BootstrapLoginManagerImpl (Atlassian JIRA 5.2.10 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.jira.security.login
Class BootstrapLoginManagerImpl

java.lang.Object
  com.atlassian.jira.security.login.BootstrapLoginManagerImpl

All Implemented Interfaces:: LoginManager

public class BootstrapLoginManagerImpl
extends Object
implements LoginManager
extends Object
implements LoginManager

An implementation of LoginManager that is suitable for bootstrap. There is no security needed so this guy does bugger all.

Since:: v5.2

Constructor Summary
`BootstrapLoginManagerImpl()`

Method Summary
`LoginResult`	`authenticate(com.atlassian.crowd.embedded.api.User user, String password)` This can be called to see if an user knows the given password.
`LoginResult`	`authenticateWithoutElevatedCheck(com.atlassian.crowd.embedded.api.User user, String password)` This can be called to see if an user knows the given password.
`boolean`	`authoriseForLogin(com.atlassian.crowd.embedded.api.User user, javax.servlet.http.HttpServletRequest httpServletRequest)` This is called to see if an autenticated user is allowed to login JIRA in the context of a web request.
`boolean`	`authoriseForRole(com.atlassian.crowd.embedded.api.User user, javax.servlet.http.HttpServletRequest httpServletRequest, String role)` This is called to see if an autenticated user is allowed to execute the web request given the required role
`LoginInfo`	`getLoginInfo(String userName)` This is called to get LoginInfo about a given user.
`Set<String>`	`getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)` Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
`boolean`	`isElevatedSecurityCheckAlwaysShown()`
`void`	`logout(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)` This is called to logout the current user ourt and destroy their JIRA session
`LoginInfo`	`onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest, String userName, boolean loginSuccessful)` This is called after a login attempt has been made.
`boolean`	`performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)` This is called to see whether the user has passed an extended security check (such as CAPTCHA)
`void`	`resetFailedLoginCount(com.atlassian.crowd.embedded.api.User user)` This can be called to reset the failed login count of a user

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

BootstrapLoginManagerImpl

public BootstrapLoginManagerImpl()

Method Detail

getRequiredRoles

public Set<String> getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)

Description copied from interface: LoginManager

Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.

Specified by:: getRequiredRoles in interface LoginManager

Parameters:: httpServletRequest - the request in play
Returns:: a set of roles

getLoginInfo

public LoginInfo getLoginInfo(String userName)

Description copied from interface: LoginManager

This is called to get LoginInfo about a given user.

Specified by:: getLoginInfo in interface LoginManager

Parameters:: userName - the name of the user in play. This MUST not be null.
Returns:: a LoginInfo object

performElevatedSecurityCheck

public boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
                                            String userName)

Description copied from interface: LoginManager

This is called to see whether the user has passed an extended security check (such as CAPTCHA)

Specified by:: performElevatedSecurityCheck in interface LoginManager

Parameters:: httpServletRequest - the HTTP request in play; userName - the name of the user in play. This MUST not be null.
Returns:: true if they have passed the extended security check

onLoginAttempt

public LoginInfo onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
                                String userName,
                                boolean loginSuccessful)

Description copied from interface: LoginManager

This is called after a login attempt has been made. It allows the LoginManager to update information about a users login history.

Specified by:: onLoginAttempt in interface LoginManager

Parameters:: httpServletRequest - the HTTP request in play; userName - the name of the user in play. This MUST not be null.; loginSuccessful - whether the login attempt was sucessful or not
Returns:: the updated LoginInfo about the user

authenticate

public LoginResult authenticate(com.atlassian.crowd.embedded.api.User user,
                                String password)

Description copied from interface: LoginManager

This can be called to see if an user knows the given password. Services such as SOAP and XML-RPC may use this to validate a request.

If the user requests elevatedSecurity then this will always fail with LoginReason.AUTHENTICATION_DENIED

Specified by:: authenticate in interface LoginManager

Parameters:: user - the user to authenticate. This MUST not be null.; password - the password to authenticate against
Returns:: true if the user can be authenticated

authenticateWithoutElevatedCheck

public LoginResult authenticateWithoutElevatedCheck(com.atlassian.crowd.embedded.api.User user,
                                                    String password)

Description copied from interface: LoginManager

This can be called to see if an user knows the given password. Services such as SOAP and XML-RPC may use this to validate a request.

Calling this method will not cause the request to fail if the user is required to do an elevated security check on normal login.

Specified by:: authenticateWithoutElevatedCheck in interface LoginManager

Parameters:: user - the user to authenticate. This MUST not be null.; password - the password to authenticate against
Returns:: true if the user can be authenticated

authoriseForLogin

public boolean authoriseForLogin(@Nonnull
                                 com.atlassian.crowd.embedded.api.User user,
                                 javax.servlet.http.HttpServletRequest httpServletRequest)

Description copied from interface: LoginManager

This is called to see if an autenticated user is allowed to login JIRA in the context of a web request.

At this stage the user has had their username and password authenticated but we need to see if they can be authorised to use JIRA.

Specified by:: authoriseForLogin in interface LoginManager

Parameters:: user - the user to authorise. This MUST not be null.; httpServletRequest - the web request in play
Returns:: true if the user can be authorised for login

authoriseForRole

public boolean authoriseForRole(@Nullable
                                com.atlassian.crowd.embedded.api.User user,
                                javax.servlet.http.HttpServletRequest httpServletRequest,
                                String role)

Description copied from interface: LoginManager

This is called to see if an autenticated user is allowed to execute the web request given the required role

Specified by:: authoriseForRole in interface LoginManager

Parameters:: user - the user to authorise. This MAY be null.; httpServletRequest - the web request in play
Returns:: true if the user can be authorised for this request

logout

public void logout(javax.servlet.http.HttpServletRequest httpServletRequest,
                   javax.servlet.http.HttpServletResponse httpServletResponse)

Description copied from interface: LoginManager

This is called to logout the current user ourt and destroy their JIRA session

Specified by:: logout in interface LoginManager

Parameters:: httpServletRequest - the HTTP request in play; httpServletResponse - the HTTP response in play

isElevatedSecurityCheckAlwaysShown

public boolean isElevatedSecurityCheckAlwaysShown()

Specified by:: isElevatedSecurityCheckAlwaysShown in interface LoginManager

Returns:: true if the elevated security check (such as CAPTCHA) is always shown

resetFailedLoginCount

public void resetFailedLoginCount(com.atlassian.crowd.embedded.api.User user)

Description copied from interface: LoginManager

This can be called to reset the failed login count of a user

Specified by:: resetFailedLoginCount in interface LoginManager

Parameters:: user - the user to authorise. This MUST not be null.

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.jira.security.login Class BootstrapLoginManagerImpl

BootstrapLoginManagerImpl

getRequiredRoles

getLoginInfo

performElevatedSecurityCheck

onLoginAttempt

authenticate

authenticateWithoutElevatedCheck

authoriseForLogin

authoriseForRole

logout

isElevatedSecurityCheckAlwaysShown

resetFailedLoginCount

com.atlassian.jira.security.login
Class BootstrapLoginManagerImpl