BootstrapLoginManagerImpl (Atlassian Jira

java.lang.Object
- com.atlassian.jira.security.login.BootstrapLoginManagerImpl

All Implemented Interfaces:

LoginManager
```
public class BootstrapLoginManagerImpl
extends Object
implements LoginManager
```
An implementation of LoginManager that is suitable for bootstrap. There is no security needed so this guy does bugger all.

Since:

v5.2

Constructor Summary

Constructors
Constructor and Description

BootstrapLoginManagerImpl()

Constructors
Constructor and Description
`BootstrapLoginManagerImpl()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`LoginResult`	`authenticate(ApplicationUser user, String password)` This can be called to see if an user knows the given password.
`LoginResult`	`authenticateWithoutElevatedCheck(ApplicationUser user, String password)` This can be called to see if an user knows the given password.
`boolean`	`authoriseForLogin(ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest)` This is called to see if an authenticated user is allowed to login JIRA in the context of a web request.
`boolean`	`authoriseForRole(ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest, String role)` This is called to see if an authenticated user is allowed to execute the web request given the required role
`LoginInfo`	`getLoginInfo(String userName)` This is called to get LoginInfo about a given user.
`Set<String>`	`getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)` Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
`boolean`	`isElevatedSecurityCheckAlwaysShown()`
`void`	`logout(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)` This is called to logout the current user and destroy their JIRA session.
`LoginInfo`	`onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest, String userName, boolean loginSuccessful)` This is called after a login attempt has been made.
`boolean`	`performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest, String userName)` This is called to see whether the user has passed an extended security check (such as CAPTCHA)
`void`	`resetFailedLoginCount(ApplicationUser user)` This can be called to reset the failed login count of a user
`LoginInfo`	`updateLastLoginTime(ApplicationUser user)` This is called to update the last login time without clearing the elevated security check.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - BootstrapLoginManagerImpl
```
public BootstrapLoginManagerImpl()
```
- Method Detail
  - getRequiredRoles
```
public Set<String> getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)
```
    Description copied from interface: LoginManager
    
    Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
    
    Specified by:
    
    getRequiredRoles in interface LoginManager
    
    Parameters:
    
    httpServletRequest - the request in play
    
    Returns:
    
    a set of roles
  - getLoginInfo
```
public LoginInfo getLoginInfo(String userName)
```
    Description copied from interface: LoginManager
    
    This is called to get LoginInfo about a given user.
    
    Specified by:
    
    getLoginInfo in interface LoginManager
    
    Parameters:
    
    userName - the name of the user in play. This MUST not be null.
    
    Returns:
    
    a LoginInfo object
  - performElevatedSecurityCheck
```
public boolean performElevatedSecurityCheck(javax.servlet.http.HttpServletRequest httpServletRequest,
                                            String userName)
```
    Description copied from interface: LoginManager
    
    This is called to see whether the user has passed an extended security check (such as CAPTCHA)
    
    Specified by:
    
    performElevatedSecurityCheck in interface LoginManager
    
    Parameters:
    
    httpServletRequest - the HTTP request in play
    
    userName - the name of the user in play. This MUST not be null.
    
    Returns:
    
    true if they have passed the extended security check
  - onLoginAttempt
```
public LoginInfo onLoginAttempt(javax.servlet.http.HttpServletRequest httpServletRequest,
                                String userName,
                                boolean loginSuccessful)
```
    Description copied from interface: LoginManager
    
    This is called after a login attempt has been made. It allows the LoginManager to update information about a users login history and clear the elevated security check.
    
    Specified by:
    
    onLoginAttempt in interface LoginManager
    
    Parameters:
    
    httpServletRequest - the HTTP request in play
    
    userName - the name of the user in play. This MUST not be null.
    
    loginSuccessful - whether the login attempt was sucessful or not
    
    Returns:
    
    the updated LoginInfo about the user
  - updateLastLoginTime
```
public LoginInfo updateLastLoginTime(ApplicationUser user)
```
    Description copied from interface: LoginManager
    
    This is called to update the last login time without clearing the elevated security check.
    
    Specified by:
    
    updateLastLoginTime in interface LoginManager
    
    Parameters:
    
    user - the user in play. This MUST not be null.
    
    Returns:
    
    the updated LoginInfo about the user
  - authenticate
```
public LoginResult authenticate(ApplicationUser user,
                                String password)
```
    Description copied from interface: LoginManager
    
    This can be called to see if an user knows the given password.
    If the user requests elevatedSecurity then this will always fail with LoginReason.AUTHENTICATION_DENIED
    
    Specified by:
    
    authenticate in interface LoginManager
    
    Parameters:
    
    user - the user to authenticate. This MUST not be null.
    
    password - the password to authenticate against
    
    Returns:
    
    true if the user can be authenticated
  - authenticateWithoutElevatedCheck
```
public LoginResult authenticateWithoutElevatedCheck(ApplicationUser user,
                                                    String password)
```
    Description copied from interface: LoginManager
    
    This can be called to see if an user knows the given password.
    Calling this method will not cause the request to fail if the user is required to do an elevated security check on normal login.
    
    Specified by:
    
    authenticateWithoutElevatedCheck in interface LoginManager
    
    Parameters:
    
    user - the user to authenticate. This MUST not be null.
    
    password - the password to authenticate against
    
    Returns:
    
    true if the user can be authenticated
  - authoriseForLogin
```
public boolean authoriseForLogin(@Nonnull
                                 ApplicationUser user,
                                 javax.servlet.http.HttpServletRequest httpServletRequest)
```
    Description copied from interface: LoginManager
    
    This is called to see if an authenticated user is allowed to login JIRA in the context of a web request.
    At this stage the user has had their username and password authenticated but we need to see if they can be authorised to use JIRA.
    
    Specified by:
    
    authoriseForLogin in interface LoginManager
    
    Parameters:
    
    user - the user to authorise. This MUST not be null.
    
    httpServletRequest - the web request in play
    
    Returns:
    
    true if the user can be authorised for login
  - authoriseForRole
```
public boolean authoriseForRole(@Nullable
                                ApplicationUser user,
                                javax.servlet.http.HttpServletRequest httpServletRequest,
                                String role)
```
    Description copied from interface: LoginManager
    
    This is called to see if an authenticated user is allowed to execute the web request given the required role
    
    Specified by:
    
    authoriseForRole in interface LoginManager
    
    Parameters:
    
    user - the user to authorise. This MAY be null.
    
    httpServletRequest - the web request in play
    
    Returns:
    
    true if the user can be authorised for this request
  - logout
```
public void logout(javax.servlet.http.HttpServletRequest httpServletRequest,
                   javax.servlet.http.HttpServletResponse httpServletResponse)
```
    Description copied from interface: LoginManager
    
    This is called to logout the current user and destroy their JIRA session.
    
    Specified by:
    
    logout in interface LoginManager
    
    Parameters:
    
    httpServletRequest - the HTTP request in play
    
    httpServletResponse - the HTTP response in play
  - isElevatedSecurityCheckAlwaysShown
```
public boolean isElevatedSecurityCheckAlwaysShown()
```
    Specified by:
    
    isElevatedSecurityCheckAlwaysShown in interface LoginManager
    
    Returns:
    
    true if the elevated security check (such as CAPTCHA) is always shown
  - resetFailedLoginCount
```
public void resetFailedLoginCount(ApplicationUser user)
```
    Description copied from interface: LoginManager
    
    This can be called to reset the failed login count of a user
    
    Specified by:
    
    resetFailedLoginCount in interface LoginManager
    
    Parameters:
    
    user - the user to authorise. This MUST not be null.

Class BootstrapLoginManagerImpl

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

BootstrapLoginManagerImpl

Method Detail

getRequiredRoles

getLoginInfo

performElevatedSecurityCheck

onLoginAttempt

updateLastLoginTime

authenticate

authenticateWithoutElevatedCheck

authoriseForLogin

authoriseForRole

logout

isElevatedSecurityCheckAlwaysShown

resetFailedLoginCount