org.blojsom.plugin.security
Class BasicAuthenticationPlugin

java.lang.Object
  org.blojsom.plugin.admin.BaseAdminPlugin
      org.blojsom.plugin.security.BasicAuthenticationPlugin

All Implemented Interfaces:

BlojsomConstants, BlojsomMetaDataConstants, BlojsomPlugin, PermissionedPlugin

public class BasicAuthenticationPlugin

extends BaseAdminPlugin

Basic Authentication plugin performs a BASIC authorization check so that users much authenticate before they are able to see any blog entries.

Since:

blojsom 2.23

Version:

$Id: BasicAuthenticationPlugin.java,v 1.2 2006/01/04 16:53:12 czarneckid Exp $

Author:

David Czarnecki

Field Summary

Fields inherited from class org.blojsom.plugin.admin.BaseAdminPlugin

_authorizationProvider, _blojsomConfiguration, _ignoreParams, _logger, _resourceManager, _servletConfig, ACTION_PARAM, ADMIN_ADMINISTRATION_PAGE, ADMIN_LOGIN_PAGE, BLOJSOM_ADMIN_MESSAGES_RESOURCE, BLOJSOM_ADMIN_PLUGIN_AUTHENTICATED_KEY, BLOJSOM_ADMIN_PLUGIN_OPERATION_RESULT, BLOJSOM_ADMIN_PLUGIN_PASSWORD_PARAM, BLOJSOM_ADMIN_PLUGIN_USERNAME, BLOJSOM_ADMIN_PLUGIN_USERNAME_KEY, BLOJSOM_ADMIN_PLUGIN_USERNAME_PARAM, BLOJSOM_PERMISSION_CHECKER, BLOJSOM_USER_AUTHENTICATED, LOGIN_ACTION, LOGIN_ERROR_TEXT_KEY, LOGOUT_ACTION, PAGE_ACTION, PLUGIN_ADMIN_INHERIT_APACHE_CREDENTIALS

Fields inherited from interface org.blojsom.util.BlojsomConstants

ADMINISTRATORS_IP, BLOG_ADMIN_URL_IP, BLOG_ADMINISTRATION_LOCALE_IP, BLOG_AUTHORIZATION_IP, BLOG_BASE_URL_IP, BLOG_BLACKLIST_FILE_IP, BLOG_COMMENTS_DIRECTORY_IP, BLOG_COMMENTS_ENABLED_IP, BLOG_COUNTRY_DEFAULT, BLOG_COUNTRY_IP, BLOG_DEFAULT_CATEGORY_EXCLUSION_MAPPING_IP, BLOG_DEFAULT_CATEGORY_MAPPING_IP, BLOG_DEFAULT_FETCHER, BLOG_DEFAULT_FILE_EXTENSION_IP, BLOG_DEFAULT_FLAVOR_IP, BLOG_DEFAULT_PROPERTIES, BLOG_DEPTH_IP, BLOG_DESCRIPTION_IP, BLOG_DIRECTORY_FILTER_IP, BLOG_EMAIL_ENABLED_IP, BLOG_ENTRIES_DISPLAY_DEFAULT, BLOG_ENTRIES_DISPLAY_IP, BLOG_ENTRY_META_DATA_EXTENSION_IP, BLOG_FILE_ENCODING_IP, BLOG_FILE_EXTENSIONS_IP, BLOG_HOME_IP, BLOG_LANGUAGE_DEFAULT, BLOG_LANGUAGE_IP, BLOG_NAME_IP, BLOG_OWNER, BLOG_OWNER_EMAIL, BLOG_PERMISSIONS_IP, BLOG_PINGBACKS_DIRECTORY_IP, BLOG_PINGBACKS_ENABLED_IP, BLOG_PROPERTIES_EXTENSIONS_IP, BLOG_TRACKBACK_DIRECTORY_IP, BLOG_TRACKBACKS_ENABLED_IP, BLOG_URL_IP, BLOJSOM_ALL_CATEGORIES, BLOJSOM_AUTHORIZATION_PROVIDER_IP, BLOJSOM_BLOG, BLOJSOM_BLOG_HOME_IP, BLOJSOM_BROADCASTER_IP, BLOJSOM_CATEGORIES, BLOJSOM_COMMENTS_ENABLED, BLOJSOM_CONFIGURATION_BASE_DIRECTORY_IP, BLOJSOM_CONFIGURATION_IP, BLOJSOM_DATE, BLOJSOM_DATE_ISO8601, BLOJSOM_DATE_OBJECT, BLOJSOM_DATE_UTC, BLOJSOM_DEFAULT_BROADCASTER, BLOJSOM_DEFAULT_CONFIGURATION_BASE_DIRECTORY, BLOJSOM_DEFAULT_RESOURCE_DIRECTORY, BLOJSOM_DEFAULT_RESOURCE_MANAGER, BLOJSOM_DEFAULT_TEMPLATES_DIRECTORY, BLOJSOM_DEFAULT_USER_IP, BLOJSOM_EMAIL_ENABLED, BLOJSOM_ENTRIES, BLOJSOM_FETCHER_IP, BLOJSOM_FLAVOR_CONFIGURATION_IP, BLOJSOM_INSTALLATION_DIRECTORY_IP, BLOJSOM_INSTALLED_LOCALES_IP, BLOJSOM_LAST_MODIFIED, BLOJSOM_LISTENER_CONFIGURATION_IP, BLOJSOM_PERMALINK, BLOJSOM_PERMALINK_NEXT_ENTRY, BLOJSOM_PERMALINK_PREVIOUS_ENTRY, BLOJSOM_PLUGIN_CHAIN, BLOJSOM_PLUGIN_CONFIGURATION_IP, BLOJSOM_PLUGINS, BLOJSOM_REQUESTED_CATEGORY, BLOJSOM_REQUESTED_FLAVOR, BLOJSOM_RESOURCE_DIRECTORY_IP, BLOJSOM_RESOURCE_MANAGER_BUNDLES_IP, BLOJSOM_RESOURCE_MANAGER_CONTEXT_KEY, BLOJSOM_RESOURCE_MANAGER_IP, BLOJSOM_SITE_URL, BLOJSOM_TEMPLATES_DIRECTORY_IP, BLOJSOM_USER, BLOJSOM_USERS_IP, BLOJSOM_VERSION, BLOJSOM_VERSION_NUMBER, CACHE_CONTROL_HTTP_HEADER, CATEGORY_PARAM, COMMENT_EXTENSION, DEFAULT_AUTHORIZATION_PROVIDER, DEFAULT_COMMENTS_DIRECTORY, DEFAULT_DIGEST_ALGORITHM, DEFAULT_DISPATCHER_CONFIGURATION_FILE, DEFAULT_ENTRY_EXTENSION, DEFAULT_FLAVOR_CONFIGURATION_FILE, DEFAULT_FLAVOR_HTML, DEFAULT_METADATA_EXTENSION, DEFAULT_PERMISSIONS_CONFIGURATION_FILE, DEFAULT_PINGBACKS_DIRECTORY, DEFAULT_PLUGIN_CONFIGURATION_FILE, DEFAULT_PROPERTIES_EXTENSIONS, DEFAULT_TRACKBACK_DIRECTORY, DESCRIPTION_KEY, DIGEST_ALGORITHM, FLAVOR_PARAM, HTTP_ETAG, HTTP_LASTMODIFIED, INFINITE_BLOG_DEPTH, ISO_8601_DATE_FORMAT, LINE_SEPARATOR, LINEAR_NAVIGATION_ENABLED_IP, MAX_HASHABLE_LENGTH, NAME_KEY, NO_CACHE_HTTP_HEADER_VALUE, OVERRIDE_LASTMODIFIED_PARAM, PAGE_PARAM, PAGE_PARAM_ARCHIVE, PERMALINK_PARAM, PINGBACK_EXTENSION, PLUGINS_PARAM, PRAGMA_HTTP_HEADER, PREFERRED_SYNDICATION_FLAVOR, RECURSIVE_CATEGORIES, REDIRECT_TO_PARAM, RFC_822_DATE_FORMAT, SHORT_ISO_8601_DATE_FORMAT, TRACKBACK_EXTENSION, USE_ENCRYPTED_PASSWORDS, UTC_DATE_FORMAT, UTF8, WHITESPACE, XMLRPC_ENABLED_IP

Fields inherited from interface org.blojsom.util.BlojsomMetaDataConstants

BLOG_ENTRY_METADATA_AUTHOR, BLOG_ENTRY_METADATA_AUTHOR_EXT, BLOG_ENTRY_METADATA_TIMESTAMP, BLOG_METADATA_COMMENTS_DISABLED, BLOG_METADATA_HEADER, BLOG_METADATA_PINGBACKS_DISABLED, BLOG_METADATA_TRACKBACKS_DISABLED, SOURCE_ATTRIBUTE

Constructor Summary

BasicAuthenticationPlugin()
Construct a new instance of the Basic Authentication plugin

Method Summary

void	cleanup() Perform any cleanup for the plugin.
protected boolean	decodeCredentialsAndAuthenticate(javax.servlet.http.HttpServletRequest httpServletRequest, BlogUser blogUser) Decode the BASIC authentication credentials and check the username/password against the authorized users for the blog.
void	destroy() Called when BlojsomServlet is taken out of service
void	init(javax.servlet.ServletConfig servletConfig, BlojsomConfiguration blojsomConfiguration) Initialize this plugin.
BlogEntry[]	process(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, BlogUser user, java.util.Map context, BlogEntry[] entries) Process the blog entries
protected void	setAuthenticationRequired(javax.servlet.http.HttpServletResponse httpServletResponse, BlogUser blogUser) Set the appropriate headers for BASIC authentication

Methods inherited from class org.blojsom.plugin.admin.BaseAdminPlugin

addOperationResultMessage, authenticateUser, checkPermission, formatAdminResource, getAdminResource, getUsernameFromSession

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BasicAuthenticationPlugin

public BasicAuthenticationPlugin()

Construct a new instance of the Basic Authentication plugin

Method Detail

init

public void init(javax.servlet.ServletConfig servletConfig,
                 BlojsomConfiguration blojsomConfiguration)
          throws BlojsomPluginException

Initialize this plugin. This method only called when the plugin is instantiated.

Specified by:

init in interface BlojsomPlugin

Overrides:

init in class BaseAdminPlugin

Parameters:

servletConfig - Servlet config object for the plugin to retrieve any initialization parameters

blojsomConfiguration - BlojsomConfiguration information

Throws:

BlojsomPluginException - If there is an error initializing the plugin

setAuthenticationRequired

protected void setAuthenticationRequired(javax.servlet.http.HttpServletResponse httpServletResponse,
                                         BlogUser blogUser)

Set the appropriate headers for BASIC authentication

Parameters:

httpServletResponse - Response

blogUser - BlogUser

decodeCredentialsAndAuthenticate

protected boolean decodeCredentialsAndAuthenticate(javax.servlet.http.HttpServletRequest httpServletRequest,
                                                   BlogUser blogUser)

Decode the BASIC authentication credentials and check the username/password against the authorized users for the blog.

Parameters:

httpServletRequest - Request

blogUser - BlogUser

Returns:

true if the BASIC authentication credentials are available and pass authentication, false otherwise

process

public BlogEntry[] process(javax.servlet.http.HttpServletRequest httpServletRequest,
                           javax.servlet.http.HttpServletResponse httpServletResponse,
                           BlogUser user,
                           java.util.Map context,
                           BlogEntry[] entries)
                    throws BlojsomPluginException

Process the blog entries

Specified by:

process in interface BlojsomPlugin

Overrides:

process in class BaseAdminPlugin

Parameters:

httpServletRequest - Request

httpServletResponse - Response

user - BlogUser instance

context - Context

entries - Blog entries retrieved for the particular request

Returns:

Modified set of blog entries

Throws:

BlojsomPluginException - If there is an error processing the blog entries

cleanup

public void cleanup()
             throws BlojsomPluginException

Perform any cleanup for the plugin. Called after process(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.blojsom.blog.BlogUser, java.util.Map, org.blojsom.blog.BlogEntry[]).

Specified by:

cleanup in interface BlojsomPlugin

Overrides:

cleanup in class BaseAdminPlugin

Throws:

BlojsomPluginException - If there is an error performing cleanup for this plugin

destroy

public void destroy()
             throws BlojsomPluginException

Called when BlojsomServlet is taken out of service

Specified by:

destroy in interface BlojsomPlugin

Overrides:

destroy in class BaseAdminPlugin

Throws:

BlojsomPluginException - If there is an error in finalizing this plugin