Package com.atlassian.sal.api.auth

Interface AuthenticationListener

public interface AuthenticationListener
Allows the underlying framework to take some actions on authentication events.
Since:
2.0

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    authenticationError(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Called when there is a failure in trying to process the request, such as an IO failure.
    void
    authenticationFailure(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Called when the signature cannot be validated or the user cannot be resolved or does not have permission to access the resource.
    void
    authenticationNotAttempted(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Called if it was determined that authentication should not be attempted, usually because the AuthenticationController.shouldAttemptAuthentication(HttpServletRequest) returned false.
    void
    authenticationSuccess(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Called when the signature is validated and the user is resolved and permissions are verified.

  • Method Details

    • authenticationSuccess

      void authenticationSuccess(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Called when the signature is validated and the user is resolved and permissions are verified. Responsible for preparing the HTTP request or session such that the application sees the user as logged in for the rest of this request.

      Will also be called in the event of a "verified" request - where the request has been verified to come from a remote system that is trusted due to 2LO but where an impersonating user is not configured.

      Parameters:
      result - Authentication result containing the user
      request - Current HTTP request being processed
      response - HTTP response for the current request, provided so the application can set any headers it might need set

    • authenticationFailure

      void authenticationFailure(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Called when the signature cannot be validated or the user cannot be resolved or does not have permission to access the resource.
      Parameters:
      result - Authentication result containing the details of the failure
      request - Current HTTP request being processed
      response - HTTP response for the current request, provided so the application can set any headers it might need set

    • authenticationError

      void authenticationError(Authenticator.Result result, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Called when there is a failure in trying to process the request, such as an IO failure.
      Parameters:
      result - Authentication result containing the details of the error
      request - Current HTTP request being processed
      response - HTTP response for the current request, provided so the application can set any headers it might need set

    • authenticationNotAttempted

      void authenticationNotAttempted(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Called if it was determined that authentication should not be attempted, usually because the AuthenticationController.shouldAttemptAuthentication(HttpServletRequest) returned false.
      Parameters:
      request - Current HTTP request being processed
      response - HTTP response for the current request, provided so the application can set any headers it might need set