|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.atlassian.confluence.security.login.DefaultLoginManager
@ThreadSafe public class DefaultLoginManager
Default LoginManager that keeps track of login activity.
For known users the number of failed login attempts is stored in a user bound PropertySet. For unknown users the DefaultLoginManager tracks the number of login attempts in a cache. It is important to track the number of login attempts for unknown users otherwise the observable behaviour of the application might be different for known and unknown users (See JRA-21016). Every successful login clears the number of failed login attempts for a known user.
Constructor Summary | |
---|---|
DefaultLoginManager(SettingsManager settingsManager,
UserAccessor userAccessor,
com.atlassian.cache.CacheManager cacheManager,
com.atlassian.core.util.Clock clock,
UserLoginInfoDao loginInfoDao)
|
Method Summary | |
---|---|
LoginResult |
authenticate(java.lang.String userName,
java.lang.String password)
Try to authenticate a user given the userName and password . |
LoginInfo |
getLoginInfo(java.lang.String userName)
Return information about a user's login history. |
LoginInfo |
getLoginInfo(com.atlassian.user.User user)
Return information about a user's login history. |
boolean |
isElevatedSecurityCheckEnabled()
Check if elevated security checks are available/enabled. |
void |
onFailedLoginAttempt(java.lang.String userName)
Deprecated. |
void |
onFailedLoginAttempt(java.lang.String userName,
javax.servlet.http.HttpServletRequest servletRequest)
This is called after an unsuccessful login attempt has been made. |
void |
onSuccessfulLoginAttempt(java.lang.String userName)
Deprecated. |
void |
onSuccessfulLoginAttempt(java.lang.String userName,
javax.servlet.http.HttpServletRequest servletRequest)
This is called after a successful login attempt has been made. |
boolean |
requiresElevatedSecurityCheck(java.lang.String userName)
This is called to see whether the user requires an extended security check (such as CAPTCHA) |
void |
resetFailedLoginCount(com.atlassian.user.User user)
This can be called to reset the failed login count of a user |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public DefaultLoginManager(SettingsManager settingsManager, UserAccessor userAccessor, com.atlassian.cache.CacheManager cacheManager, com.atlassian.core.util.Clock clock, UserLoginInfoDao loginInfoDao)
Method Detail |
---|
@Deprecated public void onFailedLoginAttempt(java.lang.String userName)
onFailedLoginAttempt
in interface LoginManager
public void onFailedLoginAttempt(java.lang.String userName, javax.servlet.http.HttpServletRequest servletRequest)
onFailedLoginAttempt
in interface LoginManager
userName
- the name of the user in play. This MUST not be null.servletRequest
- the request pertaining to a login attempt.@Deprecated public void onSuccessfulLoginAttempt(java.lang.String userName)
onSuccessfulLoginAttempt
in interface LoginManager
public void onSuccessfulLoginAttempt(java.lang.String userName, javax.servlet.http.HttpServletRequest servletRequest)
onSuccessfulLoginAttempt
in interface LoginManager
userName
- the name of the user in play. This MUST not be null.servletRequest
- the request pertaining to a login attempt.public boolean isElevatedSecurityCheckEnabled()
isElevatedSecurityCheckEnabled
in interface LoginManager
public LoginResult authenticate(java.lang.String userName, java.lang.String password)
userName
and password
.
Returns a LoginResult
that contains information about this particular authentication attempt.
Calling this method has side effects as the login manager tracks the number of failed and successful login attempts.
authenticate
in interface LoginManager
public boolean requiresElevatedSecurityCheck(java.lang.String userName)
requiresElevatedSecurityCheck
in interface LoginManager
userName
- the name of the user in play. This MUST not be null.
userName
requires an extended security checkpublic void resetFailedLoginCount(com.atlassian.user.User user)
resetFailedLoginCount
in interface LoginManager
user
- the user for which to reset the failed login count. This MUST not be null.@Nullable public LoginInfo getLoginInfo(java.lang.String userName)
getLoginInfo
in interface LoginManager
@Nullable public LoginInfo getLoginInfo(com.atlassian.user.User user)
getLoginInfo
in interface LoginManager
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |