|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jetspeed.security.spi.impl.AbstractInternalPasswordCredentialInterceptorImpl
org.apache.jetspeed.security.spi.impl.PasswordExpirationInterceptor
Enforces a maximum lifespan for a password credential.
Whenon authentication
a password its expiration date is reached, its expired flag is set.
The DefaultCredentialHandler
then will fail the authentication and subsequent authentications
will fail immediately.
To ensure proper expiration handling, an empty (null) expiration date will be automatically
filled in when the credential is loaded from the persistent store using the configured
max lifespan in days.
When a password credential is created
or a password is updated
a new future expiration date is calculated.
An existing or already provided higher expiration date will be preserved though.
This allows to (pre)set a (very) high expiration date, like with InternalCredential.MAX_DATE
,
for credentials which shouldn't expire.
Field Summary | |
private long |
maxLifeSpanInMillis
|
Constructor Summary | |
PasswordExpirationInterceptor(int maxLifeSpanInDays)
|
Method Summary | |
boolean |
afterAuthenticated(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
String userName,
org.apache.jetspeed.security.om.InternalCredential credential,
boolean authenticated)
Invoked during authentication after the provided password is compared against the one retrieved from the InternalCredential. |
boolean |
afterLoad(PasswordCredentialProvider pcProvider,
String userName,
org.apache.jetspeed.security.om.InternalCredential credential)
Invoked after a password credential is loaded from the persistent store. |
void |
beforeCreate(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
Collection credentials,
String userName,
org.apache.jetspeed.security.om.InternalCredential credential,
String password)
Calculates and sets the default expiration date and the expired flag to false |
void |
beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
Collection credentials,
String userName,
org.apache.jetspeed.security.om.InternalCredential credential,
String password,
boolean authenticated)
Sets a new expiration date if a higher expiration date isn't set already and resets the expired flag |
protected void |
setExpiration(org.apache.jetspeed.security.om.InternalCredential credential)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
private long maxLifeSpanInMillis
Constructor Detail |
public PasswordExpirationInterceptor(int maxLifeSpanInDays)
maxLifeSpanInDays
- default lifespan of password credentials in daysMethod Detail |
public boolean afterAuthenticated(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, String userName, org.apache.jetspeed.security.om.InternalCredential credential, boolean authenticated) throws org.apache.jetspeed.security.SecurityException
InternalPasswordCredentialInterceptor
Invoked during authentication after the provided password is compared against the one retrieved from the InternalCredential.
If true is returned, the credential is expected to be updated and its enabled
and expired
flags will checked if the credential is (still) valid.
Note: the enabled and expired flags are only checked if this method returns true.
A thrown SecurityException will be passed on to the authentication requestor.
afterAuthenticated
in interface InternalPasswordCredentialInterceptor
afterAuthenticated
in class AbstractInternalPasswordCredentialInterceptorImpl
org.apache.jetspeed.security.SecurityException
InternalPasswordCredentialInterceptor.afterAuthenticated(org.apache.jetspeed.security.om.InternalUserPrincipal, java.lang.String, org.apache.jetspeed.security.om.InternalCredential, boolean)
public boolean afterLoad(PasswordCredentialProvider pcProvider, String userName, org.apache.jetspeed.security.om.InternalCredential credential) throws org.apache.jetspeed.security.SecurityException
InternalPasswordCredentialInterceptor
Invoked after a password credential is loaded from the persistent store.
If true is returned the credential is expected to be updated and its changes will be stored again.
A thrown SecurityException will be logged as an error and result in the credential to be ignored as if not existing (like for authentication).
afterLoad
in interface InternalPasswordCredentialInterceptor
afterLoad
in class AbstractInternalPasswordCredentialInterceptorImpl
org.apache.jetspeed.security.SecurityException
InternalPasswordCredentialInterceptor.afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider, java.lang.String, org.apache.jetspeed.security.om.InternalCredential)
public void beforeCreate(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, Collection credentials, String userName, org.apache.jetspeed.security.om.InternalCredential credential, String password) throws org.apache.jetspeed.security.SecurityException
beforeCreate
in interface InternalPasswordCredentialInterceptor
beforeCreate
in class AbstractInternalPasswordCredentialInterceptorImpl
org.apache.jetspeed.security.SecurityException
InternalPasswordCredentialInterceptor.beforeCreate(org.apache.jetspeed.security.om.InternalUserPrincipal, java.util.Collection, java.lang.String, InternalCredential, java.lang.String)
public void beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, Collection credentials, String userName, org.apache.jetspeed.security.om.InternalCredential credential, String password, boolean authenticated) throws org.apache.jetspeed.security.SecurityException
beforeSetPassword
in interface InternalPasswordCredentialInterceptor
beforeSetPassword
in class AbstractInternalPasswordCredentialInterceptorImpl
org.apache.jetspeed.security.SecurityException
InternalPasswordCredentialInterceptor.beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal, java.util.Collection, java.lang.String, org.apache.jetspeed.security.om.InternalCredential, java.lang.String, boolean)
protected void setExpiration(org.apache.jetspeed.security.om.InternalCredential credential)
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |