| java.lang.Object
 org.ofbiz.securityext.login.LoginEvents
All known Subclasses: com.sourcetap.sfa.security.SFALoginEvents,
| Method Summary | |
| public static String | autoLoginCheck(HttpServletRequest request, HttpServletResponse response)
| | public static String | autoLoginRemove(HttpServletRequest request, HttpServletResponse response)
| | public static String | autoLoginSet(HttpServletRequest request, HttpServletResponse response)
| | public static String | checkExternalLoginKey(HttpServletRequest request, HttpServletResponse response)
| | public static String | checkLogin(HttpServletRequest request, HttpServletResponse response)
An HTTP WebEvent handler that checks to see is a userLogin is logged in. | | public static void | cleanupExternalLoginKey(HttpSession session)
| | public static void | doBasicLogin(GenericValue userLogin, HttpServletRequest request)
| | public static void | doBasicLogout(GenericValue userLogin, HttpServletRequest request)
| | public static String | emailPassword(HttpServletRequest request, HttpServletResponse response)
Email the password for the userLoginId specified in the request object. | | public static String | forgotPassword(HttpServletRequest request, HttpServletResponse response)
The user forgot his/her password. | | protected static String | getAutoLoginCookieName(HttpServletRequest request)
| | public static String | getAutoUserLoginId(HttpServletRequest request)
| | public static String | getExternalLoginKey(HttpServletRequest request)
| | protected static boolean | hasBasePermission(GenericValue userLogin, HttpServletRequest request)
| | public static boolean | isLoggedInSession(GenericValue userLogin, HttpServletRequest request)
| | public static boolean | isLoggedInSession(String userLoginId, HttpServletRequest request, boolean checkSessionId)
| | public static String | login(HttpServletRequest request, HttpServletResponse response)
An HTTP WebEvent handler that logs in a userLogin. | | public static void | loginToSession(GenericValue userLogin, HttpServletRequest request)
| | public static String | logout(HttpServletRequest request, HttpServletResponse response)
An HTTP WebEvent handler that logs out a userLogin by clearing the session.
Parameters:
request - The HTTP request object for the current JSP or Servlet request.
Parameters:
response - The HTTP response object for the current JSP or Servlet request. | | public static void | logoutFromAllSessions(GenericValue userLogin)
| | public static String | saveEntryParams(HttpServletRequest request, HttpServletResponse response)
Save USERNAME and PASSWORD for use by auth pages even if we start in non-auth pages. | | public static String | showPasswordHint(HttpServletRequest request, HttpServletResponse response)
Show the password hint for the userLoginId specified in the request object. |
| EXTERNAL_LOGIN_KEY_ATTR | | final public static String EXTERNAL_LOGIN_KEY_ATTR(Code) | | |
| externalLoginKeys | | public static Map externalLoginKeys(Code) | | This Map is keyed by the randomly generated externalLoginKey and the value is a UserLogin GenericValue object
|
| loggedInSessions | | public static Map loggedInSessions(Code) | | This Map is keyed by userLoginId and the value is another Map keyed by the webappName and the value is the sessionId.
When a user logs in an entry in this Map will be populated for the given user, webapp and session.
When checking security this Map will be checked if the user is logged in to see if we should log them out automatically; this implements the universal logout.
When a user logs out this Map will be cleared so the user will be logged out automatically on subsequent requests.
|
| checkLogin | | public static String checkLogin(HttpServletRequest request, HttpServletResponse response)(Code) | | An HTTP WebEvent handler that checks to see is a userLogin is logged in.
If not, the user is forwarded to the /login.jsp page.
Parameters:
request - The HTTP request object for the current JSP or Servlet request.
Parameters:
response - The HTTP response object for the current JSP or Servlet request. |
| cleanupExternalLoginKey | | public static void cleanupExternalLoginKey(HttpSession session)(Code) | | |
| emailPassword | | public static String emailPassword(HttpServletRequest request, HttpServletResponse response)(Code) | | Email the password for the userLoginId specified in the request object.
Parameters:
request - The HTTPRequest object for the current request
Parameters:
response - The HTTPResponse object for the current request String specifying the exit status of this event |
| forgotPassword | | public static String forgotPassword(HttpServletRequest request, HttpServletResponse response)(Code) | | The user forgot his/her password. This will either call showPasswordHint or emailPassword.
Parameters:
request - The HTTPRequest object for the current request
Parameters:
response - The HTTPResponse object for the current request String specifying the exit status of this event |
| getExternalLoginKey | | public static String getExternalLoginKey(HttpServletRequest request)(Code) | | Gets (and creates if necessary) a key to be used for an external login parameter
|
| login | | public static String login(HttpServletRequest request, HttpServletResponse response)(Code) | | An HTTP WebEvent handler that logs in a userLogin. This should run before the security check.
Parameters:
request - The HTTP request object for the current JSP or Servlet request.
Parameters:
response - The HTTP response object for the current JSP or Servlet request. Return a boolean which specifies whether or not the calling Servlet orJSP should generate its own content. This allows an event to override the default content. |
| logout | | public static String logout(HttpServletRequest request, HttpServletResponse response)(Code) | | An HTTP WebEvent handler that logs out a userLogin by clearing the session.
Parameters:
request - The HTTP request object for the current JSP or Servlet request.
Parameters:
response - The HTTP response object for the current JSP or Servlet request. Return a boolean which specifies whether or not the calling Servlet orJSP should generate its own content. This allows an event to override the default content. |
| logoutFromAllSessions | | public static void logoutFromAllSessions(GenericValue userLogin)(Code) | | |
| saveEntryParams | | public static String saveEntryParams(HttpServletRequest request, HttpServletResponse response)(Code) | | Save USERNAME and PASSWORD for use by auth pages even if we start in non-auth pages.
Parameters:
request - The HTTP request object for the current JSP or Servlet request.
Parameters:
response - The HTTP response object for the current JSP or Servlet request. |
| showPasswordHint | | public static String showPasswordHint(HttpServletRequest request, HttpServletResponse response)(Code) | | Show the password hint for the userLoginId specified in the request object.
Parameters:
request - The HTTPRequest object for the current request
Parameters:
response - The HTTPResponse object for the current request String specifying the exit status of this event |
|
|