org.mmbase.security.implementation.basic
Class AuthenticationHandler
java.lang.Object
org.mmbase.security.Configurable
org.mmbase.security.Authentication
org.mmbase.security.implementation.basic.AuthenticationHandler
- All Implemented Interfaces:
- AuthenticationData
- public class AuthenticationHandler
- extends Authentication
Authentication based on a config files. There is an XML file (`authentication.xml') which defines
several modules (conected to the 'module/method' String). There are now three moduiles in this
implementation. 'anonymous' for the anonyunous user. 'name/password' for 'basic users'. The
username/passwords of the basic users are defined in an account.properties file. The last module
is 'admin' which authenticates only on password.
- Version:
- $Id: AuthenticationHandler.java,v 1.10 2005/07/09 15:29:12 nklasens Exp $
- Author:
- Eduard Witteveen
- To Do:
- MM: I think it should be possible for admin to login with name/password to, how else could
you use HTTP authentication (e.g. admin pages).
| Fields inherited from interface org.mmbase.security.AuthenticationData |
METHOD_ANONYMOUS, METHOD_ASIS, METHOD_DEFAULT, METHOD_DELEGATE, METHOD_HTTP, METHOD_LOGINPAGE, METHOD_LOGOUT, METHOD_PAGELOGON, METHOD_SESSIONDELEGATE, METHOD_SESSIONLOGON, METHOD_UNSET, PARAMETER_AUTHENTICATE, PARAMETER_LOGOUT, PARAMETER_PASSWORD, PARAMETER_RANK, PARAMETER_SESSIONNAME, PARAMETER_USERNAME, PARAMETER_USERNAMES, STRINGS |
|
Method Summary |
boolean |
isValid(UserContext usercontext)
this method does nothing.. |
protected void |
load()
This method should be overrided by an extending class. |
UserContext |
login(String moduleName,
Map loginInfo,
Object[] parameters)
This method will verify the login, and give a UserContext back if the login procedure was successful. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PUBLIC_ID_BASICSECURITY_1_0
public static final String PUBLIC_ID_BASICSECURITY_1_0
- See Also:
- Constant Field Values
DTD_BASICSECURITY_1_0
public static final String DTD_BASICSECURITY_1_0
- See Also:
- Constant Field Values
AuthenticationHandler
public AuthenticationHandler()
load
protected void load()
- Description copied from class:
Configurable
- This method should be overrided by an extending class. It should further initialize the
class. It can optionally retrieve settings from the general security configuration file
(available as the 'configFile' member). Security implementations with complicated
configuration would typically retrieve a path to their own configuration file only.
- Specified by:
load in class Configurable
login
public UserContext login(String moduleName,
Map loginInfo,
Object[] parameters)
throws SecurityException
- Description copied from class:
Authentication
- This method will verify the login, and give a UserContext back if the login procedure was successful.
- Specified by:
login in class Authentication
- Parameters:
moduleName - A String that further specifies the login method (one implementation could handle more then one methods)
A typical value might be 'username/password'.loginInfo - A Map containing the credentials or other objects which might be used to obtain them (e.g. request/response objects).
It might also be 'null', in which case your implementation normally should return the 'anonymous' user (or null, if
no such user can be defined).parameters - A list of optional parameters, may also (and will often) be null.
- Returns:
nullThrows:
SecurityException - When something strang happened
isValid
public boolean isValid(UserContext usercontext)
throws SecurityException
- this method does nothing..
- Parameters:
usercontext - The UserContext of which we want to know the rights
- Returns:
true when valid, otherwise false
- Throws:
SecurityException - When something strange happened
MMBase build 1.8.1.20060716