org.apache.sling.auth.core.spi
Class AbstractAuthenticationFormServlet

java.lang.Object
  extended by javax.servlet.GenericServlet
      extended by javax.servlet.http.HttpServlet
          extended by org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
All Implemented Interfaces:
java.io.Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

public abstract class AbstractAuthenticationFormServlet
extends javax.servlet.http.HttpServlet

The AbstractAuthenticationFormServlet provides a basic implementation of a simple servlet to render a login form for authentication purposes.

See Also:
Serialized Form

Field Summary
static java.lang.String CUSTOM_FORM_PATH
          The path to the custom login form.
static java.lang.String DEFAULT_FORM_PATH
          The path to the default login form.
 
Constructor Summary
AbstractAuthenticationFormServlet()
           
 
Method Summary
protected  void doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Prepares and returns the login form.
protected  void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Prepares and returns the login form.
protected  java.lang.String getContextPath(javax.servlet.http.HttpServletRequest request)
          Returns the context path for the authentication form request.
protected  java.lang.String getCustomFormPath()
          Returns the path to the custom login form to load through the class loader of this instance using Class.getResourceAsStream.
protected  java.lang.String getDefaultFormPath()
          Returns the path to the default login form to load through the class loader of this instance using Class.getResourceAsStream.
protected  java.lang.String getForm(javax.servlet.http.HttpServletRequest request)
          Returns the form to be sent back to the client for login providing an optional informational message and the optional target to redirect to after successfully logging in.
protected abstract  java.lang.String getReason(javax.servlet.http.HttpServletRequest request)
          Returns an informational message according to the value provided in the j_reason request parameter.
protected  java.lang.String getResource(javax.servlet.http.HttpServletRequest request)
          Returns the path to the resource to which the request should be redirected after successfully completing the form or an empty string if there is no resource request parameter.
 
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
 
Methods inherited from class javax.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, init, log, log
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_FORM_PATH

public static final java.lang.String DEFAULT_FORM_PATH
The path to the default login form.

See Also:
getDefaultFormPath(), Constant Field Values

CUSTOM_FORM_PATH

public static final java.lang.String CUSTOM_FORM_PATH
The path to the custom login form.

See Also:
getCustomFormPath(), Constant Field Values
Constructor Detail

AbstractAuthenticationFormServlet

public AbstractAuthenticationFormServlet()
Method Detail

doGet

protected void doGet(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response)
              throws java.io.IOException
Prepares and returns the login form. The response is sent as an UTF-8 encoded text/html page with all known cache control headers set to prevent all caching.

This servlet is to be called to handle the request directly, that is it expected to not be included and for the response to not be committed yet because it first resets the response.

Overrides:
doGet in class javax.servlet.http.HttpServlet
Throws:
java.io.IOException - if an error occurs preparing or sending back the login form
java.lang.IllegalStateException - if the response has already been committed and thus response reset is not possible.

doPost

protected void doPost(javax.servlet.http.HttpServletRequest request,
                      javax.servlet.http.HttpServletResponse response)
               throws java.io.IOException
Prepares and returns the login form. The response is sent as an UTF-8 encoded text/html page with all known cache control headers set to prevent all caching.

This servlet is to be called to handle the request directly, that is it expected to not be included and for the response to not be committed yet because it first resets the response.

Overrides:
doPost in class javax.servlet.http.HttpServlet
Throws:
java.io.IOException - if an error occurs preparing or sending back the login form
java.lang.IllegalStateException - if the response has already been committed and thus response reset is not possible.

getForm

protected java.lang.String getForm(javax.servlet.http.HttpServletRequest request)
                            throws java.io.IOException
Returns the form to be sent back to the client for login providing an optional informational message and the optional target to redirect to after successfully logging in.

Parameters:
request - The request providing parameters indicating the informational message and redirection target.
Returns:
The login form to be returned to the client
Throws:
java.io.IOException - If the login form cannot be loaded

getResource

protected java.lang.String getResource(javax.servlet.http.HttpServletRequest request)
Returns the path to the resource to which the request should be redirected after successfully completing the form or an empty string if there is no resource request parameter.

Parameters:
request - The request providing the resource parameter.
Returns:
The target to redirect after successfully login or an empty string if no specific target has been requested.

getReason

protected abstract java.lang.String getReason(javax.servlet.http.HttpServletRequest request)
Returns an informational message according to the value provided in the j_reason request parameter. Supported reasons are invalid credentials and session timeout.

Parameters:
request - The request providing the parameter
Returns:
The "translated" reason to render the login form or an empty string if there is no specific reason

getContextPath

protected java.lang.String getContextPath(javax.servlet.http.HttpServletRequest request)
Returns the context path for the authentication form request. This path is the path to the authenticated resource as returned by getResource(HttpServletRequest) (without the optional query string which may be contained in the resource path). If getResource(HttpServletRequest) return an empty string, the servlet context path is used.

Parameters:
request - The request
Returns:
The context path for the form action consisting of the resource to which the user is to authenticate.

getDefaultFormPath

protected java.lang.String getDefaultFormPath()
Returns the path to the default login form to load through the class loader of this instance using Class.getResourceAsStream.

The default form is used intended to be included with the bundle implementing this abstract class.

This method returns DEFAULT_FORM_PATH and may be overwritten by implementations.


getCustomFormPath

protected java.lang.String getCustomFormPath()
Returns the path to the custom login form to load through the class loader of this instance using Class.getResourceAsStream.

The custom form can be supplied by a fragment attaching to the bundle implementing this abstract class.

This method returns CUSTOM_FORM_PATH and may be overwritten by implementations.



Copyright © 2007-2012 The Apache Software Foundation. All Rights Reserved.