com.jalios.jcms.authentication.handlers

Class DelegationAuthenticationHandler

java.lang.Object

com.jalios.jcms.authentication.AuthenticationHandler

com.jalios.jcms.authentication.handlers.DelegationAuthenticationHandler

All Implemented Interfaces:

PluginComponent, java.lang.Comparable<AuthenticationHandler>

public class DelegationAuthenticationHandler
extends AuthenticationHandler

Uses the Member's delegation to allow him to change its identity to somebody else.

Any account can be excluded from delegation by adding its member's ID to the property (seperated with space or coma) : auth-mgr.delegation.excluded-mbr-ids: c_42

Since:

jcms-5.7.0

Version:

$Revision: 114139 $

Field Summary

Fields

Modifier and Type	Field and Description
static int	ORDER_DELEGATION_HANDLER Order used by the DelegationAuthenticationHandler
static java.lang.String	PROP_ENABLED Property key used to read if delegation is enabled or not
static java.lang.String	PROP_EXCLUDED_MBR_IDS Property key used to read the member ids which are excluded from delegation
static java.lang.String	PROP_REQUIRES_CSRF_TOKEN Property key used to read boolean setting indicating if CSRF token is required to delegate into another member

Fields inherited from class com.jalios.jcms.authentication.AuthenticationHandler

channel, GENERIC_BAD_AUTHENTICATION_MSG, REVISION

Method Summary

Modifier and Type	Method and Description
java.util.Set<Member>	filterExcludedMember(java.util.Set<Member> setToFilter) Filter the specified member Set to remove all member excluded from delegation.
java.util.Set<Member>	getDelegationHolderSet(Member mbr) Retrieves the list of member into which this member is allowed to log in.
static DelegationAuthenticationHandler	getInstance()
static java.util.List<Member>	getSuHistory(javax.servlet.http.HttpServletRequest request) Retrieve the change user history from the current session.
static java.lang.String	getSuLink(Member suMember) Retrieves a link that will request an user changer to the specified member. Note : The link is always return, even though the su might not be allowed.
boolean	isEnabled() Check if delegation is enabled on this site.
boolean	isExcludedFromDelegation(Member suMbr) Check if the specified Member can be used as the target of a delegation.
void	loadProperties() This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded. You can use it to reload properties that might have been changed. This method is called during initialization of the AuthenticationManager
void	login(AuthenticationContext ctxt) Authenticate a member.

Methods inherited from class com.jalios.jcms.authentication.AuthenticationHandler

compareTo, equals, getOrder, init, logout, setOrder

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ORDER_DELEGATION_HANDLER

public static final int ORDER_DELEGATION_HANDLER

Order used by the DelegationAuthenticationHandler

See Also:

Constant Field Values

PROP_ENABLED

public static final java.lang.String PROP_ENABLED

Property key used to read if delegation is enabled or not

See Also:

Constant Field Values

PROP_EXCLUDED_MBR_IDS

public static final java.lang.String PROP_EXCLUDED_MBR_IDS

Property key used to read the member ids which are excluded from delegation

See Also:

Constant Field Values

PROP_REQUIRES_CSRF_TOKEN

public static final java.lang.String PROP_REQUIRES_CSRF_TOKEN

Property key used to read boolean setting indicating if CSRF token is required to delegate into another member

See Also:

Constant Field Values

Method Detail

getInstance

public static final DelegationAuthenticationHandler getInstance()

loadProperties

public void loadProperties()

Description copied from class: AuthenticationHandler

This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManager

Overrides:

loadProperties in class AuthenticationHandler

login

public void login(AuthenticationContext ctxt)
           throws java.io.IOException

Description copied from class: AuthenticationHandler

Authenticate a member.
This method is invoked by the authentication chain on each request.
A typical implementation of this method would follow the following pattern :

1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

Default implementation is to invoke the next handler in the chain.

Overrides:

login in class AuthenticationHandler

Parameters:

ctxt - the AuthenticationContext used for this login

Throws:

java.io.IOException

isEnabled

public boolean isEnabled()

Check if delegation is enabled on this site.

Returns:

true if enabled, false if disabled

Since:

jcms-10.0.2 / JCMS-6766

getDelegationHolderSet

public java.util.Set<Member> getDelegationHolderSet(Member mbr)

Retrieves the list of member into which this member is allowed to log in.

This method filters any unauthorized member (such as contact or Member which have been excluded from delegation using property "auth-mgr.delegation.excluded-mbr-ids").

Returns:

a new instance of Set (sorted by name), never return null.

Since:

jcms-10.0.2 / JCMS-6766

filterExcludedMember

public java.util.Set<Member> filterExcludedMember(java.util.Set<Member> setToFilter)

Filter the specified member Set to remove all member excluded from delegation.

Parameters:

setToFilter - the Member set to filter (this collection is NOT modified)

Returns:

a new TreeSet of Member (sorted by name)

Since:

jcms-7.1.2 (JCMS-3097)

See Also:

isExcludedFromDelegation(Member)

isExcludedFromDelegation

public boolean isExcludedFromDelegation(Member suMbr)

Check if the specified Member can be used as the target of a delegation.

A member can be a target of a delegation if the following condition are met :

• specified member is NOT a contact
• specified member is NOT part of the exclude mbr specified in property PROP_EXCLUDED_MBR_IDS

Parameters:

suMbr - the Member in which a delegation could be request

Returns:

true if the member is excluded, false if it can be used safely.

getSuHistory

public static final java.util.List<Member> getSuHistory(javax.servlet.http.HttpServletRequest request)

Retrieve the change user history from the current session.

Parameters:

request - the current HttpServletRequest

Returns:

a List of Member (never return null).

getSuLink

public static final java.lang.String getSuLink(Member suMember)

Retrieves a link that will request an user changer to the specified member.
Note : The link is always return, even though the su might not be allowed.

Parameters:

suMember - the member to login into

Returns:

a relative URL to request a user change (e.g. "index.jsp?JCMS_sulogin=johndoe")