ome.security.auth

Class PasswordProviders

java.lang.Object

ome.security.auth.PasswordProviders

All Implemented Interfaces:

PasswordProvider

public class PasswordProviders
extends java.lang.Object
implements PasswordProvider

Composite class which delegates to each of the configured providers in turn. The first instance which is responible for a user name wins.

Since:

4.0

Author:

Josh Moore, josh at glencoesoftware.com

Constructor Summary

Constructors

Constructor and Description
PasswordProviders(java.util.concurrent.atomic.AtomicBoolean ignoreCaseLookup, PasswordProvider... providers)
PasswordProviders(PasswordProvider... providers)

Method Summary

Modifier and Type	Method and Description
void	changeDistinguisedName(java.lang.String user, java.lang.String dn)
void	changePassword(java.lang.String user, java.lang.String password) Attempts to change the password for the given user.
java.lang.Boolean	checkPassword(java.lang.String user, java.lang.String password, boolean readOnly) Authenticates the give user given the password token.
boolean	hasPassword(java.lang.String user) Returns true if this provider considers itself responsible for the given user name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PasswordProviders

public PasswordProviders(PasswordProvider... providers)

PasswordProviders

public PasswordProviders(java.util.concurrent.atomic.AtomicBoolean ignoreCaseLookup,
                         PasswordProvider... providers)

Method Detail

hasPassword

public boolean hasPassword(java.lang.String user)

Description copied from interface: PasswordProvider

Returns true if this provider considers itself responsible for the given user name. In general, if this method returns false, then checkPassword will return null or false for all possible passwords. However, some providers (like the LDAP provider) may create a user to synchronize with some backend during a call to PasswordProvider.checkPassword(String, String, boolean). PasswordProvider.hasPassword(String) will not do this. This is typically only of importance during PasswordProvider.changePassword(String, String) since a provider which is not responsible for a password should not attempt to change it, and before a provider has not created a user, it is also not responsible.

Specified by:

hasPassword in interface PasswordProvider

checkPassword

public java.lang.Boolean checkPassword(java.lang.String user,
                                       java.lang.String password,
                                       boolean readOnly)

Description copied from interface: PasswordProvider

Authenticates the give user given the password token. May return a null Boolean in order to signal that this provider is not responsible for the given user and can make no decision. Concrete implementations may decide to return false for all unknown users. If readOnly is false, then some implementations may choose to create new users.

Specified by:

checkPassword in interface PasswordProvider

changePassword

public void changePassword(java.lang.String user,
                           java.lang.String password)
                    throws PasswordChangeException

Description copied from interface: PasswordProvider

Attempts to change the password for the given user. May throw a PasswordChangeException, for example if the provider uses a read-only medium.

Specified by:

changePassword in interface PasswordProvider

Throws:

PasswordChangeException

changeDistinguisedName

public void changeDistinguisedName(java.lang.String user,
                                   java.lang.String dn)
                            throws PasswordChangeException

Throws:

PasswordChangeException