Class LoginProcessor

  • Direct Known Subclasses:
    RemoteLoginProcessor

    public abstract class LoginProcessor
    extends java.lang.Object
    Handle the login handshake for a single user.
    Since:
    inetcore 3.2
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String GUEST_LOGIN_SOURCE
      The login source for the guest login.
      static com.inet.logging.Logger LOGGER
      The authentication logger.
      static java.lang.String MASTER_LOGIN_ID
      The login ID for the master login.
      static java.lang.String MASTER_LOGIN_SOURCE
      The login source for the master login.
      static java.lang.String SYSTEM_LOGIN_SOURCE
      The login source for all logins that come from the underlying system.
      static java.lang.String TEMP_LOGIN_SOURCE
      The login source for the temp login.
    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      com.inet.usersandgroups.api.user.LoginSettings createLoginSettings​(java.lang.String loginID)
      Create a LoginSettings for the given loginID
      protected com.inet.usersandgroups.api.user.MutableUserData createNewUserData()
      Create a MutableUserData for creating a new UserAccount
      static void destroyCurrent()
      Remove current LoginProcessor from current thread.
      AuthenticationDescription getAuthenticationDescription()
      Get the AuthenticationDescription for creating this login processor.
      static LoginProcessor getCurrent()
      Get the login processor for the current request session/thread.
      abstract java.lang.String getLoginID()
      Returns the user ID of the logged in user, or null if the user is not logged in.
      abstract java.lang.String getLoginSource()
      Get an unique ID for the source of the login.
      protected com.inet.usersandgroups.api.user.UserAccount getOrCreateUserAccount​(java.lang.String loginID)
      Get user account from the user manager or create if not exists.
      com.inet.id.GUID getUserAccountID()
      Get the id of the account or null if not login.
      UserAccountType getUserAccountType()
      The account type determine some possible features of a user and/or login.
      protected boolean isCreateUserAccountSupported()
      If the creation of new login user supported.
      boolean isCreationBlocked()
      If the user exists in the login processor but not in the local user manager and creation is not supported.
      boolean isNewUser()
      If the user was a new user in this browser session.
      boolean isSameAccount​(java.lang.String loginID, char[] passwordChars, com.inet.usersandgroups.api.user.LoginSettings login)
      Check if the given LoginSettings match this LoginProcessor settings.
      abstract boolean isWebUserInRole​(java.lang.String role)
      Returns true if the current user is member of the given role/group.
      static void setCurrent​(LoginProcessor login)
      Sets the specified LoginProcessor as the info for the current request session/thread.
      static void setCurrent​(com.inet.thread.BaseRunnableSession session, LoginProcessor login)
      FOR INTERNAL USE ONLY Sets the specified LoginProcessor in the session.
      static void setCurrentForAllThreads​(LoginProcessor login)
      Set the LoginProcessor from the designer.
      <T> T unwrap​(java.lang.Class<T> clazz)
      Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • SYSTEM_LOGIN_SOURCE

        public static final java.lang.String SYSTEM_LOGIN_SOURCE
        The login source for all logins that come from the underlying system.
        See Also:
        Constant Field Values
      • MASTER_LOGIN_SOURCE

        public static final java.lang.String MASTER_LOGIN_SOURCE
        The login source for the master login.
        See Also:
        Constant Field Values
      • MASTER_LOGIN_ID

        public static final java.lang.String MASTER_LOGIN_ID
        The login ID for the master login.
        See Also:
        Constant Field Values
      • GUEST_LOGIN_SOURCE

        public static final java.lang.String GUEST_LOGIN_SOURCE
        The login source for the guest login.
        See Also:
        Constant Field Values
      • TEMP_LOGIN_SOURCE

        public static final java.lang.String TEMP_LOGIN_SOURCE
        The login source for the temp login.
        See Also:
        Constant Field Values
      • LOGGER

        @Nonnull
        public static final com.inet.logging.Logger LOGGER
        The authentication logger.
    • Constructor Detail

      • LoginProcessor

        protected LoginProcessor​(AuthenticationDescription description)
        Create a new LoginProcessor
        Parameters:
        description - the AuthenticationDescription for creating this login processor
        Since:
        inetcore 4.0
    • Method Detail

      • getAuthenticationDescription

        @Nullable
        public AuthenticationDescription getAuthenticationDescription()
        Get the AuthenticationDescription for creating this login processor.
        Returns:
        the AuthenticationProvider
        Since:
        inetcore 4.0
      • getUserAccountID

        @Nullable
        public com.inet.id.GUID getUserAccountID()
        Get the id of the account or null if not login. Also zero if a possible two factor is not validated.

        For the current user use UserManager.getInstance().getCurrentUserAccountID()

        Returns:
        the id
        Since:
        inetcore 3.2
      • getOrCreateUserAccount

        @Nullable
        protected com.inet.usersandgroups.api.user.UserAccount getOrCreateUserAccount​(@Nonnull
                                                                                      java.lang.String loginID)
        Get user account from the user manager or create if not exists. This method does not fire a user login event. If isCreateUserAccountSupported() returns false then this can return null.
        Parameters:
        loginID - the login ID
        Returns:
        the user account
        Throws:
        com.inet.http.ClientMessageException - if there should be displayed a message to the client like a deactivated user
        Since:
        inetcore 3.2
      • createLoginSettings

        @Nonnull
        public com.inet.usersandgroups.api.user.LoginSettings createLoginSettings​(java.lang.String loginID)
        Create a LoginSettings for the given loginID
        Parameters:
        loginID - the current ID
        Returns:
        the login
        Since:
        inetcore 4.0
      • isCreateUserAccountSupported

        protected boolean isCreateUserAccountSupported()
        If the creation of new login user supported. This can be disabled with a configuration setting or if the LoginSettings need additional data.
        Returns:
        if automatic login creation is supported
        Since:
        inetcore 3.2
      • createNewUserData

        @Nonnull
        protected com.inet.usersandgroups.api.user.MutableUserData createNewUserData()
        Create a MutableUserData for creating a new UserAccount
        Returns:
        the user data
        Since:
        23.4
      • getLoginSource

        @Nonnull
        public abstract java.lang.String getLoginSource()
        Get an unique ID for the source of the login. This is important if more as one authentication provider is used. Two login with the same login ID but a different login source are different logins.
        Returns:
        the login source. Can not be null or empty after trim.
        Since:
        inetcore 3.2
      • getLoginID

        @Nullable
        public abstract java.lang.String getLoginID()
        Returns the user ID of the logged in user, or null if the user is not logged in.

        A non null login ID means that the user is login in the underlying login system. For example into LDAP. This means not that the user is logged into this software. Check UserManager.getInstance().getCurrentUserAccountID() if there is a current user. Caused for the discrepancy can be two factor authentication, a deactivate user or disabled creating of new users. This can be username, email address or any other type of ID that is unique to the current login source. Login IDs should be treated in a case-insensitive way.

        Returns:
        the login ID
        Since:
        inetcore 3.2
      • getUserAccountType

        @Nonnull
        public UserAccountType getUserAccountType()
        The account type determine some possible features of a user and/or login.
        Returns:
        the user account type
        Since:
        inetcore 3.2
      • isWebUserInRole

        public abstract boolean isWebUserInRole​(java.lang.String role)
        Returns true if the current user is member of the given role/group.
        Parameters:
        role - - Role of web user
        Returns:
        true if this user has this role
        Since:
        inetcore 3.2
      • isNewUser

        public boolean isNewUser()
        If the user was a new user in this browser session.
        Returns:
        true, if the user was created
        Since:
        inetcore 4.0
      • isCreationBlocked

        public boolean isCreationBlocked()
        If the user exists in the login processor but not in the local user manager and creation is not supported.
        Returns:
        true, if creation was blocked
        Since:
        inetcore 23.10
      • unwrap

        public <T> T unwrap​(java.lang.Class<T> clazz)
        Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.
        Type Parameters:
        T - the type of the class modeled by this Class object
        Parameters:
        clazz - A Class defining an interface that the result must implement.
        Returns:
        an object that implements the interface. May be a proxy for the actual implementing object.
        Since:
        inetcore 3.2
      • setCurrentForAllThreads

        public static void setCurrentForAllThreads​(LoginProcessor login)
        Set the LoginProcessor from the designer.
        Parameters:
        login - - the LoginProcessor
        Since:
        inetcore 4.0
      • setCurrent

        public static void setCurrent​(LoginProcessor login)
        Sets the specified LoginProcessor as the info for the current request session/thread.
        Parameters:
        login - the LoginProcessor for the current thread or null to remove it
        Since:
        inetcore 4.0
      • setCurrent

        public static void setCurrent​(@Nonnull
                                      com.inet.thread.BaseRunnableSession session,
                                      LoginProcessor login)
        FOR INTERNAL USE ONLY Sets the specified LoginProcessor in the session.
        Parameters:
        session - the runnable session
        login - the LoginProcessor
        Since:
        21.4
      • destroyCurrent

        public static void destroyCurrent()
        Remove current LoginProcessor from current thread. This does not destroy it in the request session. Asynchron threads have continue access.
        Since:
        inetcore 4.0
      • getCurrent

        @Nullable
        public static LoginProcessor getCurrent()
        Get the login processor for the current request session/thread.
        Returns:
        a LoginProcessor or null
        Since:
        inetcore 4.0
      • isSameAccount

        public boolean isSameAccount​(@Nonnull
                                     java.lang.String loginID,
                                     @Nullable
                                     char[] passwordChars,
                                     com.inet.usersandgroups.api.user.LoginSettings login)
        Check if the given LoginSettings match this LoginProcessor settings. It does not check it with a login user.
        Parameters:
        loginID - the login ID to check
        passwordChars - optional password characters to validate
        login - login settings from UserManager
        Returns:
        true, if it match
        Since:
        inetcore 4.0