com.jalios.jcms.authentication.handlers

Class DelegationAuthenticationHandler

java.lang.Object

com.jalios.jcms.authentication.AuthenticationHandler

com.jalios.jcms.authentication.handlers.DelegationAuthenticationHandler

All Implemented Interfaces:

PluginComponent, java.lang.Comparable<AuthenticationHandler>

public class DelegationAuthenticationHandler
extends AuthenticationHandler

Uses the Member's delegation to allow him to change its identity to somebody else.

Any account can be excluded from delegation by adding its member's ID to the property (seperated with space or coma) : auth-mgr.delegation.excluded-mbr-ids: c_42

Since:

jcms-5.7.0

Version:

$Revision: 67040 $

Field Summary

Fields

Modifier and Type	Field and Description
static int	ORDER_DELEGATION_HANDLER Order used by the DelegationAuthenticationHandler

Fields inherited from class com.jalios.jcms.authentication.AuthenticationHandler

channel, GENERIC_BAD_AUTHENTICATION_MSG, REVISION

Method Summary

Modifier and Type	Method and Description
java.util.Set<Member>	filterExcludedMember(java.util.Set<Member> setToFilter) Filter the specified member Set to remove all member excluded from delegation.
static DelegationAuthenticationHandler	getInstance()
static java.util.List<Member>	getSuHistory(javax.servlet.http.HttpServletRequest request) Retrieve the change user history from the current session.
static java.lang.String	getSuLink(Member suMember) Retrieves a link that will request an user changer to the specified member. Note : The link is always return, even though the su might not be allowed.
boolean	isExcludedFromDelegation(Member suMbr) Check if the specified Member can be used as the target of a delegation.
void	loadProperties() This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded. You can use it to reload properties that might have been changed. This method is called during initialization of the AuthenticationManager
void	login(AuthenticationContext ctxt) Authenticate a member.

Methods inherited from class com.jalios.jcms.authentication.AuthenticationHandler

compareTo, equals, getOrder, init, logout, setOrder

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ORDER_DELEGATION_HANDLER

public static final int ORDER_DELEGATION_HANDLER

Order used by the DelegationAuthenticationHandler

See Also:

Constant Field Values

Method Detail

getInstance

public static final DelegationAuthenticationHandler getInstance()

loadProperties

public void loadProperties()

Description copied from class: AuthenticationHandler

This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManager

Overrides:

loadProperties in class AuthenticationHandler

login

public void login(AuthenticationContext ctxt)
           throws java.io.IOException

Description copied from class: AuthenticationHandler

Authenticate a member.
This method is invoked by the authentication chain on each request.
A typical implementation of this method would follow the following pattern :

1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

Default implementation is to invoke the next handler in the chain.

Overrides:

login in class AuthenticationHandler

Parameters:

ctxt - the AuthenticationContext used for this login

Throws:

java.io.IOException

filterExcludedMember

public java.util.Set<Member> filterExcludedMember(java.util.Set<Member> setToFilter)

Filter the specified member Set to remove all member excluded from delegation.

Parameters:

setToFilter - the Member set to filter

Returns:

a new TreeSet of Member

Since:

jcms-7.1.2 (JCMS-3097)

See Also:

isExcludedFromDelegation(Member)

isExcludedFromDelegation

public boolean isExcludedFromDelegation(Member suMbr)

Check if the specified Member can be used as the target of a delegation.

Parameters:

suMbr - the Member in which a delegation could be request

Returns:

true if the member is excluded, false if it can be used safely.

getSuHistory

public static final java.util.List<Member> getSuHistory(javax.servlet.http.HttpServletRequest request)

Retrieve the change user history from the current session.

Parameters:

request - the current HttpServletRequest

Returns:

a List of Member (never return null).

getSuLink

public static final java.lang.String getSuLink(Member suMember)

Retrieves a link that will request an user changer to the specified member.
Note : The link is always return, even though the su might not be allowed.

Parameters:

suMember - the member to login into

Returns:

a relative URL to request a user change (e.g. "index.jsp?JCMS_sulogin=johndoe")