Package org.silverpeas.core.security.authentication

Class AuthenticationServer

  • public class AuthenticationServer
extends Object
    The authentication server is a proxy in Silverpeas side of the external authentication service related to a given user domain. This service is identified by an unique name. The authentication is delegated to an implementation of the Authentication abstract class that knows how to perform the authentication with the remote service. An external authentication service can be backed by one or more remote authentication servers. So, the authentication with each server is then performed by a different Authentication instance of the same type; each Authentication instance is mapped with a given server behind the external authentication service. The correct implementation of the Authentication abstract class is loaded from the properties mapped to an authentication service name. Each service name identifies uniquely an external security service (SQL database, LDAP, NTLM, ...)

    • Field Detail

      • fallbackMode

        protected String fallbackMode

      • passwordChangeAllowed

        protected boolean passwordChangeAllowed

    • Method Detail

      • getAuthenticationServer

        public static AuthenticationServer getAuthenticationServer​(String serverName)
        Gets the authentication server identified by the specified name.
        Parameters:
        serverName - the authentication server name.
        Returns:
        the authentication server with the specified name.

      • changePassword

        public void changePassword​(AuthenticationCredential credential,
                           String newPassword)
                    throws AuthenticationException
        Changes the password associated with the login in the specified credential by the one passed in parameter. The credential is used to validate the authentication of the user. The password modification capability is available only with some authentication services, so please use the method isPasswordChangeAllowed() to check if this operation is supported. The specified credential won't be updated by the password change.
        Parameters:
        credential - the authentication credential of the user for which the password has to be changed.
        newPassword - the new password that will replace the one in the specified credential.
        Throws:
        AuthenticationException - if an error occurs while changing the password.

      • isPasswordChangeAllowed

        public boolean isPasswordChangeAllowed()
        Is the the password change is allowed by the remote authentication service represented by this instance?
        Returns:
        true if the password can be changed, false otherwise.

      • resetPassword

        public void resetPassword​(String login,
                          boolean loginIgnoreCase,
                          String newPassword)
                   throws AuthenticationException
        Resets the password associated with the specified login by replacing it with the specified one. This password reset capability is available only whether the authentication service supports the password change. Please use the method isPasswordChangeAllowed() to check this. This operation doesn't require the user to be authenticated, so the reset must be under the control of the system for security reasons.
        Parameters:
        login - the login of the user for which the password has to be reset.
        loginIgnoreCase - true to ignore case when comparing the login.
        newPassword - the new password of the user.
        Throws:
        AuthenticationException - if an error occurs while resetting the password with the new one.