org.neo4j.server.security.auth

Class SecurityCentral

java.lang.Object

org.neo4j.kernel.lifecycle.LifecycleAdapter

org.neo4j.server.security.auth.SecurityCentral

All Implemented Interfaces:

org.neo4j.kernel.lifecycle.Lifecycle

public class SecurityCentral
extends org.neo4j.kernel.lifecycle.LifecycleAdapter

Manages server authentication and authorization. This is mainly a coordinating component, it delegates to other internal components for the majority of its work. Through the SecurityCentral you can create and edit users, check their credentials and their privileges.

Field Summary

Fields

Modifier and Type	Field and Description
static User	UNAUTHENTICATED

Constructor Summary

Constructors

Constructor and Description
SecurityCentral(org.neo4j.helpers.Clock clock, UserRepository users)

Method Summary

Methods

Modifier and Type	Method and Description
boolean	authenticate(String user, String password) Determine if a set of credentials are valid.
void	newUser(String name, Privileges privileges)
String	regenerateToken(String name) Set a new random token for a given user
void	setPassword(String name, String password)
void	setToken(String name, String token) This is synchronized to avoid odd races if someone requests multiple concurrent token changes.
void	start()
User	userForName(String name) Get a user, given a name.
User	userForToken(String token) Get a user, given a token.

Methods inherited from class org.neo4j.kernel.lifecycle.LifecycleAdapter

init, shutdown, stop

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

UNAUTHENTICATED

public static final User UNAUTHENTICATED

Constructor Detail

SecurityCentral

public SecurityCentral(org.neo4j.helpers.Clock clock,
               UserRepository users)

Method Detail

start

public void start()
           throws Throwable

Specified by:

start in interface org.neo4j.kernel.lifecycle.Lifecycle

Overrides:

start in class org.neo4j.kernel.lifecycle.LifecycleAdapter

Throws:

Throwable

authenticate

public boolean authenticate(String user,
                   String password)
                     throws TooManyAuthenticationAttemptsException

Determine if a set of credentials are valid.

Throws:

TooManyAuthenticationAttemptsException

newUser

public void newUser(String name,
           Privileges privileges)
             throws IOException,
                    IllegalUsernameException

Throws:

IOException

IllegalUsernameException

userForToken

public User userForToken(String token)

Get a user, given a token. If no user is associated with the token, return an unauthenticated user.

userForName

public User userForName(String name)

Get a user, given a name. If no user is associated with the name, return an unauthenticated user.

regenerateToken

public String regenerateToken(String name)
                       throws IOException

Set a new random token for a given user

Throws:

IOException

setToken

public void setToken(String name,
            String token)
              throws IllegalTokenException,
                     IOException

This is synchronized to avoid odd races if someone requests multiple concurrent token changes.

Throws:

IllegalTokenException

IOException

setPassword

public void setPassword(String name,
               String password)
                 throws IOException

Throws:

IOException