Interface IAuthenticationManager

    • Method Detail

      • loginUser

        @Deprecated
        java.lang.String loginUser​(java.lang.String login,
                                   java.lang.String password,
                                   ITransaction transaction)
                            throws ManagerException,
                                   PortalException
        Deprecated.
        Since 4.0.8, this method has been replaced by login(String, String, ITransaction).
        Start the user's session given the login and password. This method returns the user's session configuration. Framework users like LumisFrameworkClockUser and LumisPageCacheUser cannot be authenticated through this method.
        Parameters:
        login -
        password -
        transaction -
        Returns:
        a String.
        Throws:
        ManagerException
        PortalException
      • validatePassword

        boolean validatePassword​(java.lang.String login,
                                 java.lang.String password,
                                 ITransaction transaction)
                          throws PortalException
        Validates the password for the given login.
        This is the same as calling validatePassword(String, String, String, ITransaction) with null as the MFA token.
        Parameters:
        login - the user's login.
        password - the user's password.
        transaction - the transaction for persistence access.
        Returns:
        true if the given password is correct for the specified login or false otherwise.
        Throws:
        PortalException
        Since:
        16.0.0
      • validatePassword

        boolean validatePassword​(java.lang.String login,
                                 java.lang.String password,
                                 java.lang.String mfaToken,
                                 ITransaction transaction)
                          throws PortalException
        Validates the password and the MFA token for the given login.
        The MFA token is only checked if multi-factor authentication is enabled for the given user.
        In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.
        Parameters:
        login - the user's login.
        password - the user's password.
        mfaToken - the MFA token.
        transaction - the transaction for persistence access.
        Returns:
        true if the given password is correct for the specified login or false otherwise.
        Throws:
        PortalException
        Since:
        16.1.0
      • login

        SessionConfig login​(java.lang.String login,
                            java.lang.String password,
                            ITransaction transaction)
                     throws PortalException
        Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
        This is the same as calling mfaLogin(String, String, String, ITransaction) using null as the MFA token.
        Parameters:
        login - the user's login.
        password - the user's password.
        transaction - the transaction for persistence access.
        Returns:
        the created SessionConfig, or null if the login operation could not authenticate the user.
        Throws:
        PortalException
        Since:
        4.0.8
        See Also:
        loginUser(String, ITransaction)
      • login

        SessionConfig login​(java.lang.String securityAlias,
                            java.lang.String login,
                            java.lang.String password,
                            ITransaction transaction)
                     throws PortalException
        Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
        This is the same as calling mfaLogin(String, String, String, String, ITransaction) using null as the MFA token.
        Parameters:
        securityAlias - the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.
        login - the user's login.
        password - the user's password.
        transaction - the transaction for persistence access.
        Returns:
        the created SessionConfig, or null if the login operation could not authenticate the user.
        Throws:
        PortalException
        Since:
        4.1.0
        See Also:
        loginUser(String, ITransaction)
      • mfaLogin

        SessionConfig mfaLogin​(java.lang.String login,
                               java.lang.String password,
                               java.lang.String mfaToken,
                               ITransaction transaction)
                        throws PortalException
        Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
        This is the same as mfaLogin(String, String, String, String, ITransaction) using the default login module.
        The MFA token is only checked if multi-factor authentication is enabled for the given user.
        In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.
        Parameters:
        login - the user's login.
        password - the user's password.
        mfaToken - the MFA token.
        transaction - the transaction for persistence access.
        Returns:
        the created SessionConfig, or null if the login operation could not authenticate the user.
        Throws:
        PortalException
        Since:
        16.1.0
        See Also:
        loginUser(String, ITransaction)
      • mfaLogin

        SessionConfig mfaLogin​(java.lang.String securityAlias,
                               java.lang.String login,
                               java.lang.String password,
                               java.lang.String mfaToken,
                               ITransaction transaction)
                        throws PortalException
        Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
        The MFA token is only checked if multi-factor authentication is enabled for the given user.
        In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.
        Parameters:
        securityAlias - the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.
        login - the user's login.
        password - the user's password.
        mfaToken - the MFA token.
        transaction - the transaction for persistence access.
        Returns:
        the created SessionConfig, or null if the login operation could not authenticate the user.
        Throws:
        PortalException
        Since:
        16.1.0
        See Also:
        loginUser(String, ITransaction)
      • loginUser

        SessionConfig loginUser​(java.lang.String userId,
                                ITransaction transaction)
                         throws PortalException
        Logins a user without performing any authentication.
        Parameters:
        userId - the userId.
        transaction - the transaction for persistence access.
        Throws:
        PortalException
        Since:
        4.0.8
      • endImpersonation

        void endImpersonation​(SessionConfig sessionConfig)
                       throws PortalException
        Ends an impersonation in the current thread, that has been started by impersonate(String).
        Parameters:
        sessionConfig - the impersonated session config.
        Throws:
        java.lang.IllegalArgumentException - if sessionConfig is not the current impersonated SessionConfig instance.
        PortalException
        Since:
        4.0.8
      • getSessionsByUserId

        java.util.Collection<SessionConfig> getSessionsByUserId​(SessionConfig sessionConfig,
                                                                java.lang.String userId,
                                                                ITransaction transaction)
                                                         throws PortalException
        Returns a collection of active session objects for the given user. Guest and impersonated users are not considered active.
        Parameters:
        sessionConfig -
        userId -
        transaction -
        Returns:
        Throws:
        PortalException
        Since:
        4.0.11