Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

blackboard.platform.security.authentication
Interface HttpAuthModule

All Known Implementing Classes:
BaseAuthenticationModule, LDAPAuthModule
public interface HttpAuthModule

This interface is provided for custom authentication schemes.

Version:
$Revision: #1 $ $Date: 2005/06/27 $

Method Summary
 java.lang.String doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Performs the actual, implementation-specific work of authentication.
 void doLogout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Performs the actual, implementation-specific work of invalidating the user's authentication status.
 java.lang.String getAuthType()
          Returns a String identifier for the authentication type for a given implementation of HttpAuthModule.
 java.lang.String[] getPropKeys()
          Returns a String array of the keys to an authentication module's configuration properties file.
 void init(ConfigurationService cfg)
          This method is used to initialize the authentication module.
 boolean isAuthenticated(javax.servlet.http.HttpServletRequest request)
          Deprecated. This method is no longer called.
 void requestAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Send the client an authentication request.
 void setConfig(HttpAuthConfig config)
          Sets the HttpAuthConfig configuration object for an authentication module.
 

Method Detail

init

void init(ConfigurationService cfg)
          throws java.lang.IllegalStateException
This method is used to initialize the authentication module.

Parameters:
props - configuration data for the security subsystem.
Throws:
java.lang.IllegalStateException

isAuthenticated

boolean isAuthenticated(javax.servlet.http.HttpServletRequest request)
                        throws BbSecurityException
Deprecated. This method is no longer called.

Examines the current request to check and see if the user is currently authenticated. Implementations have a variety of options to track authentication status, including storing a token in the HttpSession object.

Parameters:
request - the current HttpServletRequest for the user.
Returns:
true if the user is authenticated
Throws:
BbSecurityException - thrown if an error occurs while attempting to verify authentication
See Also:
blackboard.platform.session.BbSession.isAuthenticated

doAuthenticate

java.lang.String doAuthenticate(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response)
                                throws BbSecurityException,
                                       BbAuthenticationFailedException,
                                       BbCredentialsNotFoundException
Performs the actual, implementation-specific work of authentication.

Parameters:
request - the request object containing authentication information
response - the response object to allow for complex client/server interactions during the authentication process. For most implementations, this argument will not be used.
Returns:
the user name for the requesting user. Throws an exception (see Exceptions thrown below) if the user cannot be authenticated.
Throws:
BbSecurityException - thrown if an error occurs during authentication
BbAuthenticationFailedException - thrown if authentication failed (i.e., wrong password)
BbCredentialsNotFoundException - thrown if no credentials were found in the request

doLogout

void doLogout(javax.servlet.http.HttpServletRequest request,
              javax.servlet.http.HttpServletResponse response)
              throws BbSecurityException
Performs the actual, implementation-specific work of invalidating the user's authentication status.

Parameters:
request - the HTTP request object used to invalidate the current session
response - the HTTP response object. This is not typically used.
Throws:
BbSecurityException - thrown if an error occurs performing the implementation-specific invalidation

requestAuthenticate

void requestAuthenticate(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response)
                         throws BbSecurityException
Send the client an authentication request.

Parameters:
request - request object. This is sent so that the implementation can provide intelligent routing. E.g., if the authentication process involves a redirect to an authentication server, HTTP_REFERRER data can be attached so that the user can be redirected to the desired Campus entry point.
response - the response object used to send the authentication directive to the client. Examples include redirection to an authentication server, or sending an HTTP 401 status to the client.
Throws:
BbSecurityException - thrown if the process cannot complete

getAuthType

java.lang.String getAuthType()
Returns a String identifier for the authentication type for a given implementation of HttpAuthModule.

getPropKeys

java.lang.String[] getPropKeys()
Returns a String array of the keys to an authentication module's configuration properties file.

setConfig

void setConfig(HttpAuthConfig config)
Sets the HttpAuthConfig configuration object for an authentication module.

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003 Blackboard, Inc. All Rights Reserved.