Return-Path: Delivered-To: apmail-sling-commits-archive@www.apache.org Received: (qmail 97074 invoked from network); 27 Jul 2010 11:03:05 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 27 Jul 2010 11:03:05 -0000 Received: (qmail 3156 invoked by uid 500); 27 Jul 2010 11:03:05 -0000 Delivered-To: apmail-sling-commits-archive@sling.apache.org Received: (qmail 3095 invoked by uid 500); 27 Jul 2010 11:03:03 -0000 Mailing-List: contact commits-help@sling.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@sling.apache.org Delivered-To: mailing list commits@sling.apache.org Received: (qmail 3086 invoked by uid 99); 27 Jul 2010 11:03:02 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Jul 2010 11:03:02 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Jul 2010 11:02:54 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 6F6962388A3D; Tue, 27 Jul 2010 11:02:00 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r979641 - in /sling/trunk/bundles: api/ api/src/main/java/org/apache/sling/api/auth/ commons/auth/src/main/java/org/apache/sling/commons/auth/ commons/auth/src/main/java/org/apache/sling/commons/auth/impl/ commons/auth/src/main/java/org/apa... Date: Tue, 27 Jul 2010 11:02:00 -0000 To: commits@sling.apache.org From: fmeschbe@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20100727110200.6F6962388A3D@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: fmeschbe Date: Tue Jul 27 11:01:59 2010 New Revision: 979641 URL: http://svn.apache.org/viewvc?rev=979641&view=rev Log: SLING-1575 Move Authenticator interface and NoAuthenticationHandlerException to Sling API and adapt Commons Auth implementation. Also fixed Sling API package export version to 2.1 except new auth package which is exported as version 1.0 Added: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java (with props) sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java (with props) sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java - copied, changed from r957890, sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java (with props) Removed: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/Authenticator.java sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/NoAuthenticationHandlerException.java Modified: sling/trunk/bundles/api/pom.xml sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java Modified: sling/trunk/bundles/api/pom.xml URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/pom.xml?rev=979641&r1=979640&r2=979641&view=diff ============================================================================== --- sling/trunk/bundles/api/pom.xml (original) +++ sling/trunk/bundles/api/pom.xml Tue Jul 27 11:01:59 2010 @@ -59,7 +59,8 @@ org.slf4j slf4j-api - + + junit junit @@ -83,7 +84,8 @@ http://sling.apache.org/site/sling-api.html - org.apache.sling.api.*;version=${project.version} + org.apache.sling.api.auth;version=1.0, + org.apache.sling.api.*;version=2.1 Added: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java?rev=979641&view=auto ============================================================================== --- sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java (added) +++ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java Tue Jul 27 11:01:59 2010 @@ -0,0 +1,133 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.sling.api.auth; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * The Authenticator interface defines the service interface which + * may be used by applications to enfore requests to be authenticated (see + * {@link #login(HttpServletRequest, HttpServletResponse)}) or to end enforced + * authentication (see {@link #logout(HttpServletRequest, HttpServletResponse)} + * ). As such this service may be looked at as the functionality to enable + * applications to log users in and out. + *

+ * A very simple login script (using ESP here) could be implemented like this: + * + * 

+ * var auth = sling.getService(org.apache.sling.commons.auth.Authenticator);
+ * if (auth != null) {
+ *     try {
+ *         auth.login(request, response);
+ *         return; // we are done here
+ *     } catch (e) {
+ *         // probably NoAuthenticationHandler exception
+ *     }
+ * }
+ * // Authenticator service is missing or no AuthenticationHandler
+ * ... do whatever you want to for error handling ...
+ *
+ *

+ * Likewise implementing a logout script (ESP, too) is equally simple: + * + * 

+ * if (request.authType) {
+ *     // not logged in at all, no need to logout
+ * } else {
+ *     var auth = sling.getService(org.apache.sling.commons.auth.Authenticator);
+ *     if (auth != null) {
+ *         auth.logout(request, response);
+ *     } else {
+ *         // handle the case of no Authenticator service to logout with
+ *     }
+ * }
+ *
+ *

+ * This interface is not intended to be implemented by applications but may be + * used to initiate the authentication process form a request processing servlet + * or script. + * + * @since 1.0 (Sling API Bundle 2.1.0) + */ +public interface Authenticator { + + /** + * The name under which this service is registered. + */ + static final String SERVICE_NAME = Authenticator.class.getName(); + + /** + * Name of the request attribute which may be set by the application to + * indicate to the {@link #login(HttpServletRequest, HttpServletResponse)} + * method to which resource access should actually be authenticated. If this + * request attribute is not set or is the empty string, the + * {@link #login(HttpServletRequest, HttpServletResponse)} method uses the + * request path info (HttpServletRequest.getPathInfo()) method + * to find the resource to which to authenticate access. + *

+ * This request attribute can be used by frontend servlets/scripts which + * call into {@link #login(HttpServletRequest, HttpServletResponse)} on + * behalf of users. + */ + static final String LOGIN_RESOURCE = "resource"; + + /** + * Tries to login a request user for the current request. + *

+ * To identify the resource to which access should be authenticated the + * {@link #LOGIN_RESOURCE resource} request attribute is + * considered. If the request attribute is not set the request path info ( + * HttpServletRequest.getPathInfo()) is used. + *

+ * This method must be called on an uncommitted response since the + * implementation may want to reset the response to start the authentication + * process with a clean response. If the response is already committed an + * IllegalStateException is thrown. + *

+ * After this method has finished, request processing should be terminated + * and the response be considered committed and finished unless the + * {@link NoAuthenticationHandlerException} exception is thrown in which + * case no response has been sent to the client. + * + * @param request The object representing the client request. + * @param response The object representing the response to the client. + * @throws NoAuthenticationHandlerException If the service cannot find a way + * to authenticate a request user. + * @throws IllegalStateException If the response has already been committed. + */ + void login(HttpServletRequest request, HttpServletResponse response); + + /** + * Logs out if the current request is authenticated. + *

+ * This method must be called on an uncommitted response since the + * implementation may want to reset the response to restart the + * authentication process with a clean response. If the response is already + * committed an IllegalStateException is thrown. + *

+ * After this method has finished, request processing should be terminated + * and the response be considered committed and finished. + * + * @param request The object representing the client request. + * @param response The object representing the response to the client. + * @throws IllegalStateException If the response has already been committed. + */ + void logout(HttpServletRequest request, HttpServletResponse response); +} Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/Authenticator.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Rev Url Added: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java?rev=979641&view=auto ============================================================================== --- sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java (added) +++ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java Tue Jul 27 11:01:59 2010 @@ -0,0 +1,46 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.sling.api.auth; + +import org.apache.sling.api.SlingException; + +/** + * The NoAuthenticationHandlerException is thrown to indicate that + * the + * {@link Authenticator#login(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)} + * method could not find a way to authenticate the request user. + *

+ * This exception is thrown without a message. The caller of the + * {@link Authenticator#login(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)} + * method called is expected to immediately handle this exception and not to + * forward it up the call chain. + *

+ * This exception is not intended to be thrown by client code but is used by the + * {@link Authenticator} implementation. + * + * @since 1.0 (Sling API Bundle 2.1.0) + */ +@SuppressWarnings("serial") +public class NoAuthenticationHandlerException extends SlingException { + + public NoAuthenticationHandlerException() { + super(); + } + +} Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/auth/NoAuthenticationHandlerException.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Rev Url Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java?rev=979641&r1=979640&r2=979641&view=diff ============================================================================== --- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java (original) +++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LoginServlet.java Tue Jul 27 11:01:59 2010 @@ -24,9 +24,9 @@ import javax.servlet.http.HttpServletRes import org.apache.sling.api.SlingHttpServletRequest; import org.apache.sling.api.SlingHttpServletResponse; +import org.apache.sling.api.auth.Authenticator; +import org.apache.sling.api.auth.NoAuthenticationHandlerException; import org.apache.sling.api.servlets.SlingAllMethodsServlet; -import org.apache.sling.commons.auth.Authenticator; -import org.apache.sling.commons.auth.NoAuthenticationHandlerException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java?rev=979641&r1=979640&r2=979641&view=diff ============================================================================== --- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java (original) +++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/LogoutServlet.java Tue Jul 27 11:01:59 2010 @@ -22,8 +22,8 @@ import javax.servlet.http.HttpServletRes import org.apache.sling.api.SlingHttpServletRequest; import org.apache.sling.api.SlingHttpServletResponse; +import org.apache.sling.api.auth.Authenticator; import org.apache.sling.api.servlets.SlingAllMethodsServlet; -import org.apache.sling.commons.auth.Authenticator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java?rev=979641&r1=979640&r2=979641&view=diff ============================================================================== --- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java (original) +++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java Tue Jul 27 11:01:59 2010 @@ -33,12 +33,12 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.sling.api.auth.Authenticator; +import org.apache.sling.api.auth.NoAuthenticationHandlerException; import org.apache.sling.api.resource.LoginException; import org.apache.sling.api.resource.ResourceResolver; import org.apache.sling.api.resource.ResourceResolverFactory; import org.apache.sling.commons.auth.AuthenticationSupport; -import org.apache.sling.commons.auth.Authenticator; -import org.apache.sling.commons.auth.NoAuthenticationHandlerException; import org.apache.sling.commons.auth.impl.engine.EngineAuthenticationHandlerHolder; import org.apache.sling.commons.auth.spi.AuthenticationFeedbackHandler; import org.apache.sling.commons.auth.spi.AuthenticationHandler; Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java?rev=979641&r1=979640&r2=979641&view=diff ============================================================================== --- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java (original) +++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/engine/EngineSlingAuthenticator.java Tue Jul 27 11:01:59 2010 @@ -21,8 +21,8 @@ package org.apache.sling.commons.auth.im import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.sling.commons.auth.NoAuthenticationHandlerException; import org.apache.sling.engine.auth.Authenticator; +import org.apache.sling.engine.auth.NoAuthenticationHandlerException; /** * The EngineSlingAuthenticator class is a simple proxy service @@ -42,13 +42,13 @@ public class EngineSlingAuthenticator im /** * @scr.reference */ - private org.apache.sling.commons.auth.Authenticator slingAuthenticator; + private org.apache.sling.api.auth.Authenticator slingAuthenticator; public void login(HttpServletRequest request, HttpServletResponse response) { try { slingAuthenticator.login(request, response); - } catch (NoAuthenticationHandlerException nahe) { - final org.apache.sling.engine.auth.NoAuthenticationHandlerException wrapped = new org.apache.sling.engine.auth.NoAuthenticationHandlerException(); + } catch (org.apache.sling.api.auth.NoAuthenticationHandlerException nahe) { + final NoAuthenticationHandlerException wrapped = new NoAuthenticationHandlerException(); wrapped.initCause(nahe); throw wrapped; } Copied: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java (from r957890, sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java) URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java?p2=sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java&p1=sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java&r1=957890&r2=979641&rev=979641&view=diff ============================================================================== --- sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/impl/AuthenticationFormServlet.java (original) +++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationFormServlet.java Tue Jul 27 11:01:59 2010 @@ -16,7 +16,7 @@ * specific language governing permissions and limitations * under the License. */ -package org.apache.sling.formauth.impl; +package org.apache.sling.commons.auth.spi; import java.io.IOException; import java.io.InputStream; @@ -27,40 +27,30 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.sling.formauth.FormReason; - /** - * The AuthenticationFormServlet provides the default login form - * used for Form Based Authentication. + * The AbstractAuthenticationFormServlet provides a basic + * implementation of a simple servlet to render a login form for authentication + * purposes. * - * @scr.component metatype="no" + * @scr.component metatype="no" abstract="yes" * @scr.service interface="javax.servlet.Servlet" - * @scr.property name="service.vendor" value="The Apache Software Foundation" - * @scr.property name="service.description" - * value="Default Login Form for Form Based Authentication" */ @SuppressWarnings("serial") -public class AuthenticationFormServlet extends HttpServlet { +public abstract class AbstractAuthenticationFormServlet extends HttpServlet { /** - * The constant is sued to provide the service registration path + * The path to the default login form. * - * @scr.property name="sling.servlet.paths" + * @see #getDefaultFormPath() */ - static final String SERVLET_PATH = "/system/sling/form/login"; + public static final String DEFAULT_FORM_PATH = "login.html"; /** - * This constant is used to provide the service registration property - * indicating to pass requests to this servlet unauthenticated. + * The path to the custom login form. * - * @scr.property name="sling.auth.requirements" + * @see #getCustomFormPath() */ - @SuppressWarnings("unused") - private static final String AUTH_REQUIREMENT = "-" + SERVLET_PATH; - - private static final String DEFAULT_FORM_PATH = "login.html"; - - private static final String CUSTOM_FORM_PATH = "custom_login.html"; + public static final String CUSTOM_FORM_PATH = "custom_login.html"; /** * The raw form used by the {@link #getForm(HttpServletRequest)} method to @@ -109,7 +99,8 @@ public class AuthenticationFormServlet e handle(request, response); } - private void handle(HttpServletRequest request, HttpServletResponse response) throws IOException { + private void handle(HttpServletRequest request, HttpServletResponse response) + throws IOException { // reset the response first response.reset(); @@ -136,7 +127,8 @@ public class AuthenticationFormServlet e * @return The login form to be returned to the client * @throws IOException If the login form cannot be loaded */ - private String getForm(final HttpServletRequest request) throws IOException { + protected String getForm(final HttpServletRequest request) + throws IOException { String form = getRawForm(); form = form.replace("${resource}", getResource(request)); @@ -155,9 +147,8 @@ public class AuthenticationFormServlet e * @return The target to redirect after sucessfully login or an empty string * if no specific target has been requested. */ - private String getResource(final HttpServletRequest request) { - final String resource = FormAuthenticationHandler.getLoginResource(request); - return (resource == null) ? "" : resource; + protected String getResource(final HttpServletRequest request) { + return AbstractAuthenticationHandler.getLoginResource(request, ""); } /** @@ -169,27 +160,7 @@ public class AuthenticationFormServlet e * @return The "translated" reason to render the login form or an empty * string if there is no specific reason */ - private String getReason(final HttpServletRequest request) { - // return the resource attribute if set to a non-empty string - Object resObj = request.getAttribute(FormAuthenticationHandler.PAR_J_REASON); - if (resObj instanceof FormReason) { - return ((FormReason) resObj).toString(); - } - - final String reason = request.getParameter(FormAuthenticationHandler.PAR_J_REASON); - if (reason != null) { - try { - return FormReason.valueOf(reason).toString(); - } catch (IllegalArgumentException iae) { - // thrown if the reason is not an expected value, assume none - } - - // no valid FormReason value, use raw value - return reason; - } - - return ""; - } + protected abstract String getReason(final HttpServletRequest request); /** * Load the raw unmodified form from the bundle (through the class loader). @@ -203,10 +174,10 @@ public class AuthenticationFormServlet e InputStream ins = null; try { // try a custom login page first. - ins = getClass().getResourceAsStream(CUSTOM_FORM_PATH); + ins = getClass().getResourceAsStream(getCustomFormPath()); if (ins == null) { // try the standard login page - ins = getClass().getResourceAsStream(DEFAULT_FORM_PATH); + ins = getClass().getResourceAsStream(getDefaultFormPath()); } if (ins != null) { @@ -236,4 +207,32 @@ public class AuthenticationFormServlet e return rawForm; } + + /** + * Returns the path to the default login form to load through the class + * loader of this instance using Class.getResourceAsStream. + *

+ * The default form is used intended to be included with the bundle + * implementing this abstract class. + *

+ * This method returns {@link #DEFAULT_FORM_PATH} and may be overwritten by + * implementations. + */ + protected String getDefaultFormPath() { + return DEFAULT_FORM_PATH; + } + + /** + * Returns the path to the custom login form to load through the class + * loader of this instance using Class.getResourceAsStream. + *

+ * The custom form can be supplied by a fragment attaching to the bundle + * implementing this abstract class. + *

+ * This method returns {@link #CUSTOM_FORM_PATH} and may be overwritten by + * implementations. + */ + protected String getCustomFormPath() { + return CUSTOM_FORM_PATH; + } } Added: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java?rev=979641&view=auto ============================================================================== --- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java (added) +++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java Tue Jul 27 11:01:59 2010 @@ -0,0 +1,86 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.sling.commons.auth.spi; + +import javax.servlet.http.HttpServletRequest; +import org.apache.sling.api.auth.Authenticator; + +/** + * The AbstractAuthenticationHandler implements the + * AuthenticationHandler interface and extends the + * {@link DefaultAuthenticationFeedbackHandler} providing some helper methods + * which may be used by authentication handlers. + */ +public abstract class AbstractAuthenticationHandler extends + DefaultAuthenticationFeedbackHandler implements AuthenticationHandler { + + /** + * Returns the value of the named request attribute or parameter as a string + * as follows: + *

    + *
  1. If there is a request attribute of that name, which is a non-empty + * string, it is returned.
    2. If there is a non-empty request parameter of + * that name, this parameter is returned. + *
  2. Otherwise the defaultValue is returned. + * + * @param request The request from which to return the attribute or request + * parameter + * @param name The name of the attribute/parameter + * @param defaultValue The default value to use if neither a non-empty + * string attribute or a non-empty parameter exists in the + * request. + * @return The attribute, parameter or defaultValue as defined + * above. + */ + public static String getAttributeOrParameter( + final HttpServletRequest request, final String name, + final String defaultValue) { + + Object resObj = request.getAttribute(name); + if ((resObj instanceof String) && ((String) resObj).length() > 0) { + return (String) resObj; + } + + final String resource = request.getParameter(name); + if (resource != null && resource.length() > 0) { + return resource; + } + + return defaultValue; + } + + /** + * Returns any resource target to redirect to after successful + * authentication. This method either returns a non-empty string or the + * defaultLoginResource parameter. First the + * resource request attribute is checked. If it is a non-empty + * string, it is returned. Second the resource request + * parameter is checked and returned if it is a non-empty string. + * + * @param request The request providing the attribute or parameter + * @param defaultLoginResource The default login resource value + * @return The non-empty redirection target or + * defaultLoginResource. + */ + public static String getLoginResource(final HttpServletRequest request, + String defaultLoginResource) { + return getAttributeOrParameter(request, Authenticator.LOGIN_RESOURCE, + defaultLoginResource); + } +} Propchange: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/spi/AbstractAuthenticationHandler.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Rev Url