org.alfresco.repo.security.authentication
Class AuthenticationServiceImpl

java.lang.Object
  extended by org.alfresco.repo.security.authentication.AbstractAuthenticationService
      extended by org.alfresco.repo.security.authentication.AuthenticationServiceImpl
All Implemented Interfaces:
ActivateableBean, AuthenticationService
Direct Known Subclasses:
MutableAuthenticationServiceImpl

public class AuthenticationServiceImpl
extends AbstractAuthenticationService
implements ActivateableBean


Constructor Summary
AuthenticationServiceImpl()
           
 
Method Summary
 void authenticate(java.lang.String userName, char[] password)
          Carry out an authentication attempt.
 void authenticateAsGuest()
          Authenticate as the guest user.
 boolean authenticationExists(java.lang.String userName)
          Check if the given authentication exists.
 void clearCurrentSecurityContext()
          Remove the current security information
 int countTickets(boolean nonExpiredOnly)
           
 boolean getAllowsUserCreation()
           
 boolean getAllowsUserDeletion()
           
 boolean getAllowsUserPasswordChange()
           
 boolean getAuthenticationEnabled(java.lang.String userName)
          Is an authentication enabled or disabled?
 java.lang.String getCurrentTicket(java.lang.String sessionId)
          Gets the current ticket as a string.
 java.lang.String getCurrentUserName()
          Get the name of the currently authenticated user.
 java.util.Set getDefaultAdministratorUserNames()
          Gets a set of user names who should be considered 'administrators' by default.
 java.util.Set getDefaultGuestUserNames()
          Gets a set of user names who should be considered 'guests' by default.
 java.lang.String getDomain()
           
 java.util.Set getDomains()
          Get the domain to which this instance of an authentication service applies.
 java.util.Set getDomainsThatAllowUserCreation()
          Does this instance alow user to be created?
 java.util.Set getDomainsThatAllowUserDeletion()
          Does this instance allow users to be deleted?
 java.util.Set getDomiansThatAllowUserPasswordChanges()
          Does this instance allow users to update their passwords?
 java.lang.String getNewTicket(java.lang.String sessionId)
          Get a new ticket as a string
 java.util.Set getTicketComponents()
           
 java.util.Set getUsersWithTickets(boolean nonExpiredOnly)
           
 boolean guestUserAuthenticationAllowed()
          Check if Guest user authentication is allowed.
 void invalidateTicket(java.lang.String ticket, java.lang.String sessionId)
          Invalidate a single ticket by ID or remove its association with a given session ID.
 int invalidateTickets(boolean expiredOnly)
           
 void invalidateUserSession(java.lang.String userName)
          Invalidate any tickets held by the user.
 boolean isActive()
          Determines whether this bean is active.
 boolean isCurrentUserTheSystemUser()
          Is the current user the system user?
 void setAllowsUserCreation(boolean allowsUserCreation)
           
 void setAllowsUserDeletion(boolean allowsUserDeletion)
           
 void setAllowsUserPasswordChange(boolean allowsUserPasswordChange)
           
 void setAuditComponent(AuditComponent auditComponent)
           
 void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
           
 void setDomain(java.lang.String domain)
           
 void setTicketComponent(TicketComponent ticketComponent)
           
 void validate(java.lang.String ticket, java.lang.String sessionId)
          Validate a ticket and associate it with a given app server session ID.
 
Methods inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationService
getAllowedUsers, getCurrentTicket, getMaxUsers, preAuthenticationCheck, setSysAdminParams
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthenticationServiceImpl

public AuthenticationServiceImpl()
Method Detail

setTicketComponent

public void setTicketComponent(TicketComponent ticketComponent)

setAuthenticationComponent

public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)

setAuditComponent

public void setAuditComponent(AuditComponent auditComponent)
Parameters:
auditComponent - the auditComponent to set

isActive

public boolean isActive()
Description copied from interface: ActivateableBean
Determines whether this bean is active.

Specified by:
isActive in interface ActivateableBean
Returns:
true if this bean is active

authenticate

public void authenticate(java.lang.String userName,
                         char[] password)
                  throws AuthenticationException
Description copied from interface: AuthenticationService
Carry out an authentication attempt. If successful the user is set to the current user. The current user is a part of the thread context.

Specified by:
authenticate in interface AuthenticationService
Parameters:
userName - the username
password - the passowrd
Throws:
AuthenticationException

getCurrentUserName

public java.lang.String getCurrentUserName()
                                    throws AuthenticationException
Description copied from interface: AuthenticationService
Get the name of the currently authenticated user.

Specified by:
getCurrentUserName in interface AuthenticationService
Returns:
Throws:
AuthenticationException

invalidateUserSession

public void invalidateUserSession(java.lang.String userName)
                           throws AuthenticationException
Description copied from interface: AuthenticationService
Invalidate any tickets held by the user.

Specified by:
invalidateUserSession in interface AuthenticationService
Throws:
AuthenticationException

getUsersWithTickets

public java.util.Set getUsersWithTickets(boolean nonExpiredOnly)
Specified by:
getUsersWithTickets in class AbstractAuthenticationService

invalidateTicket

public void invalidateTicket(java.lang.String ticket,
                             java.lang.String sessionId)
                      throws AuthenticationException
Description copied from interface: AuthenticationService
Invalidate a single ticket by ID or remove its association with a given session ID.

Specified by:
invalidateTicket in interface AuthenticationService
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Throws:
AuthenticationException

countTickets

public int countTickets(boolean nonExpiredOnly)
Specified by:
countTickets in class AbstractAuthenticationService

invalidateTickets

public int invalidateTickets(boolean expiredOnly)
Specified by:
invalidateTickets in class AbstractAuthenticationService

validate

public void validate(java.lang.String ticket,
                     java.lang.String sessionId)
              throws AuthenticationException
Description copied from interface: AuthenticationService
Validate a ticket and associate it with a given app server session ID. Set the current user name accordingly.

Specified by:
validate in interface AuthenticationService
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Throws:
AuthenticationException

getCurrentTicket

public java.lang.String getCurrentTicket(java.lang.String sessionId)
                                  throws AuthenticationException
Description copied from interface: AuthenticationService
Gets the current ticket as a string. If there isn't an appropriate current ticket, a new ticket will be made the current ticket.

Specified by:
getCurrentTicket in interface AuthenticationService
Parameters:
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable. If non-null, the ticket returned is either a new one or one previously associated with the same sessionId by AuthenticationService.validate(String, String) or AuthenticationService.getCurrentTicket(String).
Returns:
the current ticket as a string
Throws:
AuthenticationException

getNewTicket

public java.lang.String getNewTicket(java.lang.String sessionId)
Description copied from interface: AuthenticationService
Get a new ticket as a string

Specified by:
getNewTicket in interface AuthenticationService
Parameters:
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Returns:

clearCurrentSecurityContext

public void clearCurrentSecurityContext()
Description copied from interface: AuthenticationService
Remove the current security information

Specified by:
clearCurrentSecurityContext in interface AuthenticationService

isCurrentUserTheSystemUser

public boolean isCurrentUserTheSystemUser()
Description copied from interface: AuthenticationService
Is the current user the system user?

Specified by:
isCurrentUserTheSystemUser in interface AuthenticationService
Returns:

authenticateAsGuest

public void authenticateAsGuest()
                         throws AuthenticationException
Description copied from interface: AuthenticationService
Authenticate as the guest user. This may not be allowed and throw an exception.

Specified by:
authenticateAsGuest in interface AuthenticationService
Throws:
AuthenticationException

guestUserAuthenticationAllowed

public boolean guestUserAuthenticationAllowed()
Description copied from interface: AuthenticationService
Check if Guest user authentication is allowed.

Specified by:
guestUserAuthenticationAllowed in interface AuthenticationService
Returns:
true if Guest user authentication is allowed, false otherwise

getAllowsUserCreation

public boolean getAllowsUserCreation()

setAllowsUserCreation

public void setAllowsUserCreation(boolean allowsUserCreation)

getAllowsUserDeletion

public boolean getAllowsUserDeletion()

setAllowsUserDeletion

public void setAllowsUserDeletion(boolean allowsUserDeletion)

getAllowsUserPasswordChange

public boolean getAllowsUserPasswordChange()

setAllowsUserPasswordChange

public void setAllowsUserPasswordChange(boolean allowsUserPasswordChange)

getDomain

public java.lang.String getDomain()

setDomain

public void setDomain(java.lang.String domain)

getDomains

public java.util.Set getDomains()
Description copied from interface: AuthenticationService
Get the domain to which this instance of an authentication service applies.

Specified by:
getDomains in interface AuthenticationService
Returns:
The domain name

getDomainsThatAllowUserCreation

public java.util.Set getDomainsThatAllowUserCreation()
Description copied from interface: AuthenticationService
Does this instance alow user to be created?

Specified by:
getDomainsThatAllowUserCreation in interface AuthenticationService
Returns:

getDomainsThatAllowUserDeletion

public java.util.Set getDomainsThatAllowUserDeletion()
Description copied from interface: AuthenticationService
Does this instance allow users to be deleted?

Specified by:
getDomainsThatAllowUserDeletion in interface AuthenticationService
Returns:

getDomiansThatAllowUserPasswordChanges

public java.util.Set getDomiansThatAllowUserPasswordChanges()
Description copied from interface: AuthenticationService
Does this instance allow users to update their passwords?

Specified by:
getDomiansThatAllowUserPasswordChanges in interface AuthenticationService
Returns:

getTicketComponents

public java.util.Set getTicketComponents()
Specified by:
getTicketComponents in class AbstractAuthenticationService

getDefaultAdministratorUserNames

public java.util.Set getDefaultAdministratorUserNames()
Gets a set of user names who should be considered 'administrators' by default.

Specified by:
getDefaultAdministratorUserNames in interface AuthenticationService
Returns:
a set of user names

getDefaultGuestUserNames

public java.util.Set getDefaultGuestUserNames()
Gets a set of user names who should be considered 'guests' by default.

Specified by:
getDefaultGuestUserNames in interface AuthenticationService
Returns:
a set of user names

authenticationExists

public boolean authenticationExists(java.lang.String userName)
Check if the given authentication exists.

Specified by:
authenticationExists in interface AuthenticationService
Parameters:
userName - the username
Returns:
Returns true if the authentication exists

getAuthenticationEnabled

public boolean getAuthenticationEnabled(java.lang.String userName)
                                 throws AuthenticationException
Is an authentication enabled or disabled?

Specified by:
getAuthenticationEnabled in interface AuthenticationService
Returns:
Throws:
AuthenticationException


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.