org.apache.cactus.client.authentication: public class: FormAuthentication

org.apache.cactus.client.authentication
public class: FormAuthentication [javadoc | source]

java.lang.Object
   org.apache.cactus.client.authentication.AbstractAuthentication
      org.apache.cactus.client.authentication.FormAuthentication

All Implemented Interfaces:
Authentication

Form-based authentication implementation. An instance of this class can be reused across several tests as it caches the session cookie. Thus the first time it is used to authenticate the user, it calls the security URL (which is by default the context URL prepended by "j_security_check"), caches the returned session cookie and adds the cookie for the next request. The second time it is called, it simply addes the session cookie for the next request.

since: 1.5 -

version: $ - Id: FormAuthentication.java 238991 2004-05-22 11:34:50Z vmassol $

Constructor:

Constructor:
public FormAuthentication(String theName, String thePassword) { super(theName, thePassword); } Parameters: `theName` - user name of the Credential `thePassword` - user password of the Credential

 public FormAuthentication(String theName,
    String thePassword) {
      
        super(theName, thePassword);
}

Parameters:

theName - user name of the Credential

thePassword - user password of the Credential

Method from org.apache.cactus.client.authentication.FormAuthentication Summary:
authenticate, checkAuthResponse, checkPreAuthResponse, configure, getExpectedAuthResponse, getSecurityCheckURL, getSecurityRequest, setExpectedAuthResponse, setSecurityCheckURL, setSessionCookieName

Methods from org.apache.cactus.client.authentication.AbstractAuthentication:
getName, getPassword, setName, setPassword

Methods from java.lang.Object:
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from org.apache.cactus.client.authentication.FormAuthentication Detail:
public void authenticate(WebRequest theRequest, Configuration theConfiguration) { this.jsessionCookie = getSecureSessionIdCookie(theRequest, theConfiguration); try { // Create a helper that will connect to the security check URL. HttpClientConnectionHelper helper = new HttpClientConnectionHelper( getSecurityCheckURL(theConfiguration).toString()); // Configure a web request with the JSESSIONID cookie, // the username and the password. WebRequest request = getSecurityRequest(); ((WebRequestImpl) request).setConfiguration(theConfiguration); request.addCookie(this.jsessionCookie); request.addParameter("j_username", getName(), WebRequest.POST_METHOD); request.addParameter("j_password", getPassword(), WebRequest.POST_METHOD); // Make the connection using the configured web request. HttpURLConnection connection = helper.connect(request, theConfiguration); checkAuthResponse(connection); } catch (Throwable e) { this.jsessionCookie = null; throw new ChainedRuntimeException( "Failed to authenticate the principal", e); } } Authenticate the principal by calling the security URL.
protected void checkAuthResponse(HttpURLConnection theConnection) throws Exception { if (theConnection.getResponseCode() != getExpectedAuthResponse()) { throw new Exception("Received a status code [" + theConnection.getResponseCode() + "] and was expecting a [" + getExpectedAuthResponse() + "]"); } } Check if the auth step can be considered as succeeded or not. As default, the step considered as succeeded if the response status code of `theConnection` equals `getExpectedAuthResponse()`.
protected void checkPreAuthResponse(HttpURLConnection theConnection) throws Exception { if (theConnection.getResponseCode() >= 400) { throw new Exception("Received a status code [" + theConnection.getResponseCode() + "] and was expecting less than 400"); } } Check if the pre-auth step can be considered as succeeded or not. As default, the step considered as succeeded if the response status code of `theConnection` is less than 400.
public void configure(HttpState theState, HttpMethod theMethod, WebRequest theRequest, Configuration theConfiguration) { // Only authenticate the first time this instance is used. if (this.jsessionCookie == null) { authenticate(theRequest, theConfiguration); } // Sets the session id cookie for the next request. if (this.jsessionCookie != null) { theRequest.addCookie(this.jsessionCookie); } } {@inheritDoc}
protected int getExpectedAuthResponse() { return this.expectedAuthResponse; } Get the expected HTTP response status code for an authentication request which should be successful.
public URL getSecurityCheckURL(Configuration theConfiguration) { if (this.securityCheckURL == null) { // Configure default String stringUrl = ((WebConfiguration) theConfiguration).getContextURL() + "/j_security_check"; try { this.securityCheckURL = new URL(stringUrl); } catch (MalformedURLException e) { throw new ChainedRuntimeException( "Unable to create default Security Check URL [" + stringUrl + "]"); } } LOGGER.debug("Using security check URL [" + this.securityCheckURL + "]"); return securityCheckURL; } This returns the URL to use when attempting to log in. By default, it's the context URL defined in the Cactus configuration with "/j_security_check" appended.
public WebRequest getSecurityRequest() { return this.securityRequest; }
public void setExpectedAuthResponse(int theExpectedCode) { this.expectedAuthResponse = theExpectedCode; } Set the expected HTTP response status code for an authentication request which should be successful. The default is HttpURLConnection.HTTP_MOVED_TEMP.
public void setSecurityCheckURL(URL theUrl) { this.securityCheckURL = theUrl; } This sets the URL to use when attempting to log in. This method is used if for whatever reason the default URL is incorrect.
public void setSessionCookieName(String theName) { if (theName != null) { this.sessionCookieName = theName; } } Set the cookie name of the session to theName. If theName is null, the change request will be ignored. The default is "`JSESSIONID`".

Method from org.apache.cactus.client.authentication.FormAuthentication Detail:

 public  void authenticate(WebRequest theRequest,
    Configuration theConfiguration) {
        this.jsessionCookie = getSecureSessionIdCookie(theRequest,
            theConfiguration);
        try
        {
            // Create a helper that will connect to the security check URL.
            HttpClientConnectionHelper helper = 
                new HttpClientConnectionHelper(
                    getSecurityCheckURL(theConfiguration).toString());
            // Configure a web request with the JSESSIONID cookie,
            // the username and the password.
            WebRequest request = getSecurityRequest();
            ((WebRequestImpl) request).setConfiguration(theConfiguration);
            request.addCookie(this.jsessionCookie);
            request.addParameter("j_username", getName(), 
                WebRequest.POST_METHOD);
            request.addParameter("j_password", getPassword(), 
                WebRequest.POST_METHOD);
            // Make the connection using the configured web request.
            HttpURLConnection connection = helper.connect(request,
                theConfiguration);
            checkAuthResponse(connection);        
        }
        catch (Throwable e)
        {
            this.jsessionCookie = null;
            throw new ChainedRuntimeException(
                "Failed to authenticate the principal", e);
        }
}

Authenticate the principal by calling the security URL.

 protected  void checkAuthResponse(HttpURLConnection theConnection) throws Exception {
        if (theConnection.getResponseCode() != getExpectedAuthResponse())
        {
            throw new Exception("Received a status code ["
                + theConnection.getResponseCode()
                + "] and was expecting a ["
                + getExpectedAuthResponse() + "]");
        }
}

theConnection

getExpectedAuthResponse()

 protected  void checkPreAuthResponse(HttpURLConnection theConnection) throws Exception {
        if (theConnection.getResponseCode()  >= 400)
        {
            throw new Exception("Received a status code ["
                + theConnection.getResponseCode()
                + "] and was expecting less than 400");
        }
}

theConnection

 public  void configure(HttpState theState,
    HttpMethod theMethod,
    WebRequest theRequest,
    Configuration theConfiguration) {
        // Only authenticate the first time this instance is used.
        if (this.jsessionCookie == null)
        {
           authenticate(theRequest, theConfiguration);
        }
        // Sets the session id cookie for the next request.
        if (this.jsessionCookie != null)
        {
            theRequest.addCookie(this.jsessionCookie);
        }
}

{@inheritDoc}

 protected int getExpectedAuthResponse() {
        return this.expectedAuthResponse;
}

Get the expected HTTP response status code for an authentication request which should be successful.

 public URL getSecurityCheckURL(Configuration theConfiguration) {
        if (this.securityCheckURL == null)
        {
            // Configure default
            String stringUrl = 
                ((WebConfiguration) theConfiguration).getContextURL()
                + "/j_security_check";
            try
            {
                this.securityCheckURL = new URL(stringUrl);
            }
            catch (MalformedURLException e)
            {
                throw new ChainedRuntimeException(
                    "Unable to create default Security Check URL [" 
                    + stringUrl + "]");
            }
        }
        LOGGER.debug("Using security check URL [" + this.securityCheckURL
            + "]");
        return securityCheckURL;
}

This returns the URL to use when attempting to log in. By default, it's the context URL defined in the Cactus configuration with "/j_security_check" appended.

 public WebRequest getSecurityRequest() {
        return this.securityRequest;
}

 public  void setExpectedAuthResponse(int theExpectedCode) {
        this.expectedAuthResponse = theExpectedCode;
}

Set the expected HTTP response status code for an authentication request which should be successful. The default is HttpURLConnection.HTTP_MOVED_TEMP.

 public  void setSecurityCheckURL(URL theUrl) {
        this.securityCheckURL = theUrl;
}

This sets the URL to use when attempting to log in. This method is used if for whatever reason the default URL is incorrect.

 public  void setSessionCookieName(String theName) {
        if (theName != null)
        {
            this.sessionCookieName = theName;
        }
}

JSESSIONID