuritySystem

public org.apache.archiva.redback.system.SecuritySystem getSecuritySystem()

setSecuritySystem

public void setSecuritySystem(org.apache.archiva.redback.system.SecuritySystem securitySystem)