org.mmbase.security
Interface AuthenticationData

All Known Implementing Classes:

Authentication, ClassAuthenticationWrapper, NoAuthentication

public interface AuthenticationData

This interface represents information about the authentication implementation. It is the return type of CloudContext.getAuthentication().

Since:

MMBase-1.8

Version:

$Id: AuthenticationData.java 39183 2009-10-17 07:23:40Z michiel $

Author:

Michiel Meeuwissen

Field Summary

static int	METHOD_ANONYMOUS Requests an 'anonymous' cloud, with a user with no credentials.
static int	METHOD_ASIS Use the authenticated user which is stored in the session, or if no such user can be found, try to supply 'anonymous'.
static int	METHOD_DEFAULT
static int	METHOD_DELEGATE Delegates authentication completely to the authentication implementation.
static int	METHOD_HTTP Use Http 'Basic' authentication.
static int	METHOD_LOGINPAGE Use a dedicated 'login' jsp, to log in.
static int	METHOD_LOGOUT Remove the authenticated user from the session, and otherwise invalidate the user if necessary (e.g.
static int	METHOD_PAGELOGON Login with given credentials (only Strings), and don't store this any where (except for the current 'page').
static int	METHOD_SESSIONDELEGATE Delegates authentication completely to the authentication implementation METHOD_DELEGATE, but stores the authenticated in the session then.
static int	METHOD_SESSIONLOGON Logon with given credentials (only Strings), and don't store this in the session.
static int	METHOD_UNSET
static Parameter<String>	PARAMETER_AUTHENTICATE
static Parameter<Boolean>	PARAMETER_LOGOUT
static Parameter<String>	PARAMETER_PASSWORD
static Parameter<Rank>	PARAMETER_RANK
static Parameter<String>	PARAMETER_SESSIONNAME
static Parameter<String>	PARAMETER_USERNAME Common parameters for login-info.
static Parameter<List>	PARAMETER_USERNAMES
static String	STORES_CONTEXT_IN_OWNER
static String	STRINGS Resourcebundle containing all kind of i18n versions of parameter names and so on.

Method Summary

Parameters	createParameters(String application) For a given authentication type returns a parameters object to fill with credentials.
Object	getAttribute(String name) Allows the user to retrieve specific attributes on the underlying implementation.
int	getDefaultMethod(String protocol) The security implementation can override a default method.
int	getMethod(String m) Several 'methods' to authenticate could be available.
int	getNode(UserContext userContext) This method returns an MMBase node that corresponds with the given UserContext
String[]	getTypes() Gives all available authentication types.
String[]	getTypes(int method) For a given method, returns the available 'applications'.
String	getUserBuilder() This method returns the builder name of the nodes that will be returned by the getNode(UserContext) call.
boolean	isValid(UserContext userContext) The method returns whether the UserContext has become invalid for some reason (change in security config?)

Field Detail

METHOD_UNSET

static final int METHOD_UNSET

See Also:

Constant Field Values

METHOD_ANONYMOUS

static final int METHOD_ANONYMOUS

Requests an 'anonymous' cloud, with a user with no credentials. This can only be used if the security implementation provides the 'anonymous' authentication application.

See Also:

Constant Field Values

METHOD_DELEGATE

static final int METHOD_DELEGATE

Delegates authentication completely to the authentication implementation. When using http, request and response objects are added to the credentials (if the Parameters object returned by createParameters(java.lang.String) can accept that) which can be used for user-interaction.

See Also:

Constant Field Values

METHOD_PAGELOGON

static final int METHOD_PAGELOGON

Login with given credentials (only Strings), and don't store this any where (except for the current 'page').

See Also:

Constant Field Values

METHOD_HTTP

static final int METHOD_HTTP

Use Http 'Basic' authentication. This only provides username / password and is not very safe, because http basic authentication sends those unencrypted.

See Also:

Constant Field Values

METHOD_ASIS

static final int METHOD_ASIS

Use the authenticated user which is stored in the session, or if no such user can be found, try to supply 'anonymous'.

See Also:

Constant Field Values

METHOD_LOGOUT

static final int METHOD_LOGOUT

Remove the authenticated user from the session, and otherwise invalidate the user if necessary (e.g. notify an authentication service).

See Also:

Constant Field Values

METHOD_LOGINPAGE

static final int METHOD_LOGINPAGE

Use a dedicated 'login' jsp, to log in.

See Also:

Constant Field Values

METHOD_SESSIONDELEGATE

static final int METHOD_SESSIONDELEGATE

Delegates authentication completely to the authentication implementation METHOD_DELEGATE, but stores the authenticated in the session then. A second request with this method will simply use the session.

See Also:

Constant Field Values

METHOD_SESSIONLOGON

static final int METHOD_SESSIONLOGON

Logon with given credentials (only Strings), and don't store this in the session.

See Also:

Constant Field Values

METHOD_DEFAULT

static final int METHOD_DEFAULT

See Also:

Constant Field Values

STRINGS

static final String STRINGS

Resourcebundle containing all kind of i18n versions of parameter names and so on. Used in static block of Authentication (because no static blocks allowed in interface).

See Also:

Constant Field Values

PARAMETER_USERNAME

static final Parameter<String> PARAMETER_USERNAME

Common parameters for login-info.

PARAMETER_PASSWORD

static final Parameter<String> PARAMETER_PASSWORD

PARAMETER_USERNAMES

static final Parameter<List> PARAMETER_USERNAMES

PARAMETER_RANK

static final Parameter<Rank> PARAMETER_RANK

PARAMETER_SESSIONNAME

static final Parameter<String> PARAMETER_SESSIONNAME

PARAMETER_LOGOUT

static final Parameter<Boolean> PARAMETER_LOGOUT

PARAMETER_AUTHENTICATE

static final Parameter<String> PARAMETER_AUTHENTICATE

STORES_CONTEXT_IN_OWNER

static final String STORES_CONTEXT_IN_OWNER

See Also:

Constant Field Values

Method Detail

isValid

boolean isValid(UserContext userContext)
                throws SecurityException

The method returns whether the UserContext has become invalid for some reason (change in security config?)

Parameters:

userContext - The UserContext of which we want to know the rights

Returns:

true when valid, otherwise false

Throws:

SecurityException - When something strange happened

getNode

int getNode(UserContext userContext)
            throws SecurityException

This method returns an MMBase node that corresponds with the given UserContext

Throws:

UnsupportedOperationException - If the current authentication implementation does not associate UserContext's with MMBase nodes at all.

SecurityException

Since:

MMBase-1.9

getUserBuilder

String getUserBuilder()

This method returns the builder name of the nodes that will be returned by the getNode(UserContext) call.

Throws:

UnsupportedOperationException - If the current authentication implementation does not associate user with MMBase nodes at all.

Since:

MMBase-1.9

getMethod

int getMethod(String m)

Several 'methods' to authenticate could be available. A method is a kind of protocol which must be used to authenticate some body.

Not all authentication methods may be applicable for all communication protocols (like http, https etc).

This method converts a user-friendly string describing the 'method' to a integer constant which can be used in getTypes(int).

Parameters:

m - A String like 'http', 'anonymous', 'loginpage', or 'delegatesession'.

Returns:

An integer contant. METHOD_DELEGATE, METHOD_PAGELOGON, METHOD_HTTP, METHOD_ASIS, METHOD_LOGOUT, METHOD_LOGINPAGE METHOD_SESSIONDELEGATE, METHOD_SESSIONLOGON. This method was introduced before java 1.5 (where the return type would more obviously be a AuthenticionMethod enumeration).

See Also:

getDefaultMethod(java.lang.String)

getDefaultMethod

int getDefaultMethod(String protocol)

The security implementation can override a default method. The default default method (as implemented in Authentication for the 'http' protocol is HTTP (which means that basic authentication of the http protocol can be used), but may not be feasible for every implementation (it is e.g. useless if the security implementation does not have name/password authentication).

Parameters:

protocol - For which protocol or null, which means 'for HTTP/1.1'.

getTypes

String[] getTypes()

Gives all available authentication types. The first one can be used as the default. Typically, an implementation should at least support 'anonynmous' and 'class'.

Since most of the time we are using HTTP any way, types for the method METHOD_HTTP ('name/password' based) and method METHOD_LOGINPAGE (createParameters(java.lang.String) can request anything presentable in a HTML-form) are common too.

getTypes

String[] getTypes(int method)

For a given method, returns the available 'applications'. The first one can be used as the default.

Typically for the method METHOD_ANONYMOUS at least 'anonymous' must be returned, and for METHOD_DELEGATE at least 'class'. Everything else is optional, because are not generic.

createParameters

Parameters createParameters(String application)

For a given authentication type returns a parameters object to fill with credentials. Parameters.toMap(java.util.Map) can be used as the second argument for Authentication.login(java.lang.String, java.util.Map, java.lang.Object[]) Given a certain 'application' this will return a Parameters which tells you exactly which parameters you can and must supply to Authentication.login(String, java.util.Map, Object[]).

getAttribute

Object getAttribute(String name)

Allows the user to retrieve specific attributes on the underlying implementation.

Since:

MMBase-1.9