com.epicentric.authentication
Interface Authenticator

public interface Authenticator

Abstraction that knows how to obtain authentication of an account. Account information is stored in a data source, which can be SQL, LDAP, or an NT domain. This interface also includes methods for creating, removing, and changing account information on the data source. There is an implementation of this interface for each data source that the system supports.

Method Summary

void	authenticate(String logon, String password) Checks if the current user account is authentic.
void	authenticate(String logon, String password, String domain) Deprecated. As of version 4.0, to be removed in 8.0 or later. Instead, use Authenticator.authenticate(java.lang.String logon, java.lang.String password).
void	changePassword(String logon, String newPassword) Sets the password for the account in the given realm.
void	createAccount(String logon, String password, Map attributes) Creates an account with the given logon and password.
boolean	doesAccountExist(String logon) Checks whether an account exists with the given logon
String	getID() Returns a unique identifier for this Authenticator.
String	getName() Deprecated. As of version 4.0, to be removed in 8.0 or later. Instead use getID,
void	init(Realm realm, Properties props) Initializes the authenticator.
void	removeAccount(String logon) Removes the account with the given logon.
boolean	requiresDomain() Deprecated. As of version 4.0, to be removed in 8.0 or later. No Replacement, since Realms are now being used.
String	retrieveForgottenPassword(String logon) Either returns the current password for the given account (if the authenticator uses bidirectional encryption) or generates a new password and updates the authenticator with the new password (if the authenticator uses unidirectional encryption).

Method Detail

authenticate

public void authenticate(String logon,
                         String password,
                         String domain)
                  throws AuthenticationException

Deprecated. As of version 4.0, to be removed in 8.0 or later. Instead, use Authenticator.authenticate(java.lang.String logon, java.lang.String password).

This method checks to see if the current account is authentic.

Parameters:

logon - - The user ID supplied by the user.

password - - The plain text typed password supplied by the user.

domain - - The domain supplied by the user during logon, or null if not supplied. Domain is an optional field that most Authenticators do not need.

getName

public String getName()

Deprecated. As of version 4.0, to be removed in 8.0 or later. Instead use getID,

Returns the name of this Authenticator. Used for logging and metrics.

See Also:

Authenticator.getID()

requiresDomain

public boolean requiresDomain()

Deprecated. As of version 4.0, to be removed in 8.0 or later. No Replacement, since Realms are now being used.

Returns true if authenticator requires a domain to authenticate the user. If false, authenticator only needs logon and password.

init

public void init(Realm realm,
                 Properties props)
          throws AuthenticationException

Initializes the authenticator. This method is guaranted to be executed by the AuthenticationManager before any other method.

Parameters:

realm - Realm against which this authenticator authenticates its users

props - Properties passed in by the AuthenticationManager

See Also:

AuthenticationManager

authenticate

public void authenticate(String logon,
                         String password)
                  throws InvalidAccountException,
                         AuthenticationException

Checks if the current user account is authentic.

Parameters:

logon - Identifier for the account

password - Plain-text, typed password for the account

Since:

4.0

createAccount

public void createAccount(String logon,
                          String password,
                          Map attributes)
                   throws AccountExistsException,
                          AuthenticationException

Creates an account with the given logon and password.

Parameters:

logon - Identifier for this account

password - Plain-text, typed password for this account

attributes - Any attributes other than logon and password needed to create an account. The keys of attributes should map to AccountPropertyDescriptor IDs.

Since:

4.0

See Also:

Realm.supportsFeature(java.lang.String)

removeAccount

public void removeAccount(String logon)
                   throws AccountDoesNotExistException,
                          AuthenticationException

Removes the account with the given logon.

Parameters:

logon - Identifier for the account

Since:

4.0

See Also:

Realm.supportsFeature(java.lang.String)

changePassword

public void changePassword(String logon,
                           String newPassword)
                    throws AuthenticationException

Sets the password for the account in the given realm.

Parameters:

logon - Identifier for the account

newpassword - New plain-text, typed password for the account

Since:

4.0

See Also:

Realm.supportsFeature(java.lang.String)

retrieveForgottenPassword

public String retrieveForgottenPassword(String logon)
                                 throws AuthenticationException

Either returns the current password for the given account (if the authenticator uses bidirectional encryption) or generates a new password and updates the authenticator with the new password (if the authenticator uses unidirectional encryption).

Parameters:

logon - Identifier for the account

Returns:

A new password

Since:

4.0

See Also:

Realm.supportsFeature(java.lang.String)

doesAccountExist

public boolean doesAccountExist(String logon)
                         throws AuthenticationException

Checks whether an account exists with the given logon

Returns:

true if the account exists and false otherwise

Since:

4.0

getID

public String getID()

Returns a unique identifier for this Authenticator. The ID is that of the Realm that this Authenticator services.

See Also:

Realm