org.mortbay.jetty.security
Class SecurityHandler
java.lang.Object
org.mortbay.component.AbstractLifeCycle
org.mortbay.jetty.handler.AbstractHandler
org.mortbay.jetty.handler.AbstractHandlerContainer
org.mortbay.jetty.handler.HandlerWrapper
org.mortbay.jetty.security.SecurityHandler
- All Implemented Interfaces:
- LifeCycle, Handler, HandlerContainer
- Direct Known Subclasses:
- HTAccessHandler
public class SecurityHandler
- extends HandlerWrapper
Handler to enforce SecurityConstraints.
- Author:
- Greg Wilkins (gregw)
__NO_USER
public static Principal __NO_USER
__NOBODY
public static Principal __NOBODY
- Nobody user.
The Nobody UserPrincipal is used to indicate a partial state of
authentication. A request with a Nobody UserPrincipal will be allowed
past all authentication constraints - but will not be considered an
authenticated request. It can be used by Authenticators such as
FormAuthenticator to allow access to logon and error pages within an
authenticated URI tree.
SecurityHandler
public SecurityHandler()
getAuthenticator
public Authenticator getAuthenticator()
- Returns:
- Returns the authenticator.
setAuthenticator
public void setAuthenticator(Authenticator authenticator)
- Parameters:
authenticator
- The authenticator to set.
getUserRealm
public UserRealm getUserRealm()
- Returns:
- Returns the userRealm.
setUserRealm
public void setUserRealm(UserRealm userRealm)
- Parameters:
userRealm
- The userRealm to set.
getConstraintMappings
public ConstraintMapping[] getConstraintMappings()
- Returns:
- Returns the contraintMappings.
setConstraintMappings
public void setConstraintMappings(ConstraintMapping[] constraintMappings)
- Parameters:
contraintMappings
- The contraintMappings to set.
getAuthMethod
public String getAuthMethod()
setAuthMethod
public void setAuthMethod(String method)
hasConstraints
public boolean hasConstraints()
doStart
public void doStart()
throws Exception
- Overrides:
doStart
in class HandlerWrapper
- Throws:
Exception
handle
public void handle(String target,
HttpServletRequest request,
HttpServletResponse response,
int dispatch)
throws IOException,
ServletException
- Description copied from interface:
Handler
- Handle a request.
- Specified by:
handle
in interface Handler
- Overrides:
handle
in class HandlerWrapper
- Parameters:
target
- The target of the request - either a URI or a name.request
- The request either as the Request
object or a wrapper of that request. The HttpConnection.getCurrentConnection()
method can be used access the Request object if required.response
- The response as the Response
object or a wrapper of that request. The HttpConnection.getCurrentConnection()
method can be used access the Response object if required.dispatch
- The dispatch mode: Handler.REQUEST
, Handler.FORWARD
, Handler.INCLUDE
, Handler.ERROR
- Throws:
IOException
ServletException
checkSecurityConstraints
public boolean checkSecurityConstraints(String pathInContext,
Request request,
Response response)
throws IOException
- Throws:
IOException