com.inet.authentication

Class LoginProcessor

java.lang.Object

com.inet.authentication.LoginProcessor

Direct Known Subclasses:

RemoteLoginProcessor

public abstract class LoginProcessor
extends java.lang.Object

Handle the login handshake for a single user.

Since:

inetcore 3.2

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	GUEST_LOGIN_SOURCE The login source for the guest login.
static com.inet.logging.Logger	LOGGER The authentication logger.
static java.lang.String	MASTER_LOGIN_ID The login ID for the master login.
static java.lang.String	MASTER_LOGIN_SOURCE The login source for the master login.
static java.lang.String	SYSTEM_LOGIN_SOURCE The login source for all logins that come from the underlying system.

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	LoginProcessor(AuthenticationDescription description) Create a new LoginProcessor

Method Summary

Modifier and Type	Method and Description
com.inet.usersandgroups.api.user.LoginSettings	createLoginSettings(java.lang.String loginID) Create a LoginSettings for the given loginID
static void	destroyCurrent() Remove current LoginProcessor from current thread.
AuthenticationDescription	getAuthenticationDescription() Get the AuthenticationDescription for creating this login processor.
static LoginProcessor	getCurrent() Get the login processor for the current request session/thread.
abstract java.lang.String	getLoginID() Returns the user ID of the logged in user, or null if the user is not logged in.
abstract java.lang.String	getLoginSource() Get an unique ID for the source of the login.
protected com.inet.usersandgroups.api.user.UserAccount	getOrCreateUserAccount(java.lang.String loginID) Get user account from the user manager or create if not exists.
com.inet.id.GUID	getUserAccountID() Get the id of the account or null if not login.
com.inet.id.GUID	getUserAccountID(java.lang.Runnable callbackAfterLogin) Get the id of the account or null if not login.
UserAccountType	getUserAccountType() The account type determine some possible features of a user and/or login.
protected boolean	isCreateUserAccountSupported() If the creation of new login user supported.
boolean	isNewUser() If the user was a new user in this browser session.
boolean	isSameAccount(java.lang.String loginID, char[] passwordChars, com.inet.usersandgroups.api.user.LoginSettings login) Check if the given LoginSettings match this LoginProcessor settings.
abstract boolean	isWebUserInRole(java.lang.String role) Returns true if the current user is member of the given role/group.
static void	setCurrent(LoginProcessor login) Sets the specified LoginProcessor as the info for the current request session/thread.
static void	setCurrentForAllThreads(LoginProcessor login) Set the LoginProcessor from the designer.
T	unwrap(java.lang.Class<T> clazz) Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.

Field Detail

SYSTEM_LOGIN_SOURCE

public static final java.lang.String SYSTEM_LOGIN_SOURCE

The login source for all logins that come from the underlying system.

See Also:

Constant Field Values

MASTER_LOGIN_SOURCE

public static final java.lang.String MASTER_LOGIN_SOURCE

The login source for the master login.

See Also:

Constant Field Values

MASTER_LOGIN_ID

public static final java.lang.String MASTER_LOGIN_ID

The login ID for the master login.

See Also:

Constant Field Values

GUEST_LOGIN_SOURCE

public static final java.lang.String GUEST_LOGIN_SOURCE

The login source for the guest login.

See Also:

Constant Field Values

LOGGER

public static final com.inet.logging.Logger LOGGER

The authentication logger.

Constructor Detail

LoginProcessor

protected LoginProcessor(AuthenticationDescription description)

Create a new LoginProcessor

Parameters:

description - the AuthenticationDescription for creating this login processor

Since:

inetcore 4.0

Method Detail

getAuthenticationDescription

@Nullable
public AuthenticationDescription getAuthenticationDescription()

Get the AuthenticationDescription for creating this login processor.

Returns:

the AuthenticationProvider

Since:

inetcore 4.0

getUserAccountID

@Nullable
public com.inet.id.GUID getUserAccountID()

Get the id of the account or null if not login.

Returns:

the id

Since:

inetcore 3.2

getUserAccountID

@Nullable
public com.inet.id.GUID getUserAccountID(java.lang.Runnable callbackAfterLogin)

Get the id of the account or null if not login.

Parameters:

callbackAfterLogin - is called if there was an login

Returns:

the id

Since:

inetcore 5.0

getOrCreateUserAccount

@Nullable
protected com.inet.usersandgroups.api.user.UserAccount getOrCreateUserAccount(@Nonnull
                                                                                         java.lang.String loginID)

Get user account from the user manager or create if not exists. This method does not fire a user login event. If isCreateUserAccountSupported() returns false then this can return null.

Parameters:

loginID - the login ID

Returns:

the user account

Throws:

com.inet.http.ClientMessageException - if there should be displayed a message to the client like a deactivated user

Since:

inetcore 3.2

createLoginSettings

@Nonnull
public com.inet.usersandgroups.api.user.LoginSettings createLoginSettings(java.lang.String loginID)

Create a LoginSettings for the given loginID

Parameters:

loginID - the current ID

Returns:

the login

Since:

inetcore 4.0

isCreateUserAccountSupported

protected boolean isCreateUserAccountSupported()

If the creation of new login user supported. This can be disabled with a configuration setting or if the LoginSettings need additional data.

Returns:

if automatic login creation is supported

Since:

inetcore 3.2

getLoginSource

@Nonnull
public abstract java.lang.String getLoginSource()

Get an unique ID for the source of the login. This is important if more as one authentication provider is used. Two login with the same login ID but a different login source are different logins.

Returns:

the login source. Can not be null or empty after trim.

Since:

inetcore 3.2

getLoginID

@Nullable
public abstract java.lang.String getLoginID()

Returns the user ID of the logged in user, or null if the user is not logged in. This can be username, email address or any other type of ID that is unique to the current login source. Login IDs should be treated in a case-insensitive way.

Returns:

the login ID

Since:

inetcore 3.2

getUserAccountType

@Nonnull
public UserAccountType getUserAccountType()

The account type determine some possible features of a user and/or login.

Returns:

the user account type

Since:

inetcore 3.2

isWebUserInRole

public abstract boolean isWebUserInRole(java.lang.String role)

Returns true if the current user is member of the given role/group.

Parameters:

role - - Role of web user

Returns:

true if this user has this role

Since:

inetcore 3.2

isNewUser

public boolean isNewUser()

If the user was a new user in this browser session.

Returns:

true, if the user was created

Since:

inetcore 4.0

unwrap

public T unwrap(java.lang.Class<T> clazz)

Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.

Parameters:

clazz - A Class defining an interface that the result must implement.

Returns:

an object that implements the interface. May be a proxy for the actual implementing object.

Since:

inetcore 3.2

setCurrentForAllThreads

public static void setCurrentForAllThreads(LoginProcessor login)

Set the LoginProcessor from the designer.

Parameters:

login - - the LoginProcessor

Since:

inetcore 4.0

setCurrent

public static void setCurrent(LoginProcessor login)

Sets the specified LoginProcessor as the info for the current request session/thread.

Parameters:

login - the LoginProcessor for the current thread or null to remove it

Since:

inetcore 4.0

destroyCurrent

public static void destroyCurrent()

Remove current LoginProcessor from current thread. This does not destroy it in the request session. Asynchron threads have continue access.

Since:

inetcore 4.0

getCurrent

@Nullable
public static LoginProcessor getCurrent()

Get the login processor for the current request session/thread.

Returns:

a LoginProcessor or null

Since:

inetcore 4.0

isSameAccount

public boolean isSameAccount(@Nonnull
                             java.lang.String loginID,
                             @Nullable
                             char[] passwordChars,
                             com.inet.usersandgroups.api.user.LoginSettings login)

Check if the given LoginSettings match this LoginProcessor settings. It does not check it with a login user.

Parameters:

loginID - the login ID to check

passwordChars - optional password characters to validate

login - login settings from UserManager

Returns:

true, if it match

Since:

inetcore 4.0