|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.atlassian.crowd.service.cache.CacheAwareAuthenticationManager
public class CacheAwareAuthenticationManager
This class provides a version of the AuthenticationManager interface that, will ensure that if the authentication
is successful, the user will exist in the cache.
The abstraction is in place so we can decouple client-side code from the
SecurityServerClient
.
Constructor Summary | |
---|---|
CacheAwareAuthenticationManager(SecurityServerClient securityServerClient,
UserManager crowdUserManager)
|
Method Summary | |
---|---|
java.lang.String |
authenticate(java.lang.String username,
java.lang.String password)
Authenticates a user, using just a username and password. |
java.lang.String |
authenticate(UserAuthenticationContext authenticationContext)
Authenticate a user. |
java.lang.String |
authenticateWithoutValidatingPassword(UserAuthenticationContext authenticationContext)
Authenticate a user without validating their password. |
SecurityServerClient |
getSecurityServerClient()
Returns an instance of the SecurityServerClient , for when you need more API access than the
authentication manager provides. |
void |
invalidate(java.lang.String token)
Marks the presented token as invalid, meaning that the principal it represents is no longer
authenticated. |
boolean |
isAuthenticated(java.lang.String token,
ValidationFactor[] validationFactors)
Checks that the token (as returned from authenticate() is still valid, given the validation factors. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public CacheAwareAuthenticationManager(SecurityServerClient securityServerClient, UserManager crowdUserManager)
Method Detail |
---|
public java.lang.String authenticate(UserAuthenticationContext authenticationContext) throws java.rmi.RemoteException, InvalidAuthorizationTokenException, InvalidAuthenticationException, InactiveAccountException, ApplicationAccessDeniedException, ExpiredCredentialException
AuthenticationManager
PrincipalAuthenticationContext
contains the details of who they are,
the credentials they're presenting, and where they're coming from.
If the authenticationContext does not contain application details, they will be added using details provided
by the SecurityServerClient.
authenticate
in interface AuthenticationManager
authenticationContext
- The details of the user that is to be authenticated.
java.rmi.RemoteException
- A communication error occurred - the Crowd server may not be available.
InvalidAuthorizationTokenException
- The application (not the user) was not authenticated correctly.
InvalidAuthenticationException
- The user was not successfully authenticated.
InactiveAccountException
- The user's account is inactive and they are not be allowed to authenticate.
ApplicationAccessDeniedException
- user does not have authorisation to access application.
ExpiredCredentialException
- The user's credentials have expired. The user must change their credentials in order to successfully authenticate.public java.lang.String authenticateWithoutValidatingPassword(UserAuthenticationContext authenticationContext) throws ApplicationAccessDeniedException, InvalidAuthenticationException, InvalidAuthorizationTokenException, InactiveAccountException, java.rmi.RemoteException
AuthenticationManager
PrincipalAuthenticationContext
contains the details of who they are
and where they're coming from but does not need to contain any credentials.
authenticateWithoutValidatingPassword
in interface AuthenticationManager
authenticationContext
- The details of the user that is to be authenticated. Username and validation factors are required.
ApplicationAccessDeniedException
- user does not have authorisation to access application.
InvalidAuthenticationException
- The user was not successfully authenticated.
InvalidAuthorizationTokenException
- The application (not the user) was not authenticated correctly.
InactiveAccountException
- The user's account is inactive and they are not be allowed to authenticate.
java.rmi.RemoteException
- A communication error occurred - the Crowd server may not be available.public java.lang.String authenticate(java.lang.String username, java.lang.String password) throws java.rmi.RemoteException, InvalidAuthorizationTokenException, InvalidAuthenticationException, InactiveAccountException, ApplicationAccessDeniedException, ExpiredCredentialException
AuthenticationManager
authenticate
in interface AuthenticationManager
username
- username of user.password
- credentials of user.
java.rmi.RemoteException
- A communication error occurred - the Crowd server may not be available.
InvalidAuthorizationTokenException
- The application (not the user) was not authenticated correctly.
InvalidAuthenticationException
- The user was not successfully authenticated.
InactiveAccountException
- The user's account is inactive and they are not be allowed to authenticate.
ApplicationAccessDeniedException
- user does not have authorisation to access application.
ExpiredCredentialException
- The user's credentials have expired.public boolean isAuthenticated(java.lang.String token, ValidationFactor[] validationFactors) throws java.rmi.RemoteException, InvalidAuthorizationTokenException, ApplicationAccessDeniedException
AuthenticationManager
authenticate()
is still valid, given the validation factors.
isAuthenticated
in interface AuthenticationManager
token
- The token presented by the user as evidence of their authenticityvalidationFactors
- Details of where the user's come from. If presented, must match those presented during
authentication.
java.rmi.RemoteException
- A communication error occurred - the Crowd server may not be available.
InvalidAuthorizationTokenException
- The application (not the user) was not authenticated correctly.
ApplicationAccessDeniedException
- user does not have authorisation to access application.public void invalidate(java.lang.String token) throws java.rmi.RemoteException, InvalidAuthorizationTokenException
AuthenticationManager
token
as invalid, meaning that the principal it represents is no longer
authenticated. Usually used to make the user logged-off.
invalidate
in interface AuthenticationManager
token
- The token presented by the user, as returned from authenticate()
java.rmi.RemoteException
- A communication error occurred - the Crowd server may not be available.
InvalidAuthorizationTokenException
- The application (not the user) was not authenticated correctly.public SecurityServerClient getSecurityServerClient()
AuthenticationManager
SecurityServerClient
, for when you need more API access than the
authentication manager provides.
getSecurityServerClient
in interface AuthenticationManager
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |