Package org.opencms.security

Interface I_CmsAuthorizationHandler

All Known Implementing Classes:
A_CmsAuthorizationHandler, CmsDefaultAuthorizationHandler, CmsPersistentLoginAuthorizationHandler
public interface I_CmsAuthorizationHandler
Defines general authorization methods.

One of the application scenarios for this interface is a personalized SSO implementation.

Since:
6.5.4

  • Method Details

    • getLoginFormURL

      String getLoginFormURL(String loginFormURL, String params, String callbackURL)
      Returns the full URL used to call a login form with additional parameters and a callbackURL.

      Parameters:
      loginFormURL - the form URL specified in the cms (either as a property or system-wide)
      params - additional parameters to provide to the login form
      callbackURL - the call-back URL to redirect after a successful login
      Returns:
      the full URL used to call a login form

    • initCmsObject

      CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request)
      Creates a new cms object from the given request object.

      This method is called by OpenCms every time a resource is requested and the session can not automatically be authenticated.

      Parameters:
      request - the HTTP request to authenticate
      Returns:
      the cms context object associated to the current session

    • initCmsObject

      CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request, I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction)
      Creates a new cms object from the given request object.

      This method is called by OpenCms every time a resource is requested and the session can not automatically be authenticated.

      Parameters:
      request - the HTTP request to authenticate
      loginAction - the privileged login action
      Returns:
      the cms context object associated to the current session

    • initCmsObject

      CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request, String userName, String pwd) throws CmsException
      Authenticates the current request with additional user information.

      You have to call this method by your own.

      Parameters:
      request - the HTTP request to authenticate
      userName - the user name to authenticate
      pwd - the user password to authenticate with
      Returns:
      the cms context object associated to the given user
      Throws:
      CmsException - if something goes wrong

    • requestAuthorization

      void requestAuthorization(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, String loginFormURL) throws IOException
      This method sends a request to the client to display a login form, it is needed for HTTP-Authentication.

      Parameters:
      req - the client request
      res - the response
      loginFormURL - the full URL used for form based authentication
      Throws:
      IOException - if something goes wrong

    • setParameters

      void setParameters(Map<String,String> parameters)
      Sets parameters which can be configured additionally for an authorization handler.

      Parameters:
      parameters - the map of parameters