public interface AuthenticationContext
AuthenticationContext
contains information about the client and the network connection used by a
client that needs to be authenticated. This information can be used by a CustomAuthenticator
or a
CustomWebAuthenticator
implementation during authentication, or by a PostAuthenticationFilter
implementation to perform extra checks (such as validating the client's IP number against a list of allowed hosts)
after the user has been authenticated.
When used from a PostAuthenticationFilter
implementation these attributes may be available:
java.security.cert.X509Certificate[]
attribute that can be retrieved by calling the AuthenticationContext.getAttribute(java.lang.String)
method with the name javax.servlet.request.X509Certificate
.java.util.Map<String, java.util.List<String>>
attribute is available and can be retrieved by calling the
AuthenticationContext.getAttribute(java.lang.String)
method with the name com.spotfire.server.security.custom-parameters
. This map contains
all parameters with the prefix sf_custom_login_
posted by a custom login page. Note that the prefix is
stripped from the parameter names before they're added to the map.OpenID Connect
, then the following attributes are
available:
String
attribute that can be retrieved by calling the AuthenticationContext.getAttribute(java.lang.String)
method
with the name com.spotfire.server.security.oidc.access-token
.String
attribute that can be retrieved by calling the AuthenticationContext.getAttribute(java.lang.String)
method with the name com.spotfire.server.security.oidc.id-token
.OpenID Connect
, the following attribute may be available:
String
attribute that can be retrieved by calling the AuthenticationContext.getAttribute(java.lang.String)
method
with the name com.spotfire.server.security.oidc.refresh-token
.Modifier and Type | Method and Description |
---|---|
java.lang.Object |
getAttribute(java.lang.String name)
See
ServletRequest.getAttribute(java.lang.String) . |
java.util.Enumeration |
getAttributeNames()
See
ServletRequest.getAttributeNames() . |
javax.servlet.http.Cookie[] |
getCookies()
See
HttpServletRequest.getCookies() . |
long |
getDateHeader(java.lang.String name)
See
HttpServletRequest.getDateHeader(java.lang.String) . |
java.lang.String |
getHeader(java.lang.String name)
See
HttpServletRequest.getHeader(java.lang.String) . |
java.util.Enumeration |
getHeaderNames()
See
HttpServletRequest.getHeaderNames() . |
java.util.Enumeration |
getHeaders(java.lang.String name)
See
HttpServletRequest.getHeaders(java.lang.String) . |
int |
getIntHeader(java.lang.String name)
See
HttpServletRequest.getIntHeader(java.lang.String) . |
java.lang.String |
getLocalAddr()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.util.Locale |
getLocale()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.util.Enumeration |
getLocales()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.lang.String |
getLocalName()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
int |
getLocalPort()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.lang.String |
getQueryString()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.lang.String |
getRemoteAddr()
See
ServletRequest.getRemoteAddr() . |
java.lang.String |
getRemoteHost()
See
ServletRequest.getRemoteHost() . |
int |
getRemotePort()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.util.Map |
getRequestContext()
Returns a mutable map, stored as a request attribute, that is only available from this interface.
|
java.lang.String |
getRequestedSessionId()
Delegates to the underlying
javax.servlet.http.HttpServletRequest . |
java.lang.String |
getServerName()
See
ServletRequest.getServerName() . |
int |
getServerPort()
See
ServletRequest.getServerPort() . |
java.lang.String |
getSessionId()
Returns the HTTP session ID.
|
boolean |
isRequestedSessionIdFromCookie()
Returns the HTTP session ID.
|
boolean |
isRequestedSessionIdFromURL()
Returns the HTTP session ID.
|
boolean |
isRequestedSessionIdValid()
Returns the HTTP session ID.
|
boolean |
isSecure()
See
ServletRequest.isSecure() . |
java.lang.String getRemoteAddr()
ServletRequest.getRemoteAddr()
.java.lang.String getRemoteHost()
ServletRequest.getRemoteHost()
.java.lang.String getServerName()
ServletRequest.getServerName()
.int getServerPort()
ServletRequest.getServerPort()
.boolean isSecure()
ServletRequest.isSecure()
.javax.servlet.http.Cookie[] getCookies()
HttpServletRequest.getCookies()
.long getDateHeader(java.lang.String name)
HttpServletRequest.getDateHeader(java.lang.String)
.name
- date header namejava.lang.String getHeader(java.lang.String name)
HttpServletRequest.getHeader(java.lang.String)
.name
- header namejava.util.Enumeration getHeaderNames()
HttpServletRequest.getHeaderNames()
.java.util.Enumeration getHeaders(java.lang.String name)
HttpServletRequest.getHeaders(java.lang.String)
.name
- header nameint getIntHeader(java.lang.String name)
HttpServletRequest.getIntHeader(java.lang.String)
.name
- header namejava.lang.Object getAttribute(java.lang.String name)
ServletRequest.getAttribute(java.lang.String)
.name
- attribute namejava.util.Enumeration getAttributeNames()
ServletRequest.getAttributeNames()
.java.lang.String getLocalAddr()
javax.servlet.http.HttpServletRequest
.ServletRequest.getLocalAddr()
java.lang.String getLocalName()
javax.servlet.http.HttpServletRequest
.ServletRequest.getLocalName()
int getLocalPort()
javax.servlet.http.HttpServletRequest
.ServletRequest.getLocalPort()
java.util.Locale getLocale()
javax.servlet.http.HttpServletRequest
.ServletRequest.getLocale()
java.util.Enumeration getLocales()
javax.servlet.http.HttpServletRequest
.ServletRequest.getLocales()
int getRemotePort()
javax.servlet.http.HttpServletRequest
.ServletRequest.getRemotePort()
java.lang.String getRequestedSessionId()
javax.servlet.http.HttpServletRequest
.
Note: the session ID should never be logged or exposed in any other way.
HttpServletRequest.getRequestedSessionId()
java.lang.String getSessionId()
Note: the session ID should never be logged or exposed in any other way.
HttpSession.getId()
boolean isRequestedSessionIdFromCookie()
Note: the session ID should never be logged or exposed in any other way.
true
if the requested session ID came from a cookie, and false
otherwiseHttpServletRequest.isRequestedSessionIdFromCookie()
boolean isRequestedSessionIdFromURL()
Note: the session ID should never be logged or exposed in any other way.
true
if the requested session ID came from the URL, and false
otherwiseHttpServletRequest.isRequestedSessionIdFromURL()
boolean isRequestedSessionIdValid()
Note: the session ID should never be logged or exposed in any other way.
true
if the requested session is valid, and false
otherwiseHttpServletRequest.isRequestedSessionIdValid()
java.lang.String getQueryString()
javax.servlet.http.HttpServletRequest
.null
HttpServletRequest.getQueryString()
java.util.Map getRequestContext()
Typically used to pass context information (that is only applicable during the current request) from for example a
CustomAuthenticator
implementation to a PostAuthenticationFilter
implementation.
Copyright © 2000-2020 TIBCO Software Inc. All Rights Reserved.