Package com.spotfire.server.security
Interface AuthenticationContext
-
- All Known Subinterfaces:
WebAuthenticationContext
public interface AuthenticationContext
TheAuthenticationContext
contains information about the client and the network connection used by a client that needs to be authenticated. This information can be used by aCustomAuthenticator
or aCustomWebAuthenticator
implementation during authentication, or by aPostAuthenticationFilter
implementation to perform extra checks (such as validating the client's IP number against a list of allowed hosts) after the user has been authenticated.When used from a
PostAuthenticationFilter
implementation these attributes may be available:- If the user has been authenticated using a X.509 certificate, then the certificate chain is available as a
java.security.cert.X509Certificate[]
attribute that can be retrieved by calling thegetAttribute(java.lang.String)
method with the namejavax.servlet.request.X509Certificate
. - If the user has been authenticated using form based authentication, then a possibly empty
java.util.Map<String, java.util.List<String>>
attribute is available and can be retrieved by calling thegetAttribute(java.lang.String)
method with the namecom.spotfire.server.security.custom-parameters
. This map contains all parameters with the prefixsf_custom_login_
posted by a custom login page. Note that the prefix is stripped from the parameter names before they're added to the map. - If the user has been authenticated using
OpenID Connect
, then the following attributes are available:- The access token as a
String
attribute that can be retrieved by calling thegetAttribute(java.lang.String)
method with the namecom.spotfire.server.security.oidc.access-token
. - The (unparsed) ID token as a
String
attribute that can be retrieved by calling thegetAttribute(java.lang.String)
method with the namecom.spotfire.server.security.oidc.id-token
.
- The access token as a
- Since:
- 3.0
- Author:
- Michael Krammer
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description Object
getAttribute(String name)
Enumeration
getAttributeNames()
Cookie[]
getCookies()
long
getDateHeader(String name)
String
getHeader(String name)
Enumeration
getHeaderNames()
Enumeration
getHeaders(String name)
int
getIntHeader(String name)
String
getLocalAddr()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.Locale
getLocale()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.Enumeration<Locale>
getLocales()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.String
getLocalName()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.int
getLocalPort()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.String
getQueryString()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.String
getRemoteAddr()
String
getRemoteHost()
int
getRemotePort()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.Map<String,Object>
getRequestContext()
Returns a mutable map, stored as a request attribute, that is only available from this interface.String
getRequestedSessionId()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.String
getServerName()
int
getServerPort()
String
getSessionId()
Returns the HTTP session ID.UserDirectory
getUserDirectory()
Returns a reference to the User Directory class, that can be used for reading and writing users and groups.boolean
isRequestedSessionIdFromCookie()
Returns the HTTP session ID.boolean
isRequestedSessionIdFromURL()
Returns the HTTP session ID.boolean
isRequestedSessionIdValid()
Returns the HTTP session ID.boolean
isSecure()
-
-
-
Method Detail
-
getRemoteAddr
String getRemoteAddr()
- Returns:
- remote address
- Since:
- 3.0
-
getRemoteHost
String getRemoteHost()
- Returns:
- remote host
- Since:
- 3.0
-
getServerName
String getServerName()
- Returns:
- server name
- Since:
- 3.0
-
getServerPort
int getServerPort()
- Returns:
- server port
- Since:
- 3.0
-
isSecure
boolean isSecure()
- Returns:
- is secure
- Since:
- 3.0
-
getCookies
Cookie[] getCookies()
- Returns:
- cookies
- Since:
- 3.0
-
getDateHeader
long getDateHeader(String name)
- Parameters:
name
- date header name- Returns:
- date header
- Since:
- 3.0
-
getHeader
String getHeader(String name)
- Parameters:
name
- header name- Returns:
- header by name
- Since:
- 3.0
-
getHeaderNames
Enumeration getHeaderNames()
- Returns:
- header names
- Since:
- 3.0
-
getHeaders
Enumeration getHeaders(String name)
- Parameters:
name
- header name- Returns:
- headers by name
- Since:
- 3.0
-
getIntHeader
int getIntHeader(String name)
- Parameters:
name
- header name- Returns:
- int value of the header
- Since:
- 3.0
-
getAttribute
Object getAttribute(String name)
- Parameters:
name
- attribute name- Returns:
- request attribute
- Since:
- 3.2
-
getAttributeNames
Enumeration getAttributeNames()
- Returns:
- attribute names
- Since:
- 3.2
-
getLocalAddr
String getLocalAddr()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the local address
- Since:
- 7.6
- See Also:
ServletRequest.getLocalAddr()
-
getLocalName
String getLocalName()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the local name
- Since:
- 7.6
- See Also:
ServletRequest.getLocalName()
-
getLocalPort
int getLocalPort()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the local port
- Since:
- 7.6
- See Also:
ServletRequest.getLocalPort()
-
getLocale
Locale getLocale()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the preferred locale
- Since:
- 7.6
- See Also:
ServletRequest.getLocale()
-
getLocales
Enumeration<Locale> getLocales()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the preferred locales
- Since:
- 7.6
- See Also:
ServletRequest.getLocales()
-
getRemotePort
int getRemotePort()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the remote port
- Since:
- 7.6
- See Also:
ServletRequest.getRemotePort()
-
getRequestedSessionId
String getRequestedSessionId()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.Note: the session ID should never be logged or exposed in any other way.
- Returns:
- the requested HTTP session ID
- Since:
- 7.6
- See Also:
HttpServletRequest.getRequestedSessionId()
-
getSessionId
String getSessionId()
Returns the HTTP session ID.Note: the session ID should never be logged or exposed in any other way.
- Returns:
- the HTTP session ID
- Since:
- 7.6
- See Also:
HttpSession.getId()
-
isRequestedSessionIdFromCookie
boolean isRequestedSessionIdFromCookie()
Returns the HTTP session ID.Note: the session ID should never be logged or exposed in any other way.
- Returns:
true
if the requested session ID came from a cookie, andfalse
otherwise- Since:
- 7.6
- See Also:
HttpServletRequest.isRequestedSessionIdFromCookie()
-
isRequestedSessionIdFromURL
boolean isRequestedSessionIdFromURL()
Returns the HTTP session ID.Note: the session ID should never be logged or exposed in any other way.
- Returns:
true
if the requested session ID came from the URL, andfalse
otherwise- Since:
- 7.6
- See Also:
HttpServletRequest.isRequestedSessionIdFromURL()
-
isRequestedSessionIdValid
boolean isRequestedSessionIdValid()
Returns the HTTP session ID.Note: the session ID should never be logged or exposed in any other way.
- Returns:
true
if the requested session is valid, andfalse
otherwise- Since:
- 7.6
- See Also:
HttpServletRequest.isRequestedSessionIdValid()
-
getQueryString
String getQueryString()
Delegates to the underlyingjavax.servlet.http.HttpServletRequest
.- Returns:
- the query string or
null
- Since:
- 7.8
- See Also:
HttpServletRequest.getQueryString()
-
getRequestContext
Map<String,Object> getRequestContext()
Returns a mutable map, stored as a request attribute, that is only available from this interface.Typically used to pass context information (that is only applicable during the current request) from for example a
CustomAuthenticator
implementation to aPostAuthenticationFilter
implementation.- Returns:
- the request context
- Since:
- 7.11
-
getUserDirectory
UserDirectory getUserDirectory()
Returns a reference to the User Directory class, that can be used for reading and writing users and groups.- Returns:
- a reference to the User Directory class
- Since:
- 10.1
-
-