class Authenticator
extends Object
Modifier and Type | Class and Description |
---|---|
private class |
Authenticator.AllAuthSpec
Allow or deny all access
|
private class |
Authenticator.AuthSpec
Holds information on a particular authorization specification
|
private class |
Authenticator.ExternalAuthSpec
Allow or deny based on an external login page
|
private class |
Authenticator.IPAuthSpec
Allow or deny based on whether requestor's IP address is in the
specified list.
|
private class |
Authenticator.IpListCache
This class is used to cache IP maps so we don't have to load the
same ones over and over.
|
private class |
Authenticator.LdapAuthSpec
Allow or deny based on looking up an entry in an LDAP database.
|
Modifier and Type | Field and Description |
---|---|
private StringCache |
authCache
Caches authorized session IDs
|
private DynaXMLConfig |
config
Configuration info
|
private Authenticator.IpListCache |
ipListCache
Caches IP maps
|
private StringCache |
loginCache
Caches nonce values for external log-ins
|
private SecureRandom |
secureRandom
Used for generating random nonce values
|
private DynaXML |
servlet
Servlet to get dependencies from
|
Constructor and Description |
---|
Authenticator(DynaXML servlet)
Construct an authorizer, initializing all the caches.
|
Modifier and Type | Method and Description |
---|---|
private boolean |
authExternal(Authenticator.ExternalAuthSpec spec,
HttpServletRequest req,
HttpServletResponse res)
Uses an external login web page to authorize user access.
|
private void |
authLdap(Authenticator.LdapAuthSpec spec,
HttpServletRequest req,
HttpServletResponse res)
Uses an LDAP server to authorize user access with a username and
password.
|
private static String |
bytesToHex(byte[] bytes)
Converts an array of bytes to the hex representation of them, two
digits per byte and no spaces.
|
boolean |
checkAuth(String ipAddr,
Vector authSpecs,
HttpServletRequest req,
HttpServletResponse res)
Based on a list of authentication specifications, checks if the
current session is allowed to access this document.
|
void |
clearCaches()
Clears all the caches used by the authenticator.
|
private boolean |
isEmpty(String s)
Utility method to check if a string is null or ""
|
Authenticator.AuthSpec |
processAuthTag(EasyNode el)
Creates an AuthSpec from an 'auth' element produced by the docReqParser
stylesheet.
|
private SecureRandom secureRandom
private Authenticator.IpListCache ipListCache
private StringCache authCache
private StringCache loginCache
private DynaXML servlet
private DynaXMLConfig config
public Authenticator(DynaXML servlet)
servlet
- Servlet whose cache we will accessprivate boolean isEmpty(String s)
public Authenticator.AuthSpec processAuthTag(EasyNode el) throws DynaXMLException
DynaXMLException
public void clearCaches()
private void authLdap(Authenticator.LdapAuthSpec spec, HttpServletRequest req, HttpServletResponse res) throws Exception
spec
- The authorization spec containing details (server to
connect to, what to look up, etc.)req
- The HTTP request (contains username and password)res
- The HTTP response (only used to re-request user auth)NoPermissionException
- If permission isn't granted, or the browser must re-validate
the password.Exception
- Communication or other miscellaneous problems.private boolean authExternal(Authenticator.ExternalAuthSpec spec, HttpServletRequest req, HttpServletResponse res) throws Exception
spec
- The authorization spec containing URL to contact.req
- The HTTP request (contains nonce when we get the return
from the authorization page).res
- The HTTP responseNoPermissionException
- If permission isn't granted.Exception
- For miscellaneous problems.public boolean checkAuth(String ipAddr, Vector authSpecs, HttpServletRequest req, HttpServletResponse res) throws Exception
ipAddr
- Real IP address of the requestorauthSpecs
- List of authentication specifications (allow/deny),
processed in order.req
- The HTTP request that was maderes
- The HTTP response being generatedNoPermissionException
- Authentication failedException
- Miscellaneous problemsprivate static String bytesToHex(byte[] bytes)
bytes
- An array of bytes to convert