Class FormAuthenticationErrorInterceptor<A extends ExchangeContext,B extends ErrorExchange<A>>

java.lang.Object
io.inverno.mod.security.http.AuthenticationErrorInterceptor<A,B>
io.inverno.mod.security.http.form.FormAuthenticationErrorInterceptor<A,B>
Type Parameters:
A - the context type
B - the error echange type
All Implemented Interfaces:
ExchangeInterceptor<A,B>

public class FormAuthenticationErrorInterceptor<A extends ExchangeContext,B extends ErrorExchange<A>> extends AuthenticationErrorInterceptor<A,B>

An authentication error interceptor that redirects (302) the client to a login page.

This interceptor is usually used in conjunction with a LoginActionHandler and a LogoutActionHandler. The login action is targeted by the login page in order to authenticate the login credentials provided by the user and the logout action allows to free resources and invalidate any temporary credentials resulting from the login process and communicated to the authenticated user.

It is important to understand the difference between login and authentication: whereas authentication is involved in the login process to authenticate login credentials with the aim of signing in a user in an application, login is usually not involved during authentication which consists in validating credentials with the aim of granting access to a protected resource.

More specifically, a successful login usually results in temporary credentials (e.g. a token) being created and communicated to the authenticated user which can reuse them to access protected services or resources in further requests. The login process is then performed once whereas the authentication process is performed on all requests.

Since:
1.5
Author:
Jeremy Kuhn
  • Field Details

    • DEFAULT_LOGIN_PAGE_URI

      public static final String DEFAULT_LOGIN_PAGE_URI
      The default login page URI: /login.
      See Also:
  • Constructor Details

    • FormAuthenticationErrorInterceptor

      public FormAuthenticationErrorInterceptor()

      Creates a form authentication error interceptor that redirects the client to the default login page URI.

    • FormAuthenticationErrorInterceptor

      public FormAuthenticationErrorInterceptor(String loginUri)

      Creates a form authentication error interceptor that redirects the client to the specified login page URI.

      Parameters:
      loginUri - the login page URI
  • Method Details