public abstract class ConfigurablePasswordProvider extends Object implements PasswordProvider, PasswordUtility, ApplicationContextAware
PasswordProvider implementations, providing
 configuration for default behaviors. There is no need for a subclass to
 use this implementation.SecuritySystem, 
Permissions| Modifier and Type | Field and Description | 
|---|---|
| protected OmeroContext | ctx | 
| protected String | hashHash implementation to use for encoding passwords to check and changed
 passwords. | 
| protected boolean | ignoreUnknownIf true, this implementation should return a null on
  checkPassword(String, String, boolean)if the user is unknown,
 otherwise aBoolean.FALSE. | 
| protected PasswordUtil | legacyUtilPossibly null  PasswordUtilinstance which will be used as a
 fallback for password checks if theutilinstance fails. | 
| protected org.slf4j.Logger | log | 
| protected boolean | saltWhether or not salting based on the user ID should be attempted. | 
| protected PasswordUtil | util | 
| Constructor and Description | 
|---|
| ConfigurablePasswordProvider(PasswordUtil util)Call  ConfigurablePasswordProvider(PasswordUtil, boolean)with "ignoreUnknown" equal to false. | 
| ConfigurablePasswordProvider(PasswordUtil util,
                            boolean ignoreUnknown)Call  ConfigurablePasswordProvider(PasswordUtil, boolean, boolean)with "salt" equal to false. | 
| ConfigurablePasswordProvider(PasswordUtil util,
                            boolean ignoreUnknown,
                            boolean salt) | 
| Modifier and Type | Method and Description | 
|---|---|
| void | changePassword(String user,
              String password)Throws by default. | 
| Boolean | checkPassword(String user,
             String password,
             boolean readOnly)If this was constructed with the  ignoreUnknownargument set totrue, returnsnull, since the base class knows no users. | 
| Boolean | comparePasswords(Long userId,
                String trusted,
                String provided)Compares the password provided by the user (unhashed) against the given
 trusted password. | 
| protected boolean | comparePasswords(Long userId,
                String trusted,
                String provided,
                PasswordUtil util) | 
| Boolean | comparePasswords(String trusted,
                String provided)Compares the password provided by the user (unhashed) against the given
 trusted password. | 
| protected String | encodePassword(Long userId,
              String newPassword,
              boolean salt,
              PasswordUtil util) | 
| String | encodePassword(String newPassword)Encodes the password as it would be encoded for a check by
  comparePasswords(String, String) | 
| String | encodeSaltedPassword(Long userId,
                    String newPassword)Encodes the password as it would be encoded for a check by
  comparePasswords(String, String)salting the password
 with the given userId if it's provided. | 
| boolean | hasPassword(String user)Always returns false, override with specific logic. | 
| protected Boolean | loginAttempt(String user,
            Boolean success) | 
| void | setApplicationContext(ApplicationContext ctx) | 
| void | setLegacyUtil(PasswordUtil legacy) | 
protected final org.slf4j.Logger log
protected final String hash
protected final boolean salt
protected final boolean ignoreUnknown
checkPassword(String, String, boolean) if the user is unknown,
 otherwise a Boolean.FALSE. Default value: falseprotected final PasswordUtil util
protected PasswordUtil legacyUtil
PasswordUtil instance which will be used as a
 fallback for password checks if the util instance fails.protected OmeroContext ctx
public ConfigurablePasswordProvider(PasswordUtil util)
ConfigurablePasswordProvider(PasswordUtil, boolean)
 with "ignoreUnknown" equal to false.util - an instance of the password utility classpublic ConfigurablePasswordProvider(PasswordUtil util, boolean ignoreUnknown)
ConfigurablePasswordProvider(PasswordUtil, boolean, boolean)
 with "salt" equal to false.util - an instance of the password utility classignoreUnknown - if checkPassword(String, String, boolean) should
 return null rather than Boolean.FALSE for unknown userspublic ConfigurablePasswordProvider(PasswordUtil util, boolean ignoreUnknown, boolean salt)
public void setApplicationContext(ApplicationContext ctx) throws BeansException
setApplicationContext in interface ApplicationContextAwareBeansExceptionpublic void setLegacyUtil(PasswordUtil legacy)
public boolean hasPassword(String user)
hasPassword in interface PasswordProviderpublic Boolean checkPassword(String user, String password, boolean readOnly)
ignoreUnknown argument set to
 true, returns null, since the base class knows no users.
 Otherwise, returns Boolean.FALSE specifying that
 authentication should fail.checkPassword in interface PasswordProviderpublic void changePassword(String user, String password) throws PasswordChangeException
changePassword in interface PasswordProviderPasswordChangeExceptionpublic String encodePassword(String newPassword)
comparePasswords(String, String)encodePassword in interface PasswordUtilitypublic String encodeSaltedPassword(Long userId, String newPassword)
comparePasswords(String, String) salting the password
 with the given userId if it's provided.userId - a user ID (may be null)newPassword - a passwordprotected String encodePassword(Long userId, String newPassword, boolean salt, PasswordUtil util)
public Boolean comparePasswords(String trusted, String provided)
checkPassword(String, String, boolean).
 For this implementation, if the trusted password is null, return
 Boolean.FALSE. If the trusted password is empty (only
 whitespace), return Boolean.TRUE. Otherwise return the result of
 String.equals(Object).comparePasswords in interface PasswordUtilitypublic Boolean comparePasswords(Long userId, String trusted, String provided)
Boolean.FALSE. If the trusted password is empty (only
 whitespace), return Boolean.TRUE. Otherwise return the results of
 String.equals(Object).
 If necessary, falls back to using a legacy password utility class if one was set by setLegacyUtil(PasswordUtil).userId - a user IDtrusted - the user's trusted passwordprovided - the provided passwordprotected boolean comparePasswords(Long userId, String trusted, String provided, PasswordUtil util)
                
                
Version: 5.3.3-ice35-b63
Copyright © 2017 The University of Dundee & Open Microscopy Environment. All Rights Reserved.