in src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java [510:562]
public void login(HttpServletRequest request, HttpServletResponse response) {
// ensure the response is not committed yet
if (response.isCommitted()) {
throw new IllegalStateException("Response already committed");
}
// select path used for authentication handler selection
final Collection<AbstractAuthenticationHandlerHolder>[] holdersArray = this.authHandlersManager
.findApplicableHolders(request);
final String path = getHandlerSelectionPath(request);
boolean done = false;
for (int m = 0; !done && m < holdersArray.length; m++) {
final Collection<AbstractAuthenticationHandlerHolder> holderList = holdersArray[m];
if ( holderList != null ) {
for (AbstractAuthenticationHandlerHolder holder : holderList) {
if (holder.isPathRequiresHandler(path)) {
log.debug("login: requesting authentication using handler: {}",
holder);
try {
done = holder.requestCredentials(request, response);
} catch (IOException ioe) {
log.error(
"login: Failed sending authentication request through handler "
+ holder + ", access forbidden", ioe);
done = true;
}
if (done) {
break;
}
}
}
}
}
// fall back to HTTP Basic handler (if not done already)
if (!done && httpBasicHandler != null) {
done = httpBasicHandler.requestCredentials(request, response);
}
// no handler could send an authentication request, throw
if (!done) {
int size = 0;
for (int m = 0; m < holdersArray.length; m++) {
if (holdersArray[m] != null) {
size += holdersArray[m].size();
}
}
log.info("login: No handler for request ({} handlers available)", size);
throw new NoAuthenticationHandlerException();
}
}