Package lumis.portal.authentication
Class AuthenticationManager
- java.lang.Object
-
- lumis.portal.authentication.AuthenticationManager
-
- All Implemented Interfaces:
IAuthenticationManager
,IAuthenticationManagerSPI
,IMFAAuthenticationManagerSPI
public class AuthenticationManager extends java.lang.Object implements IAuthenticationManagerSPI
Manager responsible for authenticating users and keeping session information.- Since:
- 4.0.0
- Version:
- $Revision$ $Date$
-
-
Constructor Summary
Constructors Constructor Description AuthenticationManager()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
clearExpiredMFATokens()
void
clearInactiveSessions(SessionConfig sessionConfig, int minutes, ITransaction transaction)
Deletes the sessions inactive for the specified amount of minutes.boolean
clearThreadData()
Clearssession config's
thread
data.void
endImpersonation(SessionConfig sessionConfig)
Ends an impersonation in the current thread, that has been started byIAuthenticationManager.impersonate(String)
.static java.lang.String
generateSessionId()
Generates a new session identifier.java.util.Collection<SessionConfig>
getSessionsByUserId(SessionConfig sessionConfig, java.lang.String userId, ITransaction transaction)
Returns a collection of active session objects for the given user.java.lang.String
getUserIdBySessionId(SessionConfig sessionConfig, ITransaction transaction)
Deprecated.SessionConfig
impersonate(java.lang.String userId)
The authenticated user in the current thread impersonates another user.void
keepSessionAlive(SessionConfig sessionConfig)
Keeps the specified session alive by updating the last time the session was used.SessionConfig
login(java.lang.String securityAlias, java.lang.String login, java.lang.String password, ITransaction transaction)
Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)
usingnull
as the MFA token.SessionConfig
login(java.lang.String login, java.lang.String password, ITransaction transaction)
Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, ITransaction)
usingnull
as the MFA token.java.lang.String
loginFramworkClockUser(ITransaction transaction)
Deprecated.java.lang.String
loginUser(java.lang.String login, java.lang.String password, ITransaction transaction)
Deprecated.SessionConfig
loginUser(java.lang.String userId, ITransaction transaction)
Logins a user without performing any authentication.java.lang.String
loginUserGuest()
Deprecated.void
logoutUser(SessionConfig sessionConfig, ITransaction transaction)
Close the user's session given the userSession and the transaction.SessionConfig
mfaLogin(java.lang.String securityAlias, java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)
Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.SessionConfig
mfaLogin(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)
Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same asIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)
using the default login module.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.IMFATokenSendResult
sendMFATokenEmail(java.lang.String userLogin)
Sends an email with a token to be used for authentication.
Returns the created token result.
Requires a validSessionConfig
and an activeITransaction
.boolean
validatePassword(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction)
Validates the password and the MFA token for the given login.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.boolean
validatePassword(java.lang.String login, java.lang.String password, ITransaction transaction)
Validates the password for the given login.
This is the same as callingIAuthenticationManager.validatePassword(String, String, String, ITransaction)
withnull
as the MFA token.boolean
validateSessionId(SessionConfig sessionConfig, ITransaction transaction)
Validate the session of the User given the userSession and transaction.
-
-
-
Method Detail
-
validateSessionId
public boolean validateSessionId(SessionConfig sessionConfig, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Validate the session of the User given the userSession and transaction. This method returns a boolean variable with True or False value- Specified by:
validateSessionId
in interfaceIAuthenticationManager
- Returns:
- true if the Session is valis and false otherwise.
- Throws:
ManagerException
PortalException
-
getUserIdBySessionId
@Deprecated public java.lang.String getUserIdBySessionId(SessionConfig sessionConfig, ITransaction transaction) throws ManagerException, PortalException
Deprecated.Description copied from interface:IAuthenticationManager
Return the id of the user given the userSession.- Specified by:
getUserIdBySessionId
in interfaceIAuthenticationManager
- Returns:
- a String.
- Throws:
ManagerException
PortalException
-
loginFramworkClockUser
@Deprecated public java.lang.String loginFramworkClockUser(ITransaction transaction) throws ManagerException, PortalException
Deprecated.Description copied from interface:IAuthenticationManager
Creates a session for the FrameworkClock user.- Specified by:
loginFramworkClockUser
in interfaceIAuthenticationManager
- Returns:
- Throws:
ManagerException
PortalException
-
loginUser
@Deprecated public java.lang.String loginUser(java.lang.String login, java.lang.String password, ITransaction transaction) throws ManagerException, PortalException
Deprecated.Description copied from interface:IAuthenticationManager
Start the user's session given the login and password. This method returns the user's session configuration. Framework users like LumisFrameworkClockUser and LumisPageCacheUser cannot be authenticated through this method.- Specified by:
loginUser
in interfaceIAuthenticationManager
- Returns:
- a String.
- Throws:
ManagerException
PortalException
-
login
public SessionConfig login(java.lang.String login, java.lang.String password, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, ITransaction)
usingnull
as the MFA token.- Specified by:
login
in interfaceIAuthenticationManager
- Parameters:
login
- the user's login.password
- the user's password.transaction
- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalException
ManagerException
- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
validatePassword
public boolean validatePassword(java.lang.String login, java.lang.String password, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManager
Validates the password for the given login.
This is the same as callingIAuthenticationManager.validatePassword(String, String, String, ITransaction)
withnull
as the MFA token.- Specified by:
validatePassword
in interfaceIAuthenticationManager
- Parameters:
login
- the user's login.password
- the user's password.transaction
- the transaction for persistence access.- Returns:
true
if the given password is correct for the specified login orfalse
otherwise.- Throws:
PortalException
-
validatePassword
public boolean validatePassword(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManager
Validates the password and the MFA token for the given login.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.- Specified by:
validatePassword
in interfaceIAuthenticationManager
- Parameters:
login
- the user's login.password
- the user's password.mfaToken
- the MFA token.transaction
- the transaction for persistence access.- Returns:
true
if the given password is correct for the specified login orfalse
otherwise.- Throws:
PortalException
-
login
public SessionConfig login(java.lang.String securityAlias, java.lang.String login, java.lang.String password, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same as callingIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)
usingnull
as the MFA token.- Specified by:
login
in interfaceIAuthenticationManager
- Parameters:
securityAlias
- the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.login
- the user's login.password
- the user's password.transaction
- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalException
ManagerException
- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
mfaLogin
public SessionConfig mfaLogin(java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManager
Logins a user using the specified password as his credentials, and returns the new SessionConfig for the logged in user.
This is the same asIAuthenticationManager.mfaLogin(String, String, String, String, ITransaction)
using the default login module.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.- Specified by:
mfaLogin
in interfaceIAuthenticationManager
- Parameters:
login
- the user's login.password
- the user's password.mfaToken
- the MFA token.transaction
- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalException
- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
mfaLogin
public SessionConfig mfaLogin(java.lang.String securityAlias, java.lang.String login, java.lang.String password, java.lang.String mfaToken, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Logins a user using the specified JAAS security alias, password as his credentials, and returns the new SessionConfig for the logged in user.
The MFA token is only checked if multi-factor authentication is enabled for the given user.
In the case the multi-factor authentication is enabled, the user must have a valid MFA token in order to be authenticated.- Specified by:
mfaLogin
in interfaceIAuthenticationManager
- Parameters:
securityAlias
- the JAAS security alias to use. If null, the default security alias specified in the lumisportalconfig.xml file is used.login
- the user's login.password
- the user's password.mfaToken
- the MFA token.transaction
- the transaction for persistence access.- Returns:
- the created SessionConfig, or null if the login operation could not authenticate the user.
- Throws:
PortalException
ManagerException
- See Also:
IAuthenticationManager.loginUser(String, ITransaction)
-
loginUser
public SessionConfig loginUser(java.lang.String userId, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManager
Logins a user without performing any authentication.- Specified by:
loginUser
in interfaceIAuthenticationManager
- Parameters:
userId
- the userId.transaction
- the transaction for persistence access.- Throws:
PortalException
-
logoutUser
public void logoutUser(SessionConfig sessionConfig, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Close the user's session given the userSession and the transaction.- Specified by:
logoutUser
in interfaceIAuthenticationManager
- Throws:
ManagerException
PortalException
-
loginUserGuest
@Deprecated public java.lang.String loginUserGuest() throws ManagerException, PortalException
Deprecated.Description copied from interface:IAuthenticationManager
Add a guest session. This method returns the user's session configuration.- Specified by:
loginUserGuest
in interfaceIAuthenticationManager
- Returns:
- Returns a String.
- Throws:
ManagerException
PortalException
-
clearInactiveSessions
public void clearInactiveSessions(SessionConfig sessionConfig, int minutes, ITransaction transaction) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Deletes the sessions inactive for the specified amount of minutes.- Specified by:
clearInactiveSessions
in interfaceIAuthenticationManager
- Throws:
ManagerException
PortalException
-
keepSessionAlive
public void keepSessionAlive(SessionConfig sessionConfig) throws ManagerException, PortalException
Description copied from interface:IAuthenticationManager
Keeps the specified session alive by updating the last time the session was used.- Specified by:
keepSessionAlive
in interfaceIAuthenticationManager
- Throws:
ManagerException
PortalException
-
impersonate
public SessionConfig impersonate(java.lang.String userId) throws PortalException
Description copied from interface:IAuthenticationManager
The authenticated user in the current thread impersonates another user. CallIAuthenticationManager.endImpersonation(SessionConfig)
to end an impersonation initiated by this method.- Specified by:
impersonate
in interfaceIAuthenticationManager
- Parameters:
userId
- the user id.- Returns:
- the impersonated SessionConfig.
- Throws:
PortalException
-
endImpersonation
public void endImpersonation(SessionConfig sessionConfig) throws PortalException
Description copied from interface:IAuthenticationManager
Ends an impersonation in the current thread, that has been started byIAuthenticationManager.impersonate(String)
.- Specified by:
endImpersonation
in interfaceIAuthenticationManager
- Parameters:
sessionConfig
- the impersonated session config.- Throws:
PortalException
-
getSessionsByUserId
public java.util.Collection<SessionConfig> getSessionsByUserId(SessionConfig sessionConfig, java.lang.String userId, ITransaction transaction) throws PortalException
Description copied from interface:IAuthenticationManager
Returns a collection of active session objects for the given user. Guest and impersonated users are not considered active.- Specified by:
getSessionsByUserId
in interfaceIAuthenticationManager
- Returns:
- Throws:
PortalException
-
clearThreadData
public boolean clearThreadData()
Clearssession config's
thread
data.- Returns:
true
if there was data to be cleared orfalse
if the thread data was already clear.- Since:
- 6.0.0
-
generateSessionId
public static java.lang.String generateSessionId()
Generates a new session identifier. Based onSecureRandom
, incremental integer and current time.- Returns:
- the generated session identifier.
- Since:
- 11.0.0
-
sendMFATokenEmail
public IMFATokenSendResult sendMFATokenEmail(java.lang.String userLogin) throws PortalException
Description copied from interface:IMFAAuthenticationManagerSPI
Sends an email with a token to be used for authentication.
Returns the created token result.
Requires a validSessionConfig
and an activeITransaction
.- Specified by:
sendMFATokenEmail
in interfaceIMFAAuthenticationManagerSPI
- Parameters:
userLogin
- the user login- Returns:
- the created token result
- Throws:
PortalException
- if some error occurs
-
clearExpiredMFATokens
public void clearExpiredMFATokens() throws PortalException
Description copied from interface:IMFAAuthenticationManagerSPI
- Specified by:
clearExpiredMFATokens
in interfaceIMFAAuthenticationManagerSPI
- Throws:
PortalException
- if some error occurs
-
-