PortalSecurityManager (The Fascinator

All Known Implementing Classes:

PortalSecurityManagerImpl
```
public interface PortalSecurityManager
```
The security manager coordinates access to various security plugins when cross plugin awareness is required, and executes some server side logic required for features such as single sign-on.

Author:

Greg Pendlebury

Method Summary

Methods
Modifier and Type	Method and Description
`com.googlecode.fascinator.api.access.AccessControlManager`	`getAccessControlManager()` Return the Access Control Manager
`com.googlecode.fascinator.api.authentication.AuthManager`	`getAuthManager()` Return the Authentication Manager
`com.googlecode.fascinator.api.roles.RolesManager`	`getRoleManager()` Return the Role Manager
`String[]`	`getRolesList(JsonSessionState session, com.googlecode.fascinator.api.authentication.User user)` Get the list of roles possessed by the current user.
`com.googlecode.fascinator.api.authentication.User`	`getUser(JsonSessionState session, String username, String source)` Retrieve the details of a user by username
`void`	`logout(JsonSessionState session, com.googlecode.fascinator.api.authentication.User user)` Logout the provided user
`boolean`	`runSsoIntegration(JsonSessionState session, FormData formData)` Wrapper method for other SSO methods provided by the security manager.
`Map<String,Map<String,String>>`	`ssoBuildLogonInterface(JsonSessionState session)` Build a Map of Maps of on-screen string values for each SSO provider.
`boolean`	`ssoCheckUserDetails(JsonSessionState session)` Get user details from SSO connection and set them in the user session.
`String`	`ssoGetRemoteLogonURL(JsonSessionState session, String source)` Retrieve the login URL for redirection against a given provider.
`String`	`ssoGetRemoteLogoutURL(JsonSessionState session, String source)`
`String`	`ssoInit(JsonSessionState session)` Initialize the SSO Service, prepare a login if required
`boolean`	`testForSso(JsonSessionState session, String resource, String uri)` Given the provided resource, test whether SSO should be 'aware' of this resource.
`boolean`	`testTrustToken(JsonSessionState session, String token)` Validate the provided trust token.

- Method Detail
  - getAccessControlManager
```
com.googlecode.fascinator.api.access.AccessControlManager getAccessControlManager()
```
    Return the Access Control Manager
    
    Returns:
    AccessControlManager
  - getAuthManager
```
com.googlecode.fascinator.api.authentication.AuthManager getAuthManager()
```
    Return the Authentication Manager
    
    Returns:
    AuthManager
  - getRoleManager
```
com.googlecode.fascinator.api.roles.RolesManager getRoleManager()
```
    Return the Role Manager
    
    Returns:
    RolesManager
  - getRolesList
```
String[] getRolesList(JsonSessionState session,
                    com.googlecode.fascinator.api.authentication.User user)
```
    Get the list of roles possessed by the current user.
    
    Parameters:
    user - The user object of the current user
    
    Returns:
    String[] A list of roles
  - getUser
```
com.googlecode.fascinator.api.authentication.User getUser(JsonSessionState session,
                                                        String username,
                                                        String source)
                                                          throws com.googlecode.fascinator.api.authentication.AuthenticationException
```
    Retrieve the details of a user by username
    
    Parameters:
    username - The username of a user to retrieve
    source - The authentication source if known
    
    Returns:
    User The user requested
    
    Throws:
    
    com.googlecode.fascinator.api.authentication.AuthenticationException - if any errors occur
  - logout
```
void logout(JsonSessionState session,
          com.googlecode.fascinator.api.authentication.User user)
            throws com.googlecode.fascinator.api.authentication.AuthenticationException
```
    Logout the provided user
    
    Throws:
    
    com.googlecode.fascinator.api.authentication.AuthenticationException
  - runSsoIntegration
```
boolean runSsoIntegration(JsonSessionState session,
                        FormData formData)
```
    Wrapper method for other SSO methods provided by the security manager. If desired, the security manager can take care of the integration using the default usage pattern, rather then calling them individually.
    
    Parameters:
    session - : The session of the current request
    formData - : FormData object for the current request
    
    Returns:
    boolean : True if SSO has redirected, in which case no response should be sent by Dispatch, otherwise False.
  - ssoInit
```
String ssoInit(JsonSessionState session)
               throws Exception
```
    Initialize the SSO Service, prepare a login if required
    
    Parameters:
    session - The server session data
    
    Throws:
    
    Exception - if any errors occur
  - ssoGetRemoteLogonURL
```
String ssoGetRemoteLogonURL(JsonSessionState session,
                          String source)
```
    Retrieve the login URL for redirection against a given provider.
    
    Parameters:
    String - The SSO source to use
    
    Returns:
    String The URL used by the SSO Service for logins
  - ssoGetRemoteLogoutURL
```
String ssoGetRemoteLogoutURL(JsonSessionState session,
                           String source)
```
  - ssoCheckUserDetails
```
boolean ssoCheckUserDetails(JsonSessionState session)
```
    Get user details from SSO connection and set them in the user session.
    
    Returns:
    boolean: Flag whether a user was actually logged in or not.
  - ssoBuildLogonInterface
```
Map<String,Map<String,String>> ssoBuildLogonInterface(JsonSessionState session)
```
    Build a Map of Maps of on-screen string values for each SSO provider. Should be enough to generate a login interface.
    
    Returns:
    Map Containing the data structure of valid SSO interfaces.
  - testForSso
```
boolean testForSso(JsonSessionState session,
                 String resource,
                 String uri)
```
    Given the provided resource, test whether SSO should be 'aware' of this resource. 'Aware' resources are valid return return points after SSO redirects, so the test should return false on (for examples) static resources and utilities such as atom feeds.
    
    Parameters:
    session - : The session for this request
    resource - : The name of the resource being accessed
    uri - : The full URI of the resource if simple matches fail
    
    Returns:
    boolean : True if SSO should be evaluated, False otherwise
  - testTrustToken
```
boolean testTrustToken(JsonSessionState session,
                     String token)
```
    Validate the provided trust token.
    
    Parameters:
    token - : The token to validate
    
    Returns:
    boolean : True if the token is valid, False otherwise

Interface PortalSecurityManager

Method Summary

Method Detail

getAccessControlManager

getAuthManager

getRoleManager

getRolesList

getUser

logout

runSsoIntegration

ssoInit

ssoGetRemoteLogonURL

ssoGetRemoteLogoutURL

ssoCheckUserDetails

ssoBuildLogonInterface

testForSso

testTrustToken