org.apache.cactus.client.authentication
Class FormAuthentication

java.lang.Object
  extended by org.apache.cactus.client.authentication.AbstractAuthentication
      extended by org.apache.cactus.client.authentication.FormAuthentication
All Implemented Interfaces:
Authentication

public class FormAuthentication
extends AbstractAuthentication

Form-based authentication implementation. An instance of this class can be reused across several tests as it caches the session cookie. Thus the first time it is used to authenticate the user, it calls the security URL (which is by default the context URL prepended by "j_security_check"), caches the returned session cookie and adds the cookie for the next request. The second time it is called, it simply addes the session cookie for the next request.

Since:
1.5
Version:
$Id: FormAuthentication.java 238991 2004-05-22 11:34:50Z vmassol $

Constructor Summary
FormAuthentication(java.lang.String theName, java.lang.String thePassword)
           
 
Method Summary
 void authenticate(WebRequest theRequest, Configuration theConfiguration)
          Authenticate the principal by calling the security URL.
protected  void checkAuthResponse(java.net.HttpURLConnection theConnection)
          Check if the auth step can be considered as succeeded or not.
protected  void checkPostAuthRequest(WebRequest theRequest, Configuration theConfiguration)
           
protected  void checkPreAuthResponse(java.net.HttpURLConnection theConnection)
          Check if the pre-auth step can be considered as succeeded or not.
 void configure(org.apache.commons.httpclient.HttpState theState, org.apache.commons.httpclient.HttpMethod theMethod, WebRequest theRequest, Configuration theConfiguration)
          Modifies the request so that it will carry authentication information.
protected  int getExpectedAuthResponse()
          Get the expected HTTP response status code for an authentication request which should be successful.
 java.net.URL getSecurityCheckURL(Configuration theConfiguration)
          This returns the URL to use when attempting to log in.
 WebRequest getSecurityRequest()
           
 void setExpectedAuthResponse(int theExpectedCode)
          Set the expected HTTP response status code for an authentication request which should be successful.
 void setSecurityCheckURL(java.net.URL theUrl)
          This sets the URL to use when attempting to log in.
 void setSessionCookieName(java.lang.String theName)
          Set the cookie name of the session to theName.
 
Methods inherited from class org.apache.cactus.client.authentication.AbstractAuthentication
getName, getPassword, setName, setPassword
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

FormAuthentication

public FormAuthentication(java.lang.String theName,
                          java.lang.String thePassword)
Parameters:
theName - user name of the Credential
thePassword - user password of the Credential
Method Detail

configure

public void configure(org.apache.commons.httpclient.HttpState theState,
                      org.apache.commons.httpclient.HttpMethod theMethod,
                      WebRequest theRequest,
                      Configuration theConfiguration)
Modifies the request so that it will carry authentication information.

Parameters:
theState - The HttpClient state object that can be used to ask HttpClient to set up authentication
theMethod - the HttpClient HTTP method that will be used to connect to the server side
theRequest - The request object that will be sent to the Cactus Redirector over HTTP
theConfiguration - The Cactus configuration so that authentication methods can get access to Cactus configuration properties
See Also:
Authentication.configure(org.apache.commons.httpclient.HttpState, org.apache.commons.httpclient.HttpMethod, org.apache.cactus.WebRequest, org.apache.cactus.internal.configuration.Configuration)

getSecurityRequest

public WebRequest getSecurityRequest()
Returns:
the WebRequest that will be used to connect to the security URL. It can be used to add additional HTTP parameters such as proprietary ones required by some containers.

setSecurityCheckURL

public void setSecurityCheckURL(java.net.URL theUrl)
This sets the URL to use when attempting to log in. This method is used if for whatever reason the default URL is incorrect.

Parameters:
theUrl - A URL to use to attempt to login.

getSecurityCheckURL

public java.net.URL getSecurityCheckURL(Configuration theConfiguration)
This returns the URL to use when attempting to log in. By default, it's the context URL defined in the Cactus configuration with "/j_security_check" appended.

Parameters:
theConfiguration - the Cactus configuration
Returns:
the URL that is being used to attempt to login.

setSessionCookieName

public void setSessionCookieName(java.lang.String theName)
Set the cookie name of the session to theName. If theName is null, the change request will be ignored. The default is "JSESSIONID".

Parameters:
theName - the cookie name of the session

getExpectedAuthResponse

protected int getExpectedAuthResponse()
Get the expected HTTP response status code for an authentication request which should be successful.

Returns:
the expected HTTP response status code

setExpectedAuthResponse

public void setExpectedAuthResponse(int theExpectedCode)
Set the expected HTTP response status code for an authentication request which should be successful. The default is HttpURLConnection.HTTP_MOVED_TEMP.

Parameters:
theExpectedCode - the expected HTTP response status code value

checkPreAuthResponse

protected void checkPreAuthResponse(java.net.HttpURLConnection theConnection)
                             throws java.lang.Exception
Check if the pre-auth step can be considered as succeeded or not. As default, the step considered as succeeded if the response status code of theConnection is less than 400.

Parameters:
theConnection - a HttpURLConnection value
Throws:
java.lang.Exception - if the pre-auth step should be considered as failed

checkPostAuthRequest

protected void checkPostAuthRequest(WebRequest theRequest,
                                    Configuration theConfiguration)
                             throws java.lang.Exception
Parameters:
theRequest - a WebRequest value
theConfiguration - a Configuration value
Throws:
java.lang.Exception - if the post-auth request results response other than 200 (OK).

checkAuthResponse

protected void checkAuthResponse(java.net.HttpURLConnection theConnection)
                          throws java.lang.Exception
Check if the auth step can be considered as succeeded or not. As default, the step considered as succeeded if the response status code of theConnection equals getExpectedAuthResponse().

Parameters:
theConnection - a HttpURLConnection value
Throws:
java.lang.Exception - if the auth step should be considered as failed

authenticate

public void authenticate(WebRequest theRequest,
                         Configuration theConfiguration)
Authenticate the principal by calling the security URL.

Parameters:
theRequest - the web request used to connect to the Redirector
theConfiguration - the Cactus configuration


Copyright © 2001-2009 The Apache Software Foundation. All Rights Reserved.