Class HttpMessageContextWrapper
- All Implemented Interfaces:
HttpMessageContext
All methods default to calling the wrapped object.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Convenience method to clean the subject associated with this context.Instructs the container to "do nothing".Forwards to another resource (Jakarta Servlet, Jakarta Server Pages file, or HTML file) on the server.Returns the parameters that were provided with the SecurityContext#authenticate(AuthParameters) call.Gets the Principal set by a call to notifyContainerAboutLogin().Returns the subject for which authentication is to take place.Gets the groups set by a call to notifyContainerAboutLogin().Returns the low level Jakarta Authentication handler that the runtime provided when creating thisHttpMessageContext
, and which this context uses to communicate the authentication details to the runtime.jakarta.security.auth.message.MessageInfo
Returns the the low level Jakarta Authentication message info instance for the current request.jakarta.servlet.http.HttpServletRequest
Returns the request object associated with the current request.jakarta.servlet.http.HttpServletResponse
Returns the response object associated with the current request.boolean
Checks if the current call to an authentication mechanism is the result from the application callingSecurityContext.authenticate(HttpServletRequest, HttpServletResponse, AuthenticationParameters)
boolean
Checks if the currently requested resource is protected or not.boolean
Check if the runtime has been asked to register an authentication session duing the current request.Convenience method intended to pass theCredentialValidationResult
result of an identity store directly on to the container.notifyContainerAboutLogin
(String username, Set<String> roles) Asks the container to register the given caller name and groups in order to make them available to the application for use withSecurityContext.isCallerInRole(String)
etc.notifyContainerAboutLogin
(Principal principal, Set<String> roles) Asks the container to register the given caller principal and groups in order to make them available to the application for use withSecurityContext.isCallerInRole(String)
etc.Sets the response status to SC_FOUND 302 (Found)Sets the response status to 404 (not found).Sets the response status to 401 (unauthorized).void
setRegisterSession
(String callerName, Set<String> groups) Asks the runtime to register an authentication session.void
setRequest
(jakarta.servlet.http.HttpServletRequest request) Sets the request object.void
setResponse
(jakarta.servlet.http.HttpServletResponse response) Set the response object.withRequest
(jakarta.servlet.http.HttpServletRequest request) Sets the request object.
-
Constructor Details
-
HttpMessageContextWrapper
-
-
Method Details
-
getWrapped
-
isProtected
public boolean isProtected()Description copied from interface:HttpMessageContext
Checks if the currently requested resource is protected or not. A protected resource is a resource (e.g. a Jakarta Servlet, Jakarta Faces page, Jakarta Server Pages page etc) for which a constraint has been defined in e.g.web.xml
.- Specified by:
isProtected
in interfaceHttpMessageContext
- Returns:
- true if a protected resource was requested, false if a public resource was requested.
-
isAuthenticationRequest
public boolean isAuthenticationRequest()Description copied from interface:HttpMessageContext
Checks if the current call to an authentication mechanism is the result from the application callingSecurityContext.authenticate(HttpServletRequest, HttpServletResponse, AuthenticationParameters)
If SecurityContext#authenticate was not called, the authentication mechanism may have been invoked by the container at the start of a request.
- Specified by:
isAuthenticationRequest
in interfaceHttpMessageContext
- Returns:
- true if SecurityContext#authenticate was called, false if not.
-
isRegisterSession
public boolean isRegisterSession()Description copied from interface:HttpMessageContext
Check if the runtime has been asked to register an authentication session duing the current request.- Specified by:
isRegisterSession
in interfaceHttpMessageContext
- Returns:
- true if code has asked to register an authentication session, false otherwise.
-
setRegisterSession
Description copied from interface:HttpMessageContext
Asks the runtime to register an authentication session. This will automatically remember the logged-in status as long as the current HTTP session remains valid. Without this being asked, aHttpAuthenticationMechanism
has to manually re-authenticate with the runtime at the start of each request.- Specified by:
setRegisterSession
in interfaceHttpMessageContext
- Parameters:
callerName
- the caller name for which authentication should be be rememberedgroups
- the groups for which authentication should be remembered.
-
cleanClientSubject
public void cleanClientSubject()Description copied from interface:HttpMessageContext
Convenience method to clean the subject associated with this context.Cleaning this subject is done as defined by the Servlet Container Profile of Jakarta Authentication for the ServerAuthModule#cleanSubject method and the
HttpAuthenticationMechanism.cleanSubject(HttpServletRequest, HttpServletResponse, HttpMessageContext)
method defined by this specification.- Specified by:
cleanClientSubject
in interfaceHttpMessageContext
-
getAuthParameters
Description copied from interface:HttpMessageContext
Returns the parameters that were provided with the SecurityContext#authenticate(AuthParameters) call.- Specified by:
getAuthParameters
in interfaceHttpMessageContext
- Returns:
- the parameters that were provided with the SecurityContext#authenticate(AuthParameters) call, or a default instance. Never null.
-
getHandler
Description copied from interface:HttpMessageContext
Returns the low level Jakarta Authentication handler that the runtime provided when creating thisHttpMessageContext
, and which this context uses to communicate the authentication details to the runtime.Note: This is a low level object that most higher level code would not need to use directly.
- Specified by:
getHandler
in interfaceHttpMessageContext
- Returns:
- the handler that the runtime provided to this context
-
getMessageInfo
public jakarta.security.auth.message.MessageInfo getMessageInfo()Description copied from interface:HttpMessageContext
Returns the the low level Jakarta Authentication message info instance for the current request.Note: This is a low level object that most higher level code would not need to use directly.
- Specified by:
getMessageInfo
in interfaceHttpMessageContext
- Returns:
- the message info instance for the current request.
-
getClientSubject
Description copied from interface:HttpMessageContext
Returns the subject for which authentication is to take place.Note: This is a low level object that most higher level code would not need to use directly.
- Specified by:
getClientSubject
in interfaceHttpMessageContext
- Returns:
- the subject for which authentication is to take place.
-
getRequest
public jakarta.servlet.http.HttpServletRequest getRequest()Description copied from interface:HttpMessageContext
Returns the request object associated with the current request.- Specified by:
getRequest
in interfaceHttpMessageContext
- Returns:
- the request object associated with the current request.
-
setRequest
public void setRequest(jakarta.servlet.http.HttpServletRequest request) Description copied from interface:HttpMessageContext
Sets the request object.- Specified by:
setRequest
in interfaceHttpMessageContext
- Parameters:
request
- the request object to be set
-
withRequest
Description copied from interface:HttpMessageContext
Sets the request object.- Specified by:
withRequest
in interfaceHttpMessageContext
- Parameters:
request
- the request object to be set.- Returns:
- the HttpMessageContext instance on which this method was called, useful for fluent style call call chains.
-
getResponse
public jakarta.servlet.http.HttpServletResponse getResponse()Description copied from interface:HttpMessageContext
Returns the response object associated with the current request.- Specified by:
getResponse
in interfaceHttpMessageContext
- Returns:
- the response object associated with the current request.
-
setResponse
public void setResponse(jakarta.servlet.http.HttpServletResponse response) Description copied from interface:HttpMessageContext
Set the response object.- Specified by:
setResponse
in interfaceHttpMessageContext
- Parameters:
response
- the response object to be set.
-
redirect
Description copied from interface:HttpMessageContext
Sets the response status to SC_FOUND 302 (Found)As a convenience this method returns SEND_CONTINUE, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
redirect
in interfaceHttpMessageContext
- Parameters:
location
- the location to redirect to- Returns:
AuthenticationStatus.SEND_CONTINUE
- See Also:
-
HttpServletResponse.sendRedirect(String)
-
forward
Description copied from interface:HttpMessageContext
Forwards to another resource (Jakarta Servlet, Jakarta Server Pages file, or HTML file) on the server.As a convenience this method returns SEND_CONTINUE, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
forward
in interfaceHttpMessageContext
- Parameters:
path
- a String specifying the pathname to the resource.- Returns:
AuthenticationStatus.SEND_CONTINUE
- See Also:
-
RequestDispatcher.forward(jakarta.servlet.ServletRequest, jakarta.servlet.ServletResponse)
-
responseUnauthorized
Description copied from interface:HttpMessageContext
Sets the response status to 401 (unauthorized).As a convenience this method returns SEND_FAILURE, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
responseUnauthorized
in interfaceHttpMessageContext
- Returns:
AuthenticationStatus.SEND_FAILURE
-
responseNotFound
Description copied from interface:HttpMessageContext
Sets the response status to 404 (not found).As a convenience this method returns SEND_FAILURE, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
responseNotFound
in interfaceHttpMessageContext
- Returns:
AuthenticationStatus.SEND_FAILURE
-
notifyContainerAboutLogin
Description copied from interface:HttpMessageContext
Asks the container to register the given caller name and groups in order to make them available to the application for use withSecurityContext.isCallerInRole(String)
etc.Note that after this call returned, the authenticated identity will not be immediately active. This will only take place (should no errors occur) after the authentication mechanism in which this call takes place returns control back to the container (runtime).
As a convenience this method returns SUCCESS, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
notifyContainerAboutLogin
in interfaceHttpMessageContext
- Parameters:
username
- the caller name that will become the caller principalroles
- the groups associated with the caller principal- Returns:
AuthenticationStatus.SUCCESS
-
notifyContainerAboutLogin
Description copied from interface:HttpMessageContext
Asks the container to register the given caller principal and groups in order to make them available to the application for use withSecurityContext.isCallerInRole(String)
etc.Note that this call may result in the container establishing two caller principals to represent the caller's identity -- the Principal provided here as the principal parameter, and a second principal used as the container's representation of the caller identity. A second principal is added only if the container uses a different Principal type to represent the caller. If the types are the same, only one Principal is added.
If a second principal is added, the value returned by
Principal.getName()
will be the same for both principals.When two principals are added, the container's caller principal is returned from
SecurityContext.getCallerPrincipal()
, and the principal supplied here as a parameter can be retrieved usingSecurityContext.getPrincipalsByType(Class)
. When only one is added, it is returned bySecurityContext.getCallerPrincipal()
.Note that after this call returned, the authenticated identity will not be immediately active. This will only take place (should no errors occur) after the authentication mechanism in which this call takes place returns control back to the container (runtime).
As a convenience this method returns SUCCESS, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
notifyContainerAboutLogin
in interfaceHttpMessageContext
- Parameters:
principal
- the Principal that will become the caller principalroles
- the groups associated with the caller principal- Returns:
AuthenticationStatus.SUCCESS
-
notifyContainerAboutLogin
Description copied from interface:HttpMessageContext
Convenience method intended to pass theCredentialValidationResult
result of an identity store directly on to the container.If the outcome from the given
CredentialValidationResult.getStatus()
equalsCredentialValidationResult.Status.VALID
, theCallerPrincipal
and groups are obtained from theCredentialValidationResult
and passed intoHttpMessageContext.notifyContainerAboutLogin(Principal, Set)
.If the outcome from the given
CredentialValidationResult.getStatus()
is not equal toCredentialValidationResult.Status.VALID
a failure result is returned.- Specified by:
notifyContainerAboutLogin
in interfaceHttpMessageContext
- Parameters:
result
- a CredentialValidationResult which is inspected for its status and from which the principal and groups are taken.- Returns:
AuthenticationStatus.SUCCESS
ifCredentialValidationResult.getStatus()
equalsCredentialValidationResult.Status.VALID
otherwiseAuthenticationStatus.SEND_FAILURE
-
doNothing
Description copied from interface:HttpMessageContext
Instructs the container to "do nothing".When intending to do nothing, a Jakarta Security authentication mechanism has to indicate this explicitly via its return value.
As a convenience this method returns NOT_DONE, so this method can be used in one fluent return statement from an
HttpAuthenticationMechanism
- Specified by:
doNothing
in interfaceHttpMessageContext
- Returns:
AuthenticationStatus.NOT_DONE
-
getCallerPrincipal
Description copied from interface:HttpMessageContext
Gets the Principal set by a call to notifyContainerAboutLogin().- Specified by:
getCallerPrincipal
in interfaceHttpMessageContext
- Returns:
- The caller principal
-
getGroups
Description copied from interface:HttpMessageContext
Gets the groups set by a call to notifyContainerAboutLogin().- Specified by:
getGroups
in interfaceHttpMessageContext
- Returns:
- The groups
-