com.atlassian.bitbucket.auth

Interface AuthenticationService

public interface AuthenticationService

Since:

5.5

Method Summary

Modifier and Type	Method and Description
Authentication	authenticate(String username, String password) Attempts to authenticate the specified user given their password.
Authentication	authenticateWithCaptcha(String username, String password) Attempts to authenticate the specified user given their password.
Authentication	clear() Clears the current authentication, if any, resulting in an anonymous context
Authentication	get()
Authentication	set(Authentication authentication) Sets the authentication for the current thread (and thereby request)

Method Detail

authenticate

@Nonnull
Authentication authenticate(@Nonnull
                                     String username,
                                     @Nonnull
                                     String password)

Attempts to authenticate the specified user given their password. Failed authentications will not count towards the maximum number allowed before CAPTCHA is imposed for the supplied user.

Note: this method only authenticates; it does not apply the authentication to the current request, nor does it call any authentication success or failure handlers.

Parameters:

username - the username

password - the user's password

Returns:

the ApplicationUser representing the authenticated user

Throws:

AuthenticationSystemException - if a failure occurs in Crowd

ExpiredPasswordAuthenticationException - if the user's password has expired and must be changed

InactiveUserAuthenticationException - if the specified user is inactive

IncorrectPasswordAuthenticationException - if the provided password is incorrect

NoSuchUserException - if the specified user does not exist or their user details cannot be retrieved

See Also:

clear()

authenticateWithCaptcha

@Nonnull
Authentication authenticateWithCaptcha(@Nonnull
                                                String username,
                                                @Nonnull
                                                String password)

Attempts to authenticate the specified user given their password. Failed authentications will count towards the maximum number allowed before CAPTCHA is imposed for the supplied user. If the maximum number of allowed failed logins has already been exceeded the method will throw CaptchaRequiredAuthenticationException

Note: this method only authenticates; it does not apply the authentication to the current request, nor does it call any authentication success or failure handlers.

Parameters:

username - the username

password - the user's password

Returns:

the Authentication representing the authenticated user and additional properties

Throws:

AuthenticationSystemException - if a failure occurs in one of the authentication handlers

CaptchaRequiredAuthenticationException - if CAPTCHA is required

ExpiredPasswordAuthenticationException - if the user's password has expired and must be changed

InactiveUserAuthenticationException - if the specified user is inactive

IncorrectPasswordAuthenticationException - if the provided password is incorrect

NoSuchUserException - if the specified user does not exist or their user details cannot be retrieved

clear

@Nonnull
Authentication clear()

Clears the current authentication, if any, resulting in an anonymous context

Returns:

the previously active authentication

get

@Nonnull
Authentication get()

Returns:

the authentication that's active on the current thread

set

@Nonnull
Authentication set(@Nonnull
                            Authentication authentication)

Sets the authentication for the current thread (and thereby request)

Parameters:

authentication - the authentication to set

Returns:

the previously active authentication