FileDocCategorySizeDatePackage
HttpAuthenticator.javaAPI DocGlassfish v2 API5441Fri May 04 22:34:12 BST 2007com.sun.enterprise.appclient

HttpAuthenticator

public class HttpAuthenticator extends Authenticator
This is the callback object that gets called when a protected resource needs to be accessed and authentication information is needed. Pops up a UI to input username and password.

Fields Summary
public static final boolean
debug
private AppContainer
container
private static Logger
_logger
Constructors Summary
public HttpAuthenticator(AppContainer container)
Create the authenticator.


            
       
	this.container = container;
    
Methods Summary
private java.lang.StringgetPassword(javax.security.auth.Subject s)
Return the password for the subject.

	String password = null;
	if(s == null)
	    return null;
	Set credentials = s.getPrivateCredentials();
	Iterator credIter = credentials.iterator();
	if(credIter.hasNext()) {
	    Object o = credIter.next();
	    if(o instanceof PasswordCredential) {
		PasswordCredential pc = (PasswordCredential) o;
		// CHECK REALM.
	        password = pc.getPassword();
	    }
	}
	return password;
    
protected java.net.PasswordAuthenticationgetPasswordAuthentication()
This is called when authentication is needed for a protected web resource. It looks for the authentication data in the subject. If the data is not found then login is invoked on the login context.

	String user = null;
	String password = null;
	Subject subject = null;

	String scheme = getRequestingScheme();
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("scheme=" + scheme);
            _logger.fine("requesting prompt=" + getRequestingPrompt());
            _logger.fine("requesting protocol=" + getRequestingProtocol());
        }

	ClientSecurityContext cont = ClientSecurityContext.getCurrent();
	subject = (cont != null) ? cont.getSubject() : null;
	user = getUserName(subject);
	password = getPassword(subject);
	if(user == null || password == null) {
	    try {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.fine("Initiating login again...");
                }
                
		LoginContextDriver.doClientLogin(AppContainer.USERNAME_PASSWORD,
			AppContainer.getCallbackHandler());
		cont = ClientSecurityContext.getCurrent();
		subject = cont.getSubject();
		user = getUserName(subject);
		password = getPassword(subject);
	    } catch(Exception e) {
                _logger.log(Level.FINE, "Exception " + e.toString(), e);
	        return null;
	    }
	}
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("Username:" + user);
        }
	return new PasswordAuthentication(user, password.toCharArray());
    
private java.lang.StringgetUserName(javax.security.auth.Subject s)
Return the username from the subject.

	String user = null; 
	if(s == null)
	    return null;
	Set principalSet = s.getPrincipals();
	Iterator itr = principalSet.iterator();
	if(itr.hasNext()) {
	    Principal p = (Principal) itr.next();
	    user = p.getName();
	}
	return user;