org.silverpeas.authentication
Class Authentication

java.lang.Object
  extended by org.silverpeas.authentication.Authentication
Direct Known Subclasses:
AuthenticationCAS, AuthenticationLDAP, AuthenticationNT, AuthenticationSQL

public abstract class Authentication
extends Object

A set of security-related operations about a user authentication. The authentication is performed by a server of a remote authentication service and an instance of this class manages for Silverpeas the negotiation with the service to perform the asked security-related operation. Each concrete implementation of this abstract class must implement the communication protocol with the a server of the remote service; it is dedicated to a given authentication service.

Author:
tleroi, mmoquillon

Field Summary
protected  boolean enabled
           
static String ENC_TYPE_CLEAR
           
static String ENC_TYPE_MD5
           
static String ENC_TYPE_UNIX
           
protected static String module
           
static String PASSWORD_CHANGE_ALLOWED
           
static String PASSWORD_IS_ABOUT_TO_EXPIRE
           
 
Constructor Summary
Authentication()
           
 
Method Summary
 void authenticate(AuthenticationCredential credential)
          Authenticates the user with its specified credential (containing a password in clear).
 void changePassword(AuthenticationCredential credential, String newPassword)
          Changes the password of the user, authenticated with the specified credential, with the specified new one.
protected abstract
<T> void
closeConnection(AuthenticationConnection<T> connection)
          Closes the connection that was previously opened with the server of the remote authentication service.
protected abstract
<T> void
doAuthentication(AuthenticationConnection<T> connection, AuthenticationCredential credential)
          Does the authentication by using the specified connection with the remote server and with with the specified user credential.
protected
<T> void
doChangePassword(AuthenticationConnection<T> connection, AuthenticationCredential credential, String newPassword)
          Does the password change by using the specified connection with the remote server and with with the specified user credential and new password.
protected
<T> void
doResetPassword(AuthenticationConnection<T> connection, String login, String newPassword)
          Does the password reset by using the specified connection with the remote server the user login for which the password has to be reset and a new password.
 String getServerName()
          Gets the name of the authentication server with which this authentication communicates.
 void init(String authenticationServerName, ResourceLocator settings)
          Initializes this authentication with the specified settings to communicate with a server of an authentication service.
 boolean isEnabled()
          Is this authentication enabled?
protected abstract  void loadProperties(ResourceLocator settings)
          Loads the specified properties to set the communication information with the authentication service.
protected abstract
<T> AuthenticationConnection<T>
openConnection()
          Opens a connection with a server of the remote authentication service.
 void resetPassword(String login, String newPassword)
          Resets the password associated with the specified login of a user with the new specified one.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

module

protected static final String module
See Also:
Constant Field Values

enabled

protected boolean enabled

ENC_TYPE_UNIX

public static final String ENC_TYPE_UNIX
See Also:
Constant Field Values

ENC_TYPE_MD5

public static final String ENC_TYPE_MD5
See Also:
Constant Field Values

ENC_TYPE_CLEAR

public static final String ENC_TYPE_CLEAR
See Also:
Constant Field Values

PASSWORD_IS_ABOUT_TO_EXPIRE

public static final String PASSWORD_IS_ABOUT_TO_EXPIRE
See Also:
Constant Field Values

PASSWORD_CHANGE_ALLOWED

public static final String PASSWORD_CHANGE_ALLOWED
See Also:
Constant Field Values
Constructor Detail

Authentication

public Authentication()
Method Detail

isEnabled

public boolean isEnabled()
Is this authentication enabled? When an authentication is enabled, it can be performed against an authentication service.

Returns:
true if it is enabled, false otherwise.

getServerName

public String getServerName()
Gets the name of the authentication server with which this authentication communicates.

Returns:
the name of the server behind the remote authentication service.

init

public void init(String authenticationServerName,
                 ResourceLocator settings)
Initializes this authentication with the specified settings to communicate with a server of an authentication service.

Parameters:
authenticationServerName - the name of a remote service behind a given authentication service.
settings - the settings of the server communication.

authenticate

public void authenticate(AuthenticationCredential credential)
                  throws AuthenticationException
Authenticates the user with its specified credential (containing a password in clear). If the user cannot be authenticated, an exception is thrown, whatever the reason. If the authentication could not be performed because the credentials are invalid (e.g. wrong password), the AuthenticationException code should be set to EXCEPTION_BAD_CREDENTIALS.

Parameters:
credential - the credential to use to authenticate the user.
Throws:
AuthenticationException - if an error occurs while authenticating the user.

changePassword

public void changePassword(AuthenticationCredential credential,
                           String newPassword)
                    throws AuthenticationException
Changes the password of the user, authenticated with the specified credential, with the specified new one. The user must be authenticated for doing a such operation. The specified credential won't be updated by the password change. If the user cannot be authenticated, an exception is thrown, whatever the reason. If the authentication could not be performed because the credentials are invalid (e.g. wrong password), the AuthenticationException code should be set to EXCEPTION_BAD_CREDENTIALS.

Parameters:
credential - the user credential used in an authentication with Silverpeas.
newPassword - user new password
Throws:
AuthenticationException - if an error occurs while changing the user password.

resetPassword

public void resetPassword(String login,
                          String newPassword)
                   throws AuthenticationException
Resets the password associated with the specified login of a user with the new specified one. Contrary to the password change, this operation doesn't require the user to be authenticated; it isn't a password modification but a reset of it generally under the control of the system. If the login of the user doesn't exist or if the reset cannot be done an exception is thrown.

Parameters:
login - the user login
newPassword - the new password
Throws:
AuthenticationException - if an error occurs while resetting the user password.

loadProperties

protected abstract void loadProperties(ResourceLocator settings)
Loads the specified properties to set the communication information with the authentication service.

Parameters:
settings - the communication settings.

openConnection

protected abstract <T> AuthenticationConnection<T> openConnection()
                                                       throws AuthenticationException
Opens a connection with a server of the remote authentication service. The policy of the connection management is left to the concrete Authentication implementation.

Type Parameters:
T - the type of the authentication server's connector.
Returns:
a connection with a remote authentication server.
Throws:
AuthenticationException - if no connection can be established with a server of the remote authentication service.

closeConnection

protected abstract <T> void closeConnection(AuthenticationConnection<T> connection)
                                 throws AuthenticationException
Closes the connection that was previously opened with the server of the remote authentication service. The policy of the connection management is left to the concrete Authentication implementation.

Type Parameters:
T - the type of the authentication server's connector.
Parameters:
connection - the connection with a remote authentication server.
Throws:
AuthenticationException - if no connection was previously opened or if the connection cannot be closed for any reason.

doAuthentication

protected abstract <T> void doAuthentication(AuthenticationConnection<T> connection,
                                             AuthenticationCredential credential)
                                  throws AuthenticationException
Does the authentication by using the specified connection with the remote server and with with the specified user credential.

Type Parameters:
T - the type of the authentication server's connector.
Parameters:
connection - the connection with a remote authentication server.
credential - the credential to use to authenticate the user.
Throws:
AuthenticationException - if an error occurs while authenticating the user.

doChangePassword

protected <T> void doChangePassword(AuthenticationConnection<T> connection,
                                    AuthenticationCredential credential,
                                    String newPassword)
                         throws AuthenticationException
Does the password change by using the specified connection with the remote server and with with the specified user credential and new password. By default, this operation is considered as not supported by the remote authentication service and throws then an UnsupportedOperationException exception. If the authentication service supports this operation, the concrete Authentication implementation has to implement this method.

Type Parameters:
T - the type of the authentication server's connector.
Parameters:
connection - the connection with a remote authentication server.
credential - the credential to use to authenticate the user.
newPassword - the new password that will replace the one in the user credential.
Throws:
AuthenticationException - if an error occurs while changing the user password.

doResetPassword

protected <T> void doResetPassword(AuthenticationConnection<T> connection,
                                   String login,
                                   String newPassword)
                        throws AuthenticationException
Does the password reset by using the specified connection with the remote server the user login for which the password has to be reset and a new password. By default, this operation is considered as not supported by the remote authentication service and throws then an UnsupportedOperationException exception. If the authentication service supports this operation, the concrete Authentication implementation has to implement this method.

Type Parameters:
T - the type of the authentication server's connector.
Parameters:
connection - the connection with a remote authentication server.
login - the login of the user for which the password has to be reset.
newPassword - the new password with which the user password will be reset.
Throws:
AuthenticationException - if an error occurs while resetting the user password.


Copyright © 2016 Silverpeas. All Rights Reserved.