|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.sling.auth.core.AuthConstants
public final class AuthConstants
The AuthConstants
provides a collection of constants used to
configure and customize the Sling authentication infrastructure.
This class can neither be extended from nor can it be instantiated.
Field Summary | |
---|---|
static java.lang.String |
AUTH_HANDLER_BROWSER_ONLY
Service Registration property which may be set by an AuthenticationHandler service to
indicate whether its
AuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method supports non-browser requests (according to
AuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest)
or not. |
static java.lang.String |
AUTH_INFO_LOGIN
Marker property in the AuthenticationInfo object returned
by the
AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method indicating a first authentication considered to be a login. |
static java.lang.String |
PAR_J_VALIDATE
The name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN). |
static java.lang.String |
TOPIC_LOGIN
The topic for the OSGi event which is sent when a user has logged in successfully. |
static java.lang.String |
X_REASON
The name of the request header set by the #sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided
credentials cannot be used for login. |
Method Summary |
---|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String PAR_J_VALIDATE
#isValidateRequest(HttpServletRequest)
,
#sendValid(HttpServletResponse)
,
#sendInvalid(HttpServletRequest, HttpServletResponse)
,
Constant Field Valuespublic static final java.lang.String X_REASON
#sendInvalid(HttpServletRequest, HttpServletResponse)
method if the provided
credentials cannot be used for login.
This header may be inspected by clients for a reason why the request failed.
#sendInvalid(HttpServletRequest, HttpServletResponse)
,
Constant Field Valuespublic static final java.lang.String AUTH_HANDLER_BROWSER_ONLY
AuthenticationHandler
service to
indicate whether its
AuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method supports non-browser requests (according to
AuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest)
or not.
For backwards compatibility with existing
AuthenticationHandler
services the
default assumption in the absence of this property is that all requests
are supported.
If this property is set to true
or yes
(case-insensitive check) the handler is not called for requests assumed
to be sent from non-browser clients. Any other value of this property
indicates support for non-browser requests by the handler.
Note that this property only influences whether the
requestCredentials
method is called or not. The
extractCredentials
and dropCredentials
are
called regardless of this property.
public static final java.lang.String AUTH_INFO_LOGIN
AuthenticationInfo
object returned
by the
AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
method indicating a first authentication considered to be a login.
By setting this property to any non-null
value an
AuthenticationHandler
indicates,
that the TOPIC_LOGIN
event should be fired after successfully
acquiring the ResourceResolver
.
public static final java.lang.String TOPIC_LOGIN
SlingConstants.PROPERTY_USERID
and the AuthenticationInfo.AUTH_TYPE
properties.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |