org.picketlink.internal

Class AbstractIdentity

java.lang.Object

org.picketlink.internal.AbstractIdentity

All Implemented Interfaces:

Serializable, Identity

Direct Known Subclasses:

DefaultIdentity

public abstract class AbstractIdentity
extends Object
implements Identity

Base implementation for Identity types.

Author:

Shane Bryzak, Pedro Igor

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from interface org.picketlink.Identity

Identity.AuthenticationResult

Constructor Summary

Constructors

Constructor and Description
AbstractIdentity()

Method Summary

Methods

Modifier and Type	Method and Description
protected Account	authenticate()
Account	getAccount()
protected void	handleSuccessfulLoginAttempt(Account validatedAccount)
protected void	handleUnsuccesfulLoginAttempt(Throwable e)
boolean	hasPermission(Class<?> resourceClass, Serializable identifier, String operation) As above, however this method should be used when a reference to the resource is not available, or is expensive to retrieve, for example looking up an entity from a relational database.
boolean	hasPermission(Object resource, String operation) Tests if the currently authenticated user has permission to perform the specified operation on the specified resource.
boolean	isLoggedIn() Simple check that returns true if the user is logged in, without attempting to authenticate
Identity.AuthenticationResult	login() Attempts to authenticate the user.
void	logout() Logs out the currently authenticated user
protected void	logout(boolean invalidateLoginCredential)
protected void	postAuthenticate(Authenticator authenticator)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractIdentity

public AbstractIdentity()

Method Detail

isLoggedIn

public boolean isLoggedIn()

Description copied from interface: Identity

Simple check that returns true if the user is logged in, without attempting to authenticate

Specified by:

isLoggedIn in interface Identity

Returns:

true if the user is logged in

getAccount

public Account getAccount()

Specified by:

getAccount in interface Identity

login

public Identity.AuthenticationResult login()

Description copied from interface: Identity

Attempts to authenticate the user. This method raises the following events in response to whether authentication is successful or not. The following events may be raised during the call to login():

LoggedInEvent - raised when authentication is successful LoginFailedEvent - raised when authentication fails AlreadyLoggedInEvent - raised if the user is already authenticated LockedAccountEvent - raised if the user is locked

Specified by:

login in interface Identity

Returns:

AuthenticationResult returns SUCCESS if user is authenticated, FAILED if authentication FAILED, or EXCEPTION if an EXCEPTION occurred during authentication. These response values may be used to control user navigation. For deferred authentication methods, such as Open ID the login() method will return an immediate result of FAILED (and subsequently fire a LoginFailedEvent) however in these conditions it is the responsibility of the Authenticator implementation to take over the authentication process, for example by redirecting the user to a third party authentication service such as an OpenID provider.

handleSuccessfulLoginAttempt

protected void handleSuccessfulLoginAttempt(Account validatedAccount)

handleUnsuccesfulLoginAttempt

protected void handleUnsuccesfulLoginAttempt(Throwable e)

authenticate

protected Account authenticate()
                        throws AuthenticationException

Throws:

AuthenticationException

postAuthenticate

protected void postAuthenticate(Authenticator authenticator)

logout

public void logout()

Description copied from interface: Identity

Logs out the currently authenticated user

Specified by:

logout in interface Identity

logout

protected void logout(boolean invalidateLoginCredential)

hasPermission

public boolean hasPermission(Object resource,
                    String operation)

Description copied from interface: Identity

Tests if the currently authenticated user has permission to perform the specified operation on the specified resource. This method should be preferred over the overloaded hasPermission() method if a reference to the resource in question is already available.

Specified by:

hasPermission in interface Identity

Parameters:

resource - The resource for which the permission is required

operation - The operation that the user wishes to perform on the resource

Returns:

true if the current user has the permission.

hasPermission

public boolean hasPermission(Class<?> resourceClass,
                    Serializable identifier,
                    String operation)

Description copied from interface: Identity

As above, however this method should be used when a reference to the resource is not available, or is expensive to retrieve, for example looking up an entity from a relational database.

Specified by:

hasPermission in interface Identity

Parameters:

resourceClass - The class of the resource

identifier - The identifier of the resource, for example may be a primary key value if an entity

operation - The operation that the user wishes to perform on the resource

Returns:

true if the current user has the permission.