|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.atlassian.crowd.manager.authentication.AliasingAwareTokenAuthenticationManager
public class AliasingAwareTokenAuthenticationManager
Constructor Summary | |
---|---|
AliasingAwareTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager,
ApplicationManager applicationManager,
AliasManager aliasManager)
|
Method Summary | |
---|---|
Token |
authenticateApplication(ApplicationAuthenticationContext authenticationContext)
Authenticates an application and generates an authentication token. |
Token |
authenticateUser(UserAuthenticationContext authenticateContext)
Authenticates a user and and generates an authentication token. |
Token |
authenticateUserWithoutValidatingPassword(UserAuthenticationContext authenticateContext)
Feigns the authentication process for a user and creates a token for the authentication without validating the password. |
java.util.List<Application> |
findAuthorisedApplications(User user,
java.lang.String applicationName)
Returns a list of applications a user is authorised to authenticate with. |
User |
findUserByToken(java.lang.String key,
java.lang.String applicationName)
Will find a user via the passed in token key. |
void |
invalidateToken(java.lang.String token)
Attempts to invalidate a Token based on the passed in Token key (random hash). |
void |
removeExpiredTokens()
Removes all tokens that have exceeded their expiry time. |
java.util.List<Token> |
searchTokens(EntityQuery<Token> query)
Returns a list of users matching the given query. |
Token |
validateApplicationToken(java.lang.String tokenKey,
ValidationFactor[] validationFactors)
Validates an application token key given validation factors. |
Token |
validateUserToken(java.lang.String userTokenKey,
ValidationFactor[] validationFactors,
java.lang.String application)
Validates a user token key given validation factors and checks that the user is allowed to authenticate with the specified application |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public AliasingAwareTokenAuthenticationManager(TokenAuthenticationManager tokenAuthenticationManager, ApplicationManager applicationManager, AliasManager aliasManager)
Method Detail |
---|
public Token authenticateApplication(ApplicationAuthenticationContext authenticationContext) throws InvalidAuthenticationException
TokenAuthenticationManager
authenticateApplication
in interface TokenAuthenticationManager
authenticationContext
- application authentication credentials.
InvalidAuthenticationException
- authentication was not successful because either the application does not exist, the password is incorrect, the application is inactive or there was a problem generating the authentication token.public Token authenticateUser(UserAuthenticationContext authenticateContext) throws InvalidAuthenticationException, OperationFailedException, InactiveAccountException, ApplicationAccessDeniedException, ExpiredCredentialException
TokenAuthenticationManager
RemoteDirectory.authenticate(String, com.atlassian.crowd.embedded.api.PasswordCredential)
method is
iteratively called for each assigned directory. If the user does not exist in one directory, the directory is skipped and the next one is examined. If the user does
not exist in any of the assigned directories then an InvalidAuthenticationException
is thrown.
authenticateUser
in interface TokenAuthenticationManager
authenticateContext
- The authentication details for the user.
InvalidAuthenticationException
- The authentication was not successful.
OperationFailedException
- error thrown by directory implementation when attempting to find or authenticate the user.
InactiveAccountException
- user account is inactive.
ApplicationAccessDeniedException
- user does not have access to authenticate with application.
ExpiredCredentialException
- The user's credentials have expired. The user must change their credentials in order to successfully authenticate.public Token authenticateUserWithoutValidatingPassword(UserAuthenticationContext authenticateContext) throws InvalidAuthenticationException, OperationFailedException, InactiveAccountException, ApplicationAccessDeniedException
TokenAuthenticationManager
TokenAuthenticationManager.authenticateUser(com.atlassian.crowd.model.authentication.UserAuthenticationContext)
method.
authenticateUserWithoutValidatingPassword
in interface TokenAuthenticationManager
authenticateContext
- The authentication details for the user.
InvalidAuthenticationException
- The authentication was not successful.
OperationFailedException
- error thrown by directory implementation when attempting to find or authenticate the user.
InactiveAccountException
- user account is inactive.
ApplicationAccessDeniedException
- user does not have access to authenticate with application.public Token validateApplicationToken(java.lang.String tokenKey, ValidationFactor[] validationFactors) throws InvalidTokenException
TokenAuthenticationManager
validateApplicationToken
in interface TokenAuthenticationManager
tokenKey
- returns a valid token corresponding to the tokenKey.validationFactors
- validation factors for generating the token hash.
InvalidTokenException
- if the tokenKey or corresponding client validation factors do not represent a valid application token.public Token validateUserToken(java.lang.String userTokenKey, ValidationFactor[] validationFactors, java.lang.String application) throws InvalidTokenException, ApplicationAccessDeniedException, OperationFailedException
TokenAuthenticationManager
validateUserToken
in interface TokenAuthenticationManager
userTokenKey
- returns a valid token corresponding to the tokenKey.validationFactors
- validation factors for generating the token hash.application
- name of application to authenticate with.
InvalidTokenException
- if the userTokenKey or corresponding validationFactors do not represent a valid SSO token.
ApplicationAccessDeniedException
- the user is not allowed to authenticate with the application.
OperationFailedException
- there was an error communicating with an underlying directory when determining if a user is allowed to authenticate with the application (eg. if a user has the appropriate group memberships).public void invalidateToken(java.lang.String token)
TokenAuthenticationManager
invalidateToken
in interface TokenAuthenticationManager
token
- the token key (random hash) to invalidate.public java.util.List<Token> searchTokens(EntityQuery<Token> query)
TokenAuthenticationManager
searchTokens
in interface TokenAuthenticationManager
query
- entity query for Entity.TOKEN
.
Token
matching the search criteria.public void removeExpiredTokens()
TokenAuthenticationManager
removeExpiredTokens
in interface TokenAuthenticationManager
public User findUserByToken(java.lang.String key, java.lang.String applicationName) throws InvalidTokenException, OperationFailedException
TokenAuthenticationManager
findUserByToken
in interface TokenAuthenticationManager
key
- the token keyapplicationName
- name of the current application
InvalidTokenException
- if the User or Directory cannot be found that relates to the given token,
or the token is associated to an Application and not a User
OperationFailedException
- if there was an issue accessing the user from the underlying directorypublic java.util.List<Application> findAuthorisedApplications(User user, java.lang.String applicationName) throws OperationFailedException, DirectoryNotFoundException
TokenAuthenticationManager
findAuthorisedApplications
in interface TokenAuthenticationManager
user
- user to search for.applicationName
- name of the current application
OperationFailedException
- error querying directory.
DirectoryNotFoundException
- directory could not be found.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |