Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.mmbase.security
Interface AuthenticationData

All Known Implementing Classes:
Authentication
public interface AuthenticationData

This interface represents information about the authentication implemtentation.

Since:
MMBase-1.8
Version:
$Id: AuthenticationData.java,v 1.6 2005/10/12 19:07:31 michiel Exp $
Author:
Michiel Meeuwissen

Field Summary
static int METHOD_ANONYMOUS
          Requests an 'anonymous' cloud, with a user with no credentials.
static int METHOD_ASIS
          Use the authenticated user which is stored in the session, or if no such user can be found, try to supply 'anonymous'.
static int METHOD_DEFAULT
           
static int METHOD_DELEGATE
          Delegates authentication completely to the authentication implementation.
static int METHOD_HTTP
          Use Http 'Basic' authentication.
static int METHOD_LOGINPAGE
          Use a dedicated 'login' jsp, to log in.
static int METHOD_LOGOUT
          Remove the authenticated user from the session, and otherwise invalidate the user if necessary (e.g.
static int METHOD_PAGELOGON
          Logon with given credentials (only Strings), and don't store this any where (except for the current 'page').
static int METHOD_SESSIONDELEGATE
          Delegates authentication comletely to the authentication implementation METHOD_DELEGATE, but stores the authenticated in the session then.
static int METHOD_SESSIONLOGON
          Logon with given credentials (only Strings), and don't store this in the session.
static int METHOD_UNSET
           
static Parameter PARAMETER_AUTHENTICATE
           
static Parameter PARAMETER_LOGOUT
           
static Parameter PARAMETER_PASSWORD
           
static Parameter PARAMETER_RANK
           
static Parameter PARAMETER_SESSIONNAME
           
static Parameter PARAMETER_USERNAME
          Common parameters for logon-info
static Parameter PARAMETER_USERNAMES
           
static String STRINGS
           
 
Method Summary
 Parameters createParameters(String application)
          For a given authentication type returns a parameters object to fill with credentials.
 int getDefaultMethod(String protocol)
          The security implementation can override a default method.
 int getMethod(String m)
          Several 'methods' to authenticate could be available.
 String[] getTypes()
          Gives all availabe authentication types.
 String[] getTypes(int method)
          For a given method, returns the available 'applications'.
 boolean isValid(UserContext userContext)
          The method returns wether the UserContext has become invalid for some reason (change in security config?)
 

Field Detail

METHOD_UNSET

public static final int METHOD_UNSET
See Also:
Constant Field Values

METHOD_ANONYMOUS

public static final int METHOD_ANONYMOUS
Requests an 'anonymous' cloud, with a user with no credentials. This can only be used if the security implementation provides the 'anonymous' authentication application.

See Also:
Constant Field Values

METHOD_DELEGATE

public static final int METHOD_DELEGATE
Delegates authentication completely to the authentication implementation. When using http, request and response objects are added to the credentials which can be used for user-interaction.

See Also:
Constant Field Values

METHOD_PAGELOGON

public static final int METHOD_PAGELOGON
Logon with given credentials (only Strings), and don't store this any where (except for the current 'page').

See Also:
Constant Field Values

METHOD_HTTP

public static final int METHOD_HTTP
Use Http 'Basic' authentication. This only provides username / password and is not very safe, because http basic authentication sends those unencrypted.

See Also:
Constant Field Values

METHOD_ASIS

public static final int METHOD_ASIS
Use the authenticated user which is stored in the session, or if no such user can be found, try to supply 'anonymous'.

See Also:
Constant Field Values

METHOD_LOGOUT

public static final int METHOD_LOGOUT
Remove the authenticated user from the session, and otherwise invalidate the user if necessary (e.g. notify an authentication service).

See Also:
Constant Field Values

METHOD_LOGINPAGE

public static final int METHOD_LOGINPAGE
Use a dedicated 'login' jsp, to log in.

See Also:
Constant Field Values

METHOD_SESSIONDELEGATE

public static final int METHOD_SESSIONDELEGATE
Delegates authentication comletely to the authentication implementation METHOD_DELEGATE, but stores the authenticated in the session then. A second request with this method will simply use the session.

See Also:
Constant Field Values

METHOD_SESSIONLOGON

public static final int METHOD_SESSIONLOGON
Logon with given credentials (only Strings), and don't store this in the session.

See Also:
Constant Field Values

METHOD_DEFAULT

public static final int METHOD_DEFAULT
See Also:
Constant Field Values

STRINGS

public static final String STRINGS
See Also:
Constant Field Values

PARAMETER_USERNAME

public static final Parameter PARAMETER_USERNAME
Common parameters for logon-info

PARAMETER_PASSWORD

public static final Parameter PARAMETER_PASSWORD

PARAMETER_USERNAMES

public static final Parameter PARAMETER_USERNAMES

PARAMETER_RANK

public static final Parameter PARAMETER_RANK

PARAMETER_SESSIONNAME

public static final Parameter PARAMETER_SESSIONNAME

PARAMETER_LOGOUT

public static final Parameter PARAMETER_LOGOUT

PARAMETER_AUTHENTICATE

public static final Parameter PARAMETER_AUTHENTICATE
Method Detail

isValid

public boolean isValid(UserContext userContext)
                throws SecurityException
The method returns wether the UserContext has become invalid for some reason (change in security config?)

Parameters:
userContext - The UserContext of which we want to know the rights
Returns:
true when valid, otherwise false
Throws:
SecurityException - When something strange happened

getMethod

public int getMethod(String m)
Several 'methods' to authenticate could be available. This method converts a user-friendly string describing the 'method' to a integer constant which can be used in getTypes(int).

Parameters:
m - A String like 'http', 'anonymous', 'loginpage', or 'delegatesession'.
Returns:
An integer contant.

getDefaultMethod

public int getDefaultMethod(String protocol)
The security implementation can override a default method. The default default method (as implemented in Authentication for the 'http' protocol is HTTP (which means that basic authentication of the http protocol can be used), but may not be feasible for every implementation (it is e.g. useless if the security implementation does not have name/password authentication).

Parameters:
protocol - For which protocol or null, which means 'HTTP/1.1'.

getTypes

public String[] getTypes()
Gives all availabe authentication types. The first one can be used as the default.

getTypes

public String[] getTypes(int method)
For a given method, returns the available 'applications'. The first one can be used as the default.

createParameters

public Parameters createParameters(String application)
For a given authentication type returns a parameters object to fill with credentials. Parameters.toMap() can be used as the second argument for Authentication.login(java.lang.String, java.util.Map, java.lang.Object[])

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
MMBase build 1.8.1.20060716