public interface LoginManager
Modifier and Type | Method and Description |
---|---|
LoginResult |
authenticate(ApplicationUser user,
String password)
This can be called to see if an user knows the given password.
|
LoginResult |
authenticateWithoutElevatedCheck(ApplicationUser user,
String password)
This can be called to see if an user knows the given password.
|
boolean |
authoriseForLogin(ApplicationUser user,
javax.servlet.http.HttpServletRequest httpServletRequest)
This is called to see if an authenticated user is allowed to login JIRA in the context of a web request.
|
boolean |
authoriseForRole(ApplicationUser user,
javax.servlet.http.HttpServletRequest httpServletRequest,
String role)
This is called to see if an authenticated user is allowed to execute the web request given the required role
|
LoginInfo |
getLoginInfo(String userName)
This is called to get LoginInfo about a given user.
|
Set<String> |
getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)
Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
|
boolean |
isElevatedSecurityCheckAlwaysShown() |
void |
logout(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse)
This is called to logout the current user and destroy their JIRA session.
|
LoginInfo |
onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
String userName,
boolean loginSuccessful)
This is called after a login attempt has been made.
|
boolean |
performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
String userName)
This is called to see whether the user has passed an extended security check (such as CAPTCHA)
|
void |
resetFailedLoginCount(ApplicationUser user)
This can be called to reset the failed login count of a user
|
LoginInfo getLoginInfo(String userName)
userName
- the name of the user in play. This MUST not be null.LoginInfo
objectboolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)
httpServletRequest
- the HTTP request in playuserName
- the name of the user in play. This MUST not be null.LoginInfo onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest, String userName, boolean loginSuccessful)
httpServletRequest
- the HTTP request in playuserName
- the name of the user in play. This MUST not be null.loginSuccessful
- whether the login attempt was sucessful or notLoginInfo
about the userLoginResult authenticate(ApplicationUser user, String password)
If the user requests elevatedSecurity then this will always fail with LoginReason.AUTHENTICATION_DENIED
user
- the user to authenticate. This MUST not be null.password
- the password to authenticate againstLoginResult authenticateWithoutElevatedCheck(ApplicationUser user, String password)
Calling this method will not cause the request to fail if the user is required to do an elevated security check on normal login.
user
- the user to authenticate. This MUST not be null.password
- the password to authenticate againstboolean authoriseForLogin(@Nonnull ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest)
At this stage the user has had their username and password authenticated but we need to see if they can be authorised to use JIRA.
user
- the user to authorise. This MUST not be null.httpServletRequest
- the web request in playSet<String> getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)
httpServletRequest
- the request in playboolean authoriseForRole(@Nullable ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest, String role)
user
- the user to authorise. This MAY be null.httpServletRequest
- the web request in playvoid logout(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)
httpServletRequest
- the HTTP request in playhttpServletResponse
- the HTTP response in playboolean isElevatedSecurityCheckAlwaysShown()
void resetFailedLoginCount(ApplicationUser user)
user
- the user to authorise. This MUST not be null.Copyright © 2002-2016 Atlassian. All Rights Reserved.