Class AbstractAuthenticationComponent
- java.lang.Object
-
- org.alfresco.repo.security.authentication.AbstractAuthenticationComponent
-
- All Implemented Interfaces:
AuthenticationComponent,AuthenticationContext
- Direct Known Subclasses:
AbstractChainingAuthenticationComponent,AuthenticationComponentImpl,IdentityServiceAuthenticationComponent,JAASAuthenticationComponent,LDAPAuthenticationComponentImpl,SimpleAcceptOrRejectAllAuthenticationComponentImpl
public abstract class AbstractAuthenticationComponent extends java.lang.Object implements AuthenticationComponent
This class abstract the support required to set up and query the Acegi context for security enforcement. There are some simple default method implementations to support simple authentication.- Author:
- Andy Hind
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.alfresco.repo.security.authentication.AuthenticationComponent
AuthenticationComponent.UserNameValidationMode
-
-
Field Summary
Fields Modifier and Type Field Description protected org.apache.commons.logging.Loglogger
-
Constructor Summary
Constructors Constructor Description AbstractAuthenticationComponent()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description voidauthenticate(java.lang.String userName, char[] password)Authenticateprotected voidauthenticateImpl(java.lang.String userName, char[] password)Default unsupported authentication implementation - as of 2.1 this is the best way to implement your own authentication component as it will support guest login - prior to this direct over ride for authenticate(String , char[]) was used.voidclearCurrentSecurityContext()Remove the current security informationjava.lang.BooleangetAllowGuestLogin()net.sf.acegisecurity.AuthenticationgetCurrentAuthentication()Get the current authentication contextjava.lang.StringgetCurrentUserName()Get the current user name.java.util.Set<java.lang.String>getDefaultAdministratorUserNames()Gets a set of user names who for this particular authentication system should be considered administrators by default.java.util.Set<java.lang.String>getDefaultGuestUserNames()Gets a set of user names who for this particular authentication system should be considered guests by default.java.lang.StringgetGuestUserName()Get the name of the Guest User note: for MT, will get guest for default domain onlyjava.lang.StringgetGuestUserName(java.lang.String tenantDomain)Get the name of the guest userorg.alfresco.service.cmr.repository.NodeServicegetNodeService()intgetNumberFailedAuthentications()intgetNumberSuccessfulAuthentications()PersonServicegetPersonService()java.lang.StringgetSystemUserName()Get the name of the system user note: for MT, will get system for default domain onlyjava.lang.StringgetSystemUserName(java.lang.String tenantDomain)Get the name of the system userTransactionServicegetTransactionService()protected net.sf.acegisecurity.UserDetailsgetUserDetails(java.lang.String userName)Default implementation that makes an ACEGI object on the flyjava.lang.StringgetUserDomain(java.lang.String userName)Extracts the tenant domain name from a user namebooleanguestUserAuthenticationAllowed()True if Guest user authentication is allowed, false otherwiseprotected abstract booleanimplementationAllowsGuestLogin()booleanisCurrentUserTheSystemUser()Is the current user the system user?booleanisGuestUserName(java.lang.String userName)True if this is a guest user ?booleanisSystemUserName(java.lang.String userName)Is this the system user ?protected voidonAuthenticate()protected voidonFail()voidsetAllowGuestLogin(java.lang.Boolean allowGuestLogin)Set if guest login is supported.voidsetAuthenticationContext(AuthenticationContext authenticationContext)net.sf.acegisecurity.AuthenticationsetCurrentAuthentication(net.sf.acegisecurity.Authentication authentication)Explicitly set the current suthentication.net.sf.acegisecurity.AuthenticationsetCurrentUser(java.lang.String userName)Explicitly set the current user to be authenticated.net.sf.acegisecurity.AuthenticationsetCurrentUser(java.lang.String userName, AuthenticationComponent.UserNameValidationMode validationMode)Explicitly set the current user to be authenticated.voidsetDefaultAdministratorUserNameList(java.lang.String defaultAdministratorUserNames)Convenience method to allow the administrator user names to be specified as a comma separated listvoidsetDefaultAdministratorUserNames(java.util.Set<java.lang.String> defaultAdministratorUserNames)Sets the user names who for this particular authentication system should be considered administrators by default.voidsetDefaultGuestUserNameList(java.lang.String defaultGuestUserNames)Convenience method to allow the administrator user names to be specified as a comma separated listvoidsetDefaultGuestUserNames(java.util.Set<java.lang.String> defaultGuestUserNames)Sets the user names who for this particular authentication system should be considered administrators by default.net.sf.acegisecurity.AuthenticationsetGuestUserAsCurrentUser()Set the guest user as the current user.voidsetNodeService(org.alfresco.service.cmr.repository.NodeService nodeService)voidsetPersonService(PersonService personService)net.sf.acegisecurity.AuthenticationsetSystemUserAsCurrentUser()Set the system user as the current user note: for MT, will set to default domain onlynet.sf.acegisecurity.AuthenticationsetSystemUserAsCurrentUser(java.lang.String tenantDomain)Set the system user as the current user.voidsetTransactionService(TransactionService transactionService)net.sf.acegisecurity.AuthenticationsetUserDetails(net.sf.acegisecurity.UserDetails ud)Explicitly set the given validated user details to be authenticated.voidsetUserRegistrySynchronizer(UserRegistrySynchronizer userRegistrySynchronizer)
-
-
-
Method Detail
-
setAllowGuestLogin
public void setAllowGuestLogin(java.lang.Boolean allowGuestLogin)
Set if guest login is supported.- Parameters:
allowGuestLogin- Boolean
-
setAuthenticationContext
public void setAuthenticationContext(AuthenticationContext authenticationContext)
-
setPersonService
public void setPersonService(PersonService personService)
-
setNodeService
public void setNodeService(org.alfresco.service.cmr.repository.NodeService nodeService)
-
setTransactionService
public void setTransactionService(TransactionService transactionService)
-
setUserRegistrySynchronizer
public void setUserRegistrySynchronizer(UserRegistrySynchronizer userRegistrySynchronizer)
-
getTransactionService
public TransactionService getTransactionService()
-
getAllowGuestLogin
public java.lang.Boolean getAllowGuestLogin()
-
getNodeService
public org.alfresco.service.cmr.repository.NodeService getNodeService()
-
getPersonService
public PersonService getPersonService()
-
authenticate
public void authenticate(java.lang.String userName, char[] password) throws org.alfresco.repo.security.authentication.AuthenticationExceptionDescription copied from interface:AuthenticationComponentAuthenticate- Specified by:
authenticatein interfaceAuthenticationComponent- Throws:
org.alfresco.repo.security.authentication.AuthenticationException
-
authenticateImpl
protected void authenticateImpl(java.lang.String userName, char[] password)Default unsupported authentication implementation - as of 2.1 this is the best way to implement your own authentication component as it will support guest login - prior to this direct over ride for authenticate(String , char[]) was used. This will still work.- Parameters:
userName- Stringpassword- char[]
-
setCurrentUser
public net.sf.acegisecurity.Authentication setCurrentUser(java.lang.String userName) throws org.alfresco.repo.security.authentication.AuthenticationExceptionDescription copied from interface:AuthenticationComponentExplicitly set the current user to be authenticated.- Specified by:
setCurrentUserin interfaceAuthenticationComponent- Throws:
org.alfresco.repo.security.authentication.AuthenticationException
-
setCurrentUser
public net.sf.acegisecurity.Authentication setCurrentUser(java.lang.String userName, AuthenticationComponent.UserNameValidationMode validationMode)Description copied from interface:AuthenticationComponentExplicitly set the current user to be authenticated. Specify if the userName is to be checked and fixed- Specified by:
setCurrentUserin interfaceAuthenticationComponent
-
getUserDetails
protected net.sf.acegisecurity.UserDetails getUserDetails(java.lang.String userName)
Default implementation that makes an ACEGI object on the fly- Parameters:
userName- String- Returns:
- UserDetails
-
setCurrentAuthentication
public net.sf.acegisecurity.Authentication setCurrentAuthentication(net.sf.acegisecurity.Authentication authentication)
Description copied from interface:AuthenticationContextExplicitly set the current suthentication. If the authentication is null the the current authentication iscleared.- Specified by:
setCurrentAuthenticationin interfaceAuthenticationContext- Parameters:
authentication- the current authentication (may be null).- Returns:
- Returns the modified authentication instance or null if it was cleared.
-
getCurrentAuthentication
public net.sf.acegisecurity.Authentication getCurrentAuthentication() throws org.alfresco.repo.security.authentication.AuthenticationExceptionGet the current authentication context- Specified by:
getCurrentAuthenticationin interfaceAuthenticationContext- Returns:
- Authentication
- Throws:
org.alfresco.repo.security.authentication.AuthenticationException
-
getCurrentUserName
public java.lang.String getCurrentUserName() throws org.alfresco.repo.security.authentication.AuthenticationExceptionGet the current user name.- Specified by:
getCurrentUserNamein interfaceAuthenticationContext- Returns:
- String
- Throws:
org.alfresco.repo.security.authentication.AuthenticationException
-
setSystemUserAsCurrentUser
public net.sf.acegisecurity.Authentication setSystemUserAsCurrentUser()
Set the system user as the current user note: for MT, will set to default domain only- Specified by:
setSystemUserAsCurrentUserin interfaceAuthenticationContext- Returns:
- Authentication
-
getSystemUserName
public java.lang.String getSystemUserName()
Get the name of the system user note: for MT, will get system for default domain only- Specified by:
getSystemUserNamein interfaceAuthenticationContext- Returns:
- String
-
isSystemUserName
public boolean isSystemUserName(java.lang.String userName)
Is this the system user ?- Specified by:
isSystemUserNamein interfaceAuthenticationContext- Returns:
- boolean
-
isCurrentUserTheSystemUser
public boolean isCurrentUserTheSystemUser()
Is the current user the system user?- Specified by:
isCurrentUserTheSystemUserin interfaceAuthenticationContext- Returns:
- boolean
-
getGuestUserName
public java.lang.String getGuestUserName()
Get the name of the Guest User note: for MT, will get guest for default domain only- Specified by:
getGuestUserNamein interfaceAuthenticationContext- Returns:
- String
-
getGuestUserName
public java.lang.String getGuestUserName(java.lang.String tenantDomain)
Description copied from interface:AuthenticationContextGet the name of the guest user- Specified by:
getGuestUserNamein interfaceAuthenticationContext
-
setGuestUserAsCurrentUser
public net.sf.acegisecurity.Authentication setGuestUserAsCurrentUser() throws org.alfresco.repo.security.authentication.AuthenticationExceptionSet the guest user as the current user. note: for MT, will set to default domain only- Specified by:
setGuestUserAsCurrentUserin interfaceAuthenticationComponent- Throws:
org.alfresco.repo.security.authentication.AuthenticationException
-
isGuestUserName
public boolean isGuestUserName(java.lang.String userName)
Description copied from interface:AuthenticationContextTrue if this is a guest user ?- Specified by:
isGuestUserNamein interfaceAuthenticationContext
-
implementationAllowsGuestLogin
protected abstract boolean implementationAllowsGuestLogin()
-
guestUserAuthenticationAllowed
public boolean guestUserAuthenticationAllowed()
Description copied from interface:AuthenticationComponentTrue if Guest user authentication is allowed, false otherwise- Specified by:
guestUserAuthenticationAllowedin interfaceAuthenticationComponent- Returns:
- true if Guest user authentication is allowed, false otherwise
-
clearCurrentSecurityContext
public void clearCurrentSecurityContext()
Remove the current security information- Specified by:
clearCurrentSecurityContextin interfaceAuthenticationContext
-
getDefaultAdministratorUserNames
public java.util.Set<java.lang.String> getDefaultAdministratorUserNames()
Gets a set of user names who for this particular authentication system should be considered administrators by default. If the security framework is case sensitive these values should be case sensitive user names. If the security framework is not case sensitive these values should be the lower-case user names.- Specified by:
getDefaultAdministratorUserNamesin interfaceAuthenticationComponent- Returns:
- a set of user names
-
setDefaultAdministratorUserNames
public void setDefaultAdministratorUserNames(java.util.Set<java.lang.String> defaultAdministratorUserNames)
Sets the user names who for this particular authentication system should be considered administrators by default.- Parameters:
defaultAdministratorUserNames- a set of user names
-
setDefaultAdministratorUserNameList
public void setDefaultAdministratorUserNameList(java.lang.String defaultAdministratorUserNames)
Convenience method to allow the administrator user names to be specified as a comma separated list- Parameters:
defaultAdministratorUserNames- String
-
getDefaultGuestUserNames
public java.util.Set<java.lang.String> getDefaultGuestUserNames()
Description copied from interface:AuthenticationComponentGets a set of user names who for this particular authentication system should be considered guests by default. If the security framework is case sensitive these values should be case sensitive user names. If the security framework is not case sensitive these values should be the lower-case user names.- Specified by:
getDefaultGuestUserNamesin interfaceAuthenticationComponent- Returns:
- a set of user names
-
setDefaultGuestUserNames
public void setDefaultGuestUserNames(java.util.Set<java.lang.String> defaultGuestUserNames)
Sets the user names who for this particular authentication system should be considered administrators by default.- Parameters:
defaultGuestUserNames- a set of user names
-
setDefaultGuestUserNameList
public void setDefaultGuestUserNameList(java.lang.String defaultGuestUserNames)
Convenience method to allow the administrator user names to be specified as a comma separated list- Parameters:
defaultGuestUserNames- String
-
getSystemUserName
public java.lang.String getSystemUserName(java.lang.String tenantDomain)
Description copied from interface:AuthenticationContextGet the name of the system user- Specified by:
getSystemUserNamein interfaceAuthenticationContext
-
getUserDomain
public java.lang.String getUserDomain(java.lang.String userName)
Description copied from interface:AuthenticationContextExtracts the tenant domain name from a user name- Specified by:
getUserDomainin interfaceAuthenticationContext- Parameters:
userName- a user name- Returns:
- a tenant domain name
-
setSystemUserAsCurrentUser
public net.sf.acegisecurity.Authentication setSystemUserAsCurrentUser(java.lang.String tenantDomain)
Description copied from interface:AuthenticationContextSet the system user as the current user.- Specified by:
setSystemUserAsCurrentUserin interfaceAuthenticationContext
-
setUserDetails
public net.sf.acegisecurity.Authentication setUserDetails(net.sf.acegisecurity.UserDetails ud)
Description copied from interface:AuthenticationContextExplicitly set the given validated user details to be authenticated.- Specified by:
setUserDetailsin interfaceAuthenticationContext- Parameters:
ud- the User Details- Returns:
- Authentication
-
onAuthenticate
protected void onAuthenticate()
-
onFail
protected void onFail()
-
getNumberSuccessfulAuthentications
public int getNumberSuccessfulAuthentications()
-
getNumberFailedAuthentications
public int getNumberFailedAuthentications()
-
-