Package org.silverpeas.core.security.authentication

Class AuthenticationCredential

  • public class AuthenticationCredential
extends Object
    A credential is a set of security-related capabilities for a given user, it contains information used to authenticate him. This credential defines, among the attributes, the password, the login and the domain to which the user belongs. The domain is a repository of users having its own security policy and then its own authentication server. The login is the minimum information used in an authentication; indeed, for some security policies, the login can be a unique security token identifying uniquely a user in Silverpeas, whatever its domain, and that is known only by the user himself. For other security policies, only the login and the domain are required to authenticate the user, like in NTLM negotiation. By default, to open a WEB session with Silverpeas, the user has to authenticate himself by using both his login, his password and the domain to which he belongs. The credential may also contain data that simply enable certain security-related capabilities like, for example, the password change. These capabilities are generally set by the authentication process from the response of the authentication server related to the user domain, once the user is successfully authenticated.

    • Method Detail

      • newWithAsLogin

        public static AuthenticationCredential newWithAsLogin​(String login)
        Creates a new authentication credential with the specified login.
        Parameters:
        login - the login of the user to authenticate
        Returns:
        an AuthenticationCredential instance.

      • withAsPassword

        public AuthenticationCredential withAsPassword​(String password)
        Returns this credential with its password attribute set with the specified value.
        Parameters:
        password - a password.
        Returns:
        itself.

      • withAsDomainId

        public AuthenticationCredential withAsDomainId​(String domainId)
        Returns this credential with its domain attribute set with the specified value.
        Parameters:
        domainId - the unique identifier of the domain to which the user belongs.
        Returns:
        itself.

      • getLogin

        public String getLogin()
        Gets the user login to use in the authentication.
        Returns:
        the login.

      • getPassword

        public String getPassword()
        Gets the password that is mapped with the user login.
        Returns:
        the password.

      • getDomainId

        public String getDomainId()
        Gets the unique identifier of the domain to which the user belongs.
        Returns:
        the unique identifier of the user domain.

      • getCapabilities

        public Map<String,​Serializable> getCapabilities()
        Gets the security-related capabilities associated with this credential. These capabilities are generally set during the authentication from the response of an authentication service.
        Returns:
        a map of capabilities in which the key is the name of the capability and the value the capability value.

      • loginIgnoreCase

        public boolean loginIgnoreCase()
        Indicates if login case can be ignored during authentication processing.
        Returns:
        true to ignore case, false to compare exactly.

      • setPassword

        public void setPassword​(String password)
        Sets the specified password to this credential.
        Parameters:
        password - a password.

      • setDomainId

        public void setDomainId​(String domainId)
        Sets the specified domain to this credential.
        Parameters:
        domainId - the unique identifier of the domain.

      • isPasswordSet

        public boolean isPasswordSet()
        Is the password set in this credential? According to some security policy, the password isn't required to participate in an authentication; for example in an NTLM negotiation.
        Returns:
        true if the password attribute is set in this credential, false otherwise.