org.opencms.security

类 CmsDefaultAuthorizationHandler

java.lang.Object

org.opencms.main.A_CmsAuthorizationHandler

org.opencms.security.CmsDefaultAuthorizationHandler

所有已实现的接口:

I_CmsAuthorizationHandler

public class CmsDefaultAuthorizationHandler
extends A_CmsAuthorizationHandler

Defines default authorization methods.

从以下版本开始:

6.5.4

嵌套类概要

从接口继承的嵌套类/接口 org.opencms.security.I_CmsAuthorizationHandler

I_CmsAuthorizationHandler.I_PrivilegedLoginAction

字段概要

字段

限定符和类型	字段和说明
static java.lang.String	AUTHORIZATION_BASIC_PREFIX Basic authorization prefix constant.
static java.lang.String	HEADER_AUTHORIZATION Authorization header constant.
static java.lang.String	SEPARATOR_CREDENTIALS Credentials separator constant.

从类继承的字段 org.opencms.main.A_CmsAuthorizationHandler

LOG, m_parameters

构造器概要

构造器

构造器和说明
CmsDefaultAuthorizationHandler()

方法概要

方法

限定符和类型	方法和说明
protected CmsObject	checkBasicAuthorization(javax.servlet.http.HttpServletRequest req) Checks if the current request contains HTTP basic authentication information in the headers, if so the user is tried to log in with this data, and on success a session is generated.
java.lang.String	getLoginFormURL(java.lang.String loginFormURL, java.lang.String params, java.lang.String callbackURL) Returns the full URL used to call a login form with additional parameters and a callbackURL.
CmsObject	initCmsObject(javax.servlet.http.HttpServletRequest request) Creates a new cms object from the given request object.
CmsObject	initCmsObject(javax.servlet.http.HttpServletRequest request, I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction) Creates a new cms object from the given request object.
CmsObject	initCmsObject(javax.servlet.http.HttpServletRequest request, java.lang.String userName, java.lang.String pwd) Authenticates the current request with additional user information.
void	requestAuthorization(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, java.lang.String loginFormURL) This method sends a request to the client to display a login form, it is needed for HTTP-Authentication.

从类继承的方法 org.opencms.main.A_CmsAuthorizationHandler

initCmsObjectFromSession, registerSession, setParameters

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

AUTHORIZATION_BASIC_PREFIX

public static final java.lang.String AUTHORIZATION_BASIC_PREFIX

Basic authorization prefix constant.

另请参阅:

常量字段值

HEADER_AUTHORIZATION

public static final java.lang.String HEADER_AUTHORIZATION

Authorization header constant.

另请参阅:

常量字段值

SEPARATOR_CREDENTIALS

public static final java.lang.String SEPARATOR_CREDENTIALS

Credentials separator constant.

另请参阅:

常量字段值

构造器详细资料

CmsDefaultAuthorizationHandler

public CmsDefaultAuthorizationHandler()

方法详细资料

getLoginFormURL

public java.lang.String getLoginFormURL(java.lang.String loginFormURL,
                               java.lang.String params,
                               java.lang.String callbackURL)

从接口复制的说明: I_CmsAuthorizationHandler

Returns the full URL used to call a login form with additional parameters and a callbackURL.

参数:

loginFormURL - the form URL specified in the cms (either as a property or system-wide)

params - additional parameters to provide to the login form

callbackURL - the call-back URL to redirect after a successful login

返回:

the full URL used to call a login form

另请参阅:

I_CmsAuthorizationHandler.getLoginFormURL(java.lang.String, java.lang.String, java.lang.String)

initCmsObject

public CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request)

从接口复制的说明: I_CmsAuthorizationHandler

Creates a new cms object from the given request object.

This method is called by OpenCms every time a resource is requested and the session can not automatically be authenticated.

参数:

request - the HTTP request to authenticate

返回:

the cms context object associated to the current session

另请参阅:

I_CmsAuthorizationHandler.initCmsObject(HttpServletRequest)

initCmsObject

public CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request,
                      I_CmsAuthorizationHandler.I_PrivilegedLoginAction loginAction)

从接口复制的说明: I_CmsAuthorizationHandler

Creates a new cms object from the given request object.

This method is called by OpenCms every time a resource is requested and the session can not automatically be authenticated.

参数:

request - the HTTP request to authenticate

loginAction - the privileged login action

返回:

the cms context object associated to the current session

另请参阅:

I_CmsAuthorizationHandler.initCmsObject(javax.servlet.http.HttpServletRequest, org.opencms.security.I_CmsAuthorizationHandler.I_PrivilegedLoginAction)

initCmsObject

public CmsObject initCmsObject(javax.servlet.http.HttpServletRequest request,
                      java.lang.String userName,
                      java.lang.String pwd)
                        throws CmsException

从接口复制的说明: I_CmsAuthorizationHandler

Authenticates the current request with additional user information.

You have to call this method by your own.

参数:

request - the HTTP request to authenticate

userName - the user name to authenticate

pwd - the user password to authenticate with

返回:

the cms context object associated to the given user

抛出:

CmsException - if something goes wrong

另请参阅:

I_CmsAuthorizationHandler.initCmsObject(HttpServletRequest, String, String)

requestAuthorization

public void requestAuthorization(javax.servlet.http.HttpServletRequest req,
                        javax.servlet.http.HttpServletResponse res,
                        java.lang.String loginFormURL)
                          throws java.io.IOException

This method sends a request to the client to display a login form, it is needed for HTTP-Authentication.

参数:

req - the client request

res - the response

loginFormURL - the full URL used for form based authentication

抛出:

java.io.IOException - if something goes wrong

checkBasicAuthorization

protected CmsObject checkBasicAuthorization(javax.servlet.http.HttpServletRequest req)

Checks if the current request contains HTTP basic authentication information in the headers, if so the user is tried to log in with this data, and on success a session is generated.

参数:

req - the current HTTP request

返回:

the authenticated cms object, or null if failed