Package org.apache.axis.security.servlet

Class ServletSecurityProvider

  • All Implemented Interfaces:
    SecurityProvider
    public class ServletSecurityProvider
extends java.lang.Object
implements SecurityProvider
    A ServletSecurityProvider, combined with the ServletAuthenticatedUser class, allows the standard servlet security mechanisms (isUserInRole(), etc.) to integrate with Axis' access control mechanism. By utilizing this class (which the AxisServlet can be configured to do automatically), authentication and role information will come from your servlet engine.
    Author:
    Glen Daniels (gdaniels@apache.org)

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected static org.apache.commons.logging.Log log  

    • Field Detail

      • log

        protected static org.apache.commons.logging.Log log

    • Constructor Detail

      • ServletSecurityProvider

        public ServletSecurityProvider()

    • Method Detail

      • authenticate

        public AuthenticatedUser authenticate​(MessageContext msgContext)
        Authenticate a user from a username/password pair.
        Specified by:
        authenticate in interface SecurityProvider
        Parameters:
        username - the user name to check
        password - the password to check
        Returns:
        an AuthenticatedUser or null

      • userMatches

        public boolean userMatches​(AuthenticatedUser user,
                           java.lang.String principal)
        See if a user matches a principal name. The name might be a user or a group.
        Specified by:
        userMatches in interface SecurityProvider
        Returns:
        true if the user matches the passed name