OpenIDAuthenticationManagerGeneric (Atlassian Crowd 2.0.m1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.openid.server.manager.openid
Class OpenIDAuthenticationManagerGeneric

java.lang.Object
  com.atlassian.crowd.openid.server.manager.openid.OpenIDAuthenticationManagerGeneric

All Implemented Interfaces:: OpenIDAuthenticationManager

public class OpenIDAuthenticationManagerGeneric
extends java.lang.Object
implements OpenIDAuthenticationManager
extends java.lang.Object
implements OpenIDAuthenticationManager

Constructor Summary
`OpenIDAuthenticationManagerGeneric()`

Method Summary
`OpenIDAuthResponse`	`allowRequest(User user, long profileID, OpenIDAuthRequest authReq, boolean alwaysAllow)` Process a request if the "allow" or "allow always" action is taken by the user when a site has requested authentication.
`OpenIDAuthResponse`	`autoAllowRequest(User user, OpenIDAuthRequest authReq)` Processes a request if the "allow_always" flag has been set for the requesting site.
`OpenIDAuthResponse`	`checkImmediate(SOAPPrincipal principal, java.util.Locale locale, OpenIDAuthRequest authReq)` A convenience wrapper for the autoAllowRequest method.
`protected void`	`createAuthRecord(User user, Site site, AuthAction authAction)` Creates an AuthRecord for the user/site/action combination.
`OpenIDAuthResponse`	`denyRequest(User user, OpenIDAuthRequest authReq)` Process a request if the "deny" action is taken by the user when a site has requested authentication.
`AuthRecordDAO`	`getAuthRecordDAO()`
`OpenIDPropertyManager`	`getOpenIDPropertyManager()`
`SiteManager`	`getSiteManager()`
`UserManager`	`getUserManager()`
`void`	`setAuthRecordDAO(AuthRecordDAO authRecordDAO)`
`void`	`setOpenIDPropertyManager(OpenIDPropertyManager openIDPropertyManager)`
`void`	`setSiteManager(SiteManager siteManager)`
`void`	`setUserManager(UserManager userManager)`
`void`	`validateRequest(User user, OpenIDAuthRequest authReq)` Validates the OpenID authentication request.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

OpenIDAuthenticationManagerGeneric

public OpenIDAuthenticationManagerGeneric()

Method Detail

validateRequest

public void validateRequest(User user,
                            OpenIDAuthRequest authReq)
                     throws InvalidRequestException,
                            SiteDisallowedException,
                            IdentifierViolationException

Validates the OpenID authentication request. Does nothing if the request is valid. Throws a corresponding exception if request is invalid.

Specified by:: validateRequest in interface OpenIDAuthenticationManager

Parameters:: user - logged in user.; authReq - OpenID authentication request.
Throws:: InvalidRequestException - if authReq is null or the return_to URL is invalid/malformed.; SiteDisallowedException - if the site is disallowed by whitelist/blacklist or the site is localhost and local return_to URLs have been disallowed.; IdentifierViolationException - if the principal does not own the OpenID identifier.

checkImmediate

public OpenIDAuthResponse checkImmediate(SOAPPrincipal principal,
                                         java.util.Locale locale,
                                         OpenIDAuthRequest authReq)

A convenience wrapper for the autoAllowRequest method. This only returns a successful response if the user has trusted the site requesting authentication. If any errors occur, eg. backend errors getting the user object from the principal, or the requesting site is blacklisted/blocked, an immediate unsuccessful response is returned

Specified by:: checkImmediate in interface OpenIDAuthenticationManager

Parameters:: principal - principal corresponding to logged in user.; locale - locale of the logged in user.; authReq - authentication request of the user.
Returns:: successful OpenIDAuthResponse iff the request is valid, site is not banned and user has a pre-existing trust relationship with the site.

autoAllowRequest

public OpenIDAuthResponse autoAllowRequest(User user,
                                           OpenIDAuthRequest authReq)

Processes a request if the "allow_always" flag has been set for the requesting site. The OpenIDAuthResponse is successful and contains attributes from the associated profile, if the site is trusted by the user. Otherwise, it is unsuccessful.

Specified by:: autoAllowRequest in interface OpenIDAuthenticationManager

Parameters:: user - user processing request.; authReq - OpenIDAuthRequest being processed.
Returns:: OpenIDAuthResponse corresponding to success if the site is trusted by the user and has an associated profile set.

denyRequest

public OpenIDAuthResponse denyRequest(User user,
                                      OpenIDAuthRequest authReq)

Process a request if the "deny" action is taken by the user when a site has requested authentication. This creates an authentication record of the deny action and returns an unsuccessful OpenIDAuthResponse.

Specified by:: denyRequest in interface OpenIDAuthenticationManager

Parameters:: user - user processing request.; authReq - OpenIDAuthRequest being processed.
Returns:: unsuccessful OpenIDAuthResponse.

allowRequest

public OpenIDAuthResponse allowRequest(User user,
                                       long profileID,
                                       OpenIDAuthRequest authReq,
                                       boolean alwaysAllow)

Process a request if the "allow" or "allow always" action is taken by the user when a site has requested authentication. This creates an authentication record of the deny action and returns an successful OpenIDAuthResponse containing attributes from the user's profile. If an error occurs (such as, the user is trying to access someone else's profile, or the profile selected does not exist) an unsuccessful OpenIDAuthResponse is generated.

Specified by:: allowRequest in interface OpenIDAuthenticationManager

Parameters:: user - user processing request.; profileID - ID of profile containing attributes to be used in response.; authReq - OpenIDAuthRequest being processed.; alwaysAllow - true if the user wants to trust the site.
Returns:: successful OpenIDAuthResponse if request processed without errors, otherwise unsuccessful OpenIDAuthResponse.

createAuthRecord

protected void createAuthRecord(User user,
                                Site site,
                                AuthAction authAction)

Creates an AuthRecord for the user/site/action combination.

Parameters:: user - user.; site - site.; authAction - AuthAction type.

getSiteManager

public SiteManager getSiteManager()

setSiteManager

public void setSiteManager(SiteManager siteManager)

getOpenIDPropertyManager

public OpenIDPropertyManager getOpenIDPropertyManager()

setOpenIDPropertyManager

public void setOpenIDPropertyManager(OpenIDPropertyManager openIDPropertyManager)

getAuthRecordDAO

public AuthRecordDAO getAuthRecordDAO()

setAuthRecordDAO

public void setAuthRecordDAO(AuthRecordDAO authRecordDAO)

getUserManager

public UserManager getUserManager()

setUserManager

public void setUserManager(UserManager userManager)