Package com.atlassian.confluence.user

Class ConfluenceAuthenticator

java.lang.Object
com.atlassian.seraph.auth.AbstractAuthenticator
com.atlassian.seraph.auth.DefaultAuthenticator
com.atlassian.confluence.user.ConfluenceAuthenticator
All Implemented Interfaces:
com.atlassian.seraph.auth.Authenticator, com.atlassian.seraph.Initable, Serializable
Direct Known Subclasses:
ConfluenceGroupJoiningAuthenticator
public class ConfluenceAuthenticator extends com.atlassian.seraph.auth.DefaultAuthenticator
Authenticator which uses Confluence's user management code to authenticate a user against the directory which they come from (e.g. internal, LDAP, Crowd).
See Also:

  • Field Summary

    Fields inherited from class com.atlassian.seraph.auth.DefaultAuthenticator

    LOGGED_IN_KEY, LOGGED_IN_USER_ID_KEY, LOGGED_OUT_KEY

  • Constructor Summary

    Constructors
    Constructor
    Description
    ConfluenceAuthenticator()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected boolean
    authenticate(Principal user, String password)
     
    protected boolean
    authoriseUserAndEstablishSession(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, Principal principal)
     
    protected com.atlassian.event.api.EventPublisher
    getEventPublisher()
     
    protected ConfluenceUser
    getUser(String uid)
     
    protected UserAccessor
    getUserAccessor()
     
    protected Principal
    getUserFromSession(jakarta.servlet.http.HttpServletRequest httpServletRequest)
    Use this implementation of this method from DefaultAuthenticator in Seraph 4.1.0.
    protected boolean
    isPrincipalAlreadyInSessionContext(jakarta.servlet.http.HttpServletRequest httpServletRequest, Principal principal)
     
    boolean
    login(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, String username, String password, boolean setRememberMeCookie)
     
    boolean
    logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
     
    protected void
    putPrincipalInSessionContext(jakarta.servlet.http.HttpServletRequest httpServletRequest, Principal principal)
     
    protected Principal
    refreshPrincipalObtainedFromSession(jakarta.servlet.http.HttpServletRequest httpServletRequest, Principal principal)
    For error request processing, we skip refreshing the principal, since that requires a database connection, and we may be getting errors because of database connection pool exhaustion.
    protected void
    removePrincipalFromSessionContext(jakarta.servlet.http.HttpServletRequest httpServletRequest)
     
    void
    setUserAccessor(UserAccessor userAccessor)
     

    Methods inherited from class com.atlassian.seraph.auth.DefaultAuthenticator

    getAuthType, getElevatedSecurityGuard, getLogoutInterceptors, getPrincipalFromSession, getRememberMeService, getRoleMapper, getUser, getUserFromBasicAuthentication, getUserFromCookie, init, isAuthorised

    Methods inherited from class com.atlassian.seraph.auth.AbstractAuthenticator

    destroy, getConfig, getRemoteUser, getUser, login

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • ConfluenceAuthenticator

      public ConfluenceAuthenticator()

  • Method Details

    • logout

      public boolean logout(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws com.atlassian.seraph.auth.AuthenticatorException
      Specified by:
      logout in interface com.atlassian.seraph.auth.Authenticator
      Overrides:
      logout in class com.atlassian.seraph.auth.DefaultAuthenticator
      Throws:
      com.atlassian.seraph.auth.AuthenticatorException

    • login

      public boolean login(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, String username, String password, boolean setRememberMeCookie) throws com.atlassian.seraph.auth.AuthenticatorException
      Specified by:
      login in interface com.atlassian.seraph.auth.Authenticator
      Overrides:
      login in class com.atlassian.seraph.auth.DefaultAuthenticator
      Throws:
      com.atlassian.seraph.auth.AuthenticatorException

    • authenticate

      protected boolean authenticate(Principal user, String password) throws com.atlassian.seraph.auth.AuthenticatorException
      Specified by:
      authenticate in class com.atlassian.seraph.auth.DefaultAuthenticator
      Throws:
      com.atlassian.seraph.auth.AuthenticatorException

    • isPrincipalAlreadyInSessionContext

      protected boolean isPrincipalAlreadyInSessionContext(jakarta.servlet.http.HttpServletRequest httpServletRequest, Principal principal)
      Overrides:
      isPrincipalAlreadyInSessionContext in class com.atlassian.seraph.auth.DefaultAuthenticator

    • putPrincipalInSessionContext

      protected void putPrincipalInSessionContext(jakarta.servlet.http.HttpServletRequest httpServletRequest, Principal principal)
      Overrides:
      putPrincipalInSessionContext in class com.atlassian.seraph.auth.DefaultAuthenticator

    • removePrincipalFromSessionContext

      protected void removePrincipalFromSessionContext(jakarta.servlet.http.HttpServletRequest httpServletRequest)
      Overrides:
      removePrincipalFromSessionContext in class com.atlassian.seraph.auth.DefaultAuthenticator

    • getUserFromSession

      protected Principal getUserFromSession(jakarta.servlet.http.HttpServletRequest httpServletRequest)
      Use this implementation of this method from DefaultAuthenticator in Seraph 4.1.0. The implementation of this method made a breaking change in Seraph 4.1.2, so that that refreshPrincipalObtainedFromSession(HttpServletRequest, Principal) methods is no longer called. Reinstating the original implementation fixes it.

      Note that we'll need to retain this override until such a time as Seraph correctly identifies session attributes using user keys rather than user names.

      Overrides:
      getUserFromSession in class com.atlassian.seraph.auth.DefaultAuthenticator

    • refreshPrincipalObtainedFromSession

      protected Principal refreshPrincipalObtainedFromSession(jakarta.servlet.http.HttpServletRequest httpServletRequest, Principal principal)
      For error request processing, we skip refreshing the principal, since that requires a database connection, and we may be getting errors because of database connection pool exhaustion. For the purposes of error page rendering, we don't need to be too picky about refreshing the user from the database - as long as we have one in the session we just use that.
      Overrides:
      refreshPrincipalObtainedFromSession in class com.atlassian.seraph.auth.DefaultAuthenticator

    • getEventPublisher

      protected com.atlassian.event.api.EventPublisher getEventPublisher()

    • setUserAccessor

      public void setUserAccessor(UserAccessor userAccessor)

    • getUserAccessor

      protected UserAccessor getUserAccessor()

    • getUser

      protected ConfluenceUser getUser(String uid)
      Specified by:
      getUser in class com.atlassian.seraph.auth.DefaultAuthenticator

    • authoriseUserAndEstablishSession

      protected boolean authoriseUserAndEstablishSession(jakarta.servlet.http.HttpServletRequest httpServletRequest, jakarta.servlet.http.HttpServletResponse httpServletResponse, Principal principal)
      Overrides:
      authoriseUserAndEstablishSession in class com.atlassian.seraph.auth.DefaultAuthenticator