com.jalios.jcms.authentication

Class AuthenticationManager

java.lang.Object

com.jalios.jcms.authentication.AuthenticationManager

public final class AuthenticationManager
extends java.lang.Object

This singleton manages all the authentication process in JCMS.

It is responsible to store and invoke all the AuthenticationHandler.

Since:

jcms-5.7.0

Version:

$Revision: 52696 $

Author:

Olivier Jaquemet

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	REVISION

Method Summary

Methods

Modifier and Type	Method and Description
void	addAuthenticationHandler(AuthenticationHandler authHdlr) Add the specified AuthenticationHandler to the handlers collection already managed by the AuthenticationManager.
java.util.SortedSet<AuthenticationHandler>	getAuthenticationHandlerSet() Retrieve the internal set of AuthenticationHandler managed by the AuthenticationManager.
boolean	getDefaultPersistentValue() Defined by value of property auth-mgr.persistent.default-value.
static AuthenticationManager	getInstance()
java.lang.String	getLoginParameter() Retrieve the parameter name used for the user's login.
java.lang.String	getOpLoginParameter() Retrieve the parameter name used to indicate a login action is requested (login form submitted).
java.lang.String	getPasswordParameter() Retrieve the parameter name used for the user's password.
java.lang.String	getPersistentParameter() Retrieve the parameter name used for the user's persistent login preference.
void	init() Initialize the AuthenticationManager.
boolean	isAuthenticationRequired() Returns true if the authentication is required in this site.
boolean	isLoginCaseSensitive() Returns true if login should be treated as sensitive (myLogin !
boolean	isShowingPersistentOption() Defined by value of property auth-mgr.persistent.show-option.
LoginResult	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Locale userLocale) Authenticate a member for each request.
LoginResult	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String userLang) Deprecated. use login(HttpServletRequest, HttpServletResponse, Locale)
Member	login(java.lang.String login, java.lang.String password) Retrieve a member from a login/password pair.
void	logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Locale userLocale, Member loggedMember) Logout the current loggedMember from this session.
void	logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String userLang, Member loggedMember) Deprecated. use logout(HttpServletRequest, HttpServletResponse, Locale, Member)
void	readOrdersFromProperties() Read Authentication Handlers order from properties.
void	removeAuthenticationHandler(AuthenticationHandler authHdlr) Remove the specified AuthenticationHandler from the handlers managed by the AuthenticationManager.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REVISION

public static final java.lang.String REVISION

See Also:

Constant Field Values

Method Detail

getInstance

public static final AuthenticationManager getInstance()

init

public void init()

Initialize the AuthenticationManager.
This method can be called multiple time during the lifetime of the site, for example on properties change.

Since:

jcms-5.7.0

readOrdersFromProperties

public void readOrdersFromProperties()

Read Authentication Handlers order from properties.

addAuthenticationHandler

public void addAuthenticationHandler(AuthenticationHandler authHdlr)

Add the specified AuthenticationHandler to the handlers collection already managed by the AuthenticationManager.

Parameters:

authHdlr - the AuthenticationHandler to be added

Since:

jcms-5.7.0

removeAuthenticationHandler

public void removeAuthenticationHandler(AuthenticationHandler authHdlr)

Remove the specified AuthenticationHandler from the handlers managed by the AuthenticationManager.

Parameters:

authHdlr - the AuthenticationHandler to be removed

Since:

jcms-5.7.0

getAuthenticationHandlerSet

public java.util.SortedSet<AuthenticationHandler> getAuthenticationHandlerSet()

Retrieve the internal set of AuthenticationHandler managed by the AuthenticationManager.
Modify only if you are sure of what you do...

Returns:

a SortedSet of AuthenticationHandler

isAuthenticationRequired

public boolean isAuthenticationRequired()

Returns true if the authentication is required in this site.
Defined by value of property channel.is-authentication-required.

Returns:

true if authentication is required for JCMS acces, false otherwise.

Since:

jcms-5.7.0

isLoginCaseSensitive

public boolean isLoginCaseSensitive()

Returns true if login should be treated as sensitive (myLogin != mylogin). Defined by value of property channel.login-casesensitive.

Returns:

true if login is casesensitive

Since:

jcms-5.7.0

isShowingPersistentOption

public boolean isShowingPersistentOption()

Defined by value of property auth-mgr.persistent.show-option.

Returns:

true if we show the persistent option in the login form, false if we hide it.

Since:

jcms-5.7.0

getDefaultPersistentValue

public boolean getDefaultPersistentValue()

Defined by value of property auth-mgr.persistent.default-value.

Returns:

the default persistent value, true is persistent, false is not.

Since:

jcms-5.7.0

getLoginParameter

public java.lang.String getLoginParameter()

Retrieve the parameter name used for the user's login.
Defined by value of property auth-mgr.login-param.login.

Returns:

the request parameter name used to send/retrieve the login of the user to authenticate.

Since:

jcms-5.7.0

getPasswordParameter

public java.lang.String getPasswordParameter()

Retrieve the parameter name used for the user's password.
Defined by value of property auth-mgr.login-param.password.

Returns:

the request parameter name used to send/retrieve the password of the user to authenticate.

Since:

jcms-5.7.0

getPersistentParameter

public java.lang.String getPersistentParameter()

Retrieve the parameter name used for the user's persistent login preference.
Defined by value of property auth-mgr.login-param.persistent.

Returns:

the request parameter name used to send/retrieve whether user to authenticate has requested to have a persistent authentication or not.

Since:

jcms-5.7.0

getOpLoginParameter

public java.lang.String getOpLoginParameter()

Retrieve the parameter name used to indicate a login action is requested (login form submitted).
Defined by value of property auth-mgr.login-param.op-login.

Returns:

the request parameter name used to send/retrieve whether a login action has been requested (usually when a form is submitted).

Since:

jcms-5.7.0

login

public Member login(java.lang.String login,
           java.lang.String password)
             throws java.io.IOException

Retrieve a member from a login/password pair.

Current implementation invoke the authentication handler login chain with current servlet request if available otherwise with a fake request, and a fake response.

Parameters:

login - the user login

password - the user's clear text password

Returns:

the authenticated Member, (or null on error)

Throws:

java.io.IOException - if the login operation could not be performed due to IO problem (HTTP headers in response, cookie error, ...)

Since:

jcms-5.7.0

login

public LoginResult login(javax.servlet.http.HttpServletRequest request,
                javax.servlet.http.HttpServletResponse response,
                java.lang.String userLang)
                  throws java.io.IOException

Deprecated. use login(HttpServletRequest, HttpServletResponse, Locale)

Authenticate a member for each request.
Invoke the authentication handler chain and return the authenticated Member.

Parameters:

request - the current HttpServletRequest being processed

response - the HttpServletResponse bound to current request

userLang - the current language guessed from browser preference or session

Returns:

the LoginResult containing the logged Member

Throws:

java.io.IOException - if the login operation could not be performed due to IO problem (HTTP headers in response, cookie error, ...)

Since:

jcms-5.7.0

login

public LoginResult login(javax.servlet.http.HttpServletRequest request,
                javax.servlet.http.HttpServletResponse response,
                java.util.Locale userLocale)
                  throws java.io.IOException

Authenticate a member for each request.
Invoke the authentication handler chain and return the authenticated Member.

Parameters:

request - the current HttpServletRequest being processed

response - the HttpServletResponse bound to current request

userLocale - the current Locale guessed from browser preference or session

Returns:

the LoginResult containing the logged Member

Throws:

java.io.IOException - if the login operation could not be performed due to IO problem (HTTP headers in response, cookie error, ...)

Since:

jcms-7.1.0

logout

public void logout(javax.servlet.http.HttpServletRequest request,
          javax.servlet.http.HttpServletResponse response,
          java.lang.String userLang,
          Member loggedMember)
            throws java.io.IOException

Deprecated. use logout(HttpServletRequest, HttpServletResponse, Locale, Member)

Logout the current loggedMember from this session. It may not be called if user simply close its browser. Don't rely on this for critical operation

Parameters:

request - the current HttpServletRequest being processed

response - the HttpServletResponse bound to current request

userLang - the current language guessed from browser preference or session

loggedMember - the member currently logged in

Throws:

java.io.IOException - if the logout operation could not be performed due to IO problem (HTTP headers in response, cookie error, ...)

Since:

jcms-5.7.0

logout

public void logout(javax.servlet.http.HttpServletRequest request,
          javax.servlet.http.HttpServletResponse response,
          java.util.Locale userLocale,
          Member loggedMember)
            throws java.io.IOException

Logout the current loggedMember from this session. It may not be called if user simply close its browser. Don't rely on this for critical operation

Parameters:

request - the current HttpServletRequest being processed

response - the HttpServletResponse bound to current request

userLocale - the current Locale guessed from browser preference or session

loggedMember - the member currently logged in

Throws:

java.io.IOException - if the logout operation could not be performed due to IO problem (HTTP headers in response, cookie error, ...)

Since:

jcms-7.1.0