com.atlassian.jira.security.login
Class LoginManagerImpl

java.lang.Object
  extended by com.atlassian.jira.security.login.LoginManagerImpl
All Implemented Interfaces:
LoginManager

public class LoginManagerImpl
extends Object
implements LoginManager

Implementation of LoginManager

Since:
v4.0.1

Constructor Summary
LoginManagerImpl(PermissionManager permissionManager, LoginStore loginStore, JiraAuthenticationContext jiraAuthenticationContext, com.atlassian.crowd.embedded.api.CrowdService crowdService, JiraCaptchaService jiraCaptchaService, com.atlassian.jira.security.login.LoginManagerImpl.StaticDependencies staticDependencies, VelocityRequestContextFactory velocityRequestContextFactory, com.atlassian.event.api.EventPublisher eventPublisher)
           
LoginManagerImpl(PermissionManager permissionManager, LoginStore loginStore, JiraAuthenticationContext jiraAuthenticationContext, com.atlassian.crowd.embedded.api.CrowdService crowdService, JiraCaptchaService jiraCaptchaService, VelocityRequestContextFactory velocityRequestContextFactory, com.atlassian.event.api.EventPublisher eventPublisher)
           
 
Method Summary
 LoginResult authenticate(com.atlassian.crowd.embedded.api.User user, String password)
          This can be called to see if an user knows the given password.
 LoginResult authenticateWithoutElevatedCheck(com.atlassian.crowd.embedded.api.User user, String password)
          This can be called to see if an user knows the given password.
 boolean authorise(com.atlassian.crowd.embedded.api.User user, javax.servlet.http.HttpServletRequest httpServletRequest)
          This is called to see if an autenticated user is allowed to login JIRA in the context of a web request.
protected  Set<DeniedReason> getLoginDeniedReasons(javax.servlet.http.HttpServletRequest request)
          Examines the HttpServletRequest, and determines the DeniedReason's that may have cause authentication to be denied by looking at the ELEVATED_SECURITY_FAILURE attribute.
 LoginInfo getLoginInfo(String userName)
          This is called to get LoginInfo about a given user.
 boolean isElevatedSecurityCheckAlwaysShown()
           
 void logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          This is called to logout the current user ourt and destroy their JIRA session
 LoginInfo onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest, String userName, boolean loginSuccessful)
          This is called after a login attempt has been made.
 boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)
          This is called to see whether the user has passed an extended security check (such as CAPTCHA)
 void resetFailedLoginCount(com.atlassian.crowd.embedded.api.User user)
          This can be called to reset the failed login count of a user
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LoginManagerImpl

public LoginManagerImpl(PermissionManager permissionManager,
                        LoginStore loginStore,
                        JiraAuthenticationContext jiraAuthenticationContext,
                        com.atlassian.crowd.embedded.api.CrowdService crowdService,
                        JiraCaptchaService jiraCaptchaService,
                        VelocityRequestContextFactory velocityRequestContextFactory,
                        com.atlassian.event.api.EventPublisher eventPublisher)

LoginManagerImpl

public LoginManagerImpl(PermissionManager permissionManager,
                        LoginStore loginStore,
                        JiraAuthenticationContext jiraAuthenticationContext,
                        com.atlassian.crowd.embedded.api.CrowdService crowdService,
                        JiraCaptchaService jiraCaptchaService,
                        com.atlassian.jira.security.login.LoginManagerImpl.StaticDependencies staticDependencies,
                        VelocityRequestContextFactory velocityRequestContextFactory,
                        com.atlassian.event.api.EventPublisher eventPublisher)
Method Detail

getLoginInfo

public LoginInfo getLoginInfo(String userName)
Description copied from interface: LoginManager
This is called to get LoginInfo about a given user.

Specified by:
getLoginInfo in interface LoginManager
Parameters:
userName - the name of the user in play. This MUST not be null.
Returns:
a LoginInfo object

performElevatedSecurityCheck

public boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
                                            String userName)
Description copied from interface: LoginManager
This is called to see whether the user has passed an extended security check (such as CAPTCHA)

Specified by:
performElevatedSecurityCheck in interface LoginManager
Parameters:
httpServletRequest - the HTTP request in play
userName - the name of the user in play. This MUST not be null.
Returns:
true if they have passed the extended security check

authorise

public boolean authorise(com.atlassian.crowd.embedded.api.User user,
                         javax.servlet.http.HttpServletRequest httpServletRequest)
Description copied from interface: LoginManager
This is called to see if an autenticated user is allowed to login JIRA in the context of a web request.

At this stage the user has had their username and password authenticated but we need to see if they can be authorised to use JIRA.

Specified by:
authorise in interface LoginManager
Parameters:
user - the user to authorise. This MUST not be null.
httpServletRequest - the web request in play
Returns:
true if the user can be authorised

authenticate

public LoginResult authenticate(com.atlassian.crowd.embedded.api.User user,
                                String password)
Description copied from interface: LoginManager
This can be called to see if an user knows the given password. Services such as SOAP and XML-RPC may use this to validate a request.

If the user requests elevatedSecurity then this will always fail with LoginReason.AUTHENTICATION_DENIED

Specified by:
authenticate in interface LoginManager
Parameters:
user - the user to authenticate. This MUST not be null.
password - the password to authenticate against
Returns:
true if the user can be authenticated

authenticateWithoutElevatedCheck

public LoginResult authenticateWithoutElevatedCheck(com.atlassian.crowd.embedded.api.User user,
                                                    String password)
Description copied from interface: LoginManager
This can be called to see if an user knows the given password. Services such as SOAP and XML-RPC may use this to validate a request.

Calling this method will not cause the request to fail if the user is required to do an elevated security check on normal login.

Specified by:
authenticateWithoutElevatedCheck in interface LoginManager
Parameters:
user - the user to authenticate. This MUST not be null.
password - the password to authenticate against
Returns:
true if the user can be authenticated

onLoginAttempt

public LoginInfo onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
                                String userName,
                                boolean loginSuccessful)
Description copied from interface: LoginManager
This is called after a login attempt has been made. It allows the LoginManager to update information about a users login history.

Specified by:
onLoginAttempt in interface LoginManager
Parameters:
httpServletRequest - the HTTP request in play
userName - the name of the user in play. This MUST not be null.
loginSuccessful - whether the login attempt was sucessful or not
Returns:
the updated LoginInfo about the user

logout

public void logout(javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response)
Description copied from interface: LoginManager
This is called to logout the current user ourt and destroy their JIRA session

Specified by:
logout in interface LoginManager
Parameters:
request - the HTTP request in play
response - the HTTP response in play

isElevatedSecurityCheckAlwaysShown

public boolean isElevatedSecurityCheckAlwaysShown()
Specified by:
isElevatedSecurityCheckAlwaysShown in interface LoginManager
Returns:
true if the elevated security check (such as CAPTCHA) is always shown

resetFailedLoginCount

public void resetFailedLoginCount(com.atlassian.crowd.embedded.api.User user)
Description copied from interface: LoginManager
This can be called to reset the failed login count of a user

Specified by:
resetFailedLoginCount in interface LoginManager
Parameters:
user - the user to authorise. This MUST not be null.

getLoginDeniedReasons

protected Set<DeniedReason> getLoginDeniedReasons(javax.servlet.http.HttpServletRequest request)
Examines the HttpServletRequest, and determines the DeniedReason's that may have cause authentication to be denied by looking at the ELEVATED_SECURITY_FAILURE attribute. Currently the only reason why this attribute would be set is because a user is required to pass a CAPTCHA challenge.

Parameters:
request - a HttpServletRequest
Returns:
a Set, containing the reasons that may have caused authentication to be denied
See Also:
ELEVATED_SECURITY_FAILURE


Copyright © 2002-2012 Atlassian. All Rights Reserved.