org.alfresco.repo.security.authentication

Class AbstractChainingAuthenticationService

java.lang.Object

org.alfresco.repo.security.authentication.AbstractAuthenticationService

org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService

All Implemented Interfaces:

AuthenticationService, MutableAuthenticationService

Direct Known Subclasses:

ChainingAuthenticationServiceImpl, SubsystemChainingAuthenticationService

public abstract class AbstractChainingAuthenticationService
extends AbstractAuthenticationService
implements MutableAuthenticationService

A base class for chaining authentication services. Where appropriate, methods will 'chain' across multiple AuthenticationService instances, as returned by AbstractChainingAuthenticationService.getUsableAuthenticationServices().

Field Summary

Fields inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationService

GUEST_AUTHENTICATION_NOT_SUPPORTED

Constructor Summary

Constructors

Constructor and Description
AbstractChainingAuthenticationService() Instantiates a new abstract chaining authentication service.

Method Summary

Methods

Modifier and Type	Method and Description
void	authenticate(java.lang.String userName, char[] password) Carry out an authentication attempt.
void	authenticateAsGuest() Authenticate as the guest user.
boolean	authenticationExists(java.lang.String userName) Check if the given authentication exists.
void	clearCurrentSecurityContext() Remove the current security information
int	countTickets(boolean nonExpiredOnly)
void	createAuthentication(java.lang.String userName, char[] password) Create an authentication for the given user.
void	deleteAuthentication(java.lang.String userName) Delete an authentication entry
boolean	getAuthenticationEnabled(java.lang.String userName) Is an authentication enabled or disabled?
java.lang.String	getCurrentTicket() Get the current ticket as a string
java.lang.String	getCurrentUserName() Get the name of the currently authenticated user.
java.util.Set	getDefaultAdministratorUserNames() Gets a set of user names who should be considered 'administrators' by default.
java.util.Set	getDefaultGuestUserNames() Gets a set of user names who should be considered 'guests' by default.
java.util.Set	getDomains() Get the domain to which this instance of an authentication service applies.
java.util.Set	getDomainsThatAllowUserCreation() Does this instance alow user to be created?
java.util.Set	getDomainsThatAllowUserDeletion() Does this instance allow users to be deleted?
java.util.Set	getDomiansThatAllowUserPasswordChanges() Does this instance allow users to update their passwords?
protected java.lang.String	getId(AuthenticationService authService) Should be overridden to returns the ID of the authService for use in debug.
abstract MutableAuthenticationService	getMutableAuthenticationService() Gets the mutable authentication service.
java.lang.String	getNewTicket() Get a new ticket as a string
java.util.Set	getTicketComponents()
protected abstract java.util.List	getUsableAuthenticationServices() Gets the authentication services across which methods will chain.
java.util.Set	getUsersWithTickets(boolean nonExpiredOnly)
boolean	guestUserAuthenticationAllowed() Check if Guest user authentication is allowed.
void	invalidateTicket(java.lang.String ticket) Invalidate a single ticket by ID
int	invalidateTickets(boolean nonExpiredOnly)
void	invalidateUserSession(java.lang.String userName) Invalidate any tickets held by the user.
boolean	isAuthenticationCreationAllowed() Determines whether authentication creation is allowed.
boolean	isAuthenticationMutable(java.lang.String userName) Determines whether this user's authentication may be mutated via the other methods.
boolean	isCurrentUserTheSystemUser() Is the current user the system user?
void	setAuthentication(java.lang.String userName, char[] newPassword) Set the login information for a user (typically called by an admin user)
void	setAuthenticationEnabled(java.lang.String userName, boolean enabled) Enable or disable an authentication entry
void	updateAuthentication(java.lang.String userName, char[] oldPassword, char[] newPassword) Update the login information for the user (typically called by the user)
void	validate(java.lang.String ticket) Validate a ticket.

Methods inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationService

getAllowedUsers, getMaxUsers, preAuthenticationCheck, setSysAdminParams

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractChainingAuthenticationService

public AbstractChainingAuthenticationService()

Instantiates a new abstract chaining authentication service.

Method Detail

getMutableAuthenticationService

public abstract MutableAuthenticationService getMutableAuthenticationService()

Gets the mutable authentication service.

Returns:

the mutable authentication service

getUsableAuthenticationServices

protected abstract java.util.List getUsableAuthenticationServices()

Gets the authentication services across which methods will chain.

Returns:

the usable authentication services

createAuthentication

public void createAuthentication(java.lang.String userName,
                        char[] password)
                          throws org.alfresco.repo.security.authentication.AuthenticationException

Description copied from interface: MutableAuthenticationService

Create an authentication for the given user.

Specified by:

createAuthentication in interface MutableAuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

updateAuthentication

public void updateAuthentication(java.lang.String userName,
                        char[] oldPassword,
                        char[] newPassword)
                          throws org.alfresco.repo.security.authentication.AuthenticationException

Description copied from interface: MutableAuthenticationService

Update the login information for the user (typically called by the user)

Specified by:

updateAuthentication in interface MutableAuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

setAuthentication

public void setAuthentication(java.lang.String userName,
                     char[] newPassword)
                       throws org.alfresco.repo.security.authentication.AuthenticationException

Set the login information for a user (typically called by an admin user)

Specified by:

setAuthentication in interface MutableAuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

deleteAuthentication

public void deleteAuthentication(java.lang.String userName)
                          throws org.alfresco.repo.security.authentication.AuthenticationException

Delete an authentication entry

Specified by:

deleteAuthentication in interface MutableAuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

setAuthenticationEnabled

public void setAuthenticationEnabled(java.lang.String userName,
                            boolean enabled)
                              throws org.alfresco.repo.security.authentication.AuthenticationException

Enable or disable an authentication entry

Specified by:

setAuthenticationEnabled in interface MutableAuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

isAuthenticationMutable

public boolean isAuthenticationMutable(java.lang.String userName)

Determines whether this user's authentication may be mutated via the other methods.

Specified by:

isAuthenticationMutable in interface MutableAuthenticationService

Parameters:

userName - the user ID

Returns:

true if this user's authentication may be mutated via the other methods.

isAuthenticationCreationAllowed

public boolean isAuthenticationCreationAllowed()

Determines whether authentication creation is allowed.

Specified by:

isAuthenticationCreationAllowed in interface MutableAuthenticationService

Returns:

true if authentication creation is allowed

getAuthenticationEnabled

public boolean getAuthenticationEnabled(java.lang.String userName)
                                 throws org.alfresco.repo.security.authentication.AuthenticationException

Is an authentication enabled or disabled?

Specified by:

getAuthenticationEnabled in interface AuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

authenticate

public void authenticate(java.lang.String userName,
                char[] password)
                  throws org.alfresco.repo.security.authentication.AuthenticationException

Carry out an authentication attempt. If successful the user is set to the current user. The current user is a part of the thread context.

Specified by:

authenticate in interface AuthenticationService

Parameters:

userName - the username

password - the passowrd

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

getId

protected java.lang.String getId(AuthenticationService authService)

Should be overridden to returns the ID of the authService for use in debug.

Parameters:

authService - in question.

Returns:

the ID of the authService. This implementation has no way to work this out so returns the simple class name.

authenticateAsGuest

public void authenticateAsGuest()
                         throws org.alfresco.repo.security.authentication.AuthenticationException

Authenticate as the guest user. This may not be allowed and throw an exception.

Specified by:

authenticateAsGuest in interface AuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

guestUserAuthenticationAllowed

public boolean guestUserAuthenticationAllowed()

Check if Guest user authentication is allowed.

Specified by:

guestUserAuthenticationAllowed in interface AuthenticationService

Returns:

true if Guest user authentication is allowed, false otherwise

authenticationExists

public boolean authenticationExists(java.lang.String userName)

Check if the given authentication exists.

Specified by:

authenticationExists in interface AuthenticationService

Parameters:

userName - the username

Returns:

Returns true if the authentication exists

getCurrentUserName

public java.lang.String getCurrentUserName()
                                    throws org.alfresco.repo.security.authentication.AuthenticationException

Get the name of the currently authenticated user.

Specified by:

getCurrentUserName in interface AuthenticationService

Returns:

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

invalidateUserSession

public void invalidateUserSession(java.lang.String userName)
                           throws org.alfresco.repo.security.authentication.AuthenticationException

Invalidate any tickets held by the user.

Specified by:

invalidateUserSession in interface AuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

invalidateTicket

public void invalidateTicket(java.lang.String ticket)
                      throws org.alfresco.repo.security.authentication.AuthenticationException

Invalidate a single ticket by ID

Specified by:

invalidateTicket in interface AuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

validate

public void validate(java.lang.String ticket)
              throws org.alfresco.repo.security.authentication.AuthenticationException

Validate a ticket. Set the current user name accordingly.

Specified by:

validate in interface AuthenticationService

Throws:

org.alfresco.repo.security.authentication.AuthenticationException

getCurrentTicket

public java.lang.String getCurrentTicket()

Get the current ticket as a string

Specified by:

getCurrentTicket in interface AuthenticationService

Returns:

getNewTicket

public java.lang.String getNewTicket()

Get a new ticket as a string

Specified by:

getNewTicket in interface AuthenticationService

Returns:

clearCurrentSecurityContext

public void clearCurrentSecurityContext()

Remove the current security information

Specified by:

clearCurrentSecurityContext in interface AuthenticationService

isCurrentUserTheSystemUser

public boolean isCurrentUserTheSystemUser()

Is the current user the system user?

Specified by:

isCurrentUserTheSystemUser in interface AuthenticationService

getDomains

public java.util.Set getDomains()

Get the domain to which this instance of an authentication service applies.

Specified by:

getDomains in interface AuthenticationService

Returns:

The domain name

getDomainsThatAllowUserCreation

public java.util.Set getDomainsThatAllowUserCreation()

Does this instance alow user to be created?

Specified by:

getDomainsThatAllowUserCreation in interface AuthenticationService

getDomainsThatAllowUserDeletion

public java.util.Set getDomainsThatAllowUserDeletion()

Does this instance allow users to be deleted?

Specified by:

getDomainsThatAllowUserDeletion in interface AuthenticationService

getDomiansThatAllowUserPasswordChanges

public java.util.Set getDomiansThatAllowUserPasswordChanges()

Does this instance allow users to update their passwords?

Specified by:

getDomiansThatAllowUserPasswordChanges in interface AuthenticationService

getUsersWithTickets

public java.util.Set getUsersWithTickets(boolean nonExpiredOnly)

Specified by:

getUsersWithTickets in class AbstractAuthenticationService

countTickets

public int countTickets(boolean nonExpiredOnly)

Specified by:

countTickets in class AbstractAuthenticationService

invalidateTickets

public int invalidateTickets(boolean nonExpiredOnly)

Specified by:

invalidateTickets in class AbstractAuthenticationService

getTicketComponents

public java.util.Set getTicketComponents()

Specified by:

getTicketComponents in class AbstractAuthenticationService

getDefaultAdministratorUserNames

public java.util.Set getDefaultAdministratorUserNames()

Gets a set of user names who should be considered 'administrators' by default.

Specified by:

getDefaultAdministratorUserNames in interface AuthenticationService

Returns:

a set of user names

getDefaultGuestUserNames

public java.util.Set getDefaultGuestUserNames()

Gets a set of user names who should be considered 'guests' by default.

Specified by:

getDefaultGuestUserNames in interface AuthenticationService

Returns:

a set of user names