org.jboss.web.tomcat.tc4.authenticator: public final class: NonLoginAuthenticator

org.jboss.web.tomcat.tc4.authenticator
public final class: NonLoginAuthenticator [javadoc | source]

java.lang.Object
   org.apache.catalina.authenticator.AuthenticatorBase
      org.jboss.web.tomcat.tc4.authenticator.AuthenticatorBase
         org.jboss.web.tomcat.tc4.authenticator.NonLoginAuthenticator

An Authenticator and Valve implementation that checks only security constraints not involving user authentication.

Differs from the standard Tomcat version in that it associates the session of any request with any single sign-on session that may exist.

Also see:

authenticate

AuthenticatorBase#associate

SingleSignOn

author: B - Stansberry, based on work by Craig R. McClanahan

version: $ - Revision: 1.1.2.1 $ $Date: 2003/11/22 08:12:44 $ based on Tomcat Revision 1.3

Fields inherited from org.jboss.web.tomcat.tc4.authenticator.AuthenticatorBase:
info, ourSSO

Method from org.jboss.web.tomcat.tc4.authenticator.NonLoginAuthenticator Summary:
authenticate, getInfo

Methods from org.jboss.web.tomcat.tc4.authenticator.AuthenticatorBase:
associate, reauthenticateFromSSO, register, start, stop

Methods from java.lang.Object:
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from org.jboss.web.tomcat.tc4.authenticator.NonLoginAuthenticator Detail:
public boolean authenticate(HttpRequest request, HttpResponse response, LoginConfig config) throws IOException { /* Associating this request's session with an SSO would allow coordinated session invalidation, but should the session for a webapp that the user didn't log into be invalidated when another session is logged out? String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE); if (ssoId != null) { associate(ssoId, getSession(request, true)); } */ if (debug >= 1) { log("User authentication is not required"); } return (true); } Authenticate the user making this request, based on the specified login configuration. Return `true` if any specified constraint has been satisfied, or `false` if we have created a response challenge already. Differs from the standard Tomcat version in that it associates the session of any request with any single sign-on session that may exist.
public String getInfo() { // ------------------------------------------------------------- Properties return (this.info); } Return descriptive information about this Valve implementation.

Method from org.jboss.web.tomcat.tc4.authenticator.NonLoginAuthenticator Detail:

 public boolean authenticate(HttpRequest request,
    HttpResponse response,
    LoginConfig config) throws IOException {
      /*  Associating this request's session with an SSO would allow
          coordinated session invalidation, but should the session for
          a webapp that the user didn't log into be invalidated when
          another session is logged out?
      String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
      if (ssoId != null)
      {
          associate(ssoId, getSession(request, true));
      }
      */
      if (debug  >= 1)
      {
         log("User authentication is not required");
      }
      return (true);
}

true

false

Differs from the standard Tomcat version in that it associates the session of any request with any single sign-on session that may exist.

 public String getInfo() {
   // ------------------------------------------------------------- Properties
      return (this.info);
}

Return descriptive information about this Valve implementation.