Package org.itracker.services.authentication

Interface PluggableAuthenticator

All Known Implementing Classes:

AbstractPluggableAuthenticator, DefaultAuthenticator, TestAuthenticator, WindowsSSONAuthenticator, WindowsSSONAuthenticatorADInfo

public interface PluggableAuthenticator

This interface should be implemented to provide a new authentication module for ITracker. It provides service to check if a user can be authenticated during a login, and also whether a user self registration is allowed. A new instance of this object is created for each check.

See Also:

AuthenticationConstants

Method Summary

Modifier and Type	Method	Description
boolean	allowPasswordUpdates(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to determine if the particular user is allowed to perform password updates on the system.
boolean	allowPermissionUpdates(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to determine if the particular user is allowed to perform permissions updates on the system.
boolean	allowPreferenceUpdates(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to determine if the particular user is allowed to perform preferences updates on the system.
boolean	allowProfileCreation(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to determine if a new user profile should be allowed to be created.
boolean	allowProfileUpdates(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to determine if the particular user is allowed to perform profile updates on the system.
boolean	allowRegistration(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to determine if a user is authorized to self register.
org.itracker.model.User	checkLogin(String login, Object authentication, int authType, int reqSource)	This method should be implemented to determine if a user login is successful.
boolean	createProfile(org.itracker.model.User user, Object authentication, int authType, int reqSource)	This method should be implemented to perform any updates that are necessary in the authentication system to support a new user.
List<org.itracker.model.Permission>	getUserPermissions(org.itracker.model.User user, int reqSource)	This method should return all the permissions a user has in the authentication system.
List<org.itracker.model.User>	getUsersWithProjectPermission(Integer projectId, int[] permissionTypes, boolean requireAll, boolean activeOnly, int reqSource)	Deprecated.
List<org.itracker.model.User>	getUsersWithProjectPermission(Integer projectId, org.itracker.model.PermissionType[] permissionTypes, boolean requireAll, boolean activeOnly, int reqSource)	This method should return an array of users that have certain permissions in the authentication system.
void	initialize(Map<?,?> value)	This method should be implemented to setup any needed components.
boolean	updateProfile(org.itracker.model.User user, int updateType, Object authentication, int authType, int reqSource)	This method should be implemented to perform any updates that are necessary in the authentication system to support the updated user information.

Method Detail

checkLogin

org.itracker.model.User checkLogin(String login,
                                   Object authentication,
                                   int authType,
                                   int reqSource)
                            throws AuthenticatorException

This method should be implemented to determine if a user login is successful. The method should return a valid User object.

Parameters:

login - the login the user/client provided

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a User if the login is successful

Throws:

AuthenticatorException - an exception if the login is unsuccessful, or an error occurs

getUserPermissions

List<org.itracker.model.Permission> getUserPermissions(org.itracker.model.User user,
                                                       int reqSource)
                                                throws AuthenticatorException

This method should return all the permissions a user has in the authentication system. This list may then be augmented based on other attributes of the user, or project level options.

Parameters:

user - a User object that contains the user to retrieve permissions for

reqSource - the source of the request (eg web, api)

Returns:

an array of PermissionModels

Throws:

AuthenticatorException - an error occurs

getUsersWithProjectPermission

List<org.itracker.model.User> getUsersWithProjectPermission(Integer projectId,
                                                            org.itracker.model.PermissionType[] permissionTypes,
                                                            boolean requireAll,
                                                            boolean activeOnly,
                                                            int reqSource)
                                                     throws AuthenticatorException

This method should return an array of users that have certain permissions in the authentication system. This list must always include all super users, even if they do not explicitly have the required permission.

Parameters:

projectId - id of the project on which the users return have permissions

permissionTypes - types of permissions required

requireAll - true is the user must possess any of the permissions, false if only one is required

activeOnly - true if only users listed as active should be returned

reqSource - the source of the request (eg web, api)

Returns:

an array of UserModels

Throws:

AuthenticatorException - an error occurs

getUsersWithProjectPermission

@Deprecated
List<org.itracker.model.User> getUsersWithProjectPermission(Integer projectId,
                                                            int[] permissionTypes,
                                                            boolean requireAll,
                                                            boolean activeOnly,
                                                            int reqSource)
                                                     throws AuthenticatorException

Deprecated.

This method should return an array of users that have certain permissions in the authentication system. This list must always include all super users, even if they do not explicitly have the required permission.

Parameters:

projectId - id of the project on which the users return have permissions

permissionTypes - types of permissions required

requireAll - true is the user must possess any of the permissions, false if only one is required

activeOnly - true if only users listed as active should be returned

reqSource - the source of the request (eg web, api)

Returns:

an array of UserModels

Throws:

AuthenticatorException - an error occurs

allowRegistration

boolean allowRegistration(org.itracker.model.User user,
                          Object authentication,
                          int authType,
                          int reqSource)
                   throws AuthenticatorException

This method should be implemented to determine if a user is authorized to self register.

Parameters:

user - a User object that contains the data the user submitted

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a boolean whether the user should be allowed to register

Throws:

AuthenticatorException - an exception if an error occurs

allowProfileCreation

boolean allowProfileCreation(org.itracker.model.User user,
                             Object authentication,
                             int authType,
                             int reqSource)
                      throws AuthenticatorException

This method should be implemented to determine if a new user profile should be allowed to be created. This applies to both self registration and also new users created by a super user on the system. If this method would always return false, then some other mechanism must be provided for new users to be created in the system.

Parameters:

user - a User object that contains the data for the new user. If null, then the request is being made for an unknown future user. For example, the system may request this with an null user if it needs to know if the system should even present the option to create a new user

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a boolean whether new profile creation is allowed

Throws:

AuthenticatorException - an exception if an error occurs

allowProfileUpdates

boolean allowProfileUpdates(org.itracker.model.User user,
                            Object authentication,
                            int authType,
                            int reqSource)
                     throws AuthenticatorException

This method should be implemented to determine if the particular user is allowed to perform profile updates on the system. This method is used in conjunction with allowPasswordUpdates, allowPreferenceUpdates, and allowPermissionUpdates to determine what parts of the user's information is allowed to be updated through ITracker.

Parameters:

user - a User object that contains the data the user submitted

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a boolean whether the user's core profile information can be updated

Throws:

AuthenticatorException - an exception if an error occurs

See Also:

allowPasswordUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPermissionUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPreferenceUpdates(org.itracker.model.User, java.lang.Object, int, int)

allowPasswordUpdates

boolean allowPasswordUpdates(org.itracker.model.User user,
                             Object authentication,
                             int authType,
                             int reqSource)
                      throws AuthenticatorException

This method should be implemented to determine if the particular user is allowed to perform password updates on the system. This method is used in conjunction with allowProfileUpdates, allowPermissionUpdates, and allowPreferenceUpdates to determine what parts of the user's information is allowed to be updated through ITracker.

Parameters:

user - a User object that contains the current user data

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a boolean whether the user's core profile information can be updated

Throws:

AuthenticatorException - an exception if an error occurs

See Also:

allowProfileUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPermissionUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPreferenceUpdates(org.itracker.model.User, java.lang.Object, int, int)

allowPermissionUpdates

boolean allowPermissionUpdates(org.itracker.model.User user,
                               Object authentication,
                               int authType,
                               int reqSource)
                        throws AuthenticatorException

This method should be implemented to determine if the particular user is allowed to perform permissions updates on the system. This method is used in conjunction with allowProfileUpdates, allowPasswordUpdates, and allowPreferenceUpdates to determine what parts of the user's information is allowed to be updated through ITracker. If the user model is null, then the request is being made for multiple users, for example on the edit project page, and is being applied on a generic basis, that is are permission updates allowed at all on the system.

Parameters:

user - a User object that contains the current user data, or null if multiple users

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a boolean whether the user's core profile information can be updated

Throws:

AuthenticatorException - an exception if an error occurs

See Also:

allowProfileUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPasswordUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPreferenceUpdates(org.itracker.model.User, java.lang.Object, int, int)

allowPreferenceUpdates

boolean allowPreferenceUpdates(org.itracker.model.User user,
                               Object authentication,
                               int authType,
                               int reqSource)
                        throws AuthenticatorException

This method should be implemented to determine if the particular user is allowed to perform preferences updates on the system. This method is used in conjunction with allowProfileUpdates, allowPasswordUpdates, and allowPermissionUpdate to determine what parts of the user's information is allowed to be updated through ITracker.

Parameters:

user - a User object that contains the current user data

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

a boolean whether the user's core profile information can be updated

Throws:

AuthenticatorException - an exception if an error occurs

See Also:

allowProfileUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPasswordUpdates(org.itracker.model.User, java.lang.Object, int, int), allowPermissionUpdates(org.itracker.model.User, java.lang.Object, int, int)

createProfile

boolean createProfile(org.itracker.model.User user,
                      Object authentication,
                      int authType,
                      int reqSource)
               throws AuthenticatorException

This method should be implemented to perform any updates that are necessary in the authentication system to support a new user. Any updates needed to the data supplied should be made in the supplied User. The system will then update the information in the ITracker datastore. Only changes to the core profile information and password are made here. Any permission information for the new user would be done through an updateProfile call.

Parameters:

user - a User object that contains the newly created profile

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

true if changes were made

Throws:

AuthenticatorException - an error occurs

See Also:

updateProfile(org.itracker.model.User, int, java.lang.Object, int, int)

updateProfile

boolean updateProfile(org.itracker.model.User user,
                      int updateType,
                      Object authentication,
                      int authType,
                      int reqSource)
               throws AuthenticatorException

This method should be implemented to perform any updates that are necessary in the authentication system to support the updated user information. This action will be called any time there are any updates to a user including core profile information, password information, permission information or preference changes. Any changes should be made directly to user model supplied to the method.

Parameters:

user - a User object that contains the updated profile

updateType - the type of information that is being updated

authentication - the user's authentication information, if known

authType - the type of authentication information being provided

reqSource - the source of the request (eg web, api)

Returns:

true if changes were made

Throws:

AuthenticatorException - an exception if the login is unsuccessful, or an error occurs

initialize

void initialize(Map<?,?> value)

This method should be implemented to setup any needed components. It is called Every time a new check is performed but could be used to store static information that is not changed.

Parameters:

value - A HashMap that contains some default information. The current calls pass a UserService bean as userService, and an ConfigurationService bean as configurationService