org.apache.jetspeed.security.spi
Interface CredentialHandler

All Known Subinterfaces:
AuthenticationProviderProxy
All Known Implementing Classes:
AuthenticationProviderProxyImpl, DefaultCredentialHandler, LdapCredentialHandler

public interface CredentialHandler

This interface encapsulates the handling of security credentials.

This provides a central placeholder for changing the mapping of user credentials. The default implementation only supports PasswordCredential

A security implementation wanting to map additional credentials should do so here.

Author:
David Le Strat

Method Summary
 boolean authenticate(String userName, String password)
           Authenticate a user.
 Set getPrivateCredentials(String username)
           Gets the private credentials for the user.
 Set getPublicCredentials(String username)
           Gets the public credentials for the user.
 void setPassword(String userName, String oldPassword, String newPassword)
           Adds or updates a private password credential.
If oldPassword is not null, the oldPassword will first be checked (authenticated).
 void setPasswordEnabled(String userName, boolean enabled)
           Set the enabled state of the user password credential.
 void setPasswordExpiration(String userName, Date expirationDate)
           Set the expiration date and the expired flag of the password credential.
 void setPasswordUpdateRequired(String userName, boolean updateRequired)
           Set the update required state of the user password credential.
 

Method Detail

getPublicCredentials

public Set getPublicCredentials(String username)

Gets the public credentials for the user.

Parameters:
username - The username.
Returns:
The set of public credentials.

getPrivateCredentials

public Set getPrivateCredentials(String username)

Gets the private credentials for the user.

Parameters:
username - The username.
Returns:
The set of private credentials.

setPassword

public void setPassword(String userName,
                        String oldPassword,
                        String newPassword)
                 throws org.apache.jetspeed.security.SecurityException

Adds or updates a private password credential.
If oldPassword is not null, the oldPassword will first be checked (authenticated).

Parameters:
oldPassword - The old password.
newPassword - The new password.
Throws:
org.apache.jetspeed.security.SecurityException - Throws a SecurityException.

setPasswordUpdateRequired

public void setPasswordUpdateRequired(String userName,
                                      boolean updateRequired)
                               throws org.apache.jetspeed.security.SecurityException

Set the update required state of the user password credential.

Parameters:
userName - The user name.
updateRequired - The update required state.
Throws:
Throws - a security exception.
org.apache.jetspeed.security.SecurityException

setPasswordEnabled

public void setPasswordEnabled(String userName,
                               boolean enabled)
                        throws org.apache.jetspeed.security.SecurityException

Set the enabled state of the user password credential.

Parameters:
userName - The user name.
enabled - The enabled state.
Throws:
Throws - a security exception.
org.apache.jetspeed.security.SecurityException

setPasswordExpiration

public void setPasswordExpiration(String userName,
                                  Date expirationDate)
                           throws org.apache.jetspeed.security.SecurityException

Set the expiration date and the expired flag of the password credential.

If a date equal or before the current date is provided, the expired flag will be set to true, otherwise to false.

Parameters:
userName - The user name.
expirationDate - The expiration date to set.
Throws:
Throws - a security exception.
org.apache.jetspeed.security.SecurityException

authenticate

public boolean authenticate(String userName,
                            String password)
                     throws org.apache.jetspeed.security.SecurityException

Authenticate a user.

Parameters:
userName - The user name.
password - The user password.
Returns:
Whether or not a user is authenticated.
Throws:
org.apache.jetspeed.security.SecurityException


Copyright © 1999-2005 Apache Software Foundation. All Rights Reserved.