ome.security.auth
Class ConfigurablePasswordProvider

java.lang.Object
  extended by ome.security.auth.ConfigurablePasswordProvider
All Implemented Interfaces:
PasswordProvider, PasswordUtility
Direct Known Subclasses:
FilePasswordProvider, JdbcPasswordProvider, LdapPasswordProvider

public abstract class ConfigurablePasswordProvider
extends Object
implements PasswordProvider, PasswordUtility

Base class for most PasswordProvider implementations, providing configuration for default behaviors. There is no need for a subclass to use this implementation.

Since:
4.0
Author:
Josh Moore, josh at glencoesoftware.com
See Also:
SecuritySystem, Permissions

Field Summary
protected  String hash
          Hash implementation to use for encoding passwords to check and changed passwords.
protected  boolean ignoreUnknown
          If true, this implementation should return a null on checkPassword(String, String) if the user is unknown, otherwise a Boolean.FALSE.
protected  org.apache.commons.logging.Log log
           
protected  PasswordUtil util
           
 
Constructor Summary
ConfigurablePasswordProvider(PasswordUtil util)
           
ConfigurablePasswordProvider(PasswordUtil util, boolean ignoreUnknown)
           
 
Method Summary
 void changePassword(String user, String password)
          Throws by default.
 Boolean checkPassword(String user, String password)
          If ignoreUnknown is true, returns null, since the base class knows no users.
 Boolean comparePasswords(String trusted, String provided)
          Compares the password provided by the user (unhashed) against the given trusted password.
 String encodePassword(String newPassword)
          Encodes the password as it would be encoded for a check by comparePasswords(String, String)
 boolean hasPassword(String user)
          Always returns false, override with specific logic.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

protected final org.apache.commons.logging.Log log

hash

protected final String hash
Hash implementation to use for encoding passwords to check and changed passwords. Default value: MD5 (For the moment, the only supported value!)


ignoreUnknown

protected final boolean ignoreUnknown
If true, this implementation should return a null on checkPassword(String, String) if the user is unknown, otherwise a Boolean.FALSE. Default value: false


util

protected final PasswordUtil util
Constructor Detail

ConfigurablePasswordProvider

public ConfigurablePasswordProvider(PasswordUtil util)

ConfigurablePasswordProvider

public ConfigurablePasswordProvider(PasswordUtil util,
                                    boolean ignoreUnknown)
Method Detail

hasPassword

public boolean hasPassword(String user)
Always returns false, override with specific logic.

Specified by:
hasPassword in interface PasswordProvider

checkPassword

public Boolean checkPassword(String user,
                             String password)
If ignoreUnknown is true, returns null, since the base class knows no users. Otherwise, return Boolean.FALSE specifying that authentication should fail.

Specified by:
checkPassword in interface PasswordProvider

changePassword

public void changePassword(String user,
                           String password)
                    throws PasswordChangeException
Throws by default.

Specified by:
changePassword in interface PasswordProvider
Throws:
PasswordChangeException

encodePassword

public String encodePassword(String newPassword)
Encodes the password as it would be encoded for a check by comparePasswords(String, String)

Specified by:
encodePassword in interface PasswordUtility

comparePasswords

public Boolean comparePasswords(String trusted,
                                String provided)
Compares the password provided by the user (unhashed) against the given trusted password. In general, if the trusted password is null, return Boolean.FALSE. If the trusted password is empty (only whitespace), return Boolean.TRUE. Otherwise return the results of String.equals(Object).

Specified by:
comparePasswords in interface PasswordUtility


OmeroJava Api

Version: Beta-4.2.0-r7571-b29

Copyright © 2009 The University of Dundee. All Rights Reserved.