Package net.officefloor.web.security.scheme

Class AnonymousHttpSecuritySource

java.lang.Object

net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

net.officefloor.web.security.scheme.AnonymousHttpSecuritySource

All Implemented Interfaces:

Serializable, HttpAccessControl, HttpAuthentication<Void>, HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>, HttpSecuritySource<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

public class AnonymousHttpSecuritySource
extends AbstractHttpSecuritySource<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>
implements HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>, HttpAuthentication<Void>, HttpAccessControl

HttpSecurity enable access to all roles.

Author:

Daniel Sagenschneider

See Also:

• Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource

AbstractHttpSecuritySource.DependencyLabeller, AbstractHttpSecuritySource.Labeller, AbstractHttpSecuritySource.MetaDataContext<A,AC extends Serializable,C,O extends Enum<O>,F extends Enum<F>>, AbstractHttpSecuritySource.SpecificationContext

Field Summary

Fields inherited from class net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource

UTF_8

Constructor Summary

Constructors

Constructor	Description
AnonymousHttpSecuritySource()

Method Summary

Modifier and Type	Method	Description
void	authenticate(Void credentials, AuthenticateRequest authenticateRequest)	Triggers to undertake authentication.
void	authenticate(Void credentials, AuthenticateContext<HttpAccessControl,None,None> context)	Undertakes authentication.
void	challenge(ChallengeContext<None,None> context)	Triggers the authentication challenge to the client.
HttpAuthentication<Void>	createAuthentication(AuthenticationContext<HttpAccessControl,Void> context)	Creates the custom authentication.
HttpAccessControl	getAccessControl()	Obtains the HttpAccessControl.
String	getAuthenticationScheme()	Obtains the authentication scheme used.
Class<Void>	getCredentialsType()	Obtains the type of credentials.
Principal	getPrincipal()	Obtains the Principal.
boolean	inRole(String role)	Indicates if within role.
boolean	isAuthenticated()	Indicates if authenticated.
protected void	loadMetaData(AbstractHttpSecuritySource.MetaDataContext<HttpAuthentication<Void>,HttpAccessControl,Void,None,None> context)	Overridden to load meta-data.
protected void	loadSpecification(AbstractHttpSecuritySource.SpecificationContext context)	Overridden to load specifications.
void	logout(LogoutRequest logoutRequest)	Undertakes logging out.
void	logout(LogoutContext<None,None> context)	Logs out.
boolean	ratify(Void credentials, RatifyContext<HttpAccessControl> context)	Ratifies whether enough information is available to undertake authentication.
HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>	sourceHttpSecurity(HttpSecurityContext context)	Sources the HttpSecurity.

Methods inherited from class net.officefloor.web.spi.security.impl.AbstractHttpSecuritySource

getSpecification, init, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.officefloor.web.security.HttpAccessControl

isAccess

Constructor Details

AnonymousHttpSecuritySource

public AnonymousHttpSecuritySource()

Method Details

loadSpecification

protected void loadSpecification(AbstractHttpSecuritySource.SpecificationContext context)

Description copied from class: AbstractHttpSecuritySource

Overridden to load specifications.

Specified by:

loadSpecification in class AbstractHttpSecuritySource<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

context - Specifications.

loadMetaData

protected void loadMetaData(AbstractHttpSecuritySource.MetaDataContext<HttpAuthentication<Void>,HttpAccessControl,Void,None,None> context)
                     throws Exception

Description copied from class: AbstractHttpSecuritySource

Overridden to load meta-data.

Specified by:

loadMetaData in class AbstractHttpSecuritySource<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

context - Meta-data.

Throws:

Exception - If fails to load the meta-data.

sourceHttpSecurity

public HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None> sourceHttpSecurity(HttpSecurityContext context)
                                                                                           throws HttpException

Description copied from interface: HttpSecuritySource

Sources the HttpSecurity.

Specified by:

sourceHttpSecurity in interface HttpSecuritySource<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

context - HttpSecurity.

Returns:

HttpSecurity.

Throws:

HttpException - If fails to source the HttpSecurity.

createAuthentication

public HttpAuthentication<Void> createAuthentication(AuthenticationContext<HttpAccessControl,Void> context)

Description copied from interface: HttpSecurity

Creates the custom authentication.

Specified by:

createAuthentication in interface HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

context - AuthenticateContext.

Returns:

Custom authentication.

ratify

public boolean ratify(Void credentials,
 RatifyContext<HttpAccessControl> context)

Description copied from interface: HttpSecurity

Ratifies whether enough information is available to undertake authentication.

As authentication will likely require communication with external services (LDAP store, database, etc), this method allows checking whether enough information is available to undertake the authentication. The purpose is to avoid the ManagedFunction depending on dependencies of authentication subsequently causing execution by different Team. This is especially as the majority of HttpRequest servicing will use the HttpSession to cache details and not require the authentication dependencies causing the swap in Team.

Specified by:

ratify in interface HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

credentials - Credentials.

context - RatifyContext.

Returns:

true should enough information be available to undertake authentication. false if not enough information is available for authentication.

authenticate

public void authenticate(Void credentials,
 AuthenticateContext<HttpAccessControl,None,None> context)
                  throws HttpException

Description copied from interface: HttpSecurity

Undertakes authentication.

Specified by:

authenticate in interface HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

credentials - Credentials.

context - AuthenticateContext.

Throws:

HttpException - If failure in communicating to necessary security services.

challenge

public void challenge(ChallengeContext<None,None> context)
               throws HttpException

Description copied from interface: HttpSecurity

Triggers the authentication challenge to the client.

Specified by:

challenge in interface HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

context - ChallengeContext.

Throws:

HttpException - If failure in communicating to necessary security services.

logout

public void logout(LogoutContext<None,None> context)
            throws HttpException

Description copied from interface: HttpSecurity

Logs out.

Specified by:

logout in interface HttpSecurity<HttpAuthentication<Void>,HttpAccessControl,Void,None,None>

Parameters:

context - LogoutContext.

Throws:

HttpException - If failure in communicating to necessary security services.

isAuthenticated

public boolean isAuthenticated()
                        throws HttpException

Description copied from interface: HttpAuthentication

Indicates if authenticated.

Specified by:

isAuthenticated in interface HttpAuthentication<Void>

Returns:

true if authenticated.

Throws:

HttpException - If authentication has been attempted but there were failures in undertaking authentication.

getCredentialsType

public Class<Void> getCredentialsType()

Description copied from interface: HttpAuthentication

Obtains the type of credentials.

Specified by:

getCredentialsType in interface HttpAuthentication<Void>

Returns:

Type of credentials.

authenticate

public void authenticate(Void credentials,
 AuthenticateRequest authenticateRequest)

Description copied from interface: HttpAuthentication

Triggers to undertake authentication.

Specified by:

authenticate in interface HttpAuthentication<Void>

Parameters:

credentials - Credentials. May be null if no credentials are required, or they are pulled from the HttpRequest.

authenticateRequest - AuthenticateRequest.

getAccessControl

public HttpAccessControl getAccessControl()

Description copied from interface: HttpAuthentication

Obtains the HttpAccessControl.

Specified by:

getAccessControl in interface HttpAuthentication<Void>

Returns:

HttpAccessControl.

logout

public void logout(LogoutRequest logoutRequest)

Description copied from interface: HttpAuthentication

Undertakes logging out.

Specified by:

logout in interface HttpAuthentication<Void>

Parameters:

logoutRequest - LogoutRequest.

getAuthenticationScheme

public String getAuthenticationScheme()

Description copied from interface: HttpAccessControl

Obtains the authentication scheme used.

Specified by:

getAuthenticationScheme in interface HttpAccessControl

Returns:

Authentication scheme.

getPrincipal

public Principal getPrincipal()

Description copied from interface: HttpAccessControl

Obtains the Principal.

Specified by:

getPrincipal in interface HttpAccessControl

Returns:

Principal.

inRole

public boolean inRole(String role)

Description copied from interface: HttpAccessControl

Indicates if within role.

Specified by:

inRole in interface HttpAccessControl

Parameters:

role - Role to check if have access.

Returns:

true if supports the role.