Package lumis.portal.authentication
Class AuthenticationManager
- java.lang.Object
-
- lumis.portal.authentication.AuthenticationManager
-
- All Implemented Interfaces:
IAuthenticationManager,IAuthenticationManagerSPI,IMFAAuthenticationManagerSPI
public class AuthenticationManager extends java.lang.Object implements IAuthenticationManagerSPI
Manager responsible for authenticating users and keeping session information.- Since:
- 4.0.0
- Version:
- $Revision: 26156 $ $Date: 2024-01-13 10:26:46 -0300 (Sat, 13 Jan 2024) $
-
-
Constructor Summary
Constructors Constructor Description AuthenticationManager()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidclearExpiredMFATokens()voidclearInactiveSessions(SessionConfig sessionConfig, int minutes, ITransaction transaction)Deletes the sessions inactive for the specified amount of minutes.booleanclearThreadData()Clearssession config'sthreaddata.voidendImpersonation(SessionConfig sessionConfig)Ends an impersonation in the current thread, that has been started byIAuthenticationManager.impersonate(String).static java.lang.StringgenerateSessionId()Generates a new session identifier.java.util.Collection<SessionConfig>getSessionsByUserId(SessionConfig sessionConfig, java.lang.String userId, ITransaction transaction)Returns a collection of active session objects for the given user.java.lang.StringgetUserIdBySessionId(SessionConfig sessionConfig, ITransaction transaction)Deprecated.SessionConfigimpersonate(java.lang.String userId)The authenticated user in the current thread impersonates another user.voidkeepSessionAlive(SessionConfig sessionConfig)Keeps the specified session alive by updating the last time the session was used.SessionConfiglogin(java.lang.String securityAlias, java.lang.String login, java.lang.String password, ITransaction transaction)Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)usingnullas the MFA token.SessionConfiglogin(java.lang.String login, java.lang.String password, ITransaction transaction)Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, ITransaction)usingnullas the MFA token.java.lang.StringloginFramworkClockUser(ITransaction transaction)Deprecated.java.lang.StringloginUser(java.lang.String login, java.lang.String password, ITransaction transaction)Deprecated.SessionConfigloginUser(java.lang.String userId, ITransaction transaction)Logins a user without performing any authentication.java.lang.StringloginUserGuest()Deprecated.voidlogoutUser(SessionConfig sessionConfig, ITransaction transaction)Close the user's session given the userSession and the transaction.SessionConfigmfaLogin(java.lang.String securityAlias, java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.SessionConfigmfaLogin(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same asIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)using the default login module.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.IMFATokenSendResultsendMFATokenEmail(java.lang.String userLogin)Sends an email with a token to be used for authentication.
Returns the created token result.
Requires a validSessionConfigand an activeITransaction.booleanvalidatePassword(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)Validates the password and the MFA token for the given login.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.booleanvalidatePassword(java.lang.String login, java.lang.String password, ITransaction transaction)Validates the password for the given login.
This is the same as callingIAuthenticationManager.validatePassword(String, String, String, ITransaction)withnullas the MFA token.booleanvalidateSessionId(SessionConfig sessionConfig, ITransaction transaction)Validate the session of the User given the userSession and transaction.
-
-
-
Method Detail
-
validateSessionId
public boolean validateSessionId(SessionConfig sessionConfig, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerValidate the session of the User given the userSession and transaction. This method returns a boolean variable with True or False value- Specified by:
validateSessionIdin interfaceIAuthenticationManager- Returns:
- true if the Session is valis and false otherwise.
- Throws:
ManagerExceptionPortalException
-
getUserIdBySessionId
@Deprecated public java.lang.String getUserIdBySessionId(SessionConfig sessionConfig, ITransaction transaction) throws ManagerException, PortalException
Deprecated.Description copied from interface:IAuthenticationManagerReturn the id of the user given the userSession.- Specified by:
getUserIdBySessionIdin interfaceIAuthenticationManager- Returns:
- a String.
- Throws:
ManagerExceptionPortalException
-
loginFramworkClockUser
@Deprecated public java.lang.String loginFramworkClockUser(ITransaction transaction) throws ManagerException, PortalException
Deprecated.Description copied from interface:IAuthenticationManagerCreates a session for the FrameworkClock user.- Specified by:
loginFramworkClockUserin interfaceIAuthenticationManager- Returns:
- Throws:
ManagerExceptionPortalException
-
loginUser
@Deprecated public java.lang.String loginUser(java.lang.String login, java.lang.String password, ITransaction transaction) throws ManagerException, PortalExceptionDeprecated.Description copied from interface:IAuthenticationManagerStart the user's session given the login and password. This method returns the user's session configuration. Framework users like LumisFrameworkClockUser and LumisPageCacheUser cannot be authenticated through this method.- Specified by:
loginUserin interfaceIAuthenticationManager- Returns:
- a String.
- Throws:
ManagerExceptionPortalException
-
login
public SessionConfig login(java.lang.String login, java.lang.String password, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerLogins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, ITransaction)usingnullas the MFA token.- Specified by:
loginin interfaceIAuthenticationManager- Parameters:
login- the user's login.password- the user's password.transaction- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalExceptionManagerException- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
validatePassword
public boolean validatePassword(java.lang.String login, java.lang.String password, ITransaction transaction) throws PortalExceptionDescription copied from interface:IAuthenticationManagerValidates the password for the given login.
This is the same as callingIAuthenticationManager.validatePassword(String, String, String, ITransaction)withnullas the MFA token.- Specified by:
validatePasswordin interfaceIAuthenticationManager- Parameters:
login- the user's login.password- the user's password.transaction- the transaction for persistence access.- Returns:
trueif the given password is correct for the specified login orfalseotherwise.- Throws:
PortalException
-
validatePassword
public boolean validatePassword(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction) throws PortalExceptionDescription copied from interface:IAuthenticationManagerValidates the password and the MFA token for the given login.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.- Specified by:
validatePasswordin interfaceIAuthenticationManager- Parameters:
login- the user's login.password- the user's password.mfaToken- the MFA token.transaction- the transaction for persistence access.- Returns:
trueif the given password is correct for the specified login orfalseotherwise.- Throws:
PortalException
-
login
public SessionConfig login(java.lang.String securityAlias, java.lang.String login, java.lang.String password, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerLogins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)usingnullas the MFA token.- Specified by:
loginin interfaceIAuthenticationManager- Parameters:
securityAlias- the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.login- the user's login.password- the user's password.transaction- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalExceptionManagerException- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
mfaLogin
public SessionConfig mfaLogin(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManagerLogins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same asIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)using the default login module.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.- Specified by:
mfaLoginin interfaceIAuthenticationManager- Parameters:
login- the user's login.password- the user's password.mfaToken- the MFA token.transaction- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalException- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
mfaLogin
public SessionConfig mfaLogin(java.lang.String securityAlias, java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerLogins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.- Specified by:
mfaLoginin interfaceIAuthenticationManager- Parameters:
securityAlias- the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.login- the user's login.password- the user's password.mfaToken- the MFA token.transaction- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalExceptionManagerException- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
loginUser
public SessionConfig loginUser(java.lang.String userId, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManagerLogins a user without performing any authentication.- Specified by:
loginUserin interfaceIAuthenticationManager- Parameters:
userId- the userId.transaction- the transaction for persistence access.- Throws:
PortalException
-
logoutUser
public void logoutUser(SessionConfig sessionConfig, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerClose the user's session given the userSession and the transaction.- Specified by:
logoutUserin interfaceIAuthenticationManager- Throws:
ManagerExceptionPortalException
-
loginUserGuest
@Deprecated public java.lang.String loginUserGuest() throws ManagerException, PortalExceptionDeprecated.Description copied from interface:IAuthenticationManagerAdd a guest session. This method returns the user's session configuration.- Specified by:
loginUserGuestin interfaceIAuthenticationManager- Returns:
- Returns a String.
- Throws:
ManagerExceptionPortalException
-
clearInactiveSessions
public void clearInactiveSessions(SessionConfig sessionConfig, int minutes, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerDeletes the sessions inactive for the specified amount of minutes.- Specified by:
clearInactiveSessionsin interfaceIAuthenticationManager- Throws:
ManagerExceptionPortalException
-
keepSessionAlive
public void keepSessionAlive(SessionConfig sessionConfig) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManagerKeeps the specified session alive by updating the last time the session was used.- Specified by:
keepSessionAlivein interfaceIAuthenticationManager- Throws:
ManagerExceptionPortalException
-
impersonate
public SessionConfig impersonate(java.lang.String userId) throws PortalException
Description copied from interface:IAuthenticationManagerThe authenticated user in the current thread impersonates another user. CallIAuthenticationManager.endImpersonation(SessionConfig)to end an impersonation initiated by this method.- Specified by:
impersonatein interfaceIAuthenticationManager- Parameters:
userId- the user id.- Returns:
- the impersonated SessionConfig.
- Throws:
PortalException
-
endImpersonation
public void endImpersonation(SessionConfig sessionConfig) throws PortalException
Description copied from interface:IAuthenticationManagerEnds an impersonation in the current thread, that has been started byIAuthenticationManager.impersonate(String).- Specified by:
endImpersonationin interfaceIAuthenticationManager- Parameters:
sessionConfig- the impersonated session config.- Throws:
PortalException
-
getSessionsByUserId
public java.util.Collection<SessionConfig> getSessionsByUserId(SessionConfig sessionConfig, java.lang.String userId, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManagerReturns a collection of active session objects for the given user. Guest and impersonated users are not considered active.- Specified by:
getSessionsByUserIdin interfaceIAuthenticationManager- Returns:
- Throws:
PortalException
-
clearThreadData
public boolean clearThreadData()
Clearssession config'sthreaddata.- Returns:
trueif there was data to be cleared orfalseif the thread data was already clear.- Since:
- 6.0.0
-
generateSessionId
public static java.lang.String generateSessionId()
Generates a new session identifier. Based onSecureRandom, incremental integer and current time.- Returns:
- the generated session identifier.
- Since:
- 11.0.0
-
sendMFATokenEmail
public IMFATokenSendResult sendMFATokenEmail(java.lang.String userLogin) throws PortalException
Description copied from interface:IMFAAuthenticationManagerSPISends an email with a token to be used for authentication.
Returns the created token result.
Requires a validSessionConfigand an activeITransaction.- Specified by:
sendMFATokenEmailin interfaceIMFAAuthenticationManagerSPI- Parameters:
userLogin- the user login- Returns:
- the created token result
- Throws:
PortalException- if some error occurs
-
clearExpiredMFATokens
public void clearExpiredMFATokens() throws PortalExceptionDescription copied from interface:IMFAAuthenticationManagerSPI- Specified by:
clearExpiredMFATokensin interfaceIMFAAuthenticationManagerSPI- Throws:
PortalException- if some error occurs
-
-