org.mmbase.security.implementation.cloudcontext
Class Authenticate

java.lang.Object
  org.mmbase.security.Configurable
      org.mmbase.security.Authentication
          org.mmbase.security.implementation.cloudcontext.Authenticate

All Implemented Interfaces:

AuthenticationData

public class Authenticate

extends Authentication

Cloud-based Authentication. Deploy the application to explore the object-model on which this is based. Besides the cloud also a '/admins.properties' file is considered, which can be used by site-admins to give themselves rights if somehow they lost it, without turning of security altogether.

Version:

$Id: Authenticate.java,v 1.17 2006/02/20 18:34:16 michiel Exp $

Author:

Eduard Witteveen, Pierre van Rooden, Michiel Meeuwissen

Nested Class Summary

class	Authenticate.AdminVirtualNode
protected class	Authenticate.LocalAdmin

Field Summary

protected static String	ADMINS_PROPS
protected static Map	loggedInExtraAdmins

Fields inherited from class org.mmbase.security.Authentication

PARAMETERS_ANONYMOUS, PARAMETERS_NAME_PASSWORD, PARAMETERS_USERS

Fields inherited from class org.mmbase.security.Configurable

configFile, configResource, configWatcher, manager

Fields inherited from interface org.mmbase.security.AuthenticationData

METHOD_ANONYMOUS, METHOD_ASIS, METHOD_DEFAULT, METHOD_DELEGATE, METHOD_HTTP, METHOD_LOGINPAGE, METHOD_LOGOUT, METHOD_PAGELOGON, METHOD_SESSIONDELEGATE, METHOD_SESSIONLOGON, METHOD_UNSET, PARAMETER_AUTHENTICATE, PARAMETER_LOGOUT, PARAMETER_PASSWORD, PARAMETER_RANK, PARAMETER_SESSIONNAME, PARAMETER_USERNAME, PARAMETER_USERNAMES, STRINGS

Constructor Summary

Authenticate()

Method Summary

Parameters	createParameters(String application) For a given authentication type returns a parameters object to fill with credentials.
static User	getLoggedInExtraAdmin(String userName)
String[]	getTypes(int method) For a given method, returns the available 'applications'. The first one can be used as the default.
boolean	isValid(UserContext userContext) The method returns wether the UserContext has become invalid for some reason (change in security config?)
protected void	load() This method should be overrided by an extending class.
UserContext	login(String s, Map map, Object[] aobj) This method will verify the login, and give a UserContext back if the login procedure was successful.
protected void	readAdmins(InputStream in)

Methods inherited from class org.mmbase.security.Authentication

getDefaultMethod, getKey, getMethod, getTypes

Methods inherited from class org.mmbase.security.Configurable

load

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ADMINS_PROPS

protected static final String ADMINS_PROPS

See Also:

Constant Field Values

loggedInExtraAdmins

protected static Map loggedInExtraAdmins

Constructor Detail

Authenticate

public Authenticate()

Method Detail

readAdmins

protected void readAdmins(InputStream in)

load

protected void load()
             throws SecurityException

Description copied from class: Configurable

This method should be overrided by an extending class. It should further initialize the class. It can optionally retrieve settings from the general security configuration file (available as the 'configFile' member). Security implementations with complicated configuration would typically retrieve a path to their own configuration file only.

Specified by:

load in class Configurable

Throws:

SecurityException

login

public UserContext login(String s,
                         Map map,
                         Object[] aobj)
                  throws SecurityException

Description copied from class: Authentication

This method will verify the login, and give a UserContext back if the login procedure was successful.

Specified by:

login in class Authentication

Parameters:

s - A String that further specifies the login method (one implementation could handle more then one methods) A typical value might be 'username/password'.

map - A Map containing the credentials or other objects which might be used to obtain them (e.g. request/response objects). It might also be 'null', in which case your implementation normally should return the 'anonymous' user (or null, if no such user can be defined).

aobj - A list of optional parameters, may also (and will often) be null.

Returns:

nullThrows:

SecurityException - When something strang happened

getLoggedInExtraAdmin

public static User getLoggedInExtraAdmin(String userName)

isValid

public boolean isValid(UserContext userContext)
                throws SecurityException

Description copied from interface: AuthenticationData

The method returns wether the UserContext has become invalid for some reason (change in security config?)

Parameters:

userContext - The UserContext of which we want to know the rights

Returns:

true when valid, otherwise false

Throws:

SecurityException - When something strange happened

getTypes

public String[] getTypes(int method)

Description copied from class: Authentication

For a given method, returns the available 'applications'. The first one can be used as the default.

Specified by:

getTypes in interface AuthenticationData

Overrides:

getTypes in class Authentication

createParameters

public Parameters createParameters(String application)

Description copied from interface: AuthenticationData

For a given authentication type returns a parameters object to fill with credentials. Parameters.toMap() can be used as the second argument for Authentication.login(java.lang.String, java.util.Map, java.lang.Object[])

Specified by:

createParameters in interface AuthenticationData

Overrides:

createParameters in class Authentication