Package org.camunda.bpm.extension.graphql.auth.impl

Class HttpBasicAuthenticationProvider

java.lang.Object

org.camunda.bpm.extension.graphql.auth.impl.HttpBasicAuthenticationProvider

All Implemented Interfaces:

AuthenticationProvider

public class HttpBasicAuthenticationProvider
extends Object
implements AuthenticationProvider

Authenticates a request against the provided process engine's identity service by applying http basic authentication.

Author:

Thorben Lindhauer

Field Summary

Fields

Modifier and Type	Field	Description
protected static String	BASIC_AUTH_HEADER_PREFIX

Constructor Summary

Constructors

Constructor	Description
HttpBasicAuthenticationProvider()

Method Summary

Modifier and Type	Method	Description
void	augmentResponseByAuthenticationChallenge(javax.servlet.http.HttpServletResponse response, org.camunda.bpm.engine.ProcessEngine engine)	Callback to add an authentication challenge to the response to the client.
AuthenticationResult	extractAuthenticatedUser(javax.servlet.http.HttpServletRequest request, org.camunda.bpm.engine.ProcessEngine engine)	Checks the request for authentication.
protected boolean	isAuthenticated(org.camunda.bpm.engine.ProcessEngine engine, String userName, String password)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

BASIC_AUTH_HEADER_PREFIX

protected static final String BASIC_AUTH_HEADER_PREFIX

See Also:

Constant Field Values

Constructor Detail

HttpBasicAuthenticationProvider

public HttpBasicAuthenticationProvider()

Method Detail

extractAuthenticatedUser

public AuthenticationResult extractAuthenticatedUser(javax.servlet.http.HttpServletRequest request,
                                                     org.camunda.bpm.engine.ProcessEngine engine)

Description copied from interface: AuthenticationProvider

Checks the request for authentication. May not return null, but always an AuthenticationResult that indicates, whether authentication was successful, and, if true, always provides the authenticated user.

Specified by:

extractAuthenticatedUser in interface AuthenticationProvider

Parameters:

request - the request to authenticate

engine - the process engine the request addresses. May be used to authenticate against the engine's identity service.

isAuthenticated

protected boolean isAuthenticated(org.camunda.bpm.engine.ProcessEngine engine,
                                  String userName,
                                  String password)

augmentResponseByAuthenticationChallenge

public void augmentResponseByAuthenticationChallenge(javax.servlet.http.HttpServletResponse response,
                                                     org.camunda.bpm.engine.ProcessEngine engine)

Description copied from interface: AuthenticationProvider

Callback to add an authentication challenge to the response to the client. Called in case of unsuccessful authentication.

For example, a Http Basic auth implementation may set the WWW-Authenticate header to Basic realm="engine name".

Specified by:

augmentResponseByAuthenticationChallenge in interface AuthenticationProvider

engine - the process engine the request addressed. May be considered as an authentication realm to create a specific authentication challenge