com.atlassian.crowd.manager.application

Class AllowingAuthenticateByEmailApplicationService

java.lang.Object

com.atlassian.crowd.manager.application.AbstractDelegatingApplicationService

com.atlassian.crowd.manager.application.AllowingAuthenticateByEmailApplicationService

All Implemented Interfaces:

ApplicationService

public class AllowingAuthenticateByEmailApplicationService
extends AbstractDelegatingApplicationService

Nested Class Summary

Nested classes/interfaces inherited from interface com.atlassian.crowd.manager.application.ApplicationService

ApplicationService.MembershipsIterable

Constructor Summary

Constructors

Constructor and Description
AllowingAuthenticateByEmailApplicationService(ApplicationService delegate, EmailAddressValidator emailValidator, com.atlassian.event.api.EventPublisher eventPublisher, CanonicalUsersByEmailFinder canonicalUsersByEmailFinder, DcLicenseChecker dcLicenseChecker)

Method Summary

Modifier and Type	Method and Description
User	authenticateUser(Application application, String usernameOrEmail, PasswordCredential passwordCredential) Will attempt to authenticate the given user against the application.

Methods inherited from class com.atlassian.crowd.manager.application.AbstractDelegatingApplicationService

addAllUsers, addGroup, addGroupToGroup, addUser, addUser, addUserToGroup, expireAllPasswords, findGroupByName, findGroupWithAttributesByName, findRemoteUserByName, findUserByKey, findUserByName, findUserWithAttributesByKey, findUserWithAttributesByName, findWebhookById, getApplicationService, getCapabilitiesForNewUsers, getCurrentEventToken, getMemberships, getNewEvents, getUserAvatar, getUserAvatarLink, isGroupDirectGroupMember, isGroupNestedGroupMember, isUserAuthorised, isUserAuthorised, isUserDirectGroupMember, isUserNestedGroupMember, registerWebhook, removeGroup, removeGroupAttributes, removeGroupFromGroup, removeUser, removeUserAttributes, removeUserFromGroup, renameUser, searchDirectGroupRelationships, searchGroups, searchNestedGroupRelationships, searchUsers, storeGroupAttributes, storeUserAttributes, unregisterWebhook, updateGroup, updateUser, updateUserCredential, userAuthenticated

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AllowingAuthenticateByEmailApplicationService

public AllowingAuthenticateByEmailApplicationService(ApplicationService delegate,
                                                     EmailAddressValidator emailValidator,
                                                     com.atlassian.event.api.EventPublisher eventPublisher,
                                                     CanonicalUsersByEmailFinder canonicalUsersByEmailFinder,
                                                     DcLicenseChecker dcLicenseChecker)

Method Detail

authenticateUser

public User authenticateUser(Application application,
                             String usernameOrEmail,
                             PasswordCredential passwordCredential)
                      throws OperationFailedException,
                             InactiveAccountException,
                             InvalidAuthenticationException,
                             ExpiredCredentialException,
                             UserNotFoundException

Description copied from interface: ApplicationService

Will attempt to authenticate the given user against the application. The logic should start by going through directories defined in the application one by one, trying to authenticate user against each directory. When an authentication against directory is positive, the method returns the user. Otherwise, an exception indicating the reason will be thrown. In case that some of the underlying directories cannot perform the operation at the time of authentication, either by technical failures or the application not having the right permission to query the directory, as indicated by OperationFailedException being thrown, the authentication logic will skip those directories, instead relying on the operative ones, in the order defined in the application's directory mappings. However, if the user, still, cannot be authenticated against any remaining directories, we suspect one of the bad directories must have held the user account, in which case OperationFailedException, which indicates the underlying cause of the first failing directory, will be thrown from this method.

Specified by:

authenticateUser in interface ApplicationService

Overrides:

authenticateUser in class AbstractDelegatingApplicationService

Parameters:

application - the application to authenticate against

usernameOrEmail - the username to authenticate against

passwordCredential - the password to use for authentication

Returns:

A user if the user can successfully authenticate.

Throws:

OperationFailedException - underlying directory implementation failed to execute the operation.

InactiveAccountException - if the users account is marked as inactive

InvalidAuthenticationException - if authentication with the provided credentials failed, or potentially the user does not exist.

ExpiredCredentialException - if the users credentials have expired

UserNotFoundException