Package com.inet.authentication
Class LoginProcessor
java.lang.Object
com.inet.authentication.LoginProcessor
- Direct Known Subclasses:
RemoteLoginProcessor
Handle the login handshake for a single user.
- Since:
- inetcore 3.2
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The login source for the guest login.static final @Nonnull com.inet.logging.Logger
The authentication logger.static final String
Attribute that describe if the master button is hidden and not visible to the users.static final String
The login ID for the master login.static final String
The login source for the master login.static final String
The login source for all logins that come from the underlying system.static final String
The login source for the temp login. -
Constructor Summary
ModifierConstructorDescriptionprotected
LoginProcessor
(AuthenticationDescription description) Create a new LoginProcessor -
Method Summary
Modifier and TypeMethodDescription@Nonnull com.inet.usersandgroups.api.user.LoginSettings
createLoginSettings
(String loginID) Create a LoginSettings for the given loginIDprotected @Nonnull com.inet.usersandgroups.api.user.MutableUserData
Create a MutableUserData for creating a new UserAccountstatic void
Remove current LoginProcessor from current thread.@Nullable AuthenticationDescription
Get the AuthenticationDescription for creating this login processor.static @Nullable LoginProcessor
Get the login processor for the current request session/thread.abstract @Nullable String
Returns the user ID of the logged in user, or null if the user is not logged in.abstract @Nonnull String
Get an unique ID for the source of the login.protected @Nullable com.inet.usersandgroups.api.user.UserAccount
getOrCreateUserAccount
(@Nonnull String loginID) Get user account from the user manager or create if not exists.@Nullable com.inet.id.GUID
Get the id of the account or null if not login.@Nonnull UserAccountType
The account type determine some possible features of a user and/or login.protected boolean
If the creation of new login user supported.boolean
If the user exists in the login processor but not in the local user manager and creation is not supported.boolean
If the user was a new user in this browser session.boolean
isSameAccount
(@Nonnull String loginID, char @Nullable [] passwordChars, com.inet.usersandgroups.api.user.LoginSettings login) Check if the given LoginSettings match this LoginProcessor settings.abstract boolean
isWebUserInRole
(String role) Returns true if the current user is member of the given role/group.static void
setCurrent
(@Nonnull com.inet.thread.BaseRunnableSession session, LoginProcessor login) FOR INTERNAL USE ONLY Sets the specifiedLoginProcessor
in the session.static void
setCurrent
(LoginProcessor login) Sets the specifiedLoginProcessor
as the info for the current request session/thread.static void
Set the LoginProcessor from the designer.abstract boolean
Retrieves whether this login processor supports roles/groups.<T> T
Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.
-
Field Details
-
SYSTEM_LOGIN_SOURCE
The login source for all logins that come from the underlying system.- See Also:
-
MASTER_LOGIN_SOURCE
The login source for the master login.- See Also:
-
MASTER_LOGIN_ID
The login ID for the master login.- See Also:
-
MASTER_LOGIN_HIDDEN
Attribute that describe if the master button is hidden and not visible to the users.- See Also:
-
GUEST_LOGIN_SOURCE
The login source for the guest login.- See Also:
-
TEMP_LOGIN_SOURCE
The login source for the temp login.- See Also:
-
LOGGER
@Nonnull public static final @Nonnull com.inet.logging.Logger LOGGERThe authentication logger.
-
-
Constructor Details
-
LoginProcessor
Create a new LoginProcessor- Parameters:
description
- the AuthenticationDescription for creating this login processor- Since:
- inetcore 4.0
-
-
Method Details
-
getAuthenticationDescription
Get the AuthenticationDescription for creating this login processor.- Returns:
- the AuthenticationProvider
- Since:
- inetcore 4.0
-
getUserAccountID
@Nullable public @Nullable com.inet.id.GUID getUserAccountID()Get the id of the account or null if not login. Also zero if a possible two factor is not validated.For the current user use
UserManager.getInstance().getCurrentUserAccountID()
- Returns:
- the id
- Since:
- inetcore 3.2
-
getOrCreateUserAccount
@Nullable protected @Nullable com.inet.usersandgroups.api.user.UserAccount getOrCreateUserAccount(@Nonnull @Nonnull String loginID) Get user account from the user manager or create if not exists. This method does not fire a user login event. IfisCreateUserAccountSupported()
returns false then this can return null.- Parameters:
loginID
- the login ID- Returns:
- the user account
- Throws:
com.inet.http.ClientMessageException
- if there should be displayed a message to the client like a deactivated user- Since:
- inetcore 3.2
-
createLoginSettings
@Nonnull public @Nonnull com.inet.usersandgroups.api.user.LoginSettings createLoginSettings(String loginID) Create a LoginSettings for the given loginID- Parameters:
loginID
- the current ID- Returns:
- the login
- Since:
- inetcore 4.0
-
isCreateUserAccountSupported
protected boolean isCreateUserAccountSupported()If the creation of new login user supported. This can be disabled with a configuration setting or if the LoginSettings need additional data.- Returns:
- if automatic login creation is supported
- Since:
- inetcore 3.2
-
createNewUserData
@Nonnull protected @Nonnull com.inet.usersandgroups.api.user.MutableUserData createNewUserData()Create a MutableUserData for creating a new UserAccount- Returns:
- the user data
- Since:
- 23.4
-
getLoginSource
Get an unique ID for the source of the login. This is important if more as one authentication provider is used. Two login with the same login ID but a different login source are different logins.- Returns:
- the login source. Can not be null or empty after trim.
- Since:
- inetcore 3.2
-
getLoginID
Returns the user ID of the logged in user, or null if the user is not logged in.A non null login ID means that the user is login in the underlying login system. For example into LDAP. This means not that the user is logged into this software. Check
UserManager.getInstance().getCurrentUserAccountID()
if there is a current user. Caused for the discrepancy can be two factor authentication, a deactivate user or disabled creating of new users. This can be username, email address or any other type of ID that is unique to the current login source. Login IDs should be treated in a case-insensitive way.- Returns:
- the login ID
- Since:
- inetcore 3.2
-
getUserAccountType
The account type determine some possible features of a user and/or login.- Returns:
- the user account type
- Since:
- inetcore 3.2
-
supportsRoles
public abstract boolean supportsRoles()Retrieves whether this login processor supports roles/groups. If not supported then the roles of the user will not be updated on login with this login processor.- Returns:
true
if so;false
otherwise- Since:
- 24.4
-
isWebUserInRole
Returns true if the current user is member of the given role/group.- Parameters:
role
- - Role of web user- Returns:
- true if this user has this role
- Since:
- inetcore 3.2
-
isNewUser
public boolean isNewUser()If the user was a new user in this browser session.- Returns:
- true, if the user was created
- Since:
- inetcore 4.0
-
isCreationBlocked
public boolean isCreationBlocked()If the user exists in the login processor but not in the local user manager and creation is not supported.- Returns:
- true, if creation was blocked
- Since:
- inetcore 23.10
-
unwrap
Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.- Type Parameters:
T
- the type of the class modeled by this Class object- Parameters:
clazz
- A Class defining an interface that the result must implement.- Returns:
- an object that implements the interface. May be a proxy for the actual implementing object.
- Since:
- inetcore 3.2
-
setCurrentForAllThreads
Set the LoginProcessor from the designer.- Parameters:
login
- - the LoginProcessor- Since:
- inetcore 4.0
-
setCurrent
Sets the specifiedLoginProcessor
as the info for the current request session/thread.- Parameters:
login
- theLoginProcessor
for the current thread or null to remove it- Since:
- inetcore 4.0
-
setCurrent
public static void setCurrent(@Nonnull @Nonnull com.inet.thread.BaseRunnableSession session, LoginProcessor login) FOR INTERNAL USE ONLY Sets the specifiedLoginProcessor
in the session.- Parameters:
session
- the runnable sessionlogin
- theLoginProcessor
- Since:
- 21.4
-
destroyCurrent
public static void destroyCurrent()Remove current LoginProcessor from current thread. This does not destroy it in the request session. Asynchron threads have continue access.- Since:
- inetcore 4.0
-
getCurrent
Get the login processor for the current request session/thread.- Returns:
- a LoginProcessor or null
- Since:
- inetcore 4.0
-
isSameAccount
public boolean isSameAccount(@Nonnull @Nonnull String loginID, char @Nullable [] passwordChars, com.inet.usersandgroups.api.user.LoginSettings login) Check if the given LoginSettings match this LoginProcessor settings. It does not check it with a login user.- Parameters:
loginID
- the login ID to checkpasswordChars
- optional password characters to validatelogin
- login settings from UserManager- Returns:
- true, if it match
- Since:
- inetcore 4.0
-