net.rwx.padlock.annotations

Annotation Type WithoutAuthentication

@Retention(value=RUNTIME)
 @Target(value=METHOD)
public @interface WithoutAuthentication

Use this annotation to define JAX-RS resource that does not need authentication.

Authentication is not valid until a valid cookie token is present with an authenticated claim to "true"

To validate or invalidate an authentication, use PadlockSession.setAuthenticated(boolean).

For instance :

 @POST
 @WithoutAuthentication
 public void login(@FormParam("email") String email, 
                 @FormParam("password") String password) {
   String encrypted = encrypt(password);
   if( userService.check(email, encrypted) ) {
     session.setAuthenticated(true);
   }else {
     throw new NotAuthorizedException();
   }
 }
 

Author:

Arnaud Fonce

See Also:

PadlockSession.setAuthenticated(boolean), PadlockSession.isAuthenticated()