public class AuthenticationServiceImpl extends AbstractAuthenticationService implements ActivateableBean
GUEST_AUTHENTICATION_NOT_SUPPORTED
Constructor and Description |
---|
AuthenticationServiceImpl() |
Modifier and Type | Method and Description |
---|---|
void |
authenticate(String userName,
char[] password)
Carry out an authentication attempt.
|
void |
authenticateAsGuest()
Authenticate as the guest user.
|
boolean |
authenticationExists(String userName)
Check if the given authentication exists.
|
void |
clearCurrentSecurityContext()
Remove the current security information
|
int |
countTickets(boolean nonExpiredOnly) |
boolean |
getAllowsUserCreation() |
boolean |
getAllowsUserDeletion() |
boolean |
getAllowsUserPasswordChange() |
boolean |
getAuthenticationEnabled(String userName)
Is an authentication enabled or disabled?
|
String |
getCurrentTicket()
Get the current ticket as a string
|
String |
getCurrentUserName()
Get the name of the currently authenticated user.
|
Set<String> |
getDefaultAdministratorUserNames()
Gets a set of user names who should be considered 'administrators' by default.
|
Set<String> |
getDefaultGuestUserNames()
Gets a set of user names who should be considered 'guests' by default.
|
String |
getDomain() |
Set<String> |
getDomains()
Get the domain to which this instance of an authentication service applies.
|
Set<String> |
getDomainsThatAllowUserCreation()
Does this instance alow user to be created?
|
Set<String> |
getDomainsThatAllowUserDeletion()
Does this instance allow users to be deleted?
|
Set<String> |
getDomiansThatAllowUserPasswordChanges()
Does this instance allow users to update their passwords?
|
String |
getNewTicket()
Get a new ticket as a string
|
protected String |
getPrevalidationTenantDomain()
This method is called from the
validate(String) method. |
Set<org.alfresco.repo.security.authentication.TicketComponent> |
getTicketComponents() |
Set<String> |
getUsersWithTickets(boolean nonExpiredOnly) |
boolean |
guestUserAuthenticationAllowed()
Check if Guest user authentication is allowed.
|
void |
invalidateTicket(String ticket)
Invalidate a single ticket by ID
|
int |
invalidateTickets(boolean expiredOnly) |
void |
invalidateUserSession(String userName)
Invalidate any tickets held by the user.
|
boolean |
isActive()
Determines whether this bean is active.
|
boolean |
isCurrentUserTheSystemUser()
Is the current user the system user?
|
boolean |
isUserProtected(String userName) |
void |
recordFailedAuthentication(String userName)
Method records a failed login attempt.
|
void |
setAllowsUserCreation(boolean allowsUserCreation) |
void |
setAllowsUserDeletion(boolean allowsUserDeletion) |
void |
setAllowsUserPasswordChange(boolean allowsUserPasswordChange) |
void |
setAuthenticationComponent(AuthenticationComponent authenticationComponent) |
void |
setDomain(String domain) |
void |
setPersonService(PersonService personService) |
void |
setProtectedUsersCache(org.alfresco.repo.cache.SimpleCache<String,org.alfresco.repo.security.authentication.ProtectedUser> protectedUsersCache) |
void |
setProtectionEnabled(boolean protectionEnabled) |
void |
setProtectionLimit(int protectionLimit) |
void |
setProtectionPeriodSeconds(int protectionPeriodSeconds) |
void |
setTicketComponent(org.alfresco.repo.security.authentication.TicketComponent ticketComponent) |
void |
validate(String ticket)
Validate a ticket.
|
getAllowedUsers, getMaxUsers, preAuthenticationCheck, setSysAdminParams
public void setProtectionPeriodSeconds(int protectionPeriodSeconds)
public void setProtectionEnabled(boolean protectionEnabled)
public void setProtectionLimit(int protectionLimit)
public void setProtectedUsersCache(org.alfresco.repo.cache.SimpleCache<String,org.alfresco.repo.security.authentication.ProtectedUser> protectedUsersCache)
public void setPersonService(PersonService personService)
public void setTicketComponent(org.alfresco.repo.security.authentication.TicketComponent ticketComponent)
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
public boolean isActive()
ActivateableBean
isActive
in interface ActivateableBean
true
if this bean is activepublic void authenticate(String userName, char[] password) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
authenticate
in interface AuthenticationService
userName
- the usernamepassword
- the passowrdorg.alfresco.repo.security.authentication.AuthenticationException
public boolean isUserProtected(String userName)
true
if user is 'protected' from brute force attackpublic void recordFailedAuthentication(String userName)
protectionLimit
the user will be considered 'protected'.public String getCurrentUserName() throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
getCurrentUserName
in interface AuthenticationService
org.alfresco.repo.security.authentication.AuthenticationException
public void invalidateUserSession(String userName) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
invalidateUserSession
in interface AuthenticationService
org.alfresco.repo.security.authentication.AuthenticationException
public Set<String> getUsersWithTickets(boolean nonExpiredOnly)
getUsersWithTickets
in class AbstractAuthenticationService
public void invalidateTicket(String ticket) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
invalidateTicket
in interface AuthenticationService
ticket
- Stringorg.alfresco.repo.security.authentication.AuthenticationException
public int countTickets(boolean nonExpiredOnly)
countTickets
in class AbstractAuthenticationService
public int invalidateTickets(boolean expiredOnly)
invalidateTickets
in class AbstractAuthenticationService
public void validate(String ticket) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
validate
in interface AuthenticationService
ticket
- Stringorg.alfresco.repo.security.authentication.AuthenticationException
protected String getPrevalidationTenantDomain()
validate(String)
method. If this method returns null then
the user's tenant will be obtained from the username. This is generally correct in the case where the user can be
associated with just one tenant.
Override this method in order to force the selection of a different tenant (for whatever reason).public String getCurrentTicket() throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
getCurrentTicket
in interface AuthenticationService
org.alfresco.repo.security.authentication.AuthenticationException
public String getNewTicket()
AuthenticationService
getNewTicket
in interface AuthenticationService
public void clearCurrentSecurityContext()
AuthenticationService
clearCurrentSecurityContext
in interface AuthenticationService
public boolean isCurrentUserTheSystemUser()
AuthenticationService
isCurrentUserTheSystemUser
in interface AuthenticationService
public void authenticateAsGuest() throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationService
authenticateAsGuest
in interface AuthenticationService
org.alfresco.repo.security.authentication.AuthenticationException
public boolean guestUserAuthenticationAllowed()
AuthenticationService
guestUserAuthenticationAllowed
in interface AuthenticationService
public boolean getAllowsUserCreation()
public void setAllowsUserCreation(boolean allowsUserCreation)
public boolean getAllowsUserDeletion()
public void setAllowsUserDeletion(boolean allowsUserDeletion)
public boolean getAllowsUserPasswordChange()
public void setAllowsUserPasswordChange(boolean allowsUserPasswordChange)
public String getDomain()
public void setDomain(String domain)
public Set<String> getDomains()
AuthenticationService
getDomains
in interface AuthenticationService
public Set<String> getDomainsThatAllowUserCreation()
AuthenticationService
getDomainsThatAllowUserCreation
in interface AuthenticationService
public Set<String> getDomainsThatAllowUserDeletion()
AuthenticationService
getDomainsThatAllowUserDeletion
in interface AuthenticationService
public Set<String> getDomiansThatAllowUserPasswordChanges()
AuthenticationService
getDomiansThatAllowUserPasswordChanges
in interface AuthenticationService
public Set<org.alfresco.repo.security.authentication.TicketComponent> getTicketComponents()
getTicketComponents
in class AbstractAuthenticationService
public Set<String> getDefaultAdministratorUserNames()
getDefaultAdministratorUserNames
in interface AuthenticationService
public Set<String> getDefaultGuestUserNames()
getDefaultGuestUserNames
in interface AuthenticationService
public boolean authenticationExists(String userName)
authenticationExists
in interface AuthenticationService
userName
- the usernamepublic boolean getAuthenticationEnabled(String userName) throws org.alfresco.repo.security.authentication.AuthenticationException
getAuthenticationEnabled
in interface AuthenticationService
org.alfresco.repo.security.authentication.AuthenticationException
Copyright © 2005–2017 Alfresco Software. All rights reserved.