org.alfresco.service.cmr.security
Interface AuthenticationService

All Known Subinterfaces:

MutableAuthenticationService

All Known Implementing Classes:

AbstractAuthenticationService, AbstractChainingAuthenticationService, AuthenticationServiceImpl, ChainingAuthenticationServiceImpl, MutableAuthenticationServiceImpl, SubsystemChainingAuthenticationService, TestAuthenticationServiceImpl

@PublicService
public interface AuthenticationService

The authentication service defines the API for managing authentication information against a user id.

Method Summary

void	authenticate(java.lang.String userName, char[] password) Carry out an authentication attempt.
void	authenticateAsGuest() Authenticate as the guest user.
boolean	authenticationExists(java.lang.String userName) Check if the given authentication exists.
void	clearCurrentSecurityContext() Remove the current security information
boolean	getAuthenticationEnabled(java.lang.String userName) Is an authentication enabled or disabled?
java.lang.String	getCurrentTicket() Gets the current ticket as a string.
java.lang.String	getCurrentTicket(java.lang.String sessionId) Gets the current ticket as a string.
java.lang.String	getCurrentUserName() Get the name of the currently authenticated user.
java.util.Set	getDefaultAdministratorUserNames() Gets a set of user names who should be considered 'administrators' by default.
java.util.Set	getDefaultGuestUserNames() Gets a set of user names who should be considered 'guests' by default.
java.util.Set	getDomains() Get the domain to which this instance of an authentication service applies.
java.util.Set	getDomainsThatAllowUserCreation() Does this instance alow user to be created?
java.util.Set	getDomainsThatAllowUserDeletion() Does this instance allow users to be deleted?
java.util.Set	getDomiansThatAllowUserPasswordChanges() Does this instance allow users to update their passwords?
java.lang.String	getNewTicket(java.lang.String sessionId) Get a new ticket as a string
boolean	guestUserAuthenticationAllowed() Check if Guest user authentication is allowed.
void	invalidateTicket(java.lang.String ticket, java.lang.String sessionId) Invalidate a single ticket by ID or remove its association with a given session ID.
void	invalidateUserSession(java.lang.String userName) Invalidate any tickets held by the user.
boolean	isCurrentUserTheSystemUser() Is the current user the system user?
void	validate(java.lang.String ticket, java.lang.String sessionId) Validate a ticket and associate it with a given app server session ID.

Method Detail

getAuthenticationEnabled

@Auditable(parameters="userName")
boolean getAuthenticationEnabled(java.lang.String userName)
                                 throws AuthenticationException

Is an authentication enabled or disabled?

Parameters:

userName -

Returns:

Throws:

AuthenticationException

authenticate

@Auditable(parameters={"userName", "password"},
           recordable={true, false})
void authenticate(java.lang.String userName,
                                                char[] password)
                  throws AuthenticationException

Carry out an authentication attempt. If successful the user is set to the current user. The current user is a part of the thread context.

Parameters:

userName - the username

password - the passowrd

Throws:

AuthenticationException

authenticateAsGuest

@Auditable
void authenticateAsGuest()
                         throws AuthenticationException

Authenticate as the guest user. This may not be allowed and throw an exception.

Throws:

AuthenticationException

guestUserAuthenticationAllowed

@Auditable
boolean guestUserAuthenticationAllowed()

Check if Guest user authentication is allowed.

Returns:

true if Guest user authentication is allowed, false otherwise

authenticationExists

@Auditable(parameters="userName")
boolean authenticationExists(java.lang.String userName)

Check if the given authentication exists.

Parameters:

userName - the username

Returns:

Returns true if the authentication exists

getCurrentUserName

@Auditable
java.lang.String getCurrentUserName()
                                    throws AuthenticationException

Get the name of the currently authenticated user.

Returns:

Throws:

AuthenticationException

invalidateUserSession

@Auditable(parameters="userName")
void invalidateUserSession(java.lang.String userName)
                           throws AuthenticationException

Invalidate any tickets held by the user.

Parameters:

userName -

Throws:

AuthenticationException

invalidateTicket

@Auditable(parameters={"ticket", "sessionId"},
           recordable={false, false})
void invalidateTicket(java.lang.String ticket,
                                                    java.lang.String sessionId)
                      throws AuthenticationException

Invalidate a single ticket by ID or remove its association with a given session ID.

Parameters:

ticket -

sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.

Throws:

AuthenticationException

validate

@Auditable(parameters={"ticket", "sessionId"},
           recordable={false, false})
void validate(java.lang.String ticket,
                                            java.lang.String sessionId)
              throws AuthenticationException

Validate a ticket and associate it with a given app server session ID. Set the current user name accordingly.

Parameters:

ticket -

sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.

Throws:

AuthenticationException

getCurrentTicket

@Auditable(parameters="sessionId",
           recordable=false)
java.lang.String getCurrentTicket(java.lang.String sessionId)

Gets the current ticket as a string. If there isn't an appropriate current ticket, a new ticket will be made the current ticket.

Parameters:

sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable. If non-null, the ticket returned is either a new one or one previously associated with the same sessionId by AuthenticationService.validate(String, String) or AuthenticationService.getCurrentTicket(String).

Returns:

the current ticket as a string

getCurrentTicket

@Auditable
java.lang.String getCurrentTicket()

Gets the current ticket as a string. If there isn't an appropriate current ticket, a new ticket will be made the current ticket.

Returns:

the current ticket as a string

getNewTicket

@Auditable(parameters="sessionId",
           recordable=false)
java.lang.String getNewTicket(java.lang.String sessionId)

Get a new ticket as a string

Parameters:

sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.

Returns:

clearCurrentSecurityContext

@Auditable
void clearCurrentSecurityContext()

Remove the current security information

isCurrentUserTheSystemUser

@Auditable
boolean isCurrentUserTheSystemUser()

Is the current user the system user?

Returns:

getDomains

@Auditable
java.util.Set getDomains()

Get the domain to which this instance of an authentication service applies.

Returns:

The domain name

getDomainsThatAllowUserCreation

@Auditable
java.util.Set getDomainsThatAllowUserCreation()

Does this instance alow user to be created?

Returns:

getDomainsThatAllowUserDeletion

@Auditable
java.util.Set getDomainsThatAllowUserDeletion()

Does this instance allow users to be deleted?

Returns:

getDomiansThatAllowUserPasswordChanges

@Auditable
java.util.Set getDomiansThatAllowUserPasswordChanges()

Does this instance allow users to update their passwords?

Returns:

getDefaultAdministratorUserNames

@Auditable
java.util.Set getDefaultAdministratorUserNames()

Gets a set of user names who should be considered 'administrators' by default.

Returns:

a set of user names

getDefaultGuestUserNames

@Auditable
java.util.Set getDefaultGuestUserNames()

Gets a set of user names who should be considered 'guests' by default.

Returns:

a set of user names