Index (Apache Sling Auth Core 1.5.4 API)

A C D E F G H I L N O P R S T U V X
All Classes All Packages

A

AbstractAuthenticationFormServlet - Class in org.apache.sling.auth.core.spi: The AbstractAuthenticationFormServlet provides a basic implementation of a simple servlet to render a login form for authentication purposes.
AbstractAuthenticationFormServlet() - Constructor for class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
AbstractAuthenticationHandler - Class in org.apache.sling.auth.core.spi: Deprecated.
since Bundle 1.0.8; AuthenticationHandler implementations should extend DefaultAuthenticationFeedbackHandler directly and use the utility methods in the AuthUtil class.
AbstractAuthenticationHandler() - Constructor for class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
ACCOUNT_LOCKED - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
ACCOUNT_NOT_FOUND - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
ATTR_REQUEST_AUTH_URI_SUFFIX - Static variable in class org.apache.sling.auth.core.AuthConstants: The name of the request attribute containing the list of request URI suffixes handled by the default authenticator org.apache.sling.auth.core.impl.SlingAuthenticator.
AUTH_HANDLER_BROWSER_ONLY - Static variable in class org.apache.sling.auth.core.AuthConstants: Service Registration property which may be set by an AuthenticationHandler service to indicate whether its AuthenticationHandler.requestCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method supports non-browser requests (according to AuthUtil.isBrowserRequest(javax.servlet.http.HttpServletRequest) or not.
AUTH_INFO_LOGIN - Static variable in class org.apache.sling.auth.core.AuthConstants: Marker property in the AuthenticationInfo object returned by the AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method indicating a first authentication considered to be a login.
AUTH_REQUIREMENTS - Static variable in class org.apache.sling.auth.core.AuthConstants: Any OSGi service may provide a sling.auth.requirements registration property which is used to dynamically extend the authentication requirements for the AuthenticationSupport.
AUTH_TYPE - Static variable in class org.apache.sling.auth.core.spi.AuthenticationInfo: The name of the special property providing the authentication type provided by the AuthenticationHandler.
AuthConstants - Class in org.apache.sling.auth.core: The AuthConstants provides a collection of constants used to configure and customize the Sling authentication infrastructure.
authenticate(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.engine.auth.AuthenticationHandler: Deprecated.

Extracts credential data from the request if at all contained.
authenticationFailed(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in interface org.apache.sling.auth.core.spi.AuthenticationFeedbackHandler: Called if authentication failed with the credentials provided in the authInfo map.
authenticationFailed(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler: This default implementation does nothing.
AuthenticationFeedbackHandler - Interface in org.apache.sling.auth.core.spi: The AuthenticationFeedbackHandler may be implemented by AuthenticationHandler services to request being informed on the success or failure of authentication.
AuthenticationHandler - Interface in org.apache.sling.auth.core.spi: The AuthenticationHandler interface defines the service API used by the authentication implementation to support plugin various ways of extracting credentials from the request.
AuthenticationHandler - Interface in org.apache.sling.engine.auth: Deprecated.
use AuthenticationHandler instead
AuthenticationHandler.FAILURE_REASON_CODES - Enum in org.apache.sling.auth.core.spi: This enum indicates the supported detailed login failure reason codes: invalid_login: indicates username/password mismatch. password_expired: indicates password has expired or was never set and change initial password is enabled account_locked: the account was disabled or locked account_not_found: the account was not found (not the same as username password mismatch) expired_token: the token credentials used have expired
AuthenticationInfo - Class in org.apache.sling.auth.core.spi: The AuthenticationInfo conveys any authentication credentials and/or details extracted by the AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method from the request.
AuthenticationInfo - Class in org.apache.sling.engine.auth: Deprecated.
see AuthenticationHandler
AuthenticationInfo(String) - Constructor for class org.apache.sling.auth.core.spi.AuthenticationInfo: Creates an instance of this class with just the authentication type.
AuthenticationInfo(String, String) - Constructor for class org.apache.sling.auth.core.spi.AuthenticationInfo: Creates an instance of this class authenticating with the given type and userid.
AuthenticationInfo(String, String, char[]) - Constructor for class org.apache.sling.auth.core.spi.AuthenticationInfo: Creates an instance of this class authenticating with the given type and userid/password connecting.
AuthenticationInfo(String, Credentials) - Constructor for class org.apache.sling.engine.auth.AuthenticationInfo: Deprecated.

Creates an instance of this class with the given authentication type and credentials connecting to the default workspace as if the AuthenticationInfo(String, Credentials, String) method would be called with a null workspace name.
AuthenticationInfo(String, Credentials, String) - Constructor for class org.apache.sling.engine.auth.AuthenticationInfo: Deprecated.

Creates an instance of this class with the given authentication type and credentials.
AuthenticationInfoPostProcessor - Interface in org.apache.sling.auth.core.spi: Service interface which allows bundles to modify the AuthenticationInfo object right after one AuthenticationHandler has returned an {AuthenticationInfo from the AuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse) method or an anonymous AuthenticationInfo has been created.
authenticationSucceeded(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in interface org.apache.sling.auth.core.spi.AuthenticationFeedbackHandler: Called if authentication succeeded with the credentials provided in the authInfo map.
authenticationSucceeded(HttpServletRequest, HttpServletResponse, AuthenticationInfo) - Method in class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler: This default implementation calls the DefaultAuthenticationFeedbackHandler.handleRedirect(HttpServletRequest, HttpServletResponse) method to optionally redirect the request after successful authentication.
AuthenticationSupport - Interface in org.apache.sling.auth.core: The AuthenticationSupport provides the service API used to implement the HttpContext.handleSecurity method as defined in the OSGi Http Service specification.
Authenticator - Interface in org.apache.sling.engine.auth: Deprecated.
use AuthenticationSupport instead
AuthUtil - Class in org.apache.sling.auth.core: The AuthUtil provides utility functions for implementations of AuthenticationHandler services and users of the Sling authentication infrastructure.

C

checkReferer(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil: Check if the request is for this authentication handler.
clear() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo: Clears all properties from the map with the exception of the AuthenticationInfo.AUTH_TYPE property.
CUSTOM_FORM_PATH - Static variable in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: The path to the custom login form.

D

DEFAULT_FORM_PATH - Static variable in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: The path to the default login form.
DefaultAuthenticationFeedbackHandler - Class in org.apache.sling.auth.core.spi
DefaultAuthenticationFeedbackHandler() - Constructor for class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler
doGet(HttpServletRequest, HttpServletResponse) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Prepares and returns the login form.
DOING_AUTH - Static variable in class org.apache.sling.auth.core.spi.AuthenticationInfo: A special instance of this class which may be returned from the AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method to inform the caller, that a response has been sent to the client to request for credentials.
DOING_AUTH - Static variable in class org.apache.sling.engine.auth.AuthenticationInfo: Deprecated.

This object is returned by the AuthenticationHandler.authenticate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method to indicate an ongoing authentication transaction.
doPost(HttpServletRequest, HttpServletResponse) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Prepares and returns the login form.
dropCredentials(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationHandler: Drops any credential and authentication details from the request and asks the client to do the same.

E

EXPIRED_TOKEN - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
extractCredentials(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationHandler: Extracts credential data from the request if at all contained.

F

FAIL_AUTH - Static variable in class org.apache.sling.auth.core.spi.AuthenticationInfo: A special instance of this class which may be returned from the AuthenticationHandler.extractCredentials(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method to inform the caller that credential extraction failed for some reason.
FAILURE_REASON - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler: Name of the request attribute which may be set by the AuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse) method if AuthenticationInfo.FAIL_AUTH is returned.
FAILURE_REASON_CODE - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler: Name of the request attribute which may be set by the AuthenticationHandler.extractCredentials(HttpServletRequest, HttpServletResponse) method if AuthenticationInfo.FAIL_AUTH is returned.

G

getAttributeOrParameter(HttpServletRequest, String, String) - Static method in class org.apache.sling.auth.core.AuthUtil: Returns the value of the named request attribute or parameter as a string as follows: If there is a request attribute of that name, which is a non-empty string, it is returned. If there is a non-empty request parameter of that name, this parameter is returned.
getAttributeOrParameter(HttpServletRequest, String, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.getAttributeOrParameter(HttpServletRequest, String, String)
getAuthType() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo: Returns the authentication type as stored in the AuthenticationInfo.AUTH_TYPE property in this map.
getAuthType() - Method in class org.apache.sling.engine.auth.AuthenticationInfo: Deprecated.

Returns type of authentication provisioning.
getContextPath(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Returns the context path for the authentication form request.
getCredentials() - Method in class org.apache.sling.engine.auth.AuthenticationInfo: Deprecated.

Returns the credentials extracted from the client request to use for authentication.
getCustomFormPath() - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Returns the path to the custom login form to load through the class loader of this instance using Class.getResourceAsStream.
getDefaultFormPath() - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Returns the path to the default login form to load through the class loader of this instance using Class.getResourceAsStream.
getForm(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Returns the form to be sent back to the client for login providing an optional informational message and the optional target to redirect to after successfully logging in.
getLoginResource(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil: Returns any resource target to redirect to after successful authentication.
getLoginResource(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.getLoginResource(HttpServletRequest, String)
getPassword() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo: Returns the password stored as the ResourceResolverFactory.PASSWORD property or null if the password is not set in this map.
getReason(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Returns an informational message according to the value provided in the j_reason request parameter.
getResource(HttpServletRequest) - Method in class org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet: Returns the path to the resource to which the request should be redirected after successfully completing the form or an empty string if there is no resource request parameter.
getUser() - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo: Returns the user name stored as the ResourceResolverFactory.USER property or null if the user is not set in this map.
getWorkspaceName() - Method in class org.apache.sling.engine.auth.AuthenticationInfo: Deprecated.

Returns the name of the workspace the user contained in this instance wishes to connect to.

H

handleRedirect(HttpServletRequest, HttpServletResponse) - Static method in class org.apache.sling.auth.core.spi.DefaultAuthenticationFeedbackHandler: Handles an optional request for a redirect after successful authentication and true if the request has been redirected.
handleSecurity(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.AuthenticationSupport: Handles security on behalf of a custom OSGi Http Service HttpContext instance extracting credentials from the request using any registered AuthenticationHandler services.

I

INVALID_LOGIN - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
isAjaxRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.AuthUtil: Returns true if the request is to be considered an AJAX request placed using the XMLHttpRequest browser host object.
isBrowserRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.AuthUtil: Returns true if the given request can be assumed to be sent by a client browser such as Firefix, Internet Explorer, etc.
isRedirectValid(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil: Returns true if the given redirect target is valid according to the following list of requirements: The target is neither null nor an empty string The target is not an URL which is identified by the character sequence :// separating the scheme from the host The target is normalized such that it contains no consecutive slashes and no path segment contains a single or double dot The target must be prefixed with the servlet context path If a ResourceResolver is available as a request attribute the target (without the servlet context path prefix) must resolve to an existing resource If a ResourceResolver is not available as a request attribute the target must be an absolute path starting with a slash character does not contain any of the characters <, >, ', or " in plain or URL encoding
isRedirectValid(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
This method has been introduced after Bundle release 1.0.6 but has been replaced with AuthUtil.isRedirectValid(HttpServletRequest, String). Use the latter method.
isValidateRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.AuthUtil: Returns true if the the client just asks for validation of submitted username/password credentials.
isValidateRequest(HttpServletRequest) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.isValidateRequest(HttpServletRequest)

L

login(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.engine.auth.Authenticator: Deprecated.

Finds an AuthenticationHandler for the given request and call its AuthenticationHandler.requestAuthentication(HttpServletRequest, HttpServletResponse) method to initiate an authentication process with the client to login to Sling.

N

NoAuthenticationHandlerException - Exception in org.apache.sling.engine.auth: Deprecated.
see Authenticator
NoAuthenticationHandlerException() - Constructor for exception org.apache.sling.engine.auth.NoAuthenticationHandlerException: Deprecated.

O

org.apache.sling.auth.core - package org.apache.sling.auth.core: Provides the authentication helper service as well as a number of utility functions in the AuthUtil class.
org.apache.sling.auth.core.spi - package org.apache.sling.auth.core.spi: Provides API to be implemented by provides of authentication mechanisms.
org.apache.sling.engine.auth - package org.apache.sling.engine.auth: Provides the original authentication handler service API initially bundled with the Sling Engine bundle.

P

PAR_J_VALIDATE - Static variable in class org.apache.sling.auth.core.AuthConstants: The name of the request parameter indicating that the submitted username and password should just be checked and a status code be set for success (200/OK) or failure (403/FORBIDDEN).
PASSWORD_EXPIRED - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
PASSWORD_EXPIRED_AND_NEW_PASSWORD_IN_HISTORY - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
PATH_PROPERTY - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler: The name of the service registration property listing one or more URL paths for which the authentication handler is to be used.
PATH_PROPERTY - Static variable in interface org.apache.sling.engine.auth.AuthenticationHandler: Deprecated.

An authentication handler is associated with url paths.
postProcess(AuthenticationInfo, HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationInfoPostProcessor: Perform some post-processing on the AuthenticationInfo object.
put(String, Object) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo: Sets or resets a property with the given key to a new value.

R

REDIRECT_PARAMETER - Static variable in interface org.apache.sling.auth.core.AuthenticationSupport: The name of the request parameter indicating where to redirect to after successful authentication (and optional impersonation).
remove(Object) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo: Removes the entry with the given key and returns its former value (if existing).
REQUEST_ATTRIBUTE_RESOLVER - Static variable in interface org.apache.sling.auth.core.AuthenticationSupport: The name of the request attribute set by the AuthenticationSupport.handleSecurity(HttpServletRequest, HttpServletResponse) method if authentication succeeds and true is returned.
REQUEST_LOGIN_PARAMETER - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler: The request parameter which may be used to explicitly select an authentication handler by its type if authentication will be requested through AuthenticationHandler.requestCredentials(HttpServletRequest, HttpServletResponse).
requestAuthentication(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.engine.auth.AuthenticationHandler: Deprecated.

Requests authentication information from the client.
requestCredentials(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.sling.auth.core.spi.AuthenticationHandler: Requests authentication information from the client.

S

sendInvalid(HttpServletRequest, HttpServletResponse) - Static method in class org.apache.sling.auth.core.AuthUtil: Sends a 403/FORBIDDEN response optionally stating the reason for this response code in the AuthConstants.X_REASON header.
sendInvalid(HttpServletRequest, HttpServletResponse) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse)
sendRedirect(HttpServletRequest, HttpServletResponse, String, Map<String, String>) - Static method in class org.apache.sling.auth.core.AuthUtil: Redirects to the given target path appending any parameters provided in the parameter map.
sendRedirect(HttpServletRequest, HttpServletResponse, String, Map<String, String>) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.sendRedirect(HttpServletRequest, HttpServletResponse, String, Map)
sendValid(HttpServletResponse) - Static method in class org.apache.sling.auth.core.AuthUtil: Sends a 200/OK response to a credential validation request.
sendValid(HttpServletResponse) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.sendValid(HttpServletResponse)
SERVICE_NAME - Static variable in interface org.apache.sling.auth.core.AuthenticationSupport: The name under which this service is registered.
SERVICE_NAME - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler: The name under which an implementation of this interface must be registered to be used as an authentication handler.
SERVICE_NAME - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationInfoPostProcessor: The name under which an implementation of this interface must be registered to be used as an authentication info post processor.
setAuthType(String) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
setLoginResourceAttribute(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.AuthUtil: Ensures and returns the Authenticator.LOGIN_RESOURCE request attribute is set to a non-null, non-empty string.
setLoginResourceAttribute(HttpServletRequest, String) - Static method in class org.apache.sling.auth.core.spi.AbstractAuthenticationHandler: Deprecated.
since Bundle 1.0.8, use AuthUtil.setLoginResourceAttribute(HttpServletRequest, String)
setPassword(char[]) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo
setUser(String) - Method in class org.apache.sling.auth.core.spi.AuthenticationInfo

T

TOPIC_LOGIN - Static variable in class org.apache.sling.auth.core.AuthConstants: The topic for the OSGi event which is sent when a user has logged in successfully.
TOPIC_LOGIN_FAILED - Static variable in class org.apache.sling.auth.core.AuthConstants: The topic for the OSGi event which is sent when a user has failed to login successfully.
toString() - Method in enum org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES
TYPE_PROPERTY - Static variable in interface org.apache.sling.auth.core.spi.AuthenticationHandler: The name of the service registration property (single string) providing the authentication type of authentication handler.

U

UNKNOWN - org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES

V

valueOf(String) - Static method in enum org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES: Returns the enum constant of this type with the specified name.
values() - Static method in enum org.apache.sling.auth.core.spi.AuthenticationHandler.FAILURE_REASON_CODES: Returns an array containing the constants of this enum type, in the order they are declared.

X

X_REASON - Static variable in class org.apache.sling.auth.core.AuthConstants: The name of the request header set by the AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided credentials cannot be used for login.
X_REASON_CODE - Static variable in class org.apache.sling.auth.core.AuthConstants: The name of the request header set by the AuthUtil.sendInvalid(HttpServletRequest, HttpServletResponse) method if the provided credentials cannot be used for login.

A C D E F G H I L N O P R S T U V X
All Classes All Packages