org.mmbase.security.implementation.cloudcontext

Class Authenticate

java.lang.Object

org.mmbase.security.Configurable

org.mmbase.security.Authentication

org.mmbase.security.implementation.cloudcontext.CloudContextAuthentication

org.mmbase.security.implementation.cloudcontext.Authenticate

All Implemented Interfaces:

AuthenticationData

public class Authenticate
extends CloudContextAuthentication

Cloud-based Authentication. Deploy the application to explore the object-model on which this is based. Besides the cloud also a '/admins.properties' file is considered, which can be used by site-admins to give themselves rights if somehow they lost it, without turning of security altogether.

Version:

$Id$

Author:

Eduard Witteveen, Pierre van Rooden, Michiel Meeuwissen

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
class	Authenticate.AdminVirtualNode
protected class	Authenticate.LocalAdmin

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	ADMINS_PROPS
protected static Map<String,User>	loggedInExtraAdmins

Fields inherited from class org.mmbase.security.Authentication

attributes, PARAMETERS_ANONYMOUS, PARAMETERS_NAME_PASSWORD, PARAMETERS_USERS

Fields inherited from class org.mmbase.security.Configurable

configResource, configWatcher, manager

Fields inherited from interface org.mmbase.security.AuthenticationData

METHOD_ANONYMOUS, METHOD_ASIS, METHOD_DEFAULT, METHOD_DELEGATE, METHOD_HTTP, METHOD_LOGINPAGE, METHOD_LOGOUT, METHOD_PAGELOGON, METHOD_SESSIONDELEGATE, METHOD_SESSIONLOGON, METHOD_UNSET, PARAMETER_AUTHENTICATE, PARAMETER_LOGOUT, PARAMETER_PASSWORD, PARAMETER_RANK, PARAMETER_SESSIONNAME, PARAMETER_USERNAME, PARAMETER_USERNAMES, STORES_CONTEXT_IN_OWNER, STRINGS

Constructor Summary

Constructors

Constructor and Description
Authenticate()

Method Summary

Modifier and Type	Method and Description
Parameters	createParameters(String application) For a given authentication type returns a parameters object to fill with credentials.
static User	getLoggedInExtraAdmin(String userName)
int	getNode(UserContext user) This method returns an MMBase node that corresponds with the given UserContext
String[]	getTypes(int method) For a given method, returns the available 'applications'.
boolean	isValid(UserContext userContext) The method returns whether the UserContext has become invalid for some reason (change in security config?)
protected void	load() This method should be overridden by an extending class.
UserContext	login(String type, Map<String,?> map, Object[] parameters) This method will verify the login, and give a UserContext back if the login procedure was successful.
protected void	readAdmins(InputStream in)

Methods inherited from class org.mmbase.security.implementation.cloudcontext.CloudContextAuthentication

getInstance, getUserBuilder, getUserProvider

Methods inherited from class org.mmbase.security.Authentication

getAttribute, getDefaultMethod, getKey, getMethod, getMethod, getTypes

Methods inherited from class org.mmbase.security.Configurable

load

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ADMINS_PROPS

protected static final String ADMINS_PROPS

See Also:

Constant Field Values

loggedInExtraAdmins

protected static Map<String,User> loggedInExtraAdmins

Constructor Detail

Authenticate

public Authenticate()

Method Detail

readAdmins

protected void readAdmins(InputStream in)

load

protected void load()
             throws SecurityException

This method should be overridden by an extending class. It should further initialize the class. It can optionally retrieve settings from the general security configuration file (available as the 'configResource' member). Security implementations with complicated configuration would typically retrieve a path to their own configuration file only.

Specified by:

load in class Configurable

Throws:

SecurityException

getNode

public int getNode(UserContext user)
            throws SecurityException

Description copied from class: Authentication

This method returns an MMBase node that corresponds with the given UserContext

Specified by:

getNode in interface AuthenticationData

Overrides:

getNode in class Authentication

Throws:

SecurityException

Since:

MMBase-1.9

login

public UserContext login(String type,
                         Map<String,?> map,
                         Object[] parameters)
                  throws SecurityException

This method will verify the login, and give a UserContext back if the login procedure was successful.

Password comparison strategies

client provided	database	application to use	comments
plain	encoded	name/password	this is the default and most sensible case
encoded	encoded	name/encodedpassword	The 'allowencodedpassword' property must be true for this to work.
plain	plain	name/password	this is the default if the password set-processor is empty.
encoded	plain	name/encodedpassword

Specified by:

login in class Authentication

Parameters:

type - A String that further specifies the login method (one implementation could handle more then one methods) A typical value might be 'username/password'. Possible values are returned by Authentication.getTypes(). This is also called 'authentication', or '(authentication) type' in several contextes.

map - A Map containing the credentials or other objects which might be used to obtain them (e.g. request/response objects). It might also be 'null', in which case your implementation normally should return the 'anonymous' user (or null, if no such user can be defined). This Map can (or must) be supplied by Authentication.createParameters(java.lang.String) (using the setter-methods and the Parameters.toMap(java.util.Map<java.lang.String, java.lang.Object>) method of the resulting Parameters object).

parameters - A list of optional parameters, may also (and will often) be null.

Returns:

null if no valid credentials were supplied, a (perhaps new) UserContext if login succeeded.

Throws:

SecurityException - When something strange happened, or authentication was unsuccessful.

getLoggedInExtraAdmin

public static User getLoggedInExtraAdmin(String userName)

isValid

public boolean isValid(UserContext userContext)
                throws SecurityException

Description copied from interface: AuthenticationData

The method returns whether the UserContext has become invalid for some reason (change in security config?)

Parameters:

userContext - The UserContext of which we want to know the rights

Returns:

true when valid, otherwise false

Throws:

SecurityException - When something strange happened

getTypes

public String[] getTypes(int method)

Description copied from class: Authentication

For a given method, returns the available 'applications'. The first one can be used as the default.

Typically for the method AuthenticationData.METHOD_ANONYMOUS at least 'anonymous' must be returned, and for AuthenticationData.METHOD_DELEGATE at least 'class'. Everything else is optional, because are not generic.

Specified by:

getTypes in interface AuthenticationData

Overrides:

getTypes in class Authentication

createParameters

public Parameters createParameters(String application)

Description copied from class: Authentication

For a given authentication type returns a parameters object to fill with credentials. Parameters.toMap(java.util.Map<java.lang.String, java.lang.Object>) can be used as the second argument for Authentication.login(java.lang.String, java.util.Map<java.lang.String, ?>, java.lang.Object[]) Given a certain 'application' this will return a Parameters which tells you exactly which parameters you can and must supply to Authentication.login(String, java.util.Map, Object[]).

Specified by:

createParameters in interface AuthenticationData

Overrides:

createParameters in class Authentication