Package com.jalios.jcms.authentication.handlers

Class SimpleAuthenticationHandler

java.lang.Object

com.jalios.jcms.authentication.AuthenticationHandler

com.jalios.jcms.authentication.handlers.SimpleAuthenticationHandler

All Implemented Interfaces:

PluginComponent, java.lang.Comparable<AuthenticationHandler>

public final class SimpleAuthenticationHandler
extends AuthenticationHandler

Authenticate user based on the login/password of existing member in JCMS.

Current implementation of this AuthenticationHandler :

• stops the LoginChain on empty login or password. Therefore if your AuthenticationHandler happened to be before this one, make sure you check those too.
• invokes the login chain, THEN tries the JCMS login/password if no user was authenticated using other handler.
• redirects to the proper page after login.
• invalidates session on logout and redirect to index page (or redirect param).

Since:

jcms-5.7.0

Version:

$Revision: 135760 $

Author:

Olivier Jaquemet

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SimpleAuthenticationHandler.SimpleAuthState	Possible SimpleAuth state after handler invocation.

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP	Boolean property key used to authorized or forbid LDAP user to login with their local password.
static int	ORDER_SIMPLE_HANDLER	Order used by the SimpleAuthenticationHandler
static java.lang.String	REVISION

Fields inherited from class com.jalios.jcms.authentication.AuthenticationHandler

channel, GENERIC_BAD_AUTHENTICATION_MSG

Method Summary

Modifier and Type	Method	Description
static Member	getAuthenticatedMember(java.lang.String login, java.lang.String password)	Returns the member corresponding to the given login / password by checking directly into existing Member.
static SimpleAuthenticationHandler	getInstance()
void	loadProperties()	This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded. You can use it to reload properties that might have been changed. This method is called during initialization of the AuthenticationManager
void	login(AuthenticationContext ctxt)	Authenticate a member.
void	logout(AuthenticationContext ctxt)	This methods is called when users logout from JCMS.

Methods inherited from class com.jalios.jcms.authentication.AuthenticationHandler

canLogout, compareTo, equals, getOrder, init, setOrder

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REVISION

public static final java.lang.String REVISION

See Also:

Constant Field Values

ORDER_SIMPLE_HANDLER

public static final int ORDER_SIMPLE_HANDLER

Order used by the SimpleAuthenticationHandler

See Also:

Constant Field Values

LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP

public static final java.lang.String LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP

Boolean property key used to authorized or forbid LDAP user to login with their local password.

Since:

JCMS-6504

See Also:

Constant Field Values

Method Detail

getInstance

public static final SimpleAuthenticationHandler getInstance()

loadProperties

public void loadProperties()

Description copied from class: AuthenticationHandler

This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManager

Overrides:

loadProperties in class AuthenticationHandler

login

public void login(AuthenticationContext ctxt)
           throws java.io.IOException

Description copied from class: AuthenticationHandler

Authenticate a member.
This method is invoked by the authentication chain on each request.
A typical implementation of this method would follow the following pattern :

1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

Default implementation is to invoke the next handler in the chain.

Overrides:

login in class AuthenticationHandler

Parameters:

ctxt - the AuthenticationContext used for this login

Throws:

java.io.IOException

logout

public void logout(AuthenticationContext ctxt)
            throws java.io.IOException

Description copied from class: AuthenticationHandler

This methods is called when users logout from JCMS.
It may not be called if user simply close its browser. Don't rely on this for critical operation

Default implementation is to invoke the next handler in the chain.

Overrides:

logout in class AuthenticationHandler

Parameters:

ctxt - the AuthenticationContext used for this login

Throws:

java.io.IOException

getAuthenticatedMember

public static final Member getAuthenticatedMember(java.lang.String login,
                                                  java.lang.String password)

Returns the member corresponding to the given login / password by checking directly into existing Member.

Parameters:

login - member's login

password - member's password

Returns:

the member or null if not found or if password was invalid

Since:

jcms-5.7.0