Class LoginProcessor

java.lang.Object
com.inet.authentication.LoginProcessor
Direct Known Subclasses:
RemoteLoginProcessor

public abstract class LoginProcessor extends Object
Handle the login handshake for a single user.
Since:
inetcore 3.2
  • Field Details

    • SYSTEM_LOGIN_SOURCE

      public static final String SYSTEM_LOGIN_SOURCE
      The login source for all logins that come from the underlying system.
      See Also:
    • MASTER_LOGIN_SOURCE

      public static final String MASTER_LOGIN_SOURCE
      The login source for the master login.
      See Also:
    • MASTER_LOGIN_ID

      public static final String MASTER_LOGIN_ID
      The login ID for the master login.
      See Also:
    • MASTER_LOGIN_HIDDEN

      public static final String MASTER_LOGIN_HIDDEN
      Attribute that describe if the master button is hidden and not visible to the users.
      See Also:
    • GUEST_LOGIN_SOURCE

      public static final String GUEST_LOGIN_SOURCE
      The login source for the guest login.
      See Also:
    • TEMP_LOGIN_SOURCE

      public static final String TEMP_LOGIN_SOURCE
      The login source for the temp login.
      See Also:
    • LOGGER

      @Nonnull public static final @Nonnull com.inet.logging.Logger LOGGER
      The authentication logger.
  • Constructor Details

    • LoginProcessor

      protected LoginProcessor(AuthenticationDescription description)
      Create a new LoginProcessor
      Parameters:
      description - the AuthenticationDescription for creating this login processor
      Since:
      inetcore 4.0
  • Method Details

    • getAuthenticationDescription

      @Nullable public @Nullable AuthenticationDescription getAuthenticationDescription()
      Get the AuthenticationDescription for creating this login processor.
      Returns:
      the AuthenticationProvider
      Since:
      inetcore 4.0
    • getUserAccountID

      @Nullable public @Nullable com.inet.id.GUID getUserAccountID()
      Get the id of the account or null if not login. Also zero if a possible two factor is not validated.

      For the current user use UserManager.getInstance().getCurrentUserAccountID()

      Returns:
      the id
      Since:
      inetcore 3.2
    • getOrCreateUserAccount

      @Nullable protected @Nullable com.inet.usersandgroups.api.user.UserAccount getOrCreateUserAccount(@Nonnull @Nonnull String loginID)
      Get user account from the user manager or create if not exists. This method does not fire a user login event. If isCreateUserAccountSupported() returns false then this can return null.
      Parameters:
      loginID - the login ID
      Returns:
      the user account
      Throws:
      com.inet.http.ClientMessageException - if there should be displayed a message to the client like a deactivated user
      Since:
      inetcore 3.2
    • createLoginSettings

      @Nonnull public @Nonnull com.inet.usersandgroups.api.user.LoginSettings createLoginSettings(String loginID)
      Create a LoginSettings for the given loginID
      Parameters:
      loginID - the current ID
      Returns:
      the login
      Since:
      inetcore 4.0
    • isCreateUserAccountSupported

      protected boolean isCreateUserAccountSupported()
      If the creation of new login user supported. This can be disabled with a configuration setting or if the LoginSettings need additional data.
      Returns:
      if automatic login creation is supported
      Since:
      inetcore 3.2
    • createNewUserData

      @Nonnull protected @Nonnull com.inet.usersandgroups.api.user.MutableUserData createNewUserData()
      Create a MutableUserData for creating a new UserAccount
      Returns:
      the user data
      Since:
      23.4
    • getLoginSource

      @Nonnull public abstract @Nonnull String getLoginSource()
      Get an unique ID for the source of the login. This is important if more as one authentication provider is used. Two login with the same login ID but a different login source are different logins.
      Returns:
      the login source. Can not be null or empty after trim.
      Since:
      inetcore 3.2
    • getLoginID

      @Nullable public abstract @Nullable String getLoginID()
      Returns the user ID of the logged in user, or null if the user is not logged in.

      A non null login ID means that the user is login in the underlying login system. For example into LDAP. This means not that the user is logged into this software. Check UserManager.getInstance().getCurrentUserAccountID() if there is a current user. Caused for the discrepancy can be two factor authentication, a deactivate user or disabled creating of new users. This can be username, email address or any other type of ID that is unique to the current login source. Login IDs should be treated in a case-insensitive way.

      Returns:
      the login ID
      Since:
      inetcore 3.2
    • getUserAccountType

      @Nonnull public @Nonnull UserAccountType getUserAccountType()
      The account type determine some possible features of a user and/or login.
      Returns:
      the user account type
      Since:
      inetcore 3.2
    • supportsRoles

      public abstract boolean supportsRoles()
      Retrieves whether this login processor supports roles/groups. If not supported then the roles of the user will not be updated on login with this login processor.
      Returns:
      true if so; false otherwise
      Since:
      24.4
    • isWebUserInRole

      public abstract boolean isWebUserInRole(String role)
      Returns true if the current user is member of the given role/group.
      Parameters:
      role - - Role of web user
      Returns:
      true if this user has this role
      Since:
      inetcore 3.2
    • isNewUser

      public boolean isNewUser()
      If the user was a new user in this browser session.
      Returns:
      true, if the user was created
      Since:
      inetcore 4.0
    • isCreationBlocked

      public boolean isCreationBlocked()
      If the user exists in the login processor but not in the local user manager and creation is not supported.
      Returns:
      true, if creation was blocked
      Since:
      inetcore 23.10
    • unwrap

      public <T> T unwrap(Class<T> clazz)
      Returns an object that implements the given interface to allow access to non-standard methods, or standard methods not exposed by the proxy.
      Type Parameters:
      T - the type of the class modeled by this Class object
      Parameters:
      clazz - A Class defining an interface that the result must implement.
      Returns:
      an object that implements the interface. May be a proxy for the actual implementing object.
      Since:
      inetcore 3.2
    • setCurrentForAllThreads

      public static void setCurrentForAllThreads(LoginProcessor login)
      Set the LoginProcessor from the designer.
      Parameters:
      login - - the LoginProcessor
      Since:
      inetcore 4.0
    • setCurrent

      public static void setCurrent(LoginProcessor login)
      Sets the specified LoginProcessor as the info for the current request session/thread.
      Parameters:
      login - the LoginProcessor for the current thread or null to remove it
      Since:
      inetcore 4.0
    • setCurrent

      public static void setCurrent(@Nonnull @Nonnull com.inet.thread.BaseRunnableSession session, LoginProcessor login)
      FOR INTERNAL USE ONLY Sets the specified LoginProcessor in the session.
      Parameters:
      session - the runnable session
      login - the LoginProcessor
      Since:
      21.4
    • destroyCurrent

      public static void destroyCurrent()
      Remove current LoginProcessor from current thread. This does not destroy it in the request session. Asynchron threads have continue access.
      Since:
      inetcore 4.0
    • getCurrent

      @Nullable public static @Nullable LoginProcessor getCurrent()
      Get the login processor for the current request session/thread.
      Returns:
      a LoginProcessor or null
      Since:
      inetcore 4.0
    • isSameAccount

      public boolean isSameAccount(@Nonnull @Nonnull String loginID, char @Nullable [] passwordChars, com.inet.usersandgroups.api.user.LoginSettings login)
      Check if the given LoginSettings match this LoginProcessor settings. It does not check it with a login user.
      Parameters:
      loginID - the login ID to check
      passwordChars - optional password characters to validate
      login - login settings from UserManager
      Returns:
      true, if it match
      Since:
      inetcore 4.0