- java.lang.Object
-
- uk.ac.ed.epcc.webapp.model.data.Composite<AU,X>
-
- uk.ac.ed.epcc.webapp.session.AppUserComposite<T,PasswordAuthComposite<T>>
-
- uk.ac.ed.epcc.webapp.session.PasswordAuthComposite<T>
-
- Type Parameters:
T- type of AppUSer
- All Implemented Interfaces:
- Contexed, TableStructureContributer<T>, AppUserTransitionContributor, NewSignupAction<T>, RequiredPageProvider<T>
- Direct Known Subclasses:
- DatabasePasswordComposite, LdapPasswordComposite
public abstract class PasswordAuthComposite<T extends AppUser> extends AppUserComposite<T,PasswordAuthComposite<T>> implements AppUserTransitionContributor, NewSignupAction<T>, RequiredPageProvider<T>
An abstractCompositethat implements password authentication. If aAppUserFactorycontains a composite of this type then it supports password authentication different sub-classes support different mechanisms
-
-
Nested Class Summary
Nested Classes Modifier and Type Class and Description classPasswordAuthComposite.PasswordResetRequiredPageclassPasswordAuthComposite.UpdatePasswordTransition
-
Field Summary
Fields Modifier and Type Field and Description static CurrentUserKeyCHANGE_PASSWORDstatic FeatureUSER_CHANGE_PASSWORD_FEATURE
-
Constructor Summary
Constructors Modifier Constructor and Description protectedPasswordAuthComposite(AppUserFactory<T> fac)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method and Description abstract booleancanResetPassword(T user)Is it legal to reset the password for the current user.abstract booleancheckPassword(T u, java.lang.String password)Check if a string matches this persons password.booleandoWelcome(T person)Should we show a welcome page for new users.abstract TfindByLoginNamePassword(java.lang.String name, java.lang.String password)Check a supplied user-name and password.abstract TfindByLoginNamePassword(java.lang.String name, java.lang.String password, boolean check_fail_count)Check a supplied user-name and password.abstract java.lang.StringfirstPassword(T user)set the initial randomised password for the userjava.util.Set<RequiredPage<T>>getRequiredPages()Get the set of required pages.java.util.Map<AppUserKey,Transition<AppUser>>getTransitions(AppUserTransitionProvider provider)protected java.lang.Class<? super PasswordAuthComposite<T>>getType()Returns the type the composite should be registered under.abstract voidlockPassword(T user)lock the account so no password works.abstract booleanmustResetPassword(T user)Is the user required to change their passwordabstract voidnewPassword(T user)Set a new randomised password for the user and send a notification emailvoidnewSignup(T user)abstract java.lang.StringrandomisePassword(T user)set a new randomised password for the userabstract java.lang.StringreasonForReset(T user)Text explanation of whymustResetPassword(AppUser)returned true.abstract voidsetPassword(T user, java.lang.String password)Change the password for a user-
Methods inherited from class uk.ac.ed.epcc.webapp.model.data.Composite
addDefaults, addFieldHelp, addOptional, addSelectors, addSuppress, addTranslations, customiseForm, customiseUpdateForm, getContext, getFactory, getLogger, getRecord, getRepository, modifyDefaultTableSpecification, postUpdate, preRegister, release, toString
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface uk.ac.ed.epcc.webapp.model.data.TableStructureContributer
addFieldConstraints, addFormFields
-
-
-
-
Field Detail
-
USER_CHANGE_PASSWORD_FEATURE
public static final Feature USER_CHANGE_PASSWORD_FEATURE
-
CHANGE_PASSWORD
public static CurrentUserKey CHANGE_PASSWORD
-
-
Constructor Detail
-
PasswordAuthComposite
protected PasswordAuthComposite(AppUserFactory<T> fac)
- Parameters:
fac-
-
-
Method Detail
-
getType
protected java.lang.Class<? super PasswordAuthComposite<T>> getType()
Description copied from class:CompositeReturns the type the composite should be registered under.
-
checkPassword
public abstract boolean checkPassword(T u, java.lang.String password)
Check if a string matches this persons password.- Parameters:
u- AppUser to checkpassword- unencrypted password to check.- Returns:
- true if password matches.
-
findByLoginNamePassword
public abstract T findByLoginNamePassword(java.lang.String name, java.lang.String password) throws DataException
Check a supplied user-name and password. return the person if it matches. If the table is tracking an external authentication system this could create the person on first use.- Parameters:
name-password-- Returns:
- user
- Throws:
DataException
-
findByLoginNamePassword
public abstract T findByLoginNamePassword(java.lang.String name, java.lang.String password, boolean check_fail_count) throws DataException
Check a supplied user-name and password. return the person if it matches. If the table is tracking an external authentication system this could create the person on first use.- Parameters:
name-password-check_fail_count- set to false to ignore failed logins.- Returns:
- user
- Throws:
DataException
-
canResetPassword
public abstract boolean canResetPassword(T user)
Is it legal to reset the password for the current user. This can either reflect that password changes are not possible or that the user is in state where it is not legal to reset the password.- Parameters:
user- or null for general test- Returns:
- boolean
-
mustResetPassword
public abstract boolean mustResetPassword(T user)
Is the user required to change their password- Parameters:
user-- Returns:
- boolean
-
reasonForReset
public abstract java.lang.String reasonForReset(T user)
Text explanation of whymustResetPassword(AppUser)returned true.- Parameters:
user-- Returns:
-
setPassword
public abstract void setPassword(T user, java.lang.String password) throws DataFault
Change the password for a user- Parameters:
user-password- clear-text password- Throws:
DataFault
-
lockPassword
public abstract void lockPassword(T user) throws DataFault
lock the account so no password works.- Parameters:
user-- Throws:
DataFault
-
newPassword
public abstract void newPassword(T user) throws java.lang.Exception
Set a new randomised password for the user and send a notification email- Parameters:
user-- Throws:
java.lang.Exception
-
randomisePassword
public abstract java.lang.String randomisePassword(T user) throws DataFault
set a new randomised password for the user- Parameters:
user-- Returns:
- plain-text of new password
- Throws:
DataFault
-
firstPassword
public abstract java.lang.String firstPassword(T user) throws DataFault
set the initial randomised password for the user- Parameters:
user-- Returns:
- plain-text of new password
- Throws:
DataFault
-
doWelcome
public boolean doWelcome(T person)
Should we show a welcome page for new users. Normally this is because the password is recorded as being an initial password.- Parameters:
person-- Returns:
-
newSignup
public void newSignup(T user) throws java.lang.Exception
- Specified by:
newSignupin interfaceNewSignupAction<T extends AppUser>- Throws:
java.lang.Exception
-
getTransitions
public java.util.Map<AppUserKey,Transition<AppUser>> getTransitions(AppUserTransitionProvider provider)
- Specified by:
getTransitionsin interfaceAppUserTransitionContributor
-
getRequiredPages
public java.util.Set<RequiredPage<T>> getRequiredPages()
Description copied from interface:RequiredPageProviderGet the set of required pages.- Specified by:
getRequiredPagesin interfaceRequiredPageProvider<T extends AppUser>- Returns:
- Set of RequiredPage objects.
-
-