Interface Authentication
-
- All Known Implementing Classes:
AuthenticationService
public interface Authentication
Authentication of a user in Silverpeas. The process of authentication is itself delegated to backends that wrap transparently the communication with external user services. Those services managing the authentication can be simply a database, an LDAP server or an SSO service. At each backend corresponds a user Silverpeas domain and hence this is by the domain identifier the service to delegate the authentication is figured out by this authentication.- Author:
- mmoquillon
-
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description AuthenticationResponse
authenticate(AuthenticationCredential userCredential)
Authenticates a user with the specified authentication credential.static Authentication
get()
Gets anAuthentication
object.List<AuthDomain>
getAllAuthDomains()
Gets all the domains in Silverpeas that are able to take in charge the authentication of its own users.String
getAuthToken(AuthenticationCredential credential)
Gets an authentication token for a given user from its specified login and from the domain to which he belongs.User
getUserByAuthToken(String authToken)
Gets the user that was previously authenticated and that is identified by the specified authentication token.default boolean
isThereMultipleDomainsDefined()
Is there several authentication domains with their own authentication process defined currently in Silverpeas?
-
-
-
Method Detail
-
get
static Authentication get()
Gets anAuthentication
object. Only one implementation should be provided.- Returns:
- an instance of the implementation of this interface.
-
isThereMultipleDomainsDefined
default boolean isThereMultipleDomainsDefined()
Is there several authentication domains with their own authentication process defined currently in Silverpeas?- Returns:
- true if there is more than one authentication domain currently defined in Silverpeas. False otherwise.
-
getAllAuthDomains
@Nonnull List<AuthDomain> getAllAuthDomains()
Gets all the domains in Silverpeas that are able to take in charge the authentication of its own users. Other domains (those for which no authentication protocol is defined) aren't returned.- Returns:
- a list of all authentication domains that support currently the authentication of its own users.
-
authenticate
AuthenticationResponse authenticate(AuthenticationCredential userCredential)
Authenticates a user with the specified authentication credential.If the authentication succeeds, the security-related capabilities, mapped to the user's credential, are set from information sent back by the authentication server related to the domain to which the user belongs.
- Parameters:
userCredential
- the credential of the user to use to authenticate him.- Returns:
- the response of the authentication with its status (success, failure or rejected). In the case of a successful authentication, the response carries the authentication token from which the user can be then identified later.
-
getAuthToken
String getAuthToken(AuthenticationCredential credential)
Gets an authentication token for a given user from its specified login and from the domain to which he belongs. This method doesn't perform any authentication, but it only set a new authentication token for the given user. This method can be used, for example, to allow a user who has forgotten its password to set a new one without having to be authenticated.To use with caution as this can be a security flaw to use this method to bypass any authentication process. It is only for administrative tasks or inner technical tasks requiring an authentication token for them to be completed.
- Parameters:
credential
- the credential of the user required to identify his account in Silverpeas. At least his login and his domain identifier has to be set.- Returns:
- an authentication key.
-
getUserByAuthToken
User getUserByAuthToken(String authToken) throws AuthenticationException
Gets the user that was previously authenticated and that is identified by the specified authentication token. The token should be provided by either the authentication process (seeauthenticate(AuthenticationCredential)
) or simply by a new authentication token generation (seegetAuthToken(AuthenticationCredential)
)- Parameters:
authToken
- an authentication token provided by the authentication system.- Returns:
- the user in Silverpeas identified by the given token.
- Throws:
AuthenticationException
- if no such token exists or if there is an error while getting the corresponding user.
-
-