in src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java [736:773]
private AuthenticationInfo getAuthenticationInfo(HttpServletRequest request, HttpServletResponse response) {
String path = getPath(request);
final Collection<AbstractAuthenticationHandlerHolder>[] localArray =
this.authHandlersManager.findApplicableHolders(request);
for (int m = 0; m < localArray.length; m++) {
final Collection<AbstractAuthenticationHandlerHolder> local = localArray[m];
if (local != null) {
for (AbstractAuthenticationHandlerHolder holder : local) {
if (holder.isPathRequiresHandler(path)) {
final AuthenticationInfo authInfo = holder.extractCredentials(request, response);
if (authInfo != null) {
// skip the put call for known read-only objects
if (authInfo != AuthenticationInfo.DOING_AUTH && authInfo != AuthenticationInfo.FAIL_AUTH) {
// add the feedback handler to the info (may be null)
authInfo.put(AUTH_INFO_PROP_FEEDBACK_HANDLER, holder.getFeedbackHandler());
}
return authInfo;
}
}
}
}
}
// check whether the HTTP Basic handler can extract the header
if (httpBasicHandler != null) {
final AuthenticationInfo authInfo = httpBasicHandler.extractCredentials(request, response);
if (authInfo != null) {
authInfo.put(AUTH_INFO_PROP_FEEDBACK_HANDLER, httpBasicHandler);
return authInfo;
}
}
// no handler found for the request ....
log.debug("getAuthenticationInfo: no handler could extract credentials; assuming anonymous");
return getAnonymousCredentials();
}