|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.ecyrd.jspwiki.auth.AuthenticationManager
public final class AuthenticationManager
Manages authentication activities for a WikiEngine: user login, logout, and credential refreshes. This class uses JAAS to determine how users log in.
Field Summary | |
---|---|
static String |
COOKIE_MODULE
The name of the built-in cookie authentication module |
protected static org.apache.log4j.Logger |
log
|
static String |
LOGIN_CONTAINER
The JAAS application name for the web container authentication stack. |
static String |
LOGIN_CUSTOM
The JAAS application name for the JSPWiki custom authentication stack. |
protected boolean |
m_isJaasConfiguredAtStartup
Was JAAS login config already set before we startd up? |
protected boolean |
m_isJavaPolicyConfiguredAtStartup
Was Java security policy already set before we startd up? |
static String |
PROP_SECURITY
This property determines whether we use JSPWiki authentication or not. |
static String |
PROP_STOREIPADDRESS
If this jspwiki.properties property is true , logs the IP address of the editor on saving. |
static String |
SECURITY_CONTAINER
Value specifying that the user wants to use the container-managed security, just like in JSPWiki 2.2. |
static String |
SECURITY_JAAS
Value specifying that the user wants to use the built-in JAAS-based system |
Constructor Summary | |
---|---|
AuthenticationManager()
|
Method Summary | |
---|---|
void |
addWikiEventListener(WikiEventListener listener)
Registers a WikiEventListener with this instance. |
static boolean |
allowsCookieAssertions()
Determines whether this WikiEngine allows users to assert identities using cookies instead of passwords. |
protected void |
fireEvent(WikiSecurityEvent event)
Fires a wiki event to all registered listeners. |
void |
initialize(WikiEngine engine,
Properties props)
Creates an AuthenticationManager instance for the given WikiEngine and the specified set of properties. |
protected void |
injectGroupPrincipals(WikiSession session)
Injects GroupPrincipal objects into the user's Principal set based on the groups the user belongs to. |
protected void |
injectRolePrincipals(WikiSession session)
Injects Role Principals into the user's Principal set based on the roles the user possesses, according to the external Authorizer . |
boolean |
isContainerAuthenticated()
Returns true if this WikiEngine uses container-managed authentication. |
boolean |
login(javax.servlet.http.HttpServletRequest request)
Logs in the user by attempting to populate a WikiSession Subject from a web servlet request. |
boolean |
login(WikiSession session,
String username,
String password)
Attempts to perform a WikiSession login for the given username/password combination. |
void |
logout(javax.servlet.http.HttpServletRequest request)
Logs the user out by retrieving the WikiSession associated with the HttpServletRequest and unbinding all of the Subject's Principals, except for Role.ALL , Role.ANONYMOUS . |
void |
refreshCredentials(WikiSession wikiSession)
Reloads user Principals into the suppplied WikiSession's Subject. |
void |
removeWikiEventListener(WikiEventListener listener)
Un-registers a WikiEventListener with this instance. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String COOKIE_MODULE
public static final String LOGIN_CONTAINER
public static final String LOGIN_CUSTOM
public static final String PROP_STOREIPADDRESS
true
, logs the IP address of the editor on saving.
protected static final org.apache.log4j.Logger log
protected boolean m_isJaasConfiguredAtStartup
protected boolean m_isJavaPolicyConfiguredAtStartup
public static final String SECURITY_CONTAINER
public static final String SECURITY_JAAS
public static final String PROP_SECURITY
Constructor Detail |
---|
public AuthenticationManager()
Method Detail |
---|
public final void addWikiEventListener(WikiEventListener listener)
listener
- the event listenerpublic final void initialize(WikiEngine engine, Properties props) throws WikiException
WikiException
public final boolean isContainerAuthenticated()
WebContainerAuthorizer.isContainerAuthorized()
,
if used as the external authorizer; otherwise, returns false
.
true
if the wiki's authentication is managed by
the container, false
otherwisepublic final boolean login(javax.servlet.http.HttpServletRequest request)
request
- servlet request for this user
IllegalStateException
- if the wiki context's
getHttpRequest
or getWikiSession
methods return null
IllegalArgumentException
- if the context
parameter
is nullpublic final boolean login(WikiSession session, String username, String password)
session
- the current wiki session; may not be null.username
- The user name. This is a login name, not a WikiName. In
most cases they are the same, but in some cases, they might
not be.password
- The password
public final void logout(javax.servlet.http.HttpServletRequest request)
Role.ALL
, Role.ANONYMOUS
.
is a cheap-and-cheerful way to do it without invoking JAAS LoginModules.
The logout operation will also flush the JSESSIONID cookie from
the user's browser session, if it was set.
request
- the current HTTP requestpublic final void refreshCredentials(WikiSession wikiSession)
UserDatabase.getPrincipals(String)
.
This method should generally be called after a user's UserProfile
is saved. If the wiki session is null, or there is no matching user profile, the
method returns silently.
wikiSession
- public final void removeWikiEventListener(WikiEventListener listener)
listener
- the event listenerpublic static final boolean allowsCookieAssertions()
JSPWiki-container
.
true
if cookies are allowedprotected final void fireEvent(WikiSecurityEvent event)
event
- the eventprotected final void injectGroupPrincipals(WikiSession session)
session
- the wiki sessionprotected final void injectRolePrincipals(WikiSession session)
Authorizer
. This method is called during
once, during login. The algorithm first calls the
Authorizer.getRoles()
to obtain the array of
Principals the authorizer knows about. Then, the method
Authorizer.isUserInRole(WikiSession, Principal)
is
called for each Principal. If the user possesses the role,
an equivalent role Principal is injected into the user's
principal set.
session
- the wiki session
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |