Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
package org.apache.felix.webconsole;
The WebConsoleSecurityProvider2 extends the WebConsoleSecurityProvider interface allowing for full control of the authentication process to access the Web Console.

If a registered WebConsoleSecurityProvider service implements this interface the authenticate(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) method is called instead of the WebConsoleSecurityProvider.authenticate(java.lang.String,java.lang.String) method.

3.1.2; Web Console Bundle 3.1.4

The name of the request attribute providing the object representing the authenticated user. This object is used to call the WebConsoleSecurityProvider.authorize(java.lang.Object,java.lang.String) to authorize access for certain roles.
    String USER_ATTRIBUTE = "org.apache.felix.webconsole.user"//$NON-NLS-1$

Authenticates the given request or asks the client for credentials.

Implementations of this method are expected to respect and implement the semantics of the HttpContext.handleSecurity method as specified in the OSGi HTTP Service specification.

If this method returns true it is assumed the request provided valid credentials identifying the user as accepted to access the web console. In addition, the USER_ATTRIBUTE request attribute must be set to a non-null object reference identifying the authenticated user.

If this method returns false the request to the web console is terminated without any more response sent back to the client. That is the implementation is expected to have informed the client in case of non-granted access.

request The request object
response The response object
true If the request provided valid credentials.
    public boolean authenticateHttpServletRequest requestHttpServletResponse response );
New to GrepCode? Check out our FAQ X