Class SimpleAuthenticationHandler

  • All Implemented Interfaces:
    PluginComponent, java.lang.Comparable<AuthenticationHandler>

    public final class SimpleAuthenticationHandler
    extends AuthenticationHandler
    Authenticate user based on the login/password of existing member in JCMS.

    Current implementation of this AuthenticationHandler :
    • stops the LoginChain on empty login or password. Therefore if your AuthenticationHandler happened to be before this one, make sure you check those too.
    • invokes the login chain, THEN tries the JCMS login/password if no user was authenticated using other handler.
    • redirects to the proper page after login.
    • invalidates session on logout and redirect to index page (or redirect param).
    Since:
    jcms-5.7.0
    Author:
    Olivier Jaquemet
    • Field Detail

      • ORDER_SIMPLE_HANDLER

        public static final int ORDER_SIMPLE_HANDLER
        Order used by the SimpleAuthenticationHandler
        See Also:
        Constant Field Values
      • LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP

        public static final java.lang.String LDAP_USER_LOCAL_PASSWORD_AUTHORIZED_PROP
        Boolean property key used to authorized or forbid LDAP user to login with their local password.
        Since:
        JCMS-6504
        See Also:
        Constant Field Values
    • Method Detail

      • loadProperties

        public void loadProperties()
        Description copied from class: AuthenticationHandler
        This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
        You can use it to reload properties that might have been changed.
        This method is called during initialization of the AuthenticationManager
        Overrides:
        loadProperties in class AuthenticationHandler
      • login

        public void login​(AuthenticationContext ctxt)
                   throws java.io.IOException
        Description copied from class: AuthenticationHandler
        Authenticate a member.
        This method is invoked by the authentication chain on each request.
        A typical implementation of this method would follow the following pattern :
        1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
        2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
        3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
        4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
        5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

        Default implementation is to invoke the next handler in the chain.
        Overrides:
        login in class AuthenticationHandler
        Parameters:
        ctxt - the AuthenticationContext used for this login
        Throws:
        java.io.IOException
      • logout

        public void logout​(AuthenticationContext ctxt)
                    throws java.io.IOException
        Description copied from class: AuthenticationHandler
        This methods is called when users logout from JCMS.
        It may not be called if user simply close its browser. Don't rely on this for critical operation

        Default implementation is to invoke the next handler in the chain.
        Overrides:
        logout in class AuthenticationHandler
        Parameters:
        ctxt - the AuthenticationContext used for this login
        Throws:
        java.io.IOException
      • getAuthenticatedMember

        public static final Member getAuthenticatedMember​(java.lang.String login,
                                                          java.lang.String password)
        Returns the member corresponding to the given login / password by checking directly into existing Member.
        Parameters:
        login - member's login
        password - member's password
        Returns:
        the member or null if not found or if password was invalid
        Since:
        jcms-5.7.0