Package org.opencms.security
Class CmsPersistentLoginAuthorizationHandler
- java.lang.Object
-
- org.opencms.main.A_CmsAuthorizationHandler
-
- org.opencms.security.CmsDefaultAuthorizationHandler
-
- org.opencms.security.CmsPersistentLoginAuthorizationHandler
-
- All Implemented Interfaces:
I_CmsAuthorizationHandler
public class CmsPersistentLoginAuthorizationHandler extends CmsDefaultAuthorizationHandler
Authorization handler which uses a special cookie sent by the user's browser for authorization.The cookie contains a user's name and a key. It will only log that user in if there is a key matching the key from the cookie in the user's additional info map, and if additional info value, when interpreted as a time, is greater than the current time returned by System.currentTimeMillis().
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.opencms.security.I_CmsAuthorizationHandler
I_CmsAuthorizationHandler.I_PrivilegedLoginAction
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringCOOKIE_NAMEThe name of the cookie.-
Fields inherited from class org.opencms.security.CmsDefaultAuthorizationHandler
AUTHORIZATION_BASIC_PREFIX, HEADER_AUTHORIZATION, PARAM_ENCRYPTED_REQUESTED_RESOURCE, PARAM_HTTP_BASICAUTH_USESTARTSETTINGS_PATHS, PARAM_HTTP_BASICAUTH_USESTARTSETTINGS_USERS, SEPARATOR_CREDENTIALS
-
Fields inherited from class org.opencms.main.A_CmsAuthorizationHandler
m_parameters
-
-
Constructor Summary
Constructors Constructor Description CmsPersistentLoginAuthorizationHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description CmsObjectinitCmsObject(javax.servlet.http.HttpServletRequest request, I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction)Creates a new cms object from the given request object.CmsObjectinitCmsObjectFromToken(javax.servlet.http.HttpServletRequest request, I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction)Tries to initialize the CmsObject from a login token given as a cookie in the request.-
Methods inherited from class org.opencms.security.CmsDefaultAuthorizationHandler
checkBasicAuthorization, checkPath, checkUser, getLoginFormURL, initCmsObject, initCmsObject, requestAuthorization, shouldUseStartSettingsForHttpBasicAuth
-
Methods inherited from class org.opencms.main.A_CmsAuthorizationHandler
initCmsObjectFromSession, registerSession, setParameters
-
-
-
-
Field Detail
-
COOKIE_NAME
public static final java.lang.String COOKIE_NAME
The name of the cookie.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
CmsPersistentLoginAuthorizationHandler
public CmsPersistentLoginAuthorizationHandler()
-
-
Method Detail
-
initCmsObject
public CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request, I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction)
Description copied from interface:I_CmsAuthorizationHandlerCreates a new cms object from the given request object.This method is called by OpenCms every time a resource is requested and the session can not automatically be authenticated.
- Specified by:
initCmsObjectin interfaceI_CmsAuthorizationHandler- Overrides:
initCmsObjectin classCmsDefaultAuthorizationHandler- Parameters:
request- the HTTP request to authenticateloginAction- the privileged login action- Returns:
- the cms context object associated to the current session
- See Also:
CmsDefaultAuthorizationHandler.initCmsObject(javax.servlet.http.HttpServletRequest, org.opencms.security.I_CmsAuthorizationHandler.I_PrivilegedLoginAction)
-
initCmsObjectFromToken
public CmsObject initCmsObjectFromToken(javax.servlet.http.HttpServletRequest request, I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction)
Tries to initialize the CmsObject from a login token given as a cookie in the request.- Parameters:
request- the requestloginAction- the privileged login action- Returns:
- the initialized CmsObject, or null if the user couldn't be authenticated using the login token cookie
-
-