incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fmesc...@apache.org
Subject svn commit: r979641 - in /sling/trunk/bundles: api/ api/src/main/java/org/apache/sling/api/auth/ commons/auth/src/main/java/org/apache/sling/commons/auth/ commons/auth/src/main/java/org/apache/sling/commons/auth/impl/ commons/auth/src/main/java/org/apa...
Date Tue, 27 Jul 2010 11:02:00 GMT
Author: fmeschbe
Date: Tue Jul 27 11:01:59 2010
New Revision: 979641

URL: http://svn.apache.org/viewvc?rev=979641&view=rev
Log:
SLING-1575 Move Authenticator interface and NoAuthenticationHandlerException to Sling API
and adapt Commons Auth implementation.
Also fixed Sling API package export version to 2.1 except new auth package which is exported
as version 1.0

Added:
    sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/
    sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java   (with
props)
    sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java
  (with props)
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java
      - copied, changed from r957890, sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java
  (with props)
Removed:
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/Authenticator.java
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/NoAuthenticationHandlerException.java
Modified:
    sling/trunk/bundles/api/pom.xml
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java

Modified: sling/trunk/bundles/api/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/pom.xml?rev=979641&r1=979640&r2=979641&view=diff
==============================================================================
--- sling/trunk/bundles/api/pom.xml (original)
+++ sling/trunk/bundles/api/pom.xml Tue Jul 27 11:01:59 2010
@@ -59,7 +59,8 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
         </dependency>
-    <!-- Testing -->
+
+        <!-- Testing -->
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
@@ -83,7 +84,8 @@
                             http://sling.apache.org/site/sling-api.html
                         </Bundle-DocURL>
                         <Export-Package>
-                            org.apache.sling.api.*;version=${project.version}
+                            org.apache.sling.api.auth;version=1.0,
+                            org.apache.sling.api.*;version=2.1
                         </Export-Package>
                         <!-- Require explicit version of the servlet API -->
                         <Import-Package>

Added: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java?rev=979641&view=auto
==============================================================================
--- sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java (added)
+++ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java Tue
Jul 27 11:01:59 2010
@@ -0,0 +1,133 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.api.auth;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * The <code>Authenticator</code> interface defines the service interface which
+ * may be used by applications to enfore requests to be authenticated (see
+ * {@link #login(HttpServletRequest, HttpServletResponse)}) or to end enforced
+ * authentication (see {@link #logout(HttpServletRequest, HttpServletResponse)}
+ * ). As such this service may be looked at as the functionality to enable
+ * applications to log users in and out.
+ * <p>
+ * A very simple login script (using ESP here) could be implemented like this:
+ *
+ * <pre>
+ * var auth = sling.getService(org.apache.sling.commons.auth.Authenticator);
+ * if (auth != null) {
+ *     try {
+ *         auth.login(request, response);
+ *         return; // we are done here
+ *     } catch (e) {
+ *         // probably NoAuthenticationHandler exception
+ *     }
+ * }
+ * // Authenticator service is missing or no AuthenticationHandler
+ * ... do whatever you want to for error handling ...
+ * </pre>
+ * <p>
+ * Likewise implementing a logout script (ESP, too) is equally simple:
+ *
+ * <pre>
+ * if (request.authType) {
+ *     // not logged in at all, no need to logout
+ * } else {
+ *     var auth = sling.getService(org.apache.sling.commons.auth.Authenticator);
+ *     if (auth != null) {
+ *         auth.logout(request, response);
+ *     } else {
+ *         // handle the case of no Authenticator service to logout with
+ *     }
+ * }
+ * </pre>
+ * <p>
+ * This interface is not intended to be implemented by applications but may be
+ * used to initiate the authentication process form a request processing servlet
+ * or script.
+ *
+ * @since 1.0 (Sling API Bundle 2.1.0)
+ */
+public interface Authenticator {
+
+    /**
+     * The name under which this service is registered.
+     */
+    static final String SERVICE_NAME = Authenticator.class.getName();
+
+    /**
+     * Name of the request attribute which may be set by the application to
+     * indicate to the {@link #login(HttpServletRequest, HttpServletResponse)}
+     * method to which resource access should actually be authenticated. If this
+     * request attribute is not set or is the empty string, the
+     * {@link #login(HttpServletRequest, HttpServletResponse)} method uses the
+     * request path info (<code>HttpServletRequest.getPathInfo()</code>) method
+     * to find the resource to which to authenticate access.
+     * <p>
+     * This request attribute can be used by frontend servlets/scripts which
+     * call into {@link #login(HttpServletRequest, HttpServletResponse)} on
+     * behalf of users.
+     */
+    static final String LOGIN_RESOURCE = "resource";
+
+    /**
+     * Tries to login a request user for the current request.
+     * <p>
+     * To identify the resource to which access should be authenticated the
+     * <code>{@link #LOGIN_RESOURCE resource}</code> request attribute is
+     * considered. If the request attribute is not set the request path info (
+     * <code>HttpServletRequest.getPathInfo()</code>) is used.
+     * <p>
+     * This method must be called on an uncommitted response since the
+     * implementation may want to reset the response to start the authentication
+     * process with a clean response. If the response is already committed an
+     * <code>IllegalStateException</code> is thrown.
+     * <p>
+     * After this method has finished, request processing should be terminated
+     * and the response be considered committed and finished unless the
+     * {@link NoAuthenticationHandlerException} exception is thrown in which
+     * case no response has been sent to the client.
+     *
+     * @param request The object representing the client request.
+     * @param response The object representing the response to the client.
+     * @throws NoAuthenticationHandlerException If the service cannot find a way
+     *             to authenticate a request user.
+     * @throws IllegalStateException If the response has already been committed.
+     */
+    void login(HttpServletRequest request, HttpServletResponse response);
+
+    /**
+     * Logs out if the current request is authenticated.
+     * <p>
+     * This method must be called on an uncommitted response since the
+     * implementation may want to reset the response to restart the
+     * authentication process with a clean response. If the response is already
+     * committed an <code>IllegalStateException</code> is thrown.
+     * <p>
+     * After this method has finished, request processing should be terminated
+     * and the response be considered committed and finished.
+     *
+     * @param request The object representing the client request.
+     * @param response The object representing the response to the client.
+     * @throws IllegalStateException If the response has already been committed.
+     */
+    void logout(HttpServletRequest request, HttpServletResponse response);
+}

Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision Rev Url

Added: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java?rev=979641&view=auto
==============================================================================
--- sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java
(added)
+++ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java
Tue Jul 27 11:01:59 2010
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.api.auth;
+
+import org.apache.sling.api.SlingException;
+
+/**
+ * The <code>NoAuthenticationHandlerException</code> is thrown to indicate that
+ * the
+ * {@link Authenticator#login(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}
+ * method could not find a way to authenticate the request user.
+ * <p>
+ * This exception is thrown without a message. The caller of the
+ * {@link Authenticator#login(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}
+ * method called is expected to immediately handle this exception and not to
+ * forward it up the call chain.
+ * <p>
+ * This exception is not intended to be thrown by client code but is used by the
+ * {@link Authenticator} implementation.
+ *
+ * @since 1.0 (Sling API Bundle 2.1.0)
+ */
+@SuppressWarnings("serial")
+public class NoAuthenticationHandlerException extends SlingException {
+
+    public NoAuthenticationHandlerException() {
+        super();
+    }
+
+}

Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision Rev Url

Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java?rev=979641&r1=979640&r2=979641&view=diff
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java
(original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java
Tue Jul 27 11:01:59 2010
@@ -24,9 +24,9 @@ import javax.servlet.http.HttpServletRes
 
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.SlingHttpServletResponse;
+import org.apache.sling.api.auth.Authenticator;
+import org.apache.sling.api.auth.NoAuthenticationHandlerException;
 import org.apache.sling.api.servlets.SlingAllMethodsServlet;
-import org.apache.sling.commons.auth.Authenticator;
-import org.apache.sling.commons.auth.NoAuthenticationHandlerException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 

Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java?rev=979641&r1=979640&r2=979641&view=diff
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java
(original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java
Tue Jul 27 11:01:59 2010
@@ -22,8 +22,8 @@ import javax.servlet.http.HttpServletRes
 
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.SlingHttpServletResponse;
+import org.apache.sling.api.auth.Authenticator;
 import org.apache.sling.api.servlets.SlingAllMethodsServlet;
-import org.apache.sling.commons.auth.Authenticator;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 

Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java?rev=979641&r1=979640&r2=979641&view=diff
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
(original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
Tue Jul 27 11:01:59 2010
@@ -33,12 +33,12 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.sling.api.auth.Authenticator;
+import org.apache.sling.api.auth.NoAuthenticationHandlerException;
 import org.apache.sling.api.resource.LoginException;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.resource.ResourceResolverFactory;
 import org.apache.sling.commons.auth.AuthenticationSupport;
-import org.apache.sling.commons.auth.Authenticator;
-import org.apache.sling.commons.auth.NoAuthenticationHandlerException;
 import org.apache.sling.commons.auth.impl.engine.EngineAuthenticationHandlerHolder;
 import org.apache.sling.commons.auth.spi.AuthenticationFeedbackHandler;
 import org.apache.sling.commons.auth.spi.AuthenticationHandler;

Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java?rev=979641&r1=979640&r2=979641&view=diff
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java
(original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java
Tue Jul 27 11:01:59 2010
@@ -21,8 +21,8 @@ package org.apache.sling.commons.auth.im
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.sling.commons.auth.NoAuthenticationHandlerException;
 import org.apache.sling.engine.auth.Authenticator;
+import org.apache.sling.engine.auth.NoAuthenticationHandlerException;
 
 /**
  * The <code>EngineSlingAuthenticator</code> class is a simple proxy service
@@ -42,13 +42,13 @@ public class EngineSlingAuthenticator im
     /**
      * @scr.reference
      */
-    private org.apache.sling.commons.auth.Authenticator slingAuthenticator;
+    private org.apache.sling.api.auth.Authenticator slingAuthenticator;
 
     public void login(HttpServletRequest request, HttpServletResponse response) {
         try {
             slingAuthenticator.login(request, response);
-        } catch (NoAuthenticationHandlerException nahe) {
-            final org.apache.sling.engine.auth.NoAuthenticationHandlerException wrapped =
new org.apache.sling.engine.auth.NoAuthenticationHandlerException();
+        } catch (org.apache.sling.api.auth.NoAuthenticationHandlerException nahe) {
+            final NoAuthenticationHandlerException wrapped = new NoAuthenticationHandlerException();
             wrapped.initCause(nahe);
             throw wrapped;
         }

Copied: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java
(from r957890, sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java)
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java?p2=sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java&p1=sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java&r1=957890&r2=979641&rev=979641&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java
(original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java
Tue Jul 27 11:01:59 2010
@@ -16,7 +16,7 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.sling.formauth.impl;
+package org.apache.sling.commons.auth.spi;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -27,40 +27,30 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.sling.formauth.FormReason;
-
 /**
- * The <code>AuthenticationFormServlet</code> provides the default login form
- * used for Form Based Authentication.
+ * The <code>AbstractAuthenticationFormServlet</code> provides a basic
+ * implementation of a simple servlet to render a login form for authentication
+ * purposes.
  *
- * @scr.component metatype="no"
+ * @scr.component metatype="no" abstract="yes"
  * @scr.service interface="javax.servlet.Servlet"
- * @scr.property name="service.vendor" value="The Apache Software Foundation"
- * @scr.property name="service.description"
- *               value="Default Login Form for Form Based Authentication"
  */
 @SuppressWarnings("serial")
-public class AuthenticationFormServlet extends HttpServlet {
+public abstract class AbstractAuthenticationFormServlet extends HttpServlet {
 
     /**
-     * The constant is sued to provide the service registration path
+     * The path to the default login form.
      *
-     * @scr.property name="sling.servlet.paths"
+     * @see #getDefaultFormPath()
      */
-    static final String SERVLET_PATH = "/system/sling/form/login";
+    public static final String DEFAULT_FORM_PATH = "login.html";
 
     /**
-     * This constant is used to provide the service registration property
-     * indicating to pass requests to this servlet unauthenticated.
+     * The path to the custom login form.
      *
-     * @scr.property name="sling.auth.requirements"
+     * @see #getCustomFormPath()
      */
-    @SuppressWarnings("unused")
-    private static final String AUTH_REQUIREMENT = "-" + SERVLET_PATH;
-
-    private static final String DEFAULT_FORM_PATH = "login.html";
-
-    private static final String CUSTOM_FORM_PATH = "custom_login.html";
+    public static final String CUSTOM_FORM_PATH = "custom_login.html";
 
     /**
      * The raw form used by the {@link #getForm(HttpServletRequest)} method to
@@ -109,7 +99,8 @@ public class AuthenticationFormServlet e
         handle(request, response);
     }
 
-    private void handle(HttpServletRequest request, HttpServletResponse response) throws
IOException {
+    private void handle(HttpServletRequest request, HttpServletResponse response)
+            throws IOException {
         // reset the response first
         response.reset();
 
@@ -136,7 +127,8 @@ public class AuthenticationFormServlet e
      * @return The login form to be returned to the client
      * @throws IOException If the login form cannot be loaded
      */
-    private String getForm(final HttpServletRequest request) throws IOException {
+    protected String getForm(final HttpServletRequest request)
+            throws IOException {
         String form = getRawForm();
 
         form = form.replace("${resource}", getResource(request));
@@ -155,9 +147,8 @@ public class AuthenticationFormServlet e
      * @return The target to redirect after sucessfully login or an empty string
      *         if no specific target has been requested.
      */
-    private String getResource(final HttpServletRequest request) {
-        final String resource = FormAuthenticationHandler.getLoginResource(request);
-        return (resource == null) ? "" : resource;
+    protected String getResource(final HttpServletRequest request) {
+        return AbstractAuthenticationHandler.getLoginResource(request, "");
     }
 
     /**
@@ -169,27 +160,7 @@ public class AuthenticationFormServlet e
      * @return The "translated" reason to render the login form or an empty
      *         string if there is no specific reason
      */
-    private String getReason(final HttpServletRequest request) {
-        // return the resource attribute if set to a non-empty string
-        Object resObj = request.getAttribute(FormAuthenticationHandler.PAR_J_REASON);
-        if (resObj instanceof FormReason) {
-            return ((FormReason) resObj).toString();
-        }
-
-        final String reason = request.getParameter(FormAuthenticationHandler.PAR_J_REASON);
-        if (reason != null) {
-            try {
-                return FormReason.valueOf(reason).toString();
-            } catch (IllegalArgumentException iae) {
-                // thrown if the reason is not an expected value, assume none
-            }
-
-            // no valid FormReason value, use raw value
-            return reason;
-        }
-
-        return "";
-    }
+    protected abstract String getReason(final HttpServletRequest request);
 
     /**
      * Load the raw unmodified form from the bundle (through the class loader).
@@ -203,10 +174,10 @@ public class AuthenticationFormServlet e
             InputStream ins = null;
             try {
                 // try a custom login page first.
-                ins = getClass().getResourceAsStream(CUSTOM_FORM_PATH);
+                ins = getClass().getResourceAsStream(getCustomFormPath());
                 if (ins == null) {
                     // try the standard login page
-                    ins = getClass().getResourceAsStream(DEFAULT_FORM_PATH);
+                    ins = getClass().getResourceAsStream(getDefaultFormPath());
                 }
 
                 if (ins != null) {
@@ -236,4 +207,32 @@ public class AuthenticationFormServlet e
 
         return rawForm;
     }
+
+    /**
+     * Returns the path to the default login form to load through the class
+     * loader of this instance using <code>Class.getResourceAsStream</code>.
+     * <p>
+     * The default form is used intended to be included with the bundle
+     * implementing this abstract class.
+     * <p>
+     * This method returns {@link #DEFAULT_FORM_PATH} and may be overwritten by
+     * implementations.
+     */
+    protected String getDefaultFormPath() {
+        return DEFAULT_FORM_PATH;
+    }
+
+    /**
+     * Returns the path to the custom login form to load through the class
+     * loader of this instance using <code>Class.getResourceAsStream</code>.
+     * <p>
+     * The custom form can be supplied by a fragment attaching to the bundle
+     * implementing this abstract class.
+     * <p>
+     * This method returns {@link #CUSTOM_FORM_PATH} and may be overwritten by
+     * implementations.
+     */
+    protected String getCustomFormPath() {
+        return CUSTOM_FORM_PATH;
+    }
 }

Added: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java?rev=979641&view=auto
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java
(added)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java
Tue Jul 27 11:01:59 2010
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.commons.auth.spi;
+
+import javax.servlet.http.HttpServletRequest;
+import org.apache.sling.api.auth.Authenticator;
+
+/**
+ * The <code>AbstractAuthenticationHandler</code> implements the
+ * <code>AuthenticationHandler</code> interface and extends the
+ * {@link DefaultAuthenticationFeedbackHandler} providing some helper methods
+ * which may be used by authentication handlers.
+ */
+public abstract class AbstractAuthenticationHandler extends
+        DefaultAuthenticationFeedbackHandler implements AuthenticationHandler {
+
+    /**
+     * Returns the value of the named request attribute or parameter as a string
+     * as follows:
+     * <ol>
+     * <li>If there is a request attribute of that name, which is a non-empty
+     * string, it is returned.</li>If there is a non-empty request parameter of
+     * that name, this parameter is returned.
+     * <li>Otherwise the <code>defaultValue</code> is returned.
+     *
+     * @param request The request from which to return the attribute or request
+     *            parameter
+     * @param name The name of the attribute/parameter
+     * @param defaultValue The default value to use if neither a non-empty
+     *            string attribute or a non-empty parameter exists in the
+     *            request.
+     * @return The attribute, parameter or <code>defaultValue</code> as defined
+     *         above.
+     */
+    public static String getAttributeOrParameter(
+            final HttpServletRequest request, final String name,
+            final String defaultValue) {
+
+        Object resObj = request.getAttribute(name);
+        if ((resObj instanceof String) && ((String) resObj).length() > 0) {
+            return (String) resObj;
+        }
+
+        final String resource = request.getParameter(name);
+        if (resource != null && resource.length() > 0) {
+            return resource;
+        }
+
+        return defaultValue;
+    }
+
+    /**
+     * Returns any resource target to redirect to after successful
+     * authentication. This method either returns a non-empty string or the
+     * <code>defaultLoginResource</code> parameter. First the
+     * <code>resource</code> request attribute is checked. If it is a non-empty
+     * string, it is returned. Second the <code>resource</code> request
+     * parameter is checked and returned if it is a non-empty string.
+     *
+     * @param request The request providing the attribute or parameter
+     * @param defaultLoginResource The default login resource value
+     * @return The non-empty redirection target or
+     *         <code>defaultLoginResource</code>.
+     */
+    public static String getLoginResource(final HttpServletRequest request,
+            String defaultLoginResource) {
+        return getAttributeOrParameter(request, Authenticator.LOGIN_RESOURCE,
+            defaultLoginResource);
+    }
+}

Propchange: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision Rev Url



Mime
View raw message