Class ExternalLoginKeysManager


  • public class ExternalLoginKeysManager
    extends java.lang.Object
    This class manages the single sign-on authentication through external login keys between OFBiz applications.
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String checkExternalLoginKey​(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      OFBiz controller event that performs the user authentication using the authentication token.
      static java.lang.String getExternalLoginKey​(javax.servlet.http.HttpServletRequest request)
      Gets (and creates if necessary) an authentication token to be used for an external login parameter.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • ExternalLoginKeysManager

        public ExternalLoginKeysManager()
    • Method Detail

      • getExternalLoginKey

        public static java.lang.String getExternalLoginKey​(javax.servlet.http.HttpServletRequest request)
        Gets (and creates if necessary) an authentication token to be used for an external login parameter. When a new token is created, it is persisted in the web session and in the web request and map entry keyed by the token and valued by a userLogin object is added to a map that is looked up for subsequent requests.
        Parameters:
        request - - the http request in which the authentication token is searched and stored
        Returns:
        the authentication token as persisted in the session and request objects
      • checkExternalLoginKey

        public static java.lang.String checkExternalLoginKey​(javax.servlet.http.HttpServletRequest request,
                                                             javax.servlet.http.HttpServletResponse response)
        OFBiz controller event that performs the user authentication using the authentication token. The method is designed to be used in a chain of controller preprocessor event: it always return "success" even when the authentication token is missing or the authentication fails in order to move the processing to the next event in the chain.
        Parameters:
        request - - the http request object
        response - - the http response object
        Returns:
        "success" in all the cases