| java.lang.Object org.dspace.authenticate.AuthenticationManager
AuthenticationManager | public class AuthenticationManager (Code) | | Access point for the stackable authentication methods.
This class initializes the "stack" from the DSpace configuration,
and then invokes methods in the appropriate order on behalf of clients.
See the AuthenticationMethod interface for details about what each
function does.
Configuration
The stack of authentication methods is defined by one property in the DSpace configuration:
plugin.sequence.org.dspace.eperson.AuthenticationMethod = a list of method class names
e.g.
plugin.sequence.org.dspace.eperson.AuthenticationMethod = \
org.dspace.eperson.X509Authentication, \
org.dspace.eperson.PasswordAuthentication
The "stack" is always traversed in order, with the methods
specified first (in the configuration) thus getting highest priority.
See Also: AuthenticationMethod author: Larry Stone version: $Revision: 2168 $ |
Method Summary | |
public static boolean | allowSetPassword(Context context, HttpServletRequest request, String username) Predicate, can user set EPerson password.
Returns true if the allowSetPassword() method of any
member of the stack returns true.
Parameters: context - DSpace context Parameters: request - HTTP request, in case it's needed. | public static int | authenticate(Context context, String username, String password, String realm, HttpServletRequest request) Test credentials for authenticity.
Apply the given credentials to each authenticate() method in
the stack. | public static int | authenticateImplicit(Context context, String username, String password, String realm, HttpServletRequest request) Test credentials for authenticity, using only Implicit methods.
Just like authenticate() , except it only invokes the
implicit authentication methods the stack.
Parameters: context - DSpace context, will be modified (ePerson set) upon success. Parameters: username - Username (or email address) when method is explicit. | public static Iterator | authenticationMethodIterator() Get stack of authentication methods. | public static boolean | canSelfRegister(Context context, HttpServletRequest request, String username) Predicate, can a new EPerson be created.
Invokes canSelfRegister() of every authentication
method in the stack, and returns true if any of them is true.
Parameters: context - DSpace context Parameters: request - HTTP request, in case it's needed. | public static int[] | getSpecialGroups(Context context, HttpServletRequest request) Get list of extra groups that user implicitly belongs to.
Returns accumulation of groups of all the getSpecialGroups()
methods in the stack.
Parameters: context - A valid DSpace context. Parameters: request - The request that started this operation, or null if not applicable. | public static void | initEPerson(Context context, HttpServletRequest request, EPerson eperson) Initialize a new e-person record for a self-registered new user.
Give every authentication method in the stack a chance to
initialize the new ePerson by calling its initEperson()
Parameters: context - DSpace context Parameters: request - HTTP request, in case it's needed. |
allowSetPassword | public static boolean allowSetPassword(Context context, HttpServletRequest request, String username) throws SQLException(Code) | | Predicate, can user set EPerson password.
Returns true if the allowSetPassword() method of any
member of the stack returns true.
Parameters: context - DSpace context Parameters: request - HTTP request, in case it's needed. Can be null. Parameters: username - Username, if available. Can be null. true if this method allows user to change ePerson password. |
authenticate | public static int authenticate(Context context, String username, String password, String realm, HttpServletRequest request)(Code) | | Test credentials for authenticity.
Apply the given credentials to each authenticate() method in
the stack. Returns upon the first SUCCESS , or otherwise
returns the most favorable outcome from one of the methods.
Parameters: context - DSpace context, will be modified (ePerson set) upon success. Parameters: username - Username (or email address) when method is explicit. Use null forimplicit method. Parameters: password - Password for explicit auth, or null for implicit method. Parameters: realm - Realm is an extra parameter used by some authentication methods, leave null ifnot applicable. Parameters: request - The HTTP request that started this operation, or null if not applicable. One of:SUCCESS, BAD_CREDENTIALS, CERT_REQUIRED, NO_SUCH_USER, BAD_ARGSMeaning: SUCCESS - authenticated OK. BAD_CREDENTIALS - user exists, but credenitals (e.g. passwd) don't match CERT_REQUIRED - not allowed to login this way without X.509 cert. NO_SUCH_USER - user not found using this method. BAD_ARGS - user/pw not appropriate for this method |
authenticateImplicit | public static int authenticateImplicit(Context context, String username, String password, String realm, HttpServletRequest request)(Code) | | Test credentials for authenticity, using only Implicit methods.
Just like authenticate() , except it only invokes the
implicit authentication methods the stack.
Parameters: context - DSpace context, will be modified (ePerson set) upon success. Parameters: username - Username (or email address) when method is explicit. Use null forimplicit method. Parameters: password - Password for explicit auth, or null for implicit method. Parameters: realm - Realm is an extra parameter used by some authentication methods, leave null ifnot applicable. Parameters: request - The HTTP request that started this operation, or null if not applicable. One of:SUCCESS, BAD_CREDENTIALS, CERT_REQUIRED, NO_SUCH_USER, BAD_ARGSMeaning: SUCCESS - authenticated OK. BAD_CREDENTIALS - user exists, but credenitals (e.g. passwd) don't match CERT_REQUIRED - not allowed to login this way without X.509 cert. NO_SUCH_USER - user not found using this method. BAD_ARGS - user/pw not appropriate for this method |
authenticationMethodIterator | public static Iterator authenticationMethodIterator()(Code) | | Get stack of authentication methods.
Return an Iterator that steps through each configured
authentication method, in order of precedence.
Iterator object. |
canSelfRegister | public static boolean canSelfRegister(Context context, HttpServletRequest request, String username) throws SQLException(Code) | | Predicate, can a new EPerson be created.
Invokes canSelfRegister() of every authentication
method in the stack, and returns true if any of them is true.
Parameters: context - DSpace context Parameters: request - HTTP request, in case it's needed. Can be null. Parameters: username - Username, if available. Can be null. true if new ePerson should be created. |
getSpecialGroups | public static int[] getSpecialGroups(Context context, HttpServletRequest request) throws SQLException(Code) | | Get list of extra groups that user implicitly belongs to.
Returns accumulation of groups of all the getSpecialGroups()
methods in the stack.
Parameters: context - A valid DSpace context. Parameters: request - The request that started this operation, or null if not applicable. Returns IDs of any groups the user authenticated by thisrequest is in implicitly -- checks for e.g. network-address dependentgroups. |
initEPerson | public static void initEPerson(Context context, HttpServletRequest request, EPerson eperson) throws SQLException(Code) | | Initialize a new e-person record for a self-registered new user.
Give every authentication method in the stack a chance to
initialize the new ePerson by calling its initEperson()
Parameters: context - DSpace context Parameters: request - HTTP request, in case it's needed. Can be null. Parameters: eperson - newly created EPerson record - email + information from theregistration form will have been filled out. |
|
|