|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object blackboard.platform.security.authentication.BaseAuthenticationModule
public class BaseAuthenticationModule
Implementation class for the default authentication provider for Blackboard Learning System, also known as RDBMS Authentication. This class can be used as the base class for implementations that will use the Blackboard database as the user directory.
HttpAuthModule
Field Summary | |
---|---|
protected static java.lang.String |
_authTypeDisplayStr
Used internally by this module. |
protected HttpAuthConfig |
_config
Member variable used to access HttpAuthConfig information. |
protected LogService |
_logger
Member variable to write log message to the LogService. |
static java.lang.String |
IMPL_CLASS_KEY
Used internally by this module. |
static java.lang.String |
USE_CHALLENGE_KEY
Used internally by this module. |
Constructor Summary | |
---|---|
BaseAuthenticationModule()
Simple default constructor. |
Method Summary | |
---|---|
protected void |
assertRequestAuthenticate()
Wrapper for any assertions that should be made before authentication request. |
protected java.lang.String |
authenticate(java.lang.String userName,
java.lang.String userToken,
SessionStub sessionStub,
boolean useChallenge)
Method to support native authentication. |
protected java.lang.String |
doAuthenticate(java.util.Hashtable authenticateParams,
SessionStub sessionStub,
boolean useChallenge)
Implementation specific version of doAuthenticate which does additional checking before calling authenticate . |
java.lang.String |
doAuthenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Performs the work of authentication. |
void |
doLogout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Implementation method. |
java.lang.String |
getAuthType()
Returns a String identifier for the authentication type for a given implementation of HttpAuthModule |
protected BbResourceBundle |
getBundle()
|
protected java.lang.String |
getConfigErrs()
Collects errors from loading configuration properties for this authentication type. |
boolean |
getCreateAccountAllowed(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
getCreateAccountAllowed() Determines based on configuration information, whether users may create new accounts. |
static java.lang.String |
getDefaultAuthType()
Return the default authentication type |
protected java.util.Hashtable |
getDoAuthenticateParams(javax.servlet.http.HttpServletRequest request)
Gets the authentication parameters from the request object. |
java.lang.String[] |
getPropKeys()
Returns a String array of the keys to this authentication module's configuration properties file. |
protected java.lang.String |
getRequestAuthenticateUri(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
getRequestAuthenticateURI Indicates the target resource that should receive the current request. |
protected java.util.Hashtable |
getSecondaryDoAuthenticateParams(javax.servlet.http.HttpServletRequest request)
Gets the authentication parameters from the request object. |
protected java.lang.String |
getSubConfigErrs()
Collects errors from loading nested configuration properties for this authentication type. |
boolean |
getUseChallenge()
Determines based on configuration information, whether to use challenge-response authentication. |
void |
init(ConfigurationService cfg)
Initializes authentication module. |
boolean |
isAuthenticated(javax.servlet.http.HttpServletRequest request)
Deprecated. |
boolean |
isExternalAuth()
Can be used by subclasses to determine whether or not the authentication module is an external authentication module. |
void |
requestAuthenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Implementation method. |
void |
setConfig(HttpAuthConfig config)
Sets the configuration properties for this authentication type. |
protected void |
setGlobalKeys(javax.servlet.http.HttpServletRequest request)
Set whatever key-value pairs need to be stored for the current session. |
protected void |
validateConfig()
Validates that the configuration properties for this authentication type have been loaded correctly. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected static java.lang.String _authTypeDisplayStr
public static final java.lang.String IMPL_CLASS_KEY
public static final java.lang.String USE_CHALLENGE_KEY
protected LogService _logger
protected HttpAuthConfig _config
Constructor Detail |
---|
public BaseAuthenticationModule()
HttpAuthManager
calls Class.newInstance()
.
Method Detail |
---|
protected BbResourceBundle getBundle()
public void init(ConfigurationService cfg)
init
in interface HttpAuthModule
cfg
- The ConfigurationService for this installation.public void setConfig(HttpAuthConfig config)
setConfig
in interface HttpAuthModule
config
- The HttpAuthConfig object containing all authentication properties for this authentication type.protected void validateConfig() throws BbInsufficientArgs
BbInsufficientArgs
protected java.lang.String getConfigErrs()
protected java.lang.String getSubConfigErrs()
public java.lang.String[] getPropKeys()
getPropKeys
in interface HttpAuthModule
public boolean isExternalAuth()
public boolean isAuthenticated(javax.servlet.http.HttpServletRequest request) throws BbSecurityException
isAuthenticated
in interface HttpAuthModule
request
- the request to validate
BbSecurityException
- never thrown by this implementation. Included here for completeness
BbSecurityException
blackboard.platform.session.BbSession.isAuthenticated
public java.lang.String doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws BbSecurityException, BbAuthenticationFailedException, BbCredentialsNotFoundException
doAuthenticate( Hashtable, SessionStub, boolean)
which submits username and password to the authenticate
method.
doAuthenticate
in interface HttpAuthModule
request
- the request containing auth credentialsresponse
- the response object associated with the current HTTP transaction.
This object is not used in this implementation
BbSecurityException
- thrown if an external error prevents authentication
from occurring.
BbAuthenticationFailedException
- thrown if authentication failed (i.e., wrong password)
BbCredentialsNotFoundException
- thrown if no credentials were found in the requestprotected java.lang.String doAuthenticate(java.util.Hashtable authenticateParams, SessionStub sessionStub, boolean useChallenge) throws BbSecurityException, BbAuthenticationFailedException, BbCredentialsNotFoundException
authenticate
.
authParams
- -- a Hashtable of request parameter names and valuessessionStub
- -- Session informationuseChallenge
- -- boolean to signify whether or not authentication is configured for challenge-response
BbSecurityException
BbAuthenticationFailedException
BbCredentialsNotFoundException
protected java.util.Hashtable getDoAuthenticateParams(javax.servlet.http.HttpServletRequest request)
getAuthenticateParams
-
protected java.util.Hashtable getSecondaryDoAuthenticateParams(javax.servlet.http.HttpServletRequest request)
getAuthenticateParams
-
public void requestAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws BbSecurityException
requestAuthenticate
in interface HttpAuthModule
request
- The current HTTP request object. Used to get the session objectresponse
- The response on which to set SC_UNAUTHORIZED
BbSecurityException
- thrown if a run-time error prevents the method from completing.
BbSecurityException
HttpServletResponse.SC_UNAUTHORIZED
protected void assertRequestAuthenticate() throws BbSecurityException
BbSecurityException
- if the configuration has not been setprotected java.lang.String getRequestAuthenticateUri(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, java.lang.SecurityException, java.io.FileNotFoundException, PersistenceException
java.io.IOException
java.lang.SecurityException
java.io.FileNotFoundException
PersistenceException
public void doLogout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws BbSecurityException
doLogout
in interface HttpAuthModule
request
- the current HTTP request. Used to obtain a session handle.response
- the current HTTP response. Passed for completeness, not used.
blackboard.platform.security.authentication.BbSecurityExceptionincluded
- for completeness.
--This implementation will never throw this exception
BbSecurityException
- thrown if an error occurs performing the
implementation-specific invalidationprotected java.lang.String authenticate(java.lang.String userName, java.lang.String userToken, SessionStub sessionStub, boolean useChallenge) throws BbAuthenticationFailedException, BbSecurityException
userName
- User nameuserToken
- this should be either clear text password or hash, depending on the result from
RDBMSAuthUtil.useChallenge()
.
blackboard.platform.security.BbAuthenticationFailedException
BbAuthenticationFailedException
BbSecurityException
public boolean getCreateAccountAllowed(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
public boolean getUseChallenge()
public java.lang.String getAuthType()
getAuthType
in interface HttpAuthModule
public static java.lang.String getDefaultAuthType()
protected void setGlobalKeys(javax.servlet.http.HttpServletRequest request) throws PersistenceException
PersistenceException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |