Class DefaultUserSecurityPolicy
- java.lang.Object
-
- org.apache.archiva.redback.policy.DefaultUserSecurityPolicy
-
- All Implemented Interfaces:
UserSecurityPolicy
@Service("userSecurityPolicy") public class DefaultUserSecurityPolicy extends Object implements UserSecurityPolicyUser Security Policy.- Author:
- Joakim Erdfelt
-
-
Constructor Summary
Constructors Constructor Description DefaultUserSecurityPolicy()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddPasswordRule(PasswordRule rule)Add a Specific Rule to the Password Rules List.voidextensionChangePassword(User user)Extension Point - Change the password of a user.voidextensionChangePassword(User user, boolean passwordChangeRequired)voidextensionExcessiveLoginAttempts(User user)Extension Point - Test if user has excessive loginsvoidextensionPasswordExpiration(User user)Extension Point - Test User for Password Expiration.UserConfigurationgetConfig()StringgetId()Get identifying string for the User Security Policy implementation.intgetLoginAttemptCount()Gets the count of login attempts to allow.PasswordEncodergetPasswordEncoder()Get the password encoder to be used for password operationsintgetPasswordExpirationDays()Gets the policy of how long a password will be valid until it expires.List<PasswordRule>getPasswordRules()Get the Password Rules List.intgetPreviousPasswordsCount()Gets the count of Previous Passwords that should be tracked.CookieSettingsgetRememberMeCookieSettings()Get the Remember Me Settings.CookieSettingsgetSignonCookieSettings()Get the Single Sign On Settings.List<String>getUnlockableAccounts()Gets a list of accounts which should never be locked by security policyUserValidationSettingsgetUserValidationSettings()Get the Validation Settings.voidinitialize()booleanisEnabled()Determines if the policies are enabled or not.voidsetConfig(UserConfiguration config)voidsetDefaultPasswordRule(PasswordRule defaultPasswordRule)voidsetEnabled(boolean enabled)Enable the policies or not.voidsetLoginAttemptCount(int count)Sets the count of login attempts to allow.voidsetPasswordEncoder(PasswordEncoder passwordEncoder)voidsetPasswordExpirationDays(int passwordExpiry)Sets the policy of how long a password will be valid until it expires.voidsetPasswordRules(List<PasswordRule> rules)Set the Password Rules List.voidsetPreviousPasswordsCount(int count)Sets the count of previous passwords that should be tracked.voidsetRememberMeCookieSettings(CookieSettings rememberMeCookieSettings)voidsetRules(List<PasswordRule> rules)voidsetSignonCookieSettings(CookieSettings signonCookieSettings)voidsetUnlockableAccounts(List<String> unlockableAccounts)Sets a list of accounts which should never be locked by security policyvoidsetUserValidationSettings(UserValidationSettings settings)Set the Validation Settings.voidvalidatePassword(User user)Validate the incomingUser.getPassword()against the specified PasswordRules.
-
-
-
Constructor Detail
-
DefaultUserSecurityPolicy
public DefaultUserSecurityPolicy()
-
-
Method Detail
-
initialize
@PostConstruct public void initialize()
-
getId
public String getId()
Description copied from interface:UserSecurityPolicyGet identifying string for the User Security Policy implementation.- Specified by:
getIdin interfaceUserSecurityPolicy- Returns:
- the id for the security policy implementation.
-
getPreviousPasswordsCount
public int getPreviousPasswordsCount()
Description copied from interface:UserSecurityPolicyGets the count of Previous Passwords that should be tracked.- Specified by:
getPreviousPasswordsCountin interfaceUserSecurityPolicy- Returns:
- the count of previous passwords to track.
-
getUnlockableAccounts
public List<String> getUnlockableAccounts()
Description copied from interface:UserSecurityPolicyGets a list of accounts which should never be locked by security policy- Specified by:
getUnlockableAccountsin interfaceUserSecurityPolicy- Returns:
- accounts that should never be locked
-
setUnlockableAccounts
public void setUnlockableAccounts(List<String> unlockableAccounts)
Sets a list of accounts which should never be locked by security policy- Specified by:
setUnlockableAccountsin interfaceUserSecurityPolicy- Parameters:
unlockableAccounts-
-
setPreviousPasswordsCount
public void setPreviousPasswordsCount(int count)
Sets the count of previous passwords that should be tracked.- Specified by:
setPreviousPasswordsCountin interfaceUserSecurityPolicy- Parameters:
count- the count of previous passwords to track.
-
getLoginAttemptCount
public int getLoginAttemptCount()
Description copied from interface:UserSecurityPolicyGets the count of login attempts to allow.- Specified by:
getLoginAttemptCountin interfaceUserSecurityPolicy- Returns:
- the count of login attempts to allow.
-
setLoginAttemptCount
public void setLoginAttemptCount(int count)
Description copied from interface:UserSecurityPolicySets the count of login attempts to allow.- Specified by:
setLoginAttemptCountin interfaceUserSecurityPolicy- Parameters:
count- the count of login attempts to allow.
-
getPasswordEncoder
public PasswordEncoder getPasswordEncoder()
Get the password encoder to be used for password operations- Specified by:
getPasswordEncoderin interfaceUserSecurityPolicy- Returns:
- the encoder
-
isEnabled
public boolean isEnabled()
Description copied from interface:UserSecurityPolicyDetermines if the policies are enabled or not.- Specified by:
isEnabledin interfaceUserSecurityPolicy- Returns:
- true if enabled.
-
setEnabled
public void setEnabled(boolean enabled)
Description copied from interface:UserSecurityPolicyEnable the policies or not. Useful in code when application startup or application init is being performed.- Specified by:
setEnabledin interfaceUserSecurityPolicy- Parameters:
enabled- true if enabled.
-
addPasswordRule
public void addPasswordRule(PasswordRule rule)
Add a Specific Rule to the Password Rules List.- Specified by:
addPasswordRulein interfaceUserSecurityPolicy- Parameters:
rule- the rule to add.
-
getPasswordRules
public List<PasswordRule> getPasswordRules()
Get the Password Rules List.- Specified by:
getPasswordRulesin interfaceUserSecurityPolicy- Returns:
- the list of
PasswordRuleobjects.
-
setPasswordRules
public void setPasswordRules(List<PasswordRule> rules)
Set the Password Rules List.- Specified by:
setPasswordRulesin interfaceUserSecurityPolicy- Parameters:
rules- the list ofPasswordRuleobjects.
-
extensionPasswordExpiration
public void extensionPasswordExpiration(User user) throws MustChangePasswordException
Description copied from interface:UserSecurityPolicyExtension Point - Test User for Password Expiration.- Specified by:
extensionPasswordExpirationin interfaceUserSecurityPolicy- Parameters:
user- the user to test password expiration against.- Throws:
MustChangePasswordException- if the password has expired
-
extensionExcessiveLoginAttempts
public void extensionExcessiveLoginAttempts(User user) throws AccountLockedException
Description copied from interface:UserSecurityPolicyExtension Point - Test if user has excessive logins- Specified by:
extensionExcessiveLoginAttemptsin interfaceUserSecurityPolicy- Parameters:
user- the user to test excessive logins against.- Throws:
AccountLockedException- if the number of logins was exceeded
-
extensionChangePassword
public void extensionChangePassword(User user) throws PasswordRuleViolationException
Description copied from interface:UserSecurityPolicyExtension Point - Change the password of a user. This method does not check if a user is allowed to change his/her password. Any kind of authorization checks for password change allowed on guest or anonymous users needs to occur before calling this method. This method does not persist the newly changed user password. That will require a call toUserManager.updateUser(User).- Specified by:
extensionChangePasswordin interfaceUserSecurityPolicy- Parameters:
user- the user password to validate, remember, and encode.- Throws:
PasswordRuleViolationException- if the new password violates the password rules
-
extensionChangePassword
public void extensionChangePassword(User user, boolean passwordChangeRequired) throws PasswordRuleViolationException
- Specified by:
extensionChangePasswordin interfaceUserSecurityPolicy- Throws:
PasswordRuleViolationException
-
validatePassword
public void validatePassword(User user) throws PasswordRuleViolationException
Description copied from interface:UserSecurityPolicyValidate the incomingUser.getPassword()against the specified PasswordRules.- Specified by:
validatePasswordin interfaceUserSecurityPolicy- Parameters:
user- the user to validate.- Throws:
PasswordRuleViolationException- if the password is not valid
-
getPasswordExpirationDays
public int getPasswordExpirationDays()
Description copied from interface:UserSecurityPolicyGets the policy of how long a password will be valid until it expires.- Specified by:
getPasswordExpirationDaysin interfaceUserSecurityPolicy- Returns:
- the number of days until a password expires. (or -1 for disabled)
-
setPasswordExpirationDays
public void setPasswordExpirationDays(int passwordExpiry)
Description copied from interface:UserSecurityPolicySets the policy of how long a password will be valid until it expires.- Specified by:
setPasswordExpirationDaysin interfaceUserSecurityPolicy- Parameters:
passwordExpiry- the number of days until a password expires. (or -1 to disable)
-
getUserValidationSettings
public UserValidationSettings getUserValidationSettings()
Description copied from interface:UserSecurityPolicyGet the Validation Settings.- Specified by:
getUserValidationSettingsin interfaceUserSecurityPolicy- Returns:
- the validation settings.
-
setUserValidationSettings
public void setUserValidationSettings(UserValidationSettings settings)
Description copied from interface:UserSecurityPolicySet the Validation Settings.- Specified by:
setUserValidationSettingsin interfaceUserSecurityPolicy- Parameters:
settings- the settings.
-
getRememberMeCookieSettings
public CookieSettings getRememberMeCookieSettings()
Description copied from interface:UserSecurityPolicyGet the Remember Me Settings.- Specified by:
getRememberMeCookieSettingsin interfaceUserSecurityPolicy- Returns:
- the remember me settings.
-
getSignonCookieSettings
public CookieSettings getSignonCookieSettings()
Description copied from interface:UserSecurityPolicyGet the Single Sign On Settings.- Specified by:
getSignonCookieSettingsin interfaceUserSecurityPolicy- Returns:
- the single sign on settings.
-
getConfig
public UserConfiguration getConfig()
-
setConfig
public void setConfig(UserConfiguration config)
-
setPasswordEncoder
public void setPasswordEncoder(PasswordEncoder passwordEncoder)
-
setRememberMeCookieSettings
public void setRememberMeCookieSettings(CookieSettings rememberMeCookieSettings)
-
setSignonCookieSettings
public void setSignonCookieSettings(CookieSettings signonCookieSettings)
-
setRules
public void setRules(List<PasswordRule> rules)
-
setDefaultPasswordRule
public void setDefaultPasswordRule(PasswordRule defaultPasswordRule)
-
-