Summary: Methods | [Expand All]
public interface

LoginManager

com.atlassian.jira.security.login.LoginManager
Known Indirect Subclasses

Class Overview

The LoginManager keeps track of users login activities.

Summary

Public Methods
LoginResult authenticate(ApplicationUser user, String password)
This can be called to see if an user knows the given password.
LoginResult authenticateWithoutElevatedCheck(ApplicationUser user, String password)
This can be called to see if an user knows the given password.
boolean authoriseForLogin(ApplicationUser user, HttpServletRequest httpServletRequest)
This is called to see if an authenticated user is allowed to login JIRA in the context of a web request.
boolean authoriseForRole(ApplicationUser user, HttpServletRequest httpServletRequest, String role)
This is called to see if an authenticated user is allowed to execute the web request given the required role

LoginInfo getLoginInfo(String userName)
This is called to get LoginInfo about a given user.
Set<String> getRequiredRoles(HttpServletRequest httpServletRequest)
Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
boolean isElevatedSecurityCheckAlwaysShown()
void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse)
This is called to logout the current user and destroy their JIRA session.
LoginInfo onLoginAttempt(HttpServletRequest httpServletRequest, String userName, boolean loginSuccessful)
This is called after a login attempt has been made.
boolean performElevatedSecurityCheck(HttpServletRequest httpServletRequest, String userName)
This is called to see whether the user has passed an extended security check (such as CAPTCHA)
void resetFailedLoginCount(ApplicationUser user)
This can be called to reset the failed login count of a user

Public Methods

public LoginResult authenticate (ApplicationUser user, String password)

This can be called to see if an user knows the given password.

If the user requests elevatedSecurity then this will always fail with LoginReason.AUTHENTICATION_DENIED

Parameters
user the user to authenticate. This MUST not be null.
password the password to authenticate against
Returns
  • true if the user can be authenticated

public LoginResult authenticateWithoutElevatedCheck (ApplicationUser user, String password)

This can be called to see if an user knows the given password.

Calling this method will not cause the request to fail if the user is required to do an elevated security check on normal login.

Parameters
user the user to authenticate. This MUST not be null.
password the password to authenticate against
Returns
  • true if the user can be authenticated

public boolean authoriseForLogin (ApplicationUser user, HttpServletRequest httpServletRequest)

This is called to see if an authenticated user is allowed to login JIRA in the context of a web request.

At this stage the user has had their username and password authenticated but we need to see if they can be authorised to use JIRA.

Parameters
user the user to authorise. This MUST not be null.
httpServletRequest the web request in play
Returns
  • true if the user can be authorised for login

public boolean authoriseForRole (ApplicationUser user, HttpServletRequest httpServletRequest, String role)

This is called to see if an authenticated user is allowed to execute the web request given the required role

Parameters
user the user to authorise. This MAY be null.
httpServletRequest the web request in play
Returns
  • true if the user can be authorised for this request

public LoginInfo getLoginInfo (String userName)

This is called to get LoginInfo about a given user.

Parameters
userName the name of the user in play. This MUST not be null.
Returns

public Set<String> getRequiredRoles (HttpServletRequest httpServletRequest)

Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.

Parameters
httpServletRequest the request in play
Returns
  • a set of roles

public boolean isElevatedSecurityCheckAlwaysShown ()

Returns
  • true if the elevated security check (such as CAPTCHA) is always shown

public void logout (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse)

This is called to logout the current user and destroy their JIRA session.

Parameters
httpServletRequest the HTTP request in play
httpServletResponse the HTTP response in play

public LoginInfo onLoginAttempt (HttpServletRequest httpServletRequest, String userName, boolean loginSuccessful)

This is called after a login attempt has been made. It allows the LoginManager to update information about a users login history.

Parameters
httpServletRequest the HTTP request in play
userName the name of the user in play. This MUST not be null.
loginSuccessful whether the login attempt was sucessful or not
Returns

public boolean performElevatedSecurityCheck (HttpServletRequest httpServletRequest, String userName)

This is called to see whether the user has passed an extended security check (such as CAPTCHA)

Parameters
httpServletRequest the HTTP request in play
userName the name of the user in play. This MUST not be null.
Returns
  • true if they have passed the extended security check

public void resetFailedLoginCount (ApplicationUser user)

This can be called to reset the failed login count of a user

Parameters
user the user to authorise. This MUST not be null.