org.silverpeas.authentication
Class AuthenticationService

java.lang.Object
  extended by org.silverpeas.authentication.AuthenticationService

public class AuthenticationService
extends Object

A service for authenticating a user in Silverpeas. This service is the entry point for any authentication process as it wraps all the mechanism and the delegation to perform the actual authentication. This service wraps all the mechanism to perform the authentication process itself. It uses for doing an authentication server that is mapped with the user domain.


Field Summary
static String ERROR_AUTHENTICATION_FAILURE
           
static String ERROR_INCORRECT_LOGIN_PWD
           
static String ERROR_INCORRECT_LOGIN_PWD_DOMAIN
           
static String ERROR_PASSWORD_NOT_AVAILABLE
           
static String ERROR_PWD_EXPIRED
           
static String ERROR_PWD_MUST_BE_CHANGED
           
protected static String m_AccessLogin
           
protected static String m_AccessPasswd
           
protected static int m_AutoInc
           
protected static String m_DomainAuthenticationServerColumnName
           
protected static String m_DomainIdColumnName
           
protected static String m_DomainNameColumnName
           
protected static String m_DomainTableName
           
protected static String m_DriverClass
           
protected static String m_JDBCUrl
           
protected static String m_KeyStoreDomainIdColumnName
           
protected static String m_KeyStoreKeyColumnName
           
protected static String m_KeyStoreLoginColumnName
           
protected static String m_KeyStoreTableName
           
protected static String m_UserDomainColumnName
           
protected static String m_UserIdColumnName
           
protected static String m_UserLoginColumnName
           
protected static String m_UserTableName
           
 
Constructor Summary
AuthenticationService()
          Constructs a new AuthenticationService instance.
 
Method Summary
 String authenticate(AuthenticationCredential userCredential)
          Authenticates a user with the specified authentication credential.
 void changePassword(AuthenticationCredential credential, String newPassword)
          Changes the password of the specified user credential with the specified new one.
 void changePasswordAndEmail(AuthenticationCredential credential, String newPassword, String email)
          Changes the password and email of the specified user credential with the specified new ones.
 List<Domain> getAllDomains()
          Gets all the available user domains.
 String getAuthenticationKey(String login, String domainId)
          Gets an authentication key for a given user from its specified login and from the domain to which he belongs.
 boolean isInError(String authenticationKey)
          Is the specified authentication key represents an error status?
 boolean isPasswordChangeAllowed(String domainId)
          Is the change of a user password is allowed by specified user domain?
 void resetPassword(AuthenticationCredential credential, String newPassword)
          Resets the specified password of the user behind the specified authentication credential with the specified one.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

m_JDBCUrl

protected static final String m_JDBCUrl

m_AccessLogin

protected static final String m_AccessLogin

m_AccessPasswd

protected static final String m_AccessPasswd

m_DriverClass

protected static final String m_DriverClass

m_DomainTableName

protected static final String m_DomainTableName

m_DomainIdColumnName

protected static final String m_DomainIdColumnName

m_DomainNameColumnName

protected static final String m_DomainNameColumnName

m_DomainAuthenticationServerColumnName

protected static final String m_DomainAuthenticationServerColumnName

m_KeyStoreTableName

protected static final String m_KeyStoreTableName

m_KeyStoreKeyColumnName

protected static final String m_KeyStoreKeyColumnName

m_KeyStoreLoginColumnName

protected static final String m_KeyStoreLoginColumnName

m_KeyStoreDomainIdColumnName

protected static final String m_KeyStoreDomainIdColumnName

m_UserTableName

protected static final String m_UserTableName

m_UserIdColumnName

protected static final String m_UserIdColumnName

m_UserLoginColumnName

protected static final String m_UserLoginColumnName

m_UserDomainColumnName

protected static final String m_UserDomainColumnName

m_AutoInc

protected static int m_AutoInc

ERROR_PWD_EXPIRED

public static final String ERROR_PWD_EXPIRED
See Also:
Constant Field Values

ERROR_PWD_MUST_BE_CHANGED

public static final String ERROR_PWD_MUST_BE_CHANGED
See Also:
Constant Field Values

ERROR_INCORRECT_LOGIN_PWD

public static final String ERROR_INCORRECT_LOGIN_PWD
See Also:
Constant Field Values

ERROR_AUTHENTICATION_FAILURE

public static final String ERROR_AUTHENTICATION_FAILURE
See Also:
Constant Field Values

ERROR_PASSWORD_NOT_AVAILABLE

public static final String ERROR_PASSWORD_NOT_AVAILABLE
See Also:
Constant Field Values

ERROR_INCORRECT_LOGIN_PWD_DOMAIN

public static final String ERROR_INCORRECT_LOGIN_PWD_DOMAIN
See Also:
Constant Field Values
Constructor Detail

AuthenticationService

public AuthenticationService()
Constructs a new AuthenticationService instance.

Method Detail

getAllDomains

public List<Domain> getAllDomains()
Gets all the available user domains. A domain in Silverpeas is a repository of users with its its own authentication process. At each user domain is associated an authentication server that is responsible of the authentication of the domain's users.

Returns:
an unmodifiable list of user domains.

authenticate

public String authenticate(AuthenticationCredential userCredential)
Authenticates a user with the specified authentication credential. If the authentication succeed, the security-related capabilities, mapped to the user's credential, are set from information sent back by the authentication server related to the domain to which the user belongs.

Parameters:
userCredential - the credential of the user to use to authenticate him.
Returns:
an authentication key or null if the authentication fails. The authentication key identifies uniquely the status of the user authentication and it is unique to the user so that he can be identified from it.

isInError

public boolean isInError(String authenticationKey)
Is the specified authentication key represents an error status?

Parameters:
authenticationKey - the key returned by the authentication process.
Returns:
true if the key is in fact an authentication error status.

changePassword

public void changePassword(AuthenticationCredential credential,
                           String newPassword)
                    throws AuthenticationException
Changes the password of the specified user credential with the specified new one. In order to change the password of a user, the user will be first authenticated. The specified credential won't be updated by the password change.

Parameters:
credential - the current authentication credential of the user.
newPassword - User new password the new password to set.
Throws:
AuthenticationException - if an error occurs while changing the password of the specified credential.

changePasswordAndEmail

public void changePasswordAndEmail(AuthenticationCredential credential,
                                   String newPassword,
                                   String email)
                            throws AuthenticationException
Changes the password and email of the specified user credential with the specified new ones. In order to change the password and email of a user, the user will be first authenticated. The specified credential won't be updated by the password change.

Parameters:
credential - the current authentication credential of the user.
newPassword - User new password the new password to set.
email - User email the email to set.
Throws:
AuthenticationException - if an error occurs while changing the password and email of the specified credential.

getAuthenticationKey

public String getAuthenticationKey(String login,
                                   String domainId)
                            throws AuthenticationException
Gets an authentication key for a given user from its specified login and from the domain to which he belongs. This method doesn't perform any authentication but it only set a new authentication key for the given user. This method can be used, for example, to let a user who has forgotten its password of setting a new one.

Parameters:
login - the user login.
domainId - the unique identifier of the domain of the user.
Returns:
an authentication key.
Throws:
AuthenticationException

resetPassword

public void resetPassword(AuthenticationCredential credential,
                          String newPassword)
                   throws AuthenticationException
Resets the specified password of the user behind the specified authentication credential with the specified one. The reset operation can only be performed if the password change is allowed by the domain to which the user belongs. It doesn't require the user to be authenticated but, as consequence, requires to be run in a privileged mode (only an administrator or the system itself can do this operation). The privileged mode isn't checked by this method, hence it is the responsibility of the caller to ensure this. The specified credential won't be updated by the password reset.

Parameters:
credential - the authentication credential of the user for which the password has to be reset.
newPassword - the password with which the credential password will be reset.
Throws:
AuthenticationException - if an error occurs while resetting the credential password.

isPasswordChangeAllowed

public boolean isPasswordChangeAllowed(String domainId)
Is the change of a user password is allowed by specified user domain?

Parameters:
domainId - the unique identifier of the user domain.
Returns:
true if the password of the users in the specified domain can be changed, false otherwise.


Copyright © 2016 Silverpeas. All Rights Reserved.