File Doc Category Size Date Package
HttpAuthenticator.java API Doc Glassfish v2 API 5441 Fri May 04 22:34:12 BST 2007 com.sun.enterprise.appclient

HttpAuthenticator

java.lang.Object
- java.net.Authenticator

public class HttpAuthenticator extends Authenticator

This is the callback object that gets called when a protected resource needs to be accessed and authentication information is needed. Pops up a UI to input username and password.

Fields Summary
public static final boolean
debug
private AppContainer
container
private static Logger
_logger
Constructors Summary
public HttpAuthenticator(AppContainer container)
Create the authenticator.
this.container = container;
Methods Summary
private java.lang.String getPassword(javax.security.auth.Subject s)
Return the password for the subject.
String password = null; if(s == null) return null; Set credentials = s.getPrivateCredentials(); Iterator credIter = credentials.iterator(); if(credIter.hasNext()) { Object o = credIter.next(); if(o instanceof PasswordCredential) { PasswordCredential pc = (PasswordCredential) o; // CHECK REALM. password = pc.getPassword(); } } return password;
protected java.net.PasswordAuthentication getPasswordAuthentication()
This is called when authentication is needed for a protected web resource. It looks for the authentication data in the subject. If the data is not found then login is invoked on the login context.
String user = null; String password = null; Subject subject = null; String scheme = getRequestingScheme(); if (_logger.isLoggable(Level.FINE)) { _logger.fine("scheme=" + scheme); _logger.fine("requesting prompt=" + getRequestingPrompt()); _logger.fine("requesting protocol=" + getRequestingProtocol()); } ClientSecurityContext cont = ClientSecurityContext.getCurrent(); subject = (cont != null) ? cont.getSubject() : null; user = getUserName(subject); password = getPassword(subject); if(user == null || password == null) { try { if (_logger.isLoggable(Level.FINE)) { _logger.fine("Initiating login again..."); } LoginContextDriver.doClientLogin(AppContainer.USERNAME_PASSWORD, AppContainer.getCallbackHandler()); cont = ClientSecurityContext.getCurrent(); subject = cont.getSubject(); user = getUserName(subject); password = getPassword(subject); } catch(Exception e) { _logger.log(Level.FINE, "Exception " + e.toString(), e); return null; } } if (_logger.isLoggable(Level.FINE)) { _logger.fine("Username:" + user); } return new PasswordAuthentication(user, password.toCharArray());
private java.lang.String getUserName(javax.security.auth.Subject s)
Return the username from the subject.
String user = null; if(s == null) return null; Set principalSet = s.getPrincipals(); Iterator itr = principalSet.iterator(); if(itr.hasNext()) { Principal p = (Principal) itr.next(); user = p.getName(); } return user;