Class AbstractChainingAuthenticationService
java.lang.Object
org.alfresco.repo.security.authentication.AbstractAuthenticationService
org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService
- All Implemented Interfaces:
AuthenticationService,MutableAuthenticationService
- Direct Known Subclasses:
ChainingAuthenticationServiceImpl,SubsystemChainingAuthenticationService
public abstract class AbstractChainingAuthenticationService
extends AbstractAuthenticationService
implements MutableAuthenticationService
A base class for chaining authentication services. Where appropriate, methods will 'chain' across multiple
AuthenticationService instances, as returned by getUsableAuthenticationServices().- Author:
- dward
-
Field Summary
FieldsFields inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationService
GUEST_AUTHENTICATION_NOT_SUPPORTED -
Constructor Summary
ConstructorsConstructorDescriptionInstantiates a new abstract chaining authentication service. -
Method Summary
Modifier and TypeMethodDescriptionvoidauthenticate(String userName, char[] password) Carry out an authentication attempt.voidAuthenticate as the guest user.booleanauthenticationExists(String userName) Check if the given authentication exists.voidRemove the current security informationintcountTickets(boolean nonExpiredOnly) voidcreateAuthentication(String userName, char[] password) Create an authentication for the given user.voiddeleteAuthentication(String userName) Delete an authentication entrybooleangetAuthenticationEnabled(String userName) Is an authentication enabled or disabled?Get the current ticket as a stringGet the name of the currently authenticated user.Gets a set of user names who should be considered 'administrators' by default.Gets a set of user names who should be considered 'guests' by default.Get the domain to which this instance of an authentication service applies.Does this instance alow user to be created?Does this instance allow users to be deleted?Does this instance allow users to update their passwords?protected StringgetId(AuthenticationService authService) Should be overridden to returns the ID of the authService for use in debug.abstract MutableAuthenticationServiceGets the mutable authentication service.Get a new ticket as a stringprotected abstract List<AuthenticationService>Gets the authentication services across which methods will chain.getUsersWithTickets(boolean nonExpiredOnly) booleanCheck if Guest user authentication is allowed.voidinvalidateTicket(String ticket) Invalidate a single ticket by IDintinvalidateTickets(boolean nonExpiredOnly) voidinvalidateUserSession(String userName) Invalidate any tickets held by the user.booleanDetermines whether authentication creation is allowed.booleanisAuthenticationMutable(String userName) Determines whether this user's authentication may be mutated via the other methods.booleanIs the current user the system user?voidsetAuthentication(String userName, char[] newPassword) Set the login information for a user (typically called by an admin user)voidsetAuthenticationEnabled(String userName, boolean enabled) Enable or disable an authentication entryvoidupdateAuthentication(String userName, char[] oldPassword, char[] newPassword) Update the login information for the user (typically called by the user)voidValidate a ticket.Methods inherited from class org.alfresco.repo.security.authentication.AbstractAuthenticationService
getAllowedUsers, getMaxUsers, preAuthenticationCheck, setSysAdminParams
-
Field Details
-
logger
protected final org.apache.commons.logging.Log logger
-
-
Constructor Details
-
AbstractChainingAuthenticationService
public AbstractChainingAuthenticationService()Instantiates a new abstract chaining authentication service.
-
-
Method Details
-
getMutableAuthenticationService
Gets the mutable authentication service.- Returns:
- the mutable authentication service
-
getUsableAuthenticationServices
Gets the authentication services across which methods will chain.- Returns:
- the usable authentication services
-
createAuthentication
Description copied from interface:MutableAuthenticationServiceCreate an authentication for the given user.- Specified by:
createAuthenticationin interfaceMutableAuthenticationService- Parameters:
userName- Stringpassword- char[]- Throws:
AuthenticationException
-
updateAuthentication
public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword) throws AuthenticationException Description copied from interface:MutableAuthenticationServiceUpdate the login information for the user (typically called by the user)- Specified by:
updateAuthenticationin interfaceMutableAuthenticationService- Parameters:
userName- StringoldPassword- char[]newPassword- char[]- Throws:
AuthenticationException
-
setAuthentication
Set the login information for a user (typically called by an admin user)- Specified by:
setAuthenticationin interfaceMutableAuthenticationService- Parameters:
userName- StringnewPassword- char[]- Throws:
AuthenticationException
-
deleteAuthentication
Delete an authentication entry- Specified by:
deleteAuthenticationin interfaceMutableAuthenticationService- Parameters:
userName- String- Throws:
AuthenticationException
-
setAuthenticationEnabled
public void setAuthenticationEnabled(String userName, boolean enabled) throws AuthenticationException Enable or disable an authentication entry- Specified by:
setAuthenticationEnabledin interfaceMutableAuthenticationService- Parameters:
userName- Stringenabled- boolean- Throws:
AuthenticationException
-
isAuthenticationMutable
Determines whether this user's authentication may be mutated via the other methods.- Specified by:
isAuthenticationMutablein interfaceMutableAuthenticationService- Parameters:
userName- the user ID- Returns:
trueif this user's authentication may be mutated via the other methods.
-
isAuthenticationCreationAllowed
public boolean isAuthenticationCreationAllowed()Determines whether authentication creation is allowed.- Specified by:
isAuthenticationCreationAllowedin interfaceMutableAuthenticationService- Returns:
trueif authentication creation is allowed
-
getAuthenticationEnabled
Is an authentication enabled or disabled?- Specified by:
getAuthenticationEnabledin interfaceAuthenticationService- Throws:
AuthenticationException
-
authenticate
Carry out an authentication attempt. If successful the user is set to the current user. The current user is a part of the thread context.- Specified by:
authenticatein interfaceAuthenticationService- Parameters:
userName- the usernamepassword- the passowrd- Throws:
AuthenticationException
-
getId
Should be overridden to returns the ID of the authService for use in debug.- Parameters:
authService- in question.- Returns:
- the ID of the authService. This implementation has no way to work this out so returns the simple class name.
-
authenticateAsGuest
Authenticate as the guest user. This may not be allowed and throw an exception.- Specified by:
authenticateAsGuestin interfaceAuthenticationService- Throws:
AuthenticationException
-
guestUserAuthenticationAllowed
public boolean guestUserAuthenticationAllowed()Check if Guest user authentication is allowed.- Specified by:
guestUserAuthenticationAllowedin interfaceAuthenticationService- Returns:
- true if Guest user authentication is allowed, false otherwise
-
authenticationExists
Check if the given authentication exists.- Specified by:
authenticationExistsin interfaceAuthenticationService- Parameters:
userName- the username- Returns:
- Returns true if the authentication exists
-
getCurrentUserName
Get the name of the currently authenticated user.- Specified by:
getCurrentUserNamein interfaceAuthenticationService- Returns:
- String
- Throws:
AuthenticationException
-
invalidateUserSession
Invalidate any tickets held by the user.- Specified by:
invalidateUserSessionin interfaceAuthenticationService- Throws:
AuthenticationException
-
invalidateTicket
Invalidate a single ticket by ID- Specified by:
invalidateTicketin interfaceAuthenticationService- Parameters:
ticket- String- Throws:
AuthenticationException
-
validate
Validate a ticket. Set the current user name accordingly.- Specified by:
validatein interfaceAuthenticationService- Parameters:
ticket- String- Throws:
AuthenticationException
-
getCurrentTicket
Get the current ticket as a string- Specified by:
getCurrentTicketin interfaceAuthenticationService- Returns:
- String
-
getNewTicket
Get a new ticket as a string- Specified by:
getNewTicketin interfaceAuthenticationService- Returns:
- String
-
clearCurrentSecurityContext
public void clearCurrentSecurityContext()Remove the current security information- Specified by:
clearCurrentSecurityContextin interfaceAuthenticationService
-
isCurrentUserTheSystemUser
public boolean isCurrentUserTheSystemUser()Is the current user the system user?- Specified by:
isCurrentUserTheSystemUserin interfaceAuthenticationService
-
getDomains
Get the domain to which this instance of an authentication service applies.- Specified by:
getDomainsin interfaceAuthenticationService- Returns:
- The domain name
-
getDomainsThatAllowUserCreation
Does this instance alow user to be created?- Specified by:
getDomainsThatAllowUserCreationin interfaceAuthenticationService
-
getDomainsThatAllowUserDeletion
Does this instance allow users to be deleted?- Specified by:
getDomainsThatAllowUserDeletionin interfaceAuthenticationService
-
getDomiansThatAllowUserPasswordChanges
Does this instance allow users to update their passwords?- Specified by:
getDomiansThatAllowUserPasswordChangesin interfaceAuthenticationService
-
getUsersWithTickets
- Specified by:
getUsersWithTicketsin classAbstractAuthenticationService
-
countTickets
public int countTickets(boolean nonExpiredOnly) - Specified by:
countTicketsin classAbstractAuthenticationService
-
invalidateTickets
public int invalidateTickets(boolean nonExpiredOnly) - Specified by:
invalidateTicketsin classAbstractAuthenticationService
-
getTicketComponents
- Specified by:
getTicketComponentsin classAbstractAuthenticationService
-
getDefaultAdministratorUserNames
Gets a set of user names who should be considered 'administrators' by default.- Specified by:
getDefaultAdministratorUserNamesin interfaceAuthenticationService- Returns:
- a set of user names
-
getDefaultGuestUserNames
Gets a set of user names who should be considered 'guests' by default.- Specified by:
getDefaultGuestUserNamesin interfaceAuthenticationService- Returns:
- a set of user names
-