Class SimpleAuthenticationHandler
- java.lang.Object
-
- com.jalios.jcms.authentication.AuthenticationHandler
-
- com.jalios.jcms.authentication.handlers.SimpleAuthenticationHandler
-
- All Implemented Interfaces:
PluginComponent
,java.lang.Comparable<AuthenticationHandler>
public final class SimpleAuthenticationHandler extends AuthenticationHandler
Authenticate user based on the login/password of existing member in JCMS.
Current implementation of thisAuthenticationHandler
:- stops the LoginChain on empty login or password. Therefore if your AuthenticationHandler happened to be before this one, make sure you check those too.
- invokes the login chain, THEN tries the JCMS login/password if no user was authenticated using other handler.
- redirects to the proper page after login.
- invalidates session on logout and redirect to index page (or redirect param).
- Since:
- jcms-5.7.0
- Author:
- Olivier Jaquemet
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
SimpleAuthenticationHandler.SimpleAuthState
Possible SimpleAuth state after handler invocation.
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP
Boolean property key used to authorized or forbid LDAP user to login with their local password.static int
ORDER_SIMPLE_HANDLER
Order used by the SimpleAuthenticationHandler-
Fields inherited from class com.jalios.jcms.authentication.AuthenticationHandler
channel, GENERIC_BAD_AUTHENTICATION_MSG
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static Member
getAuthenticatedMember(java.lang.String login, java.lang.String password)
Returns the member corresponding to the given login / password by checking directly into existing Member.static SimpleAuthenticationHandler
getInstance()
void
loadProperties()
This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManagervoid
login(AuthenticationContext ctxt)
Authenticate a member.void
logout(AuthenticationContext ctxt)
This methods is called when users logout from JCMS.
-
-
-
Field Detail
-
ORDER_SIMPLE_HANDLER
public static final int ORDER_SIMPLE_HANDLER
Order used by the SimpleAuthenticationHandler- See Also:
- Constant Field Values
-
LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP
public static final java.lang.String LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP
Boolean property key used to authorized or forbid LDAP user to login with their local password.- Since:
- JCMS-6504
- See Also:
- Constant Field Values
-
-
Method Detail
-
getInstance
public static final SimpleAuthenticationHandler getInstance()
-
loadProperties
public void loadProperties()
Description copied from class:AuthenticationHandler
This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManager- Overrides:
loadProperties
in classAuthenticationHandler
-
login
public void login(AuthenticationContext ctxt) throws java.io.IOException
Description copied from class:AuthenticationHandler
Authenticate a member.
This method is invoked by the authentication chain on each request.
A typical implementation of this method would follow the following pattern :- Examine informations required to perform the authentication through
the
AuthenticationContext
object (request, response, login.. etc) - Perform your authentication before chain invokation and set the logged Member
AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
- a) Either invoke the next entity in the chain using
AuthenticationContext.doChain()
, - b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
- Perform redirection, set information/warning/error message or any
other process, after chain invokation, using
AuthenticationContext
.
Default implementation is to invoke the next handler in the chain.- Overrides:
login
in classAuthenticationHandler
- Parameters:
ctxt
- theAuthenticationContext
used for this login- Throws:
java.io.IOException
- Examine informations required to perform the authentication through
the
-
logout
public void logout(AuthenticationContext ctxt) throws java.io.IOException
Description copied from class:AuthenticationHandler
This methods is called when users logout from JCMS.
It may not be called if user simply close its browser. Don't rely on this for critical operation
Default implementation is to invoke the next handler in the chain.- Overrides:
logout
in classAuthenticationHandler
- Parameters:
ctxt
- theAuthenticationContext
used for this login- Throws:
java.io.IOException
-
getAuthenticatedMember
public static final Member getAuthenticatedMember(java.lang.String login, java.lang.String password)
Returns the member corresponding to the given login / password by checking directly into existing Member.- Parameters:
login
- member's loginpassword
- member's password- Returns:
- the member or null if not found or if password was invalid
- Since:
- jcms-5.7.0
-
-