public class AuthenticationServiceImpl extends AbstractAuthenticationService implements ActivateableBean
GUEST_AUTHENTICATION_NOT_SUPPORTED| Constructor and Description |
|---|
AuthenticationServiceImpl() |
| Modifier and Type | Method and Description |
|---|---|
void |
authenticate(String userName,
char[] password)
Carry out an authentication attempt.
|
void |
authenticateAsGuest()
Authenticate as the guest user.
|
boolean |
authenticationExists(String userName)
Check if the given authentication exists.
|
void |
clearCurrentSecurityContext()
Remove the current security information
|
int |
countTickets(boolean nonExpiredOnly) |
boolean |
getAllowsUserCreation() |
boolean |
getAllowsUserDeletion() |
boolean |
getAllowsUserPasswordChange() |
boolean |
getAuthenticationEnabled(String userName)
Is an authentication enabled or disabled?
|
String |
getCurrentTicket()
Get the current ticket as a string
|
String |
getCurrentUserName()
Get the name of the currently authenticated user.
|
Set<String> |
getDefaultAdministratorUserNames()
Gets a set of user names who should be considered 'administrators' by default.
|
Set<String> |
getDefaultGuestUserNames()
Gets a set of user names who should be considered 'guests' by default.
|
String |
getDomain() |
Set<String> |
getDomains()
Get the domain to which this instance of an authentication service applies.
|
Set<String> |
getDomainsThatAllowUserCreation()
Does this instance alow user to be created?
|
Set<String> |
getDomainsThatAllowUserDeletion()
Does this instance allow users to be deleted?
|
Set<String> |
getDomiansThatAllowUserPasswordChanges()
Does this instance allow users to update their passwords?
|
String |
getNewTicket()
Get a new ticket as a string
|
protected String |
getPrevalidationTenantDomain()
This method is called from the
validate(String) method. |
String |
getProtectedUserKey(String userName)
Creates a key by combining the service instance ID with the username.
|
Set<org.alfresco.repo.security.authentication.TicketComponent> |
getTicketComponents() |
Set<String> |
getUsersWithTickets(boolean nonExpiredOnly) |
boolean |
guestUserAuthenticationAllowed()
Check if Guest user authentication is allowed.
|
void |
invalidateTicket(String ticket)
Invalidate a single ticket by ID
|
int |
invalidateTickets(boolean expiredOnly) |
void |
invalidateUserSession(String userName)
Invalidate any tickets held by the user.
|
boolean |
isActive()
Determines whether this bean is active.
|
boolean |
isCurrentUserTheSystemUser()
Is the current user the system user?
|
boolean |
isProtectionEnabled() |
boolean |
isUserProtected(String userName) |
void |
recordFailedAuthentication(String userName)
Method records a failed login attempt.
|
void |
setAllowsUserCreation(boolean allowsUserCreation) |
void |
setAllowsUserDeletion(boolean allowsUserDeletion) |
void |
setAllowsUserPasswordChange(boolean allowsUserPasswordChange) |
void |
setAuthenticationComponent(AuthenticationComponent authenticationComponent) |
void |
setDomain(String domain) |
void |
setPersonService(PersonService personService) |
void |
setProtectedUsersCache(org.alfresco.repo.cache.SimpleCache<String,org.alfresco.repo.security.authentication.ProtectedUser> protectedUsersCache) |
void |
setProtectionEnabled(boolean protectionEnabled) |
void |
setProtectionLimit(int protectionLimit) |
void |
setProtectionPeriodSeconds(int protectionPeriodSeconds) |
void |
setTicketComponent(org.alfresco.repo.security.authentication.TicketComponent ticketComponent) |
void |
validate(String ticket)
Validate a ticket.
|
getAllowedUsers, getMaxUsers, preAuthenticationCheck, setSysAdminParamspublic void setProtectionPeriodSeconds(int protectionPeriodSeconds)
public void setProtectionEnabled(boolean protectionEnabled)
public boolean isProtectionEnabled()
public void setProtectionLimit(int protectionLimit)
public void setProtectedUsersCache(org.alfresco.repo.cache.SimpleCache<String,org.alfresco.repo.security.authentication.ProtectedUser> protectedUsersCache)
public void setPersonService(PersonService personService)
public void setTicketComponent(org.alfresco.repo.security.authentication.TicketComponent ticketComponent)
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
public boolean isActive()
ActivateableBeanisActive in interface ActivateableBeantrue if this bean is activepublic void authenticate(String userName, char[] password) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServiceauthenticate in interface AuthenticationServiceuserName - the usernamepassword - the passowrdorg.alfresco.repo.security.authentication.AuthenticationExceptionpublic boolean isUserProtected(String userName)
true if user is 'protected' from brute force attackpublic void recordFailedAuthentication(String userName)
protectionLimit
the user will be considered 'protected'.public String getProtectedUserKey(String userName)
public String getCurrentUserName() throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServicegetCurrentUserName in interface AuthenticationServiceorg.alfresco.repo.security.authentication.AuthenticationExceptionpublic void invalidateUserSession(String userName) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServiceinvalidateUserSession in interface AuthenticationServiceorg.alfresco.repo.security.authentication.AuthenticationExceptionpublic Set<String> getUsersWithTickets(boolean nonExpiredOnly)
getUsersWithTickets in class AbstractAuthenticationServicepublic void invalidateTicket(String ticket) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServiceinvalidateTicket in interface AuthenticationServiceticket - Stringorg.alfresco.repo.security.authentication.AuthenticationExceptionpublic int countTickets(boolean nonExpiredOnly)
countTickets in class AbstractAuthenticationServicepublic int invalidateTickets(boolean expiredOnly)
invalidateTickets in class AbstractAuthenticationServicepublic void validate(String ticket) throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServicevalidate in interface AuthenticationServiceticket - Stringorg.alfresco.repo.security.authentication.AuthenticationExceptionprotected String getPrevalidationTenantDomain()
validate(String) method. If this method returns null then
the user's tenant will be obtained from the username. This is generally correct in the case where the user can be
associated with just one tenant.
Override this method in order to force the selection of a different tenant (for whatever reason).public String getCurrentTicket() throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServicegetCurrentTicket in interface AuthenticationServiceorg.alfresco.repo.security.authentication.AuthenticationExceptionpublic String getNewTicket()
AuthenticationServicegetNewTicket in interface AuthenticationServicepublic void clearCurrentSecurityContext()
AuthenticationServiceclearCurrentSecurityContext in interface AuthenticationServicepublic boolean isCurrentUserTheSystemUser()
AuthenticationServiceisCurrentUserTheSystemUser in interface AuthenticationServicepublic void authenticateAsGuest()
throws org.alfresco.repo.security.authentication.AuthenticationException
AuthenticationServiceauthenticateAsGuest in interface AuthenticationServiceorg.alfresco.repo.security.authentication.AuthenticationExceptionpublic boolean guestUserAuthenticationAllowed()
AuthenticationServiceguestUserAuthenticationAllowed in interface AuthenticationServicepublic boolean getAllowsUserCreation()
public void setAllowsUserCreation(boolean allowsUserCreation)
public boolean getAllowsUserDeletion()
public void setAllowsUserDeletion(boolean allowsUserDeletion)
public boolean getAllowsUserPasswordChange()
public void setAllowsUserPasswordChange(boolean allowsUserPasswordChange)
public String getDomain()
public void setDomain(String domain)
public Set<String> getDomains()
AuthenticationServicegetDomains in interface AuthenticationServicepublic Set<String> getDomainsThatAllowUserCreation()
AuthenticationServicegetDomainsThatAllowUserCreation in interface AuthenticationServicepublic Set<String> getDomainsThatAllowUserDeletion()
AuthenticationServicegetDomainsThatAllowUserDeletion in interface AuthenticationServicepublic Set<String> getDomiansThatAllowUserPasswordChanges()
AuthenticationServicegetDomiansThatAllowUserPasswordChanges in interface AuthenticationServicepublic Set<org.alfresco.repo.security.authentication.TicketComponent> getTicketComponents()
getTicketComponents in class AbstractAuthenticationServicepublic Set<String> getDefaultAdministratorUserNames()
getDefaultAdministratorUserNames in interface AuthenticationServicepublic Set<String> getDefaultGuestUserNames()
getDefaultGuestUserNames in interface AuthenticationServicepublic boolean authenticationExists(String userName)
authenticationExists in interface AuthenticationServiceuserName - the usernamepublic boolean getAuthenticationEnabled(String userName) throws org.alfresco.repo.security.authentication.AuthenticationException
getAuthenticationEnabled in interface AuthenticationServiceorg.alfresco.repo.security.authentication.AuthenticationExceptionCopyright © 2005–2018 Alfresco Software. All rights reserved.