FishEyeAuthenticator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.cenqua.fisheye.user.plugin
Interface FishEyeAuthenticator

All Known Implementing Classes:: AbstractFishEyeAuthenticator, ExampleFishEyeAuthenticator, ExampleFishEyeHttpAuthenticator, NullFishEyeAuthenticator

public interface FishEyeAuthenticator

The authentication/authorisation plugin interface for FishEye. NB: It is recommended to extend AbstractFishEyeAuthenticator instead of implementing this interface directly as it is subject to change in future versions.

Classes implementing this interface must supply a public no-arg constructor.

General lifecycle:

An instance is created by calling Class.newInstance()
init(java.util.Properties) is called. If it throws an exception, then no further methods will be called on this instance.
The auth methods are called any number of times: checkPassword(java.lang.String, java.lang.String), recreateAuth(java.lang.String), hasPermissionToAccess(com.cenqua.fisheye.user.plugin.AuthToken, java.lang.String, java.lang.String), checkPassword(java.lang.String, java.lang.String), checkRequest(javax.servlet.http.HttpServletRequest) and isRequestUserStillValid(java.lang.String, javax.servlet.http.HttpServletRequest). These methods may be called concurrently (they must be multi-thread safe)..
close() is called (or the JVM exits abruptly).

Method Summary
`AuthToken`	`checkPassword(java.lang.String username, java.lang.String password)` Called to check a user's password.
`AuthToken`	`checkRequest(javax.servlet.http.HttpServletRequest request)` Called to allow implementations to determine if the request is pre-authenticated, bypassing FishEye's own HTTP authentication.
`void`	`close()` Called when this authenticator will no longer be used.
`boolean`	`hasPermissionToAccess(AuthToken tok, java.lang.String repname, java.lang.String constraint)` Check if a user has permission to access the given repository.
`void`	`init(java.util.Properties cfg)` Called to configure this authenticator.
`boolean`	`isRequestUserStillValid(java.lang.String username, javax.servlet.http.HttpServletRequest req)` Checks that the given username is still valid for the request.
`AuthToken`	`recreateAuth(java.lang.String username)` Used to re-create a token for a user that was previously authenticated.

Method Detail

init

void init(java.util.Properties cfg)
          throws java.lang.Exception

Called to configure this authenticator.

Parameters:: cfg - the configuration properties, as specified in the <properties> element in the <custom> config. (non-null)
Throws:: java.lang.Exception - an error occurred during configuration.

close

void close()

Called when this authenticator will no longer be used.

checkPassword

AuthToken checkPassword(java.lang.String username,
                        java.lang.String password)

Called to check a user's password.

You should not make any assumptions about the arguments. For example, they could be the empty string, or null.

Parameters:: username - given username (may be null); password - given password (may be null)
Returns:: an authentication token on successful authentication, or null otherwise.

recreateAuth

AuthToken recreateAuth(java.lang.String username)

Used to re-create a token for a user that was previously authenticated. For example, this method is called when a user returns and they have selected "remember me" when they logged in.

Returns:: a re-created token, or null if the user cannot be re-created without re-authentication

hasPermissionToAccess

boolean hasPermissionToAccess(AuthToken tok,
                              java.lang.String repname,
                              java.lang.String constraint)

Check if a user has permission to access the given repository.

This method is notcalled when users are not logged in (anonymous users).

If a custom constraint has been specified in config.xml, then that value is passed as constraint. This is taken from the <security><custom constraint=""> setting in either <repository> or <repository-defaults>.

A constraint could be used (for example) to specify a group that a user must belong to in order to access a repository.

Parameters:: tok - an authentication token as returned by checkPassword(java.lang.String, java.lang.String) or recreateAuth(java.lang.String) (not null); repname - the symbolic name of the repository (not null); constraint - a constraint as specified in config.xml (or null if not specified).

checkRequest

AuthToken checkRequest(javax.servlet.http.HttpServletRequest request)

Called to allow implementations to determine if the request is pre-authenticated, bypassing FishEye's own HTTP authentication.

Parameters:: request - the servlet request to check
Returns:: an authentication token if the request is authenticated, or null otherwise.

isRequestUserStillValid

boolean isRequestUserStillValid(java.lang.String username,
                                javax.servlet.http.HttpServletRequest req)

Checks that the given username is still valid for the request.

Parameters:: username - the UserName, must not be null; req - the request to check the username against
Returns:: true if the username is still valid, false otherwise.