HttpAuthenticationLoginPage (WicketStuff Core Parent 7.0.0-SNAPSHOT API)

java.lang.Object
- org.apache.wicket.Component
- - org.apache.wicket.MarkupContainer
  - - org.apache.wicket.Page
    - - org.apache.wicket.markup.html.WebPage
      - org.wicketstuff.security.login.http.HttpAuthenticationLoginPage

All Implemented Interfaces:

Serializable, Iterable<org.apache.wicket.Component>, org.apache.wicket.event.IEventSink, org.apache.wicket.event.IEventSource, org.apache.wicket.IConverterLocator, org.apache.wicket.IQueueRegion, org.apache.wicket.markup.html.IHeaderContributor, org.apache.wicket.page.IManageablePage, org.apache.wicket.request.component.IRequestableComponent, org.apache.wicket.request.component.IRequestablePage, org.apache.wicket.util.IHierarchical<org.apache.wicket.Component>, org.apache.wicket.util.io.IClusterable
```
public abstract class HttpAuthenticationLoginPage
extends org.apache.wicket.markup.html.WebPage
```
Login Page that uses httpauthentication to login. Currently it only supports Basic Http authentication as defined in RFC 2616 section 14.47 HTTP 1.1. But the way it is setup it should be able to support addition protocols like RFC 2617. Thanks go to Jesse Barnum and Johan Compagner.

Author:

marrink

See Also:
rfc2616, Serialized Form

Field Summary
- Fields inherited from class org.apache.wicket.Component
  ENABLE, FLAG_AFTER_RENDERING, FLAG_INITIALIZED, FLAG_PREPARED_FOR_RENDER, FLAG_REMOVING_FROM_HIERARCHY, FLAG_RENDERING, FLAG_RESERVED1, FLAG_RESERVED2, FLAG_RESERVED3, FLAG_RESERVED4, FLAG_RESERVED5, FLAG_RESERVED8, PARENT_PATH, PATH_SEPARATOR, RENDER, RFLAG_CONTAINER_DEQUEING

Constructor Summary

Constructors
Modifier	Constructor and Description
	`HttpAuthenticationLoginPage()` Basic constructor.
`protected`	`HttpAuthenticationLoginPage(org.apache.wicket.model.IModel<?> model)` Constructor.
`protected`	`HttpAuthenticationLoginPage(org.apache.wicket.request.mapper.parameter.PageParameters parameters)` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected void`	`addBasicHeaders(org.apache.wicket.request.http.WebRequest request, org.apache.wicket.request.http.WebResponse response)` Adds a "WWW-Authenticate" header for basic authentication to the response.
`protected void`	`configureResponse(org.apache.wicket.request.http.WebResponse response)`
`protected void`	`doAuthentication()` Sets a flag to handle authentication headers and sets response to request authentication if required.
`protected abstract Object`	`getBasicLoginContext(String username, String password)` Delivers a context suitable for logging in with the specified username and password.
`abstract String`	`getRealm(org.apache.wicket.request.http.WebRequest request, org.apache.wicket.request.http.WebResponse response)` The authentication realm.
`protected void`	`handleAuthentication(org.apache.wicket.request.http.WebRequest request, org.apache.wicket.request.http.WebResponse response, String scheme, String param)` Delegates authentication.
`protected boolean`	`handleBasicAuthentication(org.apache.wicket.request.http.WebRequest request, org.apache.wicket.request.http.WebResponse response, String scheme, String param)` Handles authentication for the "Basic" scheme.
`protected boolean`	`isAuthenticated()` Check if already someone is authenticated to prevent duplicate logins.
`protected void`	`requestAuthentication(org.apache.wicket.request.http.WebRequest request, org.apache.wicket.request.http.WebResponse response)` Sets the statuscode of the response to 401.

Methods inherited from class org.apache.wicket.markup.html.WebPage
getMarkupType, homePageLink, onAfterRender, onRender, renderXmlDecl, reportMissingHead, setHeaders, setNextAvailableId

Methods inherited from class org.apache.wicket.Page
componentChanged, componentRendered, detachModels, dirty, dirty, endComponentRender, getAutoIndex, getId, getPageClass, getPageId, getPageParameters, getPageReference, getRenderCount, getSizeInBytes, getStatelessHint, hierarchyAsString, internalOnModelChanged, internalPrepareForRender, isBookmarkable, isErrorPage, isPageStateless, onBeforeRender, onDetach, onInitialize, renderPage, setFreezePageId, setNumericId, setStatelessHint, setWasCreatedBookmarkable, startComponentRender, toString, wasCreatedBookmarkable, wasRendered

Methods inherited from class org.apache.wicket.MarkupContainer
add, addDequeuedComponent, addOrReplace, autoAdd, canDequeueTag, contains, dequeue, dequeue, dequeuePreamble, findComponentToDequeue, get, get, getAssociatedMarkup, getAssociatedMarkupStream, getMarkup, getRegionMarkup, internalAdd, internalInitialize, iterator, iterator, newDequeueContext, onAfterRenderChildren, onComponentTagBody, queue, remove, remove, removeAll, renderAll, renderAssociatedMarkup, renderNext, replace, setDefaultModel, size, swap, toString, visitChildren, visitChildren, visitChildren, visitChildren

Methods inherited from class org.apache.wicket.Component
add, addStateChange, afterRender, beforeRender, canCallListenerInterface, canCallListenerInterfaceAfterExpiry, checkComponentTag, checkComponentTagAttribute, checkHierarchyChange, clearOriginalDestination, configure, continueToOriginalDestination, debug, detach, detachModel, determineVisibility, error, exceptionMessage, fatal, findMarkupStream, findPage, findParent, findParentWithAssociatedMarkup, getAjaxRegionMarkupId, getApplication, getBehaviorById, getBehaviorId, getBehaviors, getBehaviors, getClassRelativePath, getConverter, getDefaultModel, getDefaultModelObject, getDefaultModelObjectAsString, getDefaultModelObjectAsString, getEscapeModelStrings, getFeedbackMessages, getFlag, getInnermostModel, getInnermostModel, getLocale, getLocalizer, getMarkup, getMarkupAttributes, getMarkupId, getMarkupId, getMarkupIdFromMarkup, getMarkupIdImpl, getMarkupSourcingStrategy, getMetaData, getModelComparator, getOutputMarkupId, getOutputMarkupPlaceholderTag, getPage, getPageRelativePath, getParent, getPath, getRenderBodyOnly, getRequest, getRequestCycle, getRequestFlag, getResponse, getSession, getString, getString, getString, getStyle, getVariation, hasBeenRendered, hasErrorMessage, hasFeedbackMessage, info, initModel, internalRenderComponent, internalRenderHead, isActionAuthorized, isAuto, isBehaviorAccepted, isEnableAllowed, isEnabled, isEnabledInHierarchy, isIgnoreAttributeModifier, isRenderAllowed, isStateless, isVersioned, isVisibilityAllowed, isVisible, isVisibleInHierarchy, markRendering, modelChanged, modelChanging, newMarkupSourcingStrategy, onComponentTag, onConfigure, onEvent, onModelChanged, onModelChanging, onReAdd, onRemove, prepareForRender, redirectToInterceptPage, remove, remove, render, renderComponentTag, rendered, renderHead, renderHead, renderPlaceholderTag, replaceComponentTagBody, replaceWith, sameInnermostModel, sameInnermostModel, send, setAuto, setDefaultModelObject, setEnabled, setEscapeModelStrings, setFlag, setIgnoreAttributeModifier, setMarkup, setMarkupId, setMarkupIdImpl, setMetaData, setOutputMarkupId, setOutputMarkupPlaceholderTag, setParent, setRenderBodyOnly, setRequestFlag, setResponsePage, setResponsePage, setResponsePage, setVersioned, setVisibilityAllowed, setVisible, success, urlFor, urlFor, urlFor, urlFor, urlFor, visitParents, visitParents, warn, wrap

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.wicket.request.component.IRequestableComponent
canCallListenerInterfaceAfterExpiry, detach, get, getBehaviorById, getBehaviorId, getPage, getPageRelativePath

Methods inherited from interface org.apache.wicket.page.IManageablePage
detach

Methods inherited from interface org.apache.wicket.IQueueRegion
dequeue, getRegionMarkup, newDequeueContext

- Constructor Detail
  - HttpAuthenticationLoginPage
```
public HttpAuthenticationLoginPage()
```
    Basic constructor.
    
    See Also:
    WebPage.WebPage()
  - HttpAuthenticationLoginPage
```
protected HttpAuthenticationLoginPage(org.apache.wicket.model.IModel<?> model)
```
    Constructor.
    
    Parameters:
    model -
    See Also:
    WebPage.WebPage(IModel)
  - HttpAuthenticationLoginPage
```
protected HttpAuthenticationLoginPage(org.apache.wicket.request.mapper.parameter.PageParameters parameters)
```
    Constructor.
    
    Parameters:
    parameters -
    See Also:
    WebPage.WebPage(PageParameters)
- Method Detail
  - configureResponse
```
protected void configureResponse(org.apache.wicket.request.http.WebResponse response)
```
    Overrides:
    
    configureResponse in class org.apache.wicket.markup.html.WebPage
  - doAuthentication
```
protected final void doAuthentication()
```
    Sets a flag to handle authentication headers and sets response to request authentication if required. This method needs to be called manually. I recommend 1 of these 2 locations to call this method from.
    1. from within the constructor
    2. from within a Link.onClick() or Form.onSubmit()
    The benefit of the second method is that you can render the login page at least once before activating the http authentication by the click of a button. Using the first option, this page is not shown by the browser.
  - requestAuthentication
```
protected void requestAuthentication(org.apache.wicket.request.http.WebRequest request,
                         org.apache.wicket.request.http.WebResponse response)
```
    Sets the statuscode of the response to 401. setting headers is delegated to addBasicHeaders(WebRequest, WebResponse). Subclasses should override this method to set their custom headers.
    
    Parameters:
    request -
    response -
  - addBasicHeaders
```
protected void addBasicHeaders(org.apache.wicket.request.http.WebRequest request,
                   org.apache.wicket.request.http.WebResponse response)
```
    Adds a "WWW-Authenticate" header for basic authentication to the response.
    
    Parameters:
    request -
    response -
  - getRealm
```
public abstract String getRealm(org.apache.wicket.request.http.WebRequest request,
              org.apache.wicket.request.http.WebResponse response)
```
    The authentication realm. The realm is required by the authentication headers and will be shown by the browser.
    
    Parameters:
    request -
    response -
    
    Returns:
    the realm
  - handleAuthentication
```
protected void handleAuthentication(org.apache.wicket.request.http.WebRequest request,
                        org.apache.wicket.request.http.WebResponse response,
                        String scheme,
                        String param)
                             throws LoginException
```
    Delegates authentication. Subclasses should first try there custom authentication scheme before letting super handle the call. Subclasses should either return a boolean value (see handleBasicAuthentication(WebRequest, WebResponse, String, String) ) if processing should continue or throw an exception.
    
    Parameters:
    request -
    response -
    scheme - the authentication scheme like "Basic" or "Digest"
    param - the parameters after the scheme from the header
    
    Throws:
    
    LoginException - if the user could not be logged in.
    
    org.apache.wicket.RestartResponseAtInterceptPageException - to an AccessDeniedPage if the scheme is not supported
  - handleBasicAuthentication
```
protected boolean handleBasicAuthentication(org.apache.wicket.request.http.WebRequest request,
                                org.apache.wicket.request.http.WebResponse response,
                                String scheme,
                                String param)
                                     throws LoginException
```
    Handles authentication for the "Basic" scheme. If the scheme is not the basic scheme true is returned so another implementation may try it. In general authentication attempts by the next scheme should only proceed if the scheme was of the wrong type. False will generally be returned when a) the user has been authenticated or b) the scheme is correct but another problem arises, like missing additional headers.
    
    Parameters:
    request -
    response -
    scheme -
    param - username:password in base 64
    
    Returns:
    true if authentication by another scheme should be attempted, false if authentication by another scheme should not be attempted.
    
    Throws:
    
    LoginException - If the supplied credentials do not grant enough credits for the requested resource
    
    org.apache.wicket.RestartResponseAtInterceptPageException - to the home page if the login was successfull but when there is no page to continue to.
  - isAuthenticated
```
protected boolean isAuthenticated()
```
    Check if already someone is authenticated to prevent duplicate logins. By default this checks if the home page is authenticated.
    
    Returns:
    true if the user is already authenticated, false otherwise
  - getBasicLoginContext
```
protected abstract Object getBasicLoginContext(String username,
                          String password)
```
    Delivers a context suitable for logging in with the specified username and password. Please refer to your specific wasp implementation for a suitable context.
    
    Parameters:
    username -
    password -
    
    Returns:
    the login context or null if none could be created

Class HttpAuthenticationLoginPage

Field Summary

Fields inherited from class org.apache.wicket.Component

Constructor Summary

Method Summary

Methods inherited from class org.apache.wicket.markup.html.WebPage

Methods inherited from class org.apache.wicket.Page

Methods inherited from class org.apache.wicket.MarkupContainer

Methods inherited from class org.apache.wicket.Component

Methods inherited from class java.lang.Object

Methods inherited from interface org.apache.wicket.request.component.IRequestableComponent

Methods inherited from interface org.apache.wicket.page.IManageablePage

Methods inherited from interface org.apache.wicket.IQueueRegion

Constructor Detail

HttpAuthenticationLoginPage

HttpAuthenticationLoginPage

HttpAuthenticationLoginPage

Method Detail

configureResponse

doAuthentication

requestAuthentication

addBasicHeaders

getRealm

handleAuthentication

handleBasicAuthentication

isAuthenticated

getBasicLoginContext