RepositoryApplicationUserAuthority (ATG Java API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

atg.security
Class RepositoryApplicationUserAuthority

java.lang.Object
  atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      atg.nucleus.GenericService
          atg.nucleus.RegisteredService
              atg.security.GenericUserAuthority
                  atg.security.RepositoryApplicationUserAuthority

All Implemented Interfaces:: NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, atg.nucleus.logging.VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, LoginUserAuthority, UserAuthority, UserAuthority2, java.util.EventListener

public class RepositoryApplicationUserAuthority
extends GenericUserAuthority
implements LoginUserAuthority
extends GenericUserAuthority
implements LoginUserAuthority

This LoginUserAuthority implements the bare minimum required to do logins and determine role memberships. It reads its data from a Repository, and must be configured with the names of the repository views and properties that it should use to obtain information such as login names, passwords, etc. It only reads from the Repository - it never writes.

The Persona objects generated by this UserAuthority represent only users, not groups or privileges. Personas are read only, and have no subPersonas or attributes. The only methods implemented for a Persona are getName (which returns the user's login), getUserAuthority, equals, and hasRole.

The repository is expected to contain a repository view representing the users, from which logins and passwords will be read. Presumably this repository view will contain more information about a user, but the UserAuthority only cares about those particular properties.

Optionally, the user's repository view may contain a "roles" property, which is consulted when Persona.hasRole is called. This property may be one of several types:

String[], or Collection (Set, List, etc.) of Strings - these represent the names of the roles associated with a user
RepositoryItem[], or Collection (Set, List, etc.) of RepositoryItems - these represent "role" objects associated with a user. In this case, the roleViewRoleNameProperty should be defined, indicating which property of that RepositoryItem contains the role's name.

The following properties are used to configure all of the above:

userView - the name of the repository view representing users. This property is required.
userViewLoginProperty - the name of the property in the user's repository view containing the login name of a user. It is presumed (but not enforced) that login names will be unique among users. This property is required.
userViewPasswordProperty - the name of the property in the user's repository view containing the user's password. If passwordHashingEnabled is true, then the value of this property when it is read should return the hashed value of the password, not the value of the password in plaintext. This property is optional - if it is omitted, then logins are permitted as long as the login name matches an existing login, regardless of password.
userViewRolesProperty - the name of the property containing the collection or array of roles with which the user is associated. As described above, the type of this property must be a String[], a Collection of Strings, a RepositoryItem[], or a Collection of RepositoryItems.
roleViewRoleNameProperty - if a userViewRolesProperty is specified and is of type RepositoryItem[] or Collection of RepositoryItems, then this indicates which property of that RepositoryItem contains the role's name.
passwordHasher - the name of a PasswordHasher component that will handle hashing and encryption of passwords. By default this uses MD5 digest hashing and encodes the result in base-16.

Field Summary
`static java.lang.String`	`CLASS_VERSION`

Fields inherited from class atg.nucleus.GenericService
`SERVICE_INFO_KEY`

Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
`DEFAULT_LOG_TRACE_STATUS`

Fields inherited from interface atg.nucleus.logging.ApplicationLogging
`DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS`

Constructor Summary
`RepositoryApplicationUserAuthority()` Constructor

Method Summary
`void`	`doStartService()` This is called after a Service has been created, placed into the naming hierarchy, and initialized with its configured property values.
`PasswordHasher`	`getPasswordHasher()` Returns the password hasher object used to encrypt password text to whatever format is required by login().
`Persona`	`getPersona(java.lang.Object pLoginName)` Returns a persona for the given login name.
`Repository`	`getRepository()`
`java.lang.String`	`getRoleViewRoleNameProperty()`
`javax.transaction.TransactionManager`	`getTransactionManager()`
`java.lang.String`	`getUserView()`
`java.lang.String`	`getUserViewLoginProperty()`
`java.lang.String`	`getUserViewPasswordProperty()`
`java.lang.String`	`getUserViewRolesProperty()`
`boolean`	`hasRole(RepositoryItem pUserItem, java.lang.String pLoginName, java.lang.String pRoleName)` Determine if the specified user's item has the specified role name.
`boolean`	`hasRoleViewRoleNameProperty()` Returns true if RoleViewRoleNameProperty is specified, false if it is null or empty String
`boolean`	`hasUserView()` Returns true if UserView is specified, false if it is null or empty String
`boolean`	`hasUserViewLoginProperty()` Returns true if UserViewLoginProperty is specified, false if it is null or empty String
`boolean`	`hasUserViewPasswordProperty()` Returns true if UserViewPasswordProperty is specified, false if it is null or empty String
`boolean`	`hasUserViewRolesProperty()` Returns true if UserViewRolesProperty is specified, false if it is null or empty String
`boolean`	`login(User pUser, java.lang.String pName, java.lang.String pPassword, java.lang.Object pHashKey)` Authenticates a user, populating the User object with appropriate personae.
`void`	`setPasswordHasher(PasswordHasher pPasswordHasher)` Sets the password hasher object used to encrypt password text to whatever format is required by login().
`void`	`setRepository(Repository pRepository)`
`void`	`setRoleViewRoleNameProperty(java.lang.String pRoleViewRoleNameProperty)`
`void`	`setTransactionManager(javax.transaction.TransactionManager pTransactionManager)`
`void`	`setUserView(java.lang.String pUserView)`
`void`	`setUserViewLoginProperty(java.lang.String pUserViewLoginProperty)`
`void`	`setUserViewPasswordProperty(java.lang.String pUserViewPasswordProperty)`
`void`	`setUserViewRolesProperty(java.lang.String pUserViewRolesProperty)`

Methods inherited from class atg.security.GenericUserAuthority
`addAuthenticationFailedListener, addAuthenticationSucceededListener, addSpecialPersona, fireAuthenticationFailedEvent, fireAuthenticationSucceededEvent, getProxyUserAuthorities, getSpecialPersonae, getSupportsEveryone, getUserAuthorityName, removeAuthenticationFailedListener, removeAuthenticationSucceededListener, removeSpecialPersona, setProxyUserAuthorities, setSpecialPersonae, setSupportsEveryone, setUserAuthorityName, userDestroyed`

Methods inherited from class atg.security.GenericUserAuthority

addAuthenticationFailedListener, addAuthenticationSucceededListener, addSpecialPersona, fireAuthenticationFailedEvent, fireAuthenticationSucceededEvent, getProxyUserAuthorities, getSpecialPersonae, getSupportsEveryone, getUserAuthorityName, removeAuthenticationFailedListener, removeAuthenticationSucceededListener, removeSpecialPersona, setProxyUserAuthorities, setSpecialPersonae, setSupportsEveryone, setUserAuthorityName, userDestroyed

Methods inherited from class atg.nucleus.RegisteredService
`addToRegistry, getRegistry, getRegistryName, getServiceName, removeFromRegistry, setRegistryName, setServiceName, startService, stopService`

Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStopService, getAbsoluteName, getAdminServlet, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo

Methods inherited from class atg.nucleus.GenericService

addLogListener, createAdminServlet, doStopService, getAbsoluteName, getAdminServlet, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo

Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
`vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface atg.security.UserAuthority
`addAuthenticationFailedListener, addAuthenticationSucceededListener, getUserAuthorityName, removeAuthenticationFailedListener, removeAuthenticationSucceededListener, userDestroyed`

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

Constructor Detail

RepositoryApplicationUserAuthority

public RepositoryApplicationUserAuthority()

Constructor

Method Detail

getRepository

public Repository getRepository()

setRepository

public void setRepository(Repository pRepository)

getTransactionManager

public javax.transaction.TransactionManager getTransactionManager()

setTransactionManager

public void setTransactionManager(javax.transaction.TransactionManager pTransactionManager)

getUserView

public java.lang.String getUserView()

setUserView

public void setUserView(java.lang.String pUserView)

getUserViewLoginProperty

public java.lang.String getUserViewLoginProperty()

setUserViewLoginProperty

public void setUserViewLoginProperty(java.lang.String pUserViewLoginProperty)

getUserViewPasswordProperty

public java.lang.String getUserViewPasswordProperty()

setUserViewPasswordProperty

public void setUserViewPasswordProperty(java.lang.String pUserViewPasswordProperty)

getUserViewRolesProperty

public java.lang.String getUserViewRolesProperty()

setUserViewRolesProperty

public void setUserViewRolesProperty(java.lang.String pUserViewRolesProperty)

getRoleViewRoleNameProperty

public java.lang.String getRoleViewRoleNameProperty()

setRoleViewRoleNameProperty

public void setRoleViewRoleNameProperty(java.lang.String pRoleViewRoleNameProperty)

hasRole

public boolean hasRole(RepositoryItem pUserItem,
                       java.lang.String pLoginName,
                       java.lang.String pRoleName)

Determine if the specified user's item has the specified role name.

hasUserView

public boolean hasUserView()

Returns true if UserView is specified, false if it is null or empty String

hasUserViewLoginProperty

public boolean hasUserViewLoginProperty()

Returns true if UserViewLoginProperty is specified, false if it is null or empty String

hasUserViewPasswordProperty

public boolean hasUserViewPasswordProperty()

Returns true if UserViewPasswordProperty is specified, false if it is null or empty String

hasUserViewRolesProperty

public boolean hasUserViewRolesProperty()

Returns true if UserViewRolesProperty is specified, false if it is null or empty String

hasRoleViewRoleNameProperty

public boolean hasRoleViewRoleNameProperty()

Returns true if RoleViewRoleNameProperty is specified, false if it is null or empty String

getPersona

public Persona getPersona(java.lang.Object pLoginName)

Returns a persona for the given login name. Returns null if there is no persona for the indicated login name.

Specified by:: getPersona in interface UserAuthority
Overrides:: getPersona in class GenericUserAuthority

getPasswordHasher

public PasswordHasher getPasswordHasher()

Returns the password hasher object used to encrypt password text to whatever format is required by login().

Specified by:: getPasswordHasher in interface LoginUserAuthority

setPasswordHasher

public void setPasswordHasher(PasswordHasher pPasswordHasher)

Sets the password hasher object used to encrypt password text to whatever format is required by login(). By default, this will be an instance of DigestPasswordHasher.

login

public boolean login(User pUser,
                     java.lang.String pName,
                     java.lang.String pPassword,
                     java.lang.Object pHashKey)

Authenticates a user, populating the User object with appropriate personae.

Specified by:: login in interface LoginUserAuthority

See Also:: PasswordHasher

doStartService

public void doStartService()
                    throws ServiceException

Description copied from class: GenericService

This is called after a Service has been created, placed into the naming hierarchy, and initialized with its configured property values. The Service should override this method to start any processes it requires.

Overrides:: doStartService in class GenericService

Throws:: ServiceException - if the Service had a problem starting up