org.silverpeas.authentication
Class AuthenticationServer

java.lang.Object
  extended by org.silverpeas.authentication.AuthenticationServer

public class AuthenticationServer
extends Object

The authentication server is a proxy in Silverpeas side of the external authentication service related to a given user domain. This service is identified by an unique name. The authentication is delegated to an implementation of the Authentication abstract class that knows how to perform the authentication with the remote service. An external authentication service can be backed by one or more remote authentication servers. So, the authentication with each server is then performed by a different Authentication instance of the same type; each Authentication instance is mapped with a given server behind the external authentication service. The correct implementation of the Authentication abstract class is loaded from the properties mapped to an authentication service name. Each service name identifies uniquely an external security service (SQL database, LDAP, NTLM, ...)


Field Summary
protected  List<Authentication> authServers
           
protected  String fallbackMode
           
protected  boolean passwordChangeAllowed
           
 
Method Summary
 void authenticate(AuthenticationCredential credential)
          Authenticates the user with the specified authentication credential.
 void changePassword(AuthenticationCredential credential, String newPassword)
          Changes the password associated with the login in the specified credential by the one passed in parameter.
static AuthenticationServer getAuthenticationServer(String serverName)
          Gets the authentication server identified by the specified name.
 boolean isPasswordChangeAllowed()
          Is the the password change is allowed by the remote authentication service represented by this instance?
 void resetPassword(String login, String newPassword)
          Resets the password associated with the specified login by replacing it with the specified one.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

fallbackMode

protected String fallbackMode

authServers

protected List<Authentication> authServers

passwordChangeAllowed

protected boolean passwordChangeAllowed
Method Detail

getAuthenticationServer

public static AuthenticationServer getAuthenticationServer(String serverName)
Gets the authentication server identified by the specified name.

Parameters:
serverName - the authentication server name.
Returns:
the authentication server with the specified name.

authenticate

public void authenticate(AuthenticationCredential credential)
                  throws AuthenticationException
Authenticates the user with the specified authentication credential.

Parameters:
credential - the authentication credential to use to authenticate the user.
Throws:
AuthenticationException - if the authentication fails.

changePassword

public void changePassword(AuthenticationCredential credential,
                           String newPassword)
                    throws AuthenticationException
Changes the password associated with the login in the specified credential by the one passed in parameter. The credential is used to validate the authentication of the user. The password modification capability is available only with some authentication services, so please use the method isPasswordChangeAllowed() to check if this operation is supported. The specified credential won't be updated by the password change.

Parameters:
credential - the authentication credential of the user for which the password has to be changed.
newPassword - the new password that will replace the one in the specified credential.
Throws:
AuthenticationException - if an error occurs while changing the password.

isPasswordChangeAllowed

public boolean isPasswordChangeAllowed()
Is the the password change is allowed by the remote authentication service represented by this instance?

Returns:
true if the password can be changed, false otherwise.

resetPassword

public void resetPassword(String login,
                          String newPassword)
                   throws AuthenticationException
Resets the password associated with the specified login by replacing it with the specified one. This password reset capability is available only whether the authentication service supports the password change. Please use the method isPasswordChangeAllowed() to check this. This operation doesn't require the user to be authenticated, so the reset must be under the control of the system for security reasons.

Parameters:
login - the login of the user for which the password has to be reset.
newPassword - the new password of the user.
Throws:
AuthenticationException - if an error occurs while resetting the password with the new one.


Copyright © 2016 Silverpeas. All Rights Reserved.