Package org.apache.sling.auth.core.spi
Class AbstractAuthenticationFormServlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- org.apache.sling.auth.core.spi.AbstractAuthenticationFormServlet
-
- All Implemented Interfaces:
Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
public abstract class AbstractAuthenticationFormServlet extends javax.servlet.http.HttpServlet
TheAbstractAuthenticationFormServlet
provides a basic implementation of a simple servlet to render a login form for authentication purposes.- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static String
CUSTOM_FORM_PATH
The path to the custom login form.static String
DEFAULT_FORM_PATH
The path to the default login form.
-
Constructor Summary
Constructors Constructor Description AbstractAuthenticationFormServlet()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected void
doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Prepares and returns the login form.protected void
doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Prepares and returns the login form.protected String
getContextPath(javax.servlet.http.HttpServletRequest request)
Returns the context path for the authentication form request.protected String
getCustomFormPath()
Returns the path to the custom login form to load through the class loader of this instance usingClass.getResourceAsStream
.protected String
getDefaultFormPath()
Returns the path to the default login form to load through the class loader of this instance usingClass.getResourceAsStream
.protected String
getForm(javax.servlet.http.HttpServletRequest request)
Returns the form to be sent back to the client for login providing an optional informational message and the optional target to redirect to after successfully logging in.protected abstract String
getReason(javax.servlet.http.HttpServletRequest request)
Returns an informational message according to the value provided in thej_reason
request parameter.protected String
getResource(javax.servlet.http.HttpServletRequest request)
Returns the path to the resource to which the request should be redirected after successfully completing the form or an empty string if there is noresource
request parameter.-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
-
-
-
-
Field Detail
-
DEFAULT_FORM_PATH
public static final String DEFAULT_FORM_PATH
The path to the default login form.- See Also:
getDefaultFormPath()
, Constant Field Values
-
CUSTOM_FORM_PATH
public static final String CUSTOM_FORM_PATH
The path to the custom login form.- See Also:
getCustomFormPath()
, Constant Field Values
-
-
Method Detail
-
doGet
protected void doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
Prepares and returns the login form. The response is sent as an UTF-8 encodedtext/html
page with all known cache control headers set to prevent all caching.This servlet is to be called to handle the request directly, that is it expected to not be included and for the response to not be committed yet because it first resets the response.
- Overrides:
doGet
in classjavax.servlet.http.HttpServlet
- Throws:
IOException
- if an error occurs preparing or sending back the login formIllegalStateException
- if the response has already been committed and thus response reset is not possible.
-
doPost
protected void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
Prepares and returns the login form. The response is sent as an UTF-8 encodedtext/html
page with all known cache control headers set to prevent all caching.This servlet is to be called to handle the request directly, that is it expected to not be included and for the response to not be committed yet because it first resets the response.
- Overrides:
doPost
in classjavax.servlet.http.HttpServlet
- Throws:
IOException
- if an error occurs preparing or sending back the login formIllegalStateException
- if the response has already been committed and thus response reset is not possible.
-
getForm
protected String getForm(javax.servlet.http.HttpServletRequest request) throws IOException
Returns the form to be sent back to the client for login providing an optional informational message and the optional target to redirect to after successfully logging in.- Parameters:
request
- The request providing parameters indicating the informational message and redirection target.- Returns:
- The login form to be returned to the client
- Throws:
IOException
- If the login form cannot be loaded
-
getResource
protected String getResource(javax.servlet.http.HttpServletRequest request)
Returns the path to the resource to which the request should be redirected after successfully completing the form or an empty string if there is noresource
request parameter.- Parameters:
request
- The request providing theresource
parameter.- Returns:
- The target to redirect after successfully login or an empty string if no specific target has been requested.
-
getReason
protected abstract String getReason(javax.servlet.http.HttpServletRequest request)
Returns an informational message according to the value provided in thej_reason
request parameter. Supported reasons are invalid credentials and session timeout.- Parameters:
request
- The request providing the parameter- Returns:
- The "translated" reason to render the login form or an empty string if there is no specific reason
-
getContextPath
protected String getContextPath(javax.servlet.http.HttpServletRequest request)
Returns the context path for the authentication form request. This path is the path to the authenticated resource as returned bygetResource(HttpServletRequest)
(without the optional query string which may be contained in the resource path). IfgetResource(HttpServletRequest)
return an empty string, the servlet context path is used.- Parameters:
request
- The request- Returns:
- The context path for the form action consisting of the resource to which the user is to authenticate.
-
getDefaultFormPath
protected String getDefaultFormPath()
Returns the path to the default login form to load through the class loader of this instance usingClass.getResourceAsStream
.The default form is used intended to be included with the bundle implementing this abstract class.
This method returns
DEFAULT_FORM_PATH
and may be overwritten by implementations.- Returns:
DEFAULT_FORM_PATH
-
getCustomFormPath
protected String getCustomFormPath()
Returns the path to the custom login form to load through the class loader of this instance usingClass.getResourceAsStream
.The custom form can be supplied by a fragment attaching to the bundle implementing this abstract class.
This method returns
CUSTOM_FORM_PATH
and may be overwritten by implementations.- Returns:
CUSTOM_FORM_PATH
-
-