Package org.apache.axis.security.servlet
Class ServletSecurityProvider
java.lang.Object
org.apache.axis.security.servlet.ServletSecurityProvider
- All Implemented Interfaces:
SecurityProvider
A ServletSecurityProvider, combined with the ServletAuthenticatedUser
class, allows the standard servlet security mechanisms (isUserInRole(),
etc.) to integrate with Axis' access control mechanism.
By utilizing this class (which the AxisServlet can be configured to
do automatically), authentication and role information will come from
your servlet engine.
- Author:
- Glen Daniels (gdaniels@apache.org)
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(MessageContext msgContext) Authenticate a user from a username/password pair.boolean
userMatches
(AuthenticatedUser user, String principal) See if a user matches a principal name.
-
Field Details
-
log
protected static org.apache.commons.logging.Log log
-
-
Constructor Details
-
ServletSecurityProvider
public ServletSecurityProvider()
-
-
Method Details
-
authenticate
Authenticate a user from a username/password pair.- Specified by:
authenticate
in interfaceSecurityProvider
- Parameters:
username
- the user name to checkpassword
- the password to check- Returns:
- an AuthenticatedUser or null
-
userMatches
See if a user matches a principal name. The name might be a user or a group.- Specified by:
userMatches
in interfaceSecurityProvider
- Returns:
- true if the user matches the passed name
-