in src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider2.java [67:95]
public boolean authenticate(final HttpServletRequest request,
final HttpServletResponse response) {
if ( this.authentiationSupport.handleSecurity(request, response) ) {
// get ResourceResolver (set by AuthenticationSupport)
Object resolverObject = request.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
final ResourceResolver resolver = (resolverObject instanceof ResourceResolver)
? (ResourceResolver) resolverObject
: null;
if ( resolver != null ) {
final Session session = resolver.adaptTo(Session.class);
if ( session != null ) {
try {
final User u = this.authenticate(session);
if ( u != null ) {
request.setAttribute(USER_ATTRIBUTE, u);
return true;
}
} catch (final Exception re) {
logger.info("authenticate: Generic problem trying grant User "
+ " access to the Web Console", re);
}
}
}
if (request.getAuthType() == null) {
this.authenticator.login(request, response);
}
}
return false;
}