SlingAuthenticator (Apache Sling Authentication Service 1.4.6 API)

java.lang.Object
- org.apache.sling.auth.core.impl.SlingAuthenticator

All Implemented Interfaces:

EventListener, javax.servlet.ServletRequestListener, org.apache.sling.api.auth.Authenticator, AuthenticationSupport
```
public class SlingAuthenticator
extends Object
implements org.apache.sling.api.auth.Authenticator, AuthenticationSupport, javax.servlet.ServletRequestListener
```
The SlingAuthenticator class is the default implementation for handling authentication. This class supports :
- Support for login sessions where session ids are exchanged with cookies
- Support for multiple authentication handlers, which must implement the AuthenticationHandler interface.
Currently this class does not support multiple handlers for any one request URL.

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static interface SlingAuthenticator.Config

Nested Classes
Modifier and Type	Class and Description
`static interface`	`SlingAuthenticator.Config`

Field Summary
- Fields inherited from interface org.apache.sling.api.auth.Authenticator
  LOGIN_RESOURCE, SERVICE_NAME
- Fields inherited from interface org.apache.sling.auth.core.AuthenticationSupport
  REDIRECT_PARAMETER, REQUEST_ATTRIBUTE_RESOLVER, SERVICE_NAME

Constructor Summary

Constructors
Constructor and Description

SlingAuthenticator()

Constructors
Constructor and Description
`SlingAuthenticator()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`handleSecurity(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` Checks the authentication contained in the request.
`void`	`login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` Requests authentication information from the client.
`void`	`logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` Logs out the user calling all applicable `AuthenticationHandler` authentication handlers.
`void`	`requestDestroyed(javax.servlet.ServletRequestEvent sre)`
`void`	`requestInitialized(javax.servlet.ServletRequestEvent sre)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SlingAuthenticator
```
public SlingAuthenticator()
```
- Method Detail
  - handleSecurity
```
public boolean handleSecurity(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response)
```
    Checks the authentication contained in the request. This check is only based on the original request object, no URI translation has taken place yet.
    
    Specified by:
    
    handleSecurity in interface AuthenticationSupport
    
    Parameters:
    
    request - The request object containing the information for the authentication.
    
    response - The response object which may be used to send the information on the request failure to the user.
    
    Returns:
    
    true if request processing should continue assuming successful authentication. If false is returned it is assumed a response has been sent to the client and the request is terminated.
  - login
```
public void login(javax.servlet.http.HttpServletRequest request,
                  javax.servlet.http.HttpServletResponse response)
```
    Requests authentication information from the client. Returns true if the information has been requested and request processing can be terminated. Otherwise the request information could not be requested and the request should be terminated with a 403/FORBIDDEN response.
    Any response sent by the handler is also handled by the error handler infrastructure.
    
    Specified by:
    
    login in interface org.apache.sling.api.auth.Authenticator
    
    Parameters:
    
    request - The request object
    
    response - The response object to which to send the request
    
    Throws:
    
    IllegalStateException - If response is already committed
    
    org.apache.sling.api.auth.NoAuthenticationHandlerException - If no authentication handler claims responsibility to authenticate the request.
  - logout
```
public void logout(javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response)
```
    Logs out the user calling all applicable AuthenticationHandler authentication handlers.
    
    Specified by:
    
    logout in interface org.apache.sling.api.auth.Authenticator
  - requestInitialized
```
public void requestInitialized(javax.servlet.ServletRequestEvent sre)
```
    Specified by:
    
    requestInitialized in interface javax.servlet.ServletRequestListener
  - requestDestroyed
```
public void requestDestroyed(javax.servlet.ServletRequestEvent sre)
```
    Specified by:
    
    requestDestroyed in interface javax.servlet.ServletRequestListener

Class SlingAuthenticator

Nested Class Summary

Field Summary

Fields inherited from interface org.apache.sling.api.auth.Authenticator

Fields inherited from interface org.apache.sling.auth.core.AuthenticationSupport

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SlingAuthenticator

Method Detail

handleSecurity

login

logout

requestInitialized

requestDestroyed