Package mondrian.xmla.impl

Class AuthenticatingXmlaRequestCallback

    • Constructor Detail

      • AuthenticatingXmlaRequestCallback

        public AuthenticatingXmlaRequestCallback()

    • Method Detail

      • generateSessionId

        public String generateSessionId​(Map<String,​Object> context)
        Description copied from interface: XmlaRequestCallback
        The Callback is requested to generate a sequence id string. This sequence id was requested by the XMLA client and will be used for all subsequent communications in the Soap Header block. Implementation can return null if they do not want to generate a custom session ID, in which case, the default algorithm to generate session IDs will be used.
        Specified by:
        generateSessionId in interface XmlaRequestCallback
        Parameters:
        context - The context of this query.
        Returns:
        An arbitrary session id to use, or null.

      • init

        public void init​(javax.servlet.ServletConfig servletConfig)
          throws javax.servlet.ServletException
        Specified by:
        init in interface XmlaRequestCallback
        Throws:
        javax.servlet.ServletException

      • postAction

        public void postAction​(javax.servlet.http.HttpServletRequest request,
                       javax.servlet.http.HttpServletResponse response,
                       byte[][] responseSoapParts,
                       Map<String,​Object> context)
                throws Exception
        Description copied from interface: XmlaRequestCallback
        This is called after all Mondrian processing (DISCOVER/EXECUTE) has occurred.
        Specified by:
        postAction in interface XmlaRequestCallback
        Throws:
        Exception

      • authenticate

        public abstract String authenticate​(String username,
                                    String password,
                                    String sessionID)
        This function is expected to do two things.
        • Validate the credentials.
        • Return a comma separated list of role names associated to these credentials.

        Should there be any problems with the credentials, subclasses can invoke throwAuthenticationException(String) to throw an authentication exception back to the client.

        Parameters:
        username - Username used for authentication, as specified in the SOAP security header. Might be null.
        password - Password used for authentication, as specified in the SOAP security header. Might be null.
        sessionID - A unique identifier for this client session. Session IDs should remain the same between different queries from a same client, although some clients do not implement the XMLA Session header properly, resulting in a new session ID for each request.
        Returns:
        A comma separated list of roles associated to this user, or null for root access.

      • throwAuthenticationException

        protected void throwAuthenticationException​(String reason)
        Helper method to create and throw an authentication exception.
        Parameters:
        reason - A textual explanation of why the credentials are rejected.

      • processHttpHeader

        public boolean processHttpHeader​(javax.servlet.http.HttpServletRequest request,
                                 javax.servlet.http.HttpServletResponse response,
                                 Map<String,​Object> context)
                          throws Exception
        Description copied from interface: XmlaRequestCallback
        Process the request header items. Specifically if present the Authorization and Expect headers. If the Authorization header is present, then the callback can validate the user/password. If authentication fails, the callback should throw an XmlaException with the correct XmlaConstants values. The XmlaRequestCallback.Helper class contains the authorizationException method that can be used by a callback to generate the XmlaException with the correct values. If the Expect header is set with "100-continue", then it is upto the callback to create the appropriate response and return false. In this case, the XmlaServlet stops processing and returns the response to the client application. To facilitate the generation of the response, the XmlaRequestCallback.Helper has the method generatedExpectResponse that can be called by the callback.

        Note that it is upto the XMLA client to determine whether or not there is an Expect header entry (ADOMD.NET seems to like to do this).

        Specified by:
        processHttpHeader in interface XmlaRequestCallback
        Returns:
        true if XmlaServlet handling is to continue and false if there was an Expect header "100-continue".
        Throws:
        Exception