Class DefaultSecuritySystem
- java.lang.Object
-
- org.apache.archiva.redback.system.DefaultSecuritySystem
-
- All Implemented Interfaces:
SecuritySystem
@Service("securitySystem") public class DefaultSecuritySystem extends Object implements SecuritySystem
DefaultSecuritySystem:
-
-
Constructor Summary
Constructors Constructor Description DefaultSecuritySystem()
-
Method Summary
-
-
-
Constructor Detail
-
DefaultSecuritySystem
public DefaultSecuritySystem()
-
-
Method Detail
-
authenticate
public SecuritySession authenticate(AuthenticationDataSource source) throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException, UserManagerException
delegate to the authentication system for boolean authentication checks, if the result is authentic then pull the user object from the user manager and add it to the session. If the result is false return the result in an authenticated session and a null user object. in the event of a successful authentication and a lack of corresponding user in the usermanager return a null user as well //todo should this last case create a user in the usermanager?- Specified by:
authenticate
in interfaceSecuritySystem
- Parameters:
source
-- Returns:
- Throws:
AuthenticationException
UserNotFoundException
MustChangePasswordException
AccountLockedException
MustChangePasswordException
UserManagerException
-
isAuthenticated
public boolean isAuthenticated(AuthenticationDataSource source) throws AuthenticationException, UserNotFoundException, AccountLockedException, MustChangePasswordException, UserManagerException
- Specified by:
isAuthenticated
in interfaceSecuritySystem
- Throws:
AuthenticationException
UserNotFoundException
AccountLockedException
MustChangePasswordException
UserManagerException
-
getAuthenticatorId
public String getAuthenticatorId()
-
authorize
public AuthorizationResult authorize(SecuritySession session, String permission) throws AuthorizationException
- Specified by:
authorize
in interfaceSecuritySystem
- Throws:
AuthorizationException
-
authorize
public AuthorizationResult authorize(SecuritySession session, String permission, String resource) throws AuthorizationException
Description copied from interface:SecuritySystem
return AuthorizationResult without changing authorization- Specified by:
authorize
in interfaceSecuritySystem
- Returns:
- Throws:
AuthorizationException
-
authorize
public AuthorizationResult authorize(User user, String permission, String resource) throws AuthorizationException
- Specified by:
authorize
in interfaceSecuritySystem
- Returns:
- Throws:
AuthorizationException
-
isAuthorized
public boolean isAuthorized(SecuritySession session, String permission) throws AuthorizationException
- Specified by:
isAuthorized
in interfaceSecuritySystem
- Throws:
AuthorizationException
-
isAuthorized
public boolean isAuthorized(SecuritySession session, String permission, String resource) throws AuthorizationException
- Specified by:
isAuthorized
in interfaceSecuritySystem
- Throws:
AuthorizationException
-
getAuthorizerId
public String getAuthorizerId()
-
getUserManager
public UserManager getUserManager()
- Specified by:
getUserManager
in interfaceSecuritySystem
-
getUserManagementId
public String getUserManagementId()
-
getKeyManager
public KeyManager getKeyManager()
- Specified by:
getKeyManager
in interfaceSecuritySystem
-
getKeyManagementId
public String getKeyManagementId()
-
getPolicy
public UserSecurityPolicy getPolicy()
- Specified by:
getPolicy
in interfaceSecuritySystem
-
getPolicyId
public String getPolicyId()
-
getAuthenticationManager
public AuthenticationManager getAuthenticationManager()
-
getAuthorizer
public Authorizer getAuthorizer()
-
getAuthnManager
public AuthenticationManager getAuthnManager()
-
setAuthnManager
public void setAuthnManager(AuthenticationManager authnManager)
-
setAuthorizer
public void setAuthorizer(Authorizer authorizer)
-
setUserManager
public void setUserManager(UserManager userManager)
-
setKeyManager
public void setKeyManager(KeyManager keyManager)
-
setPolicy
public void setPolicy(UserSecurityPolicy policy)
-
userManagerReadOnly
public boolean userManagerReadOnly()
- Specified by:
userManagerReadOnly
in interfaceSecuritySystem
- Returns:
- is it possible to modify user datas (some userManager cannot i.e ldap)
-
getTokenManager
public TokenManager getTokenManager()
Description copied from interface:SecuritySystem
Returns the token manager implementation.- Specified by:
getTokenManager
in interfaceSecuritySystem
-
setTokenManager
public void setTokenManager(TokenManager tokenManager)
-
-