Class DefaultAuthenticationFeedbackHandler

    • Constructor Detail

      • DefaultAuthenticationFeedbackHandler

        public DefaultAuthenticationFeedbackHandler()
    • Method Detail

      • handleRedirect

        public static boolean handleRedirect​(javax.servlet.http.HttpServletRequest request,
                                             javax.servlet.http.HttpServletResponse response)
        Handles an optional request for a redirect after successful authentication and true if the request has been redirected.

        This method checks AuthenticationSupport.REDIRECT_PARAMETER request parameter for the redirect target. This parameter is handled as follows:

        • If the parameter does not exist, the method does not redirect and false is returned.
        • If the parameter is the string true or is empty, a redirect response to the request URI (HttpServletRequest.getRequestURI()) is sent and true is returned.
        • If the parameter is a relative path, the path is made absolute by resolving it relative to the request URI (HttpServletRequest.getRequestURI()). The resulting target is validated with the AbstractAuthenticationHandler.isRedirectValid(HttpServletRequest, String) method. If valid a redirect to that target is sent back and true is returned. Otherwise a redirect to the servlet context root is sent back and true is returned.
        • If the parameter is an absolute path it is validated with the AbstractAuthenticationHandler.isRedirectValid(HttpServletRequest, String) method. If valid a redirect to that path is sent back and true is returned. Otherwise a redirect to the servlet context root is sent back and true is returned.
        If sending the redirect response fails due to some IO problems, the request is still terminated but an error message is logged indicating the problem.
        Parameters:
        request - The servlet request
        response - The servlet response
        Returns:
        true if redirect was requested. Otherwise false is returned. Note, that true is returned regardless of whether sending the redirect response succeeded or not.
        Since:
        1.0.4 (bundle version 1.0.8) the target is validated with the AbstractAuthenticationHandler.isRedirectValid(HttpServletRequest, String) method.
      • authenticationFailed

        public void authenticationFailed​(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response,
                                         AuthenticationInfo authInfo)
        This default implementation does nothing.

        Extensions of this class may overwrite to cleanup any internal state.

        Specified by:
        authenticationFailed in interface AuthenticationFeedbackHandler
        Parameters:
        request - The current request
        response - The current response
        authInfo - The AuthenticationInfo object used to authenticate the request.