Package lumis.portal.authentication

Interface IAuthenticationManager

All Known Subinterfaces:

IAuthenticationManagerSPI

All Known Implementing Classes:

AuthenticationManager

@StableMinor(version="17.0",
             sinceVersion="4.0")
public interface IAuthenticationManager

This interface offers methods for authentication operations.

Since:

4.0.0

Version:

$Revision: 26587 $ $Date: 2024-08-26 21:09:17 -0300 (Mon, 26 Aug 2024) $

Method Summary

Modifier and Type	Method	Description
void	clearInactiveSessions(SessionConfig sessionConfig, int minutes, ITransaction transaction)	Deprecated. since 12.1.0 removed from stable API without replacement.
void	endImpersonation(SessionConfig sessionConfig)	Ends an impersonation in the current thread, that has been started by impersonate(String).
java.util.Collection<SessionConfig>	getSessionsByUserId(SessionConfig sessionConfig, java.lang.String userId, ITransaction transaction)	Returns a collection of active session objects for the given user.
java.lang.String	getUserIdBySessionId(SessionConfig sessionConfig, ITransaction transaction)	Deprecated. Since 4.0.8, this method was replaced by SessionConfig.getUserId().
SessionConfig	impersonate(java.lang.String userId)	The authenticated user in the current thread impersonates another user.
void	keepSessionAlive(SessionConfig sessionConfig)	Keeps the specified session alive by updating the last time the session was used.
SessionConfig	login(java.lang.String securityAlias, java.lang.String login, java.lang.String password, ITransaction transaction)	Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user. This is the same as calling mfaLogin(String, String, String, String, ITransaction) using null as the MFA token.
SessionConfig	login(java.lang.String login, java.lang.String password, ITransaction transaction)	Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user. This is the same as calling mfaLogin(String, String, String, ITransaction) using null as the MFA token.
java.lang.String	loginFramworkClockUser(ITransaction transaction)	Deprecated. Since 4.0.8, instead of calling this method generate a impersonated SessionConfig by calling impersonate(String) using UserConfig.USER_FRAMEWORKCLOCK_ID as parameter.
java.lang.String	loginUser(java.lang.String login, java.lang.String password, ITransaction transaction)	Deprecated. Since 4.0.8, this method has been replaced by login(String, String, ITransaction).
SessionConfig	loginUser(java.lang.String userId, ITransaction transaction)	Logins a user without performing any authentication.
java.lang.String	loginUserGuest()	Deprecated. Since 4.0.8, instead of calling this method generate a impersonated SessionConfig by calling impersonate(String) using UserConfig.USER_GUEST_ID as parameter.
void	logoutUser(SessionConfig sessionConfig, ITransaction transaction)	Close the user's session given the userSession and the transaction.
SessionConfig	mfaLogin(java.lang.String securityAlias, java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)	Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user. The MFA token is only checked if multi-factor authentication is enabled for the given user. In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.
SessionConfig	mfaLogin(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)	Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user. This is the same as mfaLogin(String, String, String, String, ITransaction) using the default login module. The MFA token is only checked if multi-factor authentication is enabled for the given user. In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.
boolean	validatePassword(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)	Validates the password and the MFA token for the given login. The MFA token is only checked if multi-factor authentication is enabled for the given user. In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.
boolean	validatePassword(java.lang.String login, java.lang.String password, ITransaction transaction)	Validates the password for the given login. This is the same as calling validatePassword(String, String, String, ITransaction) with null as the MFA token.
boolean	validateSessionId(SessionConfig sessionConfig, ITransaction transaction)	Validate the session of the User given the userSession and transaction.

Method Detail

validateSessionId

boolean validateSessionId(SessionConfig sessionConfig,
                          ITransaction transaction)
                   throws ManagerException,
                          PortalException

Validate the session of the User given the userSession and transaction. This method returns a boolean variable with True or False value

Parameters:

sessionConfig -

transaction -

Returns:

true if the Session is valis and false otherwise.

Throws:

ManagerException

PortalException

getUserIdBySessionId

@Deprecated
java.lang.String getUserIdBySessionId(SessionConfig sessionConfig,
                                      ITransaction transaction)
                               throws ManagerException,
                                      PortalException

Deprecated.

Since 4.0.8, this method was replaced by SessionConfig.getUserId().

Return the id of the user given the userSession.

Parameters:

sessionConfig -

transaction -

Returns:

a String.

Throws:

ManagerException

PortalException

loginUser

@Deprecated
java.lang.String loginUser(java.lang.String login,
                           java.lang.String password,
                           ITransaction transaction)
                    throws ManagerException,
                           PortalException

Deprecated.

Since 4.0.8, this method has been replaced by login(String, String, ITransaction).

Start the user's session given the login and password. This method returns the user's session configuration. Framework users like LumisFrameworkClockUser and LumisPageCacheUser cannot be authenticated through this method.

Parameters:

login -

password -

transaction -

Returns:

a String.

Throws:

ManagerException

PortalException

validatePassword

boolean validatePassword(java.lang.String login,
                         java.lang.String password,
                         ITransaction transaction)
                  throws PortalException

Validates the password for the given login.
This is the same as calling validatePassword(String, String, String, ITransaction) with null as the MFA token.

Parameters:

login - the user's login.

password - the user's password.

transaction - the transaction for persistence access.

Returns:

true if the given password is correct for the specified login or false otherwise.

Throws:

PortalException

Since:

16.0.0

validatePassword

boolean validatePassword(java.lang.String login,
                         java.lang.String password,
                         java.lang.String mfaToken,
                         ITransaction transaction)
                  throws PortalException

Validates the password and the MFA token for the given login.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.

Parameters:

login - the user's login.

password - the user's password.

mfaToken - the MFA token.

transaction - the transaction for persistence access.

Returns:

true if the given password is correct for the specified login or false otherwise.

Throws:

PortalException

Since:

16.1.0

login

SessionConfig login(java.lang.String login,
                    java.lang.String password,
                    ITransaction transaction)
             throws PortalException

Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as calling mfaLogin(String, String, String, ITransaction) using null as the MFA token.

Parameters:

login - the user's login.

password - the user's password.

transaction - the transaction for persistence access.

Returns:

the created SessionConfig, or null if the login operation could not authenticate the user.

Throws:

PortalException

Since:

4.0.8

See Also:

loginUser(String, ITransaction)

login

SessionConfig login(java.lang.String securityAlias,
                    java.lang.String login,
                    java.lang.String password,
                    ITransaction transaction)
             throws PortalException

Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as calling mfaLogin(String, String, String, String, ITransaction) using null as the MFA token.

Parameters:

securityAlias - the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.

login - the user's login.

password - the user's password.

transaction - the transaction for persistence access.

Returns:

the created SessionConfig, or null if the login operation could not authenticate the user.

Throws:

PortalException

Since:

4.1.0

See Also:

loginUser(String, ITransaction)

mfaLogin

SessionConfig mfaLogin(java.lang.String login,
                       java.lang.String password,
                       java.lang.String mfaToken,
                       ITransaction transaction)
                throws PortalException

Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as mfaLogin(String, String, String, String, ITransaction) using the default login module.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.

Parameters:

login - the user's login.

password - the user's password.

mfaToken - the MFA token.

transaction - the transaction for persistence access.

Returns:

the created SessionConfig, or null if the login operation could not authenticate the user.

Throws:

PortalException

Since:

16.1.0

See Also:

loginUser(String, ITransaction)

mfaLogin

SessionConfig mfaLogin(java.lang.String securityAlias,
                       java.lang.String login,
                       java.lang.String password,
                       java.lang.String mfaToken,
                       ITransaction transaction)
                throws PortalException

Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.

Parameters:

securityAlias - the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.

login - the user's login.

password - the user's password.

mfaToken - the MFA token.

transaction - the transaction for persistence access.

Returns:

the created SessionConfig, or null if the login operation could not authenticate the user.

Throws:

PortalException

Since:

16.1.0

See Also:

loginUser(String, ITransaction)

loginUser

SessionConfig loginUser(java.lang.String userId,
                        ITransaction transaction)
                 throws PortalException

Logins a user without performing any authentication.

Parameters:

userId - the userId.

transaction - the transaction for persistence access.

Throws:

PortalException

Since:

4.0.8

loginUserGuest

@Deprecated
java.lang.String loginUserGuest()
                         throws ManagerException,
                                PortalException

Deprecated.

Since 4.0.8, instead of calling this method generate a impersonated SessionConfig by calling impersonate(String) using UserConfig.USER_GUEST_ID as parameter.

Add a guest session. This method returns the user's session configuration.

Returns:

Returns a String.

Throws:

ManagerException

PortalException

logoutUser

void logoutUser(SessionConfig sessionConfig,
                ITransaction transaction)
         throws ManagerException,
                PortalException

Close the user's session given the userSession and the transaction.

Parameters:

sessionConfig -

transaction -

Throws:

ManagerException

PortalException

clearInactiveSessions

@Deprecated
void clearInactiveSessions(SessionConfig sessionConfig,
                           int minutes,
                           ITransaction transaction)
                    throws ManagerException,
                           PortalException

Deprecated.

since 12.1.0 removed from stable API without replacement.

Deletes the sessions inactive for the specified amount of minutes.

Parameters:

sessionConfig -

minutes -

transaction -

Throws:

ManagerException

PortalException

loginFramworkClockUser

@Deprecated
java.lang.String loginFramworkClockUser(ITransaction transaction)
                                 throws ManagerException,
                                        PortalException

Deprecated.

Since 4.0.8, instead of calling this method generate a impersonated SessionConfig by calling impersonate(String) using UserConfig.USER_FRAMEWORKCLOCK_ID as parameter.

Creates a session for the FrameworkClock user.

Parameters:

transaction -

Returns:

Throws:

ManagerException

PortalException

keepSessionAlive

void keepSessionAlive(SessionConfig sessionConfig)
               throws ManagerException,
                      PortalException

Keeps the specified session alive by updating the last time the session was used.

Parameters:

sessionConfig -

Throws:

ManagerException

PortalException

Since:

4.0.3

impersonate

SessionConfig impersonate(java.lang.String userId)
                   throws PortalException

The authenticated user in the current thread impersonates another user. Call endImpersonation(SessionConfig) to end an impersonation initiated by this method.

Parameters:

userId - the user id.

Returns:

the impersonated SessionConfig.

Throws:

PortalException

Since:

4.0.8

endImpersonation

void endImpersonation(SessionConfig sessionConfig)
               throws PortalException

Ends an impersonation in the current thread, that has been started by impersonate(String).

Parameters:

sessionConfig - the impersonated session config.

Throws:

java.lang.IllegalArgumentException - if sessionConfig is not the current impersonated SessionConfig instance.

PortalException

Since:

4.0.8

getSessionsByUserId

java.util.Collection<SessionConfig> getSessionsByUserId(SessionConfig sessionConfig,
                                                        java.lang.String userId,
                                                        ITransaction transaction)
                                                 throws PortalException

Returns a collection of active session objects for the given user. Guest and impersonated users are not considered active.

Parameters:

sessionConfig -

userId -

transaction -

Returns:

Throws:

PortalException

Since:

4.0.11