org.apache.axis.security.servlet
Class ServletSecurityProvider
java.lang.Object
|
+--org.apache.axis.security.servlet.ServletSecurityProvider
- All Implemented Interfaces:
- SecurityProvider
- public class ServletSecurityProvider
- extends java.lang.Object
- implements SecurityProvider
A ServletSecurityProvider, combined with the ServletAuthenticatedUser
class, allows the standard servlet security mechanisms (isUserInRole(),
etc.) to integrate with Axis' access control mechanism.
By utilizing this class (which the AxisServlet can be configured to
do automatically), authentication and role information will come from
your servlet engine.
- Author:
- Glen Daniels (gdaniels@macromedia.com)
Field Summary |
protected static org.apache.commons.logging.Log |
log
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
log
protected static org.apache.commons.logging.Log log
ServletSecurityProvider
public ServletSecurityProvider()
authenticate
public AuthenticatedUser authenticate(MessageContext msgContext)
- Authenticate a user from a username/password pair.
- Specified by:
authenticate
in interface SecurityProvider
- Parameters:
msgContext
- the MessageContext containing authentication info
- Returns:
- an AuthenticatedUser or null
userMatches
public boolean userMatches(AuthenticatedUser user,
java.lang.String principal)
- See if a user matches a principal name. The name might be a user
or a group.
- Specified by:
userMatches
in interface SecurityProvider
- Returns:
- true if the user matches the passed name
Copyright © 2003 Apache Web Services Project. All Rights Reserved.