org.mmbase.security.classsecurity
Class ClassAuthenticationWrapper

java.lang.Object
  extended by org.mmbase.security.Configurable
      extended by org.mmbase.security.Authentication
          extended by org.mmbase.security.classsecurity.ClassAuthenticationWrapper
All Implemented Interfaces:
AuthenticationData

public class ClassAuthenticationWrapper
extends Authentication

ClassAuthenticationWrapper wraps another Authentication implemention, and adds an extra configuration file. In this configuration file the wrapped Authentication can be specified (and its configuration file if it needs one). Besides that, also authentication credentials can be linked to classes in this XML configuration file.

Since:
MMBase-1.8
Version:
$Id: ClassAuthenticationWrapper.java 41989 2010-04-20 16:45:39Z michiel $
Author:
Michiel Meeuwissen

Field Summary
 
Fields inherited from class org.mmbase.security.Authentication
attributes, PARAMETERS_ANONYMOUS, PARAMETERS_NAME_PASSWORD, PARAMETERS_USERS
 
Fields inherited from class org.mmbase.security.Configurable
configResource, configWatcher, manager
 
Fields inherited from interface org.mmbase.security.AuthenticationData
METHOD_ANONYMOUS, METHOD_ASIS, METHOD_DEFAULT, METHOD_DELEGATE, METHOD_HTTP, METHOD_LOGINPAGE, METHOD_LOGOUT, METHOD_PAGELOGON, METHOD_SESSIONDELEGATE, METHOD_SESSIONLOGON, METHOD_UNSET, PARAMETER_AUTHENTICATE, PARAMETER_LOGOUT, PARAMETER_PASSWORD, PARAMETER_RANK, PARAMETER_SESSIONNAME, PARAMETER_USERNAME, PARAMETER_USERNAMES, STORES_CONTEXT_IN_OWNER, STRINGS
 
Constructor Summary
ClassAuthenticationWrapper()
           
 
Method Summary
 boolean isValid(UserContext userContext)
          The method returns whether the UserContext has become invalid for some reason (change in security config?)
protected  void load()
          This method should be overridden by an extending class.
protected  UserContext login(Map loginInfo, Object[] parameters)
          logs-in using the first match on the class from the configuration file.
 UserContext login(String application, Map loginInfo, Object[] parameters)
          This method will verify the login, and give a UserContext back if the login procedure was successful.
 
Methods inherited from class org.mmbase.security.Authentication
createParameters, getAttribute, getDefaultMethod, getKey, getMethod, getMethod, getNode, getTypes, getTypes, getUserBuilder
 
Methods inherited from class org.mmbase.security.Configurable
load
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ClassAuthenticationWrapper

public ClassAuthenticationWrapper()
Method Detail

load

protected void load()
             throws SecurityException
This method should be overridden by an extending class. It should further initialize the class. It can optionally retrieve settings from the general security configuration file (available as the 'configResource' member). Security implementations with complicated configuration would typically retrieve a path to their own configuration file only. Reads the configuration file and instantiates and loads the wrapped Authentication.

Specified by:
load in class Configurable
Throws:
SecurityException

login

protected UserContext login(Map loginInfo,
                            Object[] parameters)
                     throws SecurityException
logs-in using the first match on the class from the configuration file.

Parameters:
loginInfo - If there are possible credentials already, they can be in this map. The new one will be added. If it is null, a new Map is instantiated.
parameters - Required by the login method of Authentication. I think noone ever uses it.
Throws:
SecurityException

login

public UserContext login(String application,
                         Map loginInfo,
                         Object[] parameters)
                  throws SecurityException
This method will verify the login, and give a UserContext back if the login procedure was successful.

Specified by:
login in class Authentication
Parameters:
application - A String that further specifies the login method (one implementation could handle more then one methods) A typical value might be 'username/password'. Possible values are returned by Authentication.getTypes(). This is also called 'authentication', or '(authentication) type' in several contextes.
loginInfo - A Map containing the credentials or other objects which might be used to obtain them (e.g. request/response objects). It might also be 'null', in which case your implementation normally should return the 'anonymous' user (or null, if no such user can be defined). This Map can (or must) be supplied by Authentication.createParameters(java.lang.String) (using the setter-methods and the Parameters.toMap(java.util.Map) method of the resulting Parameters object).
parameters - A list of optional parameters, may also (and will often) be null.
Returns:
null if no valid credentials were supplied, a (perhaps new) UserContext if login succeeded.
Throws:
SecurityException - When something strange happened, or authentication was unsuccessful.

isValid

public boolean isValid(UserContext userContext)
                throws SecurityException
The method returns whether the UserContext has become invalid for some reason (change in security config?)

Parameters:
userContext - The UserContext of which we want to know the rights
Returns:
true when valid, otherwise false
Throws:
SecurityException - When something strange happened


MMBase 2.0-SNAPSHOT - null