Class TokenAuthenticationManager
- java.lang.Object
-
- com.atlassian.confluence.rpc.auth.TokenAuthenticationManager
-
public class TokenAuthenticationManager extends Object
Manages tokens used to authenticate users for Confluence's remote API. This implementation is also responsible for checking permission to access the application and the remote API before returning tokens.Uses a cache with an appropriate expiry delay to store the tokens.
-
-
Constructor Summary
Constructors Constructor Description TokenAuthenticationManager(LoginManager loginManager, ConfluenceUserResolver userResolver, PermissionManager permissionManager, SettingsManager settingsManager, com.atlassian.event.api.EventPublisher eventPublisher, SharedDataManager clusterSharedDataManager)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanhasUseConfluencePermission(com.atlassian.user.User user)Determines whether user has access to ConfluenceStringlogin(String username, String password)Logs the user with username and password into the Remote API systembooleanlogout(String token)Logs the user out of the RPC systemConfluenceUsermakeAnonymousConfluenceUser()Returns the anonymous userConfluenceUsermakeNonAnonymousConfluenceUserFromToken(String token)Retrieves the user for a particular token
-
-
-
Field Detail
-
CACHE_KEY
public static final String CACHE_KEY
-
-
Constructor Detail
-
TokenAuthenticationManager
public TokenAuthenticationManager(LoginManager loginManager, ConfluenceUserResolver userResolver, PermissionManager permissionManager, SettingsManager settingsManager, com.atlassian.event.api.EventPublisher eventPublisher, SharedDataManager clusterSharedDataManager)
- Since:
- 7.17
-
-
Method Detail
-
login
public String login(String username, String password) throws RemoteException
Logs the user with username and password into the Remote API systemThe token is stored for a period of time, and invalidated after an idle period.
- Parameters:
username- The user's login namepassword- The password- Returns:
- The authentication token for use with other RPC calls
- Throws:
AuthenticationFailedException- if a user called username could not be found or the password was incorrectRemoteException
-
logout
public boolean logout(String token) throws RemoteException
Logs the user out of the RPC system- Parameters:
token- The authenticated user token- Returns:
- true if the logout was successful, otherwise false
- Throws:
RemoteException- if the user could not be logged out
-
makeNonAnonymousConfluenceUserFromToken
public ConfluenceUser makeNonAnonymousConfluenceUserFromToken(String token) throws InvalidSessionException
Retrieves the user for a particular token- Parameters:
token- The authenticated user token- Returns:
- The User for the token
- Throws:
InvalidSessionException- if a user could not be retrieved for token- Since:
- 5.2
-
makeAnonymousConfluenceUser
public ConfluenceUser makeAnonymousConfluenceUser() throws NotPermittedException
Returns the anonymous user- Returns:
- The anonymous user (null)
- Throws:
NotPermittedException- if anonymous access to the Remote API is disabled- Since:
- 5.2
-
hasUseConfluencePermission
public boolean hasUseConfluencePermission(com.atlassian.user.User user)
Determines whether user has access to Confluence- Parameters:
user- The User to be checked- Returns:
- true if the user has access, false otherwise
-
-