AuthenticationUtil (DSpace XML-UI (Manakin) :: API and Core Aspects 1.7.2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.dspace.app.xmlui.utils
Class AuthenticationUtil

java.lang.Object
  org.dspace.app.xmlui.utils.AuthenticationUtil

public class AuthenticationUtil
extends Object
extends Object

Methods for authenticating the user. This is DSpace platform code, as opposed to the site-specific authentication code, that resides in implementations of the org.dspace.eperson.AuthenticationMethod interface.

Author:: Scott Phillips, Robert Tansley

Field Summary
`static String`	`REQUEST_INTERRUPTED` Session attribute name for storing the return URL where the user should be redirected too once successfully authenticated.
`static String`	`REQUEST_INTERRUPTED_CHARACTERS`
`static String`	`REQUEST_INTERRUPTED_HEADER` These store a message giving a reason for why the request is being interrupted.
`static String`	`REQUEST_INTERRUPTED_MESSAGE`
`static String`	`REQUEST_RESUME`

Constructor Summary
`AuthenticationUtil()`

Method Summary
`static boolean`	`allowSetPassword(Map objectModel, String email)` Determine if the EPerson (to be created or already created) has the ability to set their own password.
`static Context`	`authenticate(Map objectModel, String email, String password, String realm)` Authenticate the current DSpace content based upon given authentication credentials.
`static Context`	`authenticateImplicit(Map objectModel)` Perform implicit authentication.
`static boolean`	`canSelfRegister(Map objectModel, String email)` Determine if the email can register itself or needs to be created by a site administrator first.
`static EPerson`	`createNewEperson(Map objectModel, String email)` Construct a new, mostly blank, eperson for the given email address.
`static void`	`interruptRequest(Map objectModel, String header, String message, String characters)` Interrupt the current request and store if for later resumption.
`static boolean`	`isInterupptedRequest(Map objectModel)` Is there a currently interrupted request?
`static void`	`logIn(Map objectModel, EPerson eperson)` Log the given user in as a real authenticated user.
`static void`	`loginAs(Context context, javax.servlet.http.HttpServletRequest request, EPerson loginAs)` Assume the login as another user.
`static void`	`logOut(Context context, javax.servlet.http.HttpServletRequest request)` Log the user out.
`static String`	`resumeInterruptedRequest(Map objectModel)` Set the interrupted request to a resumable state.
`static void`	`resumeLogin(Context context, javax.servlet.http.HttpServletRequest request)` Check to see if there are any session attributes indicating a currently authenticated user.
`static javax.servlet.http.HttpServletRequest`	`resumeRequest(javax.servlet.http.HttpServletRequest realHttpRequest)` Check to see if this request should be resumed.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

REQUEST_INTERRUPTED

public static final String REQUEST_INTERRUPTED

Session attribute name for storing the return URL where the user should be redirected too once successfully authenticated.

See Also:: Constant Field Values

REQUEST_RESUME

public static final String REQUEST_RESUME

See Also:: Constant Field Values

REQUEST_INTERRUPTED_HEADER

public static final String REQUEST_INTERRUPTED_HEADER

These store a message giving a reason for why the request is being interrupted.

See Also:: Constant Field Values

REQUEST_INTERRUPTED_MESSAGE

public static final String REQUEST_INTERRUPTED_MESSAGE

See Also:: Constant Field Values

REQUEST_INTERRUPTED_CHARACTERS

public static final String REQUEST_INTERRUPTED_CHARACTERS

See Also:: Constant Field Values

Constructor Detail

AuthenticationUtil

public AuthenticationUtil()

Method Detail

authenticate

public static Context authenticate(Map objectModel,
                                   String email,
                                   String password,
                                   String realm)
                            throws SQLException

Authenticate the current DSpace content based upon given authentication credentials. The AuthenticationManager will consult the configured authentication stack to determine the best method.

Parameters:: objectModel - Cocoon's object model.; email - The email credentials provided by the user.; password - The password credentials provided by the user.; realm - The realm credentials provided by the user.
Returns:: Return a current context with either the eperson attached if the authentication was successful or or no eperson attached if the attempt failed.
Throws:: SQLException

authenticateImplicit

public static Context authenticateImplicit(Map objectModel)
                                    throws SQLException

Perform implicit authentication. The authenticationManager will consult the authentication stack for any methods that can implicitly authenticate this session. If the attempt was successful then the returned context will have an eperson attached other wise the context will not have an eperson attached.

Parameters:: objectModel - Cocoon's object model.
Returns:: This requests DSpace context.
Throws:: SQLException

logIn

public static void logIn(Map objectModel,
                         EPerson eperson)
                  throws SQLException

Log the given user in as a real authenticated user. This should only be used after a user has presented credentials and they have been validated. This method signature is provided to be easier to call from flow scripts.

Parameters:: objectModel - The cocoon object model.; eperson - the eperson logged in
Throws:: SQLException

resumeLogin

public static void resumeLogin(Context context,
                               javax.servlet.http.HttpServletRequest request)
                        throws SQLException

Check to see if there are any session attributes indicating a currently authenticated user. If there is then log this user in.

Parameters:: context - DSpace context; request - HTTP Request
Throws:: SQLException

loginAs

public static void loginAs(Context context,
                           javax.servlet.http.HttpServletRequest request,
                           EPerson loginAs)
                    throws SQLException,
                           AuthorizeException

Assume the login as another user. Only site administrators may perform the action.

Parameters:: context - The current DSpace context logged in as a site administrator; request - The real HTTP request.; loginAs - Whom to login as.
Throws:: SQLException; AuthorizeException - using an I18nTransformer key as the message

logOut

public static void logOut(Context context,
                          javax.servlet.http.HttpServletRequest request)
                   throws SQLException

Log the user out.

Parameters:: context - DSpace context; request - HTTP request
Throws:: SQLException

canSelfRegister

public static boolean canSelfRegister(Map objectModel,
                                      String email)
                               throws SQLException

Determine if the email can register itself or needs to be created by a site administrator first.

Parameters:: objectModel - The Cocoon object model; email - The email of the person to be registered.
Returns:: true if the email can register, otherwise false.
Throws:: SQLException

allowSetPassword

public static boolean allowSetPassword(Map objectModel,
                                       String email)
                                throws SQLException

Determine if the EPerson (to be created or already created) has the ability to set their own password.

Parameters:: objectModel - The Cocoon object model; email - The email address of the EPerson.
Returns:
Throws:: SQLException

createNewEperson

public static EPerson createNewEperson(Map objectModel,
                                       String email)
                                throws SQLException,
                                       AuthorizeException

Construct a new, mostly blank, eperson for the given email address. This should only be called once the email address has been verified.

Parameters:: objectModel - The Cocoon object model.; email - The email address of the new eperson.
Returns:: A newly created EPerson object.
Throws:: SQLException; AuthorizeException

isInterupptedRequest

public static boolean isInterupptedRequest(Map objectModel)

Is there a currently interrupted request?

Parameters:: objectModel - The Cocoon object Model

interruptRequest

public static void interruptRequest(Map objectModel,
                                    String header,
                                    String message,
                                    String characters)

Interrupt the current request and store if for later resumption. This request will send an HTTP redirect telling the client to authenticate first. Once that has been finished then the request can be resumed.

Parameters:: objectModel - The Cocoon object Model; header - A message header (i18n tag); message - A message for why the request was interrupted (i18n tag); characters - An untranslated message, perhaps an error message?

resumeInterruptedRequest

public static String resumeInterruptedRequest(Map objectModel)

Set the interrupted request to a resumable state. The next request that the server receives (for this session) that has the same servletPath will be replaced with the previously interrupted request.

Parameters:: objectModel - The Cocoon object Model
Returns:

resumeRequest

public static javax.servlet.http.HttpServletRequest resumeRequest(javax.servlet.http.HttpServletRequest realHttpRequest)

Check to see if this request should be resumed.

Parameters:: realHttpRequest - The current real request
Returns:: Either the current real request or a stored request that was previously interrupted.