Package org.apache.archiva.redback.policy

Interface UserSecurityPolicy

All Known Implementing Classes:

DefaultUserSecurityPolicy

public interface UserSecurityPolicy

User Security Policy Settings. TODO roll password management into it's own object.

Method Summary

Modifier and Type	Method	Description
void	addPasswordRule(PasswordRule rule)	Add a Specific Rule to the Password Rules List.
void	extensionChangePassword(User user)	Extension Point - Change the password of a user.
void	extensionChangePassword(User user, boolean passwordChangeRequired)
void	extensionExcessiveLoginAttempts(User user)	Extension Point - Test if user has excessive logins
void	extensionPasswordExpiration(User user)	Extension Point - Test User for Password Expiration.
String	getId()	Get identifying string for the User Security Policy implementation.
int	getLoginAttemptCount()	Gets the count of login attempts to allow.
PasswordEncoder	getPasswordEncoder()	Gets the password encoder to use.
int	getPasswordExpirationDays()	Gets the policy of how long a password will be valid until it expires.
List<PasswordRule>	getPasswordRules()	Get the Password Rules List.
int	getPreviousPasswordsCount()	Gets the count of Previous Passwords that should be tracked.
CookieSettings	getRememberMeCookieSettings()	Get the Remember Me Settings.
CookieSettings	getSignonCookieSettings()	Get the Single Sign On Settings.
List<String>	getUnlockableAccounts()	Gets a list of accounts which should never be locked by security policy
UserValidationSettings	getUserValidationSettings()	Get the Validation Settings.
boolean	isEnabled()	Determines if the policies are enabled or not.
void	setEnabled(boolean enabled)	Enable the policies or not.
void	setLoginAttemptCount(int count)	Sets the count of login attempts to allow.
void	setPasswordExpirationDays(int passwordExpiry)	Sets the policy of how long a password will be valid until it expires.
void	setPasswordRules(List<PasswordRule> rules)	Set the Password Rules List.
void	setPreviousPasswordsCount(int count)	Sets the count of previous passwords that should be tracked.
void	setUnlockableAccounts(List<String> unlockableAccounts)	Sets a list of accounts which should never be locked by security policy
void	setUserValidationSettings(UserValidationSettings settings)	Set the Validation Settings.
void	validatePassword(User user)	Validate the incoming User.getPassword() against the specified PasswordRules.

Method Detail

getId

String getId()

Get identifying string for the User Security Policy implementation.

Returns:

the id for the security policy implementation.

getPasswordEncoder

PasswordEncoder getPasswordEncoder()

Gets the password encoder to use.

Returns:

the PasswordEncoder implementation to use.

addPasswordRule

void addPasswordRule(PasswordRule rule)

Add a Specific Rule to the Password Rules List.

Parameters:

rule - the rule to add.

getPasswordRules

List<PasswordRule> getPasswordRules()

Get the Password Rules List.

Returns:

the list of PasswordRule objects.

setPasswordRules

void setPasswordRules(List<PasswordRule> rules)

Set the Password Rules List.

Parameters:

rules - the list of PasswordRule objects.

getPreviousPasswordsCount

int getPreviousPasswordsCount()

Gets the count of Previous Passwords that should be tracked.

Returns:

the count of previous passwords to track.

setPreviousPasswordsCount

void setPreviousPasswordsCount(int count)

Sets the count of previous passwords that should be tracked.

Parameters:

count - the count of previous passwords to track.

getLoginAttemptCount

int getLoginAttemptCount()

Gets the count of login attempts to allow.

Returns:

the count of login attempts to allow.

setLoginAttemptCount

void setLoginAttemptCount(int count)

Sets the count of login attempts to allow.

Parameters:

count - the count of login attempts to allow.

getUserValidationSettings

UserValidationSettings getUserValidationSettings()

Get the Validation Settings.

Returns:

the validation settings.

setUserValidationSettings

void setUserValidationSettings(UserValidationSettings settings)

Set the Validation Settings.

Parameters:

settings - the settings.

getSignonCookieSettings

CookieSettings getSignonCookieSettings()

Get the Single Sign On Settings.

Returns:

the single sign on settings.

getRememberMeCookieSettings

CookieSettings getRememberMeCookieSettings()

Get the Remember Me Settings.

Returns:

the remember me settings.

setEnabled

void setEnabled(boolean enabled)

Enable the policies or not. Useful in code when application startup or application init is being performed.

Parameters:

enabled - true if enabled.

isEnabled

boolean isEnabled()

Determines if the policies are enabled or not.

Returns:

true if enabled.

setPasswordExpirationDays

void setPasswordExpirationDays(int passwordExpiry)

Sets the policy of how long a password will be valid until it expires.

Parameters:

passwordExpiry - the number of days until a password expires. (or -1 to disable)

getPasswordExpirationDays

int getPasswordExpirationDays()

Gets the policy of how long a password will be valid until it expires.

Returns:

the number of days until a password expires. (or -1 for disabled)

getUnlockableAccounts

List<String> getUnlockableAccounts()

Gets a list of accounts which should never be locked by security policy

Returns:

accounts that should never be locked

setUnlockableAccounts

void setUnlockableAccounts(List<String> unlockableAccounts)

Sets a list of accounts which should never be locked by security policy

Parameters:

unlockableAccounts -

extensionChangePassword

void extensionChangePassword(User user)
                      throws PasswordRuleViolationException

Extension Point - Change the password of a user. This method does not check if a user is allowed to change his/her password. Any kind of authorization checks for password change allowed on guest or anonymous users needs to occur before calling this method. This method does not persist the newly changed user password. That will require a call to UserManager.updateUser(User).

Parameters:

user - the user password to validate, remember, and encode.

Throws:

PasswordRuleViolationException - if the new password violates the password rules

extensionChangePassword

void extensionChangePassword(User user,
                             boolean passwordChangeRequired)
                      throws PasswordRuleViolationException

Throws:

PasswordRuleViolationException

extensionPasswordExpiration

void extensionPasswordExpiration(User user)
                          throws MustChangePasswordException

Extension Point - Test User for Password Expiration.

Parameters:

user - the user to test password expiration against.

Throws:

MustChangePasswordException - if the password has expired

extensionExcessiveLoginAttempts

void extensionExcessiveLoginAttempts(User user)
                              throws AccountLockedException

Extension Point - Test if user has excessive logins

Parameters:

user - the user to test excessive logins against.

Throws:

AccountLockedException - if the number of logins was exceeded

validatePassword

void validatePassword(User user)
               throws PasswordRuleViolationException

Validate the incoming User.getPassword() against the specified PasswordRules.

Parameters:

user - the user to validate.

Throws:

PasswordRuleViolationException - if the password is not valid