FileDocCategorySizeDatePackage
SimpleAuthenticationHandler.javaAPI DocApache Axis 1.43424Sat Apr 22 18:57:28 BST 2006org.apache.axis.handlers

SimpleAuthenticationHandler

public class SimpleAuthenticationHandler extends BasicHandler
Just a simple Authentication Handler to see if the user specified in the Bag in the MessageContext is allowed to continue. Just look for 'user' and 'password' in a file called 'users.lst'. Replace this with your 'real' authenication code.
author
Doug Davis (dug@us.ibm.com)
author
Sam Ruby (rubys@us.ibm.com)

Fields Summary
protected static Log
log
Constructors Summary
Methods Summary
public voidinvoke(org.apache.axis.MessageContext msgContext)
Authenticate the user and password from the msgContext


                 
          
        if (log.isDebugEnabled()) {
            log.debug("Enter: SimpleAuthenticationHandler::invoke");
        }

        SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER);
        if (provider == null) {
            provider = new SimpleSecurityProvider();
            msgContext.setProperty(MessageContext.SECURITY_PROVIDER, provider);
        }

        if (provider != null) {
            String  userID = msgContext.getUsername();
            if (log.isDebugEnabled()) {
                log.debug( Messages.getMessage("user00", userID) );
            }

            // in order to authenticate, the user must exist
            if ( userID == null || userID.equals(""))
                throw new AxisFault( "Server.Unauthenticated",
                    Messages.getMessage("cantAuth00", userID),
                    null, null );

            String passwd = msgContext.getPassword();
            if (log.isDebugEnabled()) {
                log.debug( Messages.getMessage("password00", passwd) );
            }

            AuthenticatedUser authUser = provider.authenticate(msgContext);

            // if a password is defined, then it must match
            if ( authUser == null)
                throw new AxisFault( "Server.Unauthenticated",
                    Messages.getMessage("cantAuth01", userID),
                    null, null );

            if (log.isDebugEnabled()) {
                log.debug( Messages.getMessage("auth00", userID) );
            }

            msgContext.setProperty(MessageContext.AUTHUSER, authUser);
        }

        if (log.isDebugEnabled()) {
            log.debug("Exit: SimpleAuthenticationHandler::invoke");
        }