planetj.dataengine.security.http
Class SQLOperationSignOn

java.lang.Object
  |
  +--planetj.dataengine.security.http.GenericSignOn
        |
        +--planetj.dataengine.security.http.SQLOperationSignOn

All Implemented Interfaces:

ISignOn, Serializable

Direct Known Subclasses:

LocalSQLOperationSignOn

public class SQLOperationSignOn

extends GenericSignOn

See Also:

Serialized Form

Field Summary

static String	CLASS_KEY
static String	PRIMARY_SIGNON_RESULTS

Fields inherited from interface planetj.dataengine.security.http.ISignOn

GLOBAL_SIGNON_KEY_OPERATION_ID, GLOBAL_SIGNON_KEY_SYSTEM_ALIAS, TIMEOUT_SECONDS

Constructor Summary

SQLOperationSignOn()

Method Summary

String	getFailureMessage(String userid, ISecured secured, javax.servlet.http.HttpServletRequest req) Gets the message to display when a sign on fails
int	getMaximumSignOnFailures(String pUserId, ISecured pSecuredApp, javax.servlet.http.HttpServletRequest pReq) Gets the maximum number of consecutive signon failures a user is allowed.
String	getSignOnURI(ISecured secured, javax.servlet.http.HttpServletRequest request) Get the URI to call for signing on to the secured object.
boolean	isAdditionalSignOnRequired(String user, String password, ISecured secured, javax.servlet.http.HttpServletRequest req) Tests if an additional signon step is necessary.
boolean	isAlreadySignedOn(String userId, ISecured secured, javax.servlet.http.HttpServletRequest request) Check if user has already signed on to secured application.
void	prepareForSignOn(ISecured secured, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) If any subclasses need to do anything special before sign on, they can override this method and call it accordingly.
void	processSignOnAttemptsExhausted(ISecured secured, DataEngineServlet servlet, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res) This method is invoked when the user has failed the signon the maximum allowable times.
void	signOff(String userId, ISecured secured, javax.servlet.http.HttpServletRequest request) Signs the user off of the secured application.
boolean	signOn(String user, String password, ISecured secured, javax.servlet.http.HttpServletRequest request) Signs on to a Secured Application.

Methods inherited from class planetj.dataengine.security.http.GenericSignOn

isUserPromptRequired, sessionExpired, updateProperties

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PRIMARY_SIGNON_RESULTS

public static final String PRIMARY_SIGNON_RESULTS

See Also:

Constant Field Values

CLASS_KEY

public static final String CLASS_KEY

See Also:

Constant Field Values

Constructor Detail

SQLOperationSignOn

public SQLOperationSignOn()

Method Detail

getFailureMessage

public String getFailureMessage(String userid,
                                ISecured secured,
                                javax.servlet.http.HttpServletRequest req)
                         throws CMException

Gets the message to display when a sign on fails

Specified by:

getFailureMessage in interface ISignOn

Overrides:

getFailureMessage in class GenericSignOn

CMException

getMaximumSignOnFailures

public int getMaximumSignOnFailures(String pUserId,
                                    ISecured pSecuredApp,
                                    javax.servlet.http.HttpServletRequest pReq)
                             throws CMException

Gets the maximum number of consecutive signon failures a user is allowed. A negative number indicates that there is no maximum

Specified by:

getMaximumSignOnFailures in interface ISignOn

Overrides:

getMaximumSignOnFailures in class GenericSignOn

CMException

getSignOnURI

public String getSignOnURI(ISecured secured,
                           javax.servlet.http.HttpServletRequest request)
                    throws CMException

Description copied from interface: ISignOn

Get the URI to call for signing on to the secured object.

Specified by:

getSignOnURI in interface ISignOn

Overrides:

getSignOnURI in class GenericSignOn

Parameters:

secured - ISecured object being signed into

request - HttpServletRequest

CMException

isAdditionalSignOnRequired

public boolean isAdditionalSignOnRequired(String user,
                                          String password,
                                          ISecured secured,
                                          javax.servlet.http.HttpServletRequest req)
                                   throws CMException

Tests if an additional signon step is necessary. This method is only invoked after the user has submitted signon information. If they are required to submit aditional info, this method should return true

Specified by:

isAdditionalSignOnRequired in interface ISignOn

Overrides:

isAdditionalSignOnRequired in class GenericSignOn

CMException

isAlreadySignedOn

public boolean isAlreadySignedOn(String userId,
                                 ISecured secured,
                                 javax.servlet.http.HttpServletRequest request)
                          throws CMException

Check if user has already signed on to secured application.

Specified by:

isAlreadySignedOn in interface ISignOn

Overrides:

isAlreadySignedOn in class GenericSignOn

Parameters:

userId - Id of user signing in.

secured - Secured application signing in to.

request - The http request

CMException

prepareForSignOn

public void prepareForSignOn(ISecured secured,
                             javax.servlet.http.HttpServletRequest request,
                             javax.servlet.http.HttpServletResponse response)
                      throws CMException

Description copied from class: GenericSignOn

If any subclasses need to do anything special before sign on, they can override this method and call it accordingly.

Specified by:

prepareForSignOn in interface ISignOn

Overrides:

prepareForSignOn in class GenericSignOn

CMException

processSignOnAttemptsExhausted

public void processSignOnAttemptsExhausted(ISecured secured,
                                           DataEngineServlet servlet,
                                           javax.servlet.http.HttpServletRequest req,
                                           javax.servlet.http.HttpServletResponse res)
                                    throws IOException,
                                           javax.servlet.ServletException,
                                           CMException

This method is invoked when the user has failed the signon the maximum allowable times. This method is responsible for forwarding the response to the user.

Specified by:

processSignOnAttemptsExhausted in interface ISignOn

Overrides:

processSignOnAttemptsExhausted in class GenericSignOn

IOException

javax.servlet.ServletException

CMException

signOff

public void signOff(String userId,
                    ISecured secured,
                    javax.servlet.http.HttpServletRequest request)
             throws CMException

Signs the user off of the secured application. This is an optional method - it is okay to provide an empty implementation. Keep in mind that this method may never be invoked since the user may stop using the secured application without logging off.

Specified by:

signOff in interface ISignOn

Overrides:

signOff in class GenericSignOn

CMException

signOn

public boolean signOn(String user,
                      String password,
                      ISecured secured,
                      javax.servlet.http.HttpServletRequest request)
               throws CMException

Description copied from interface: ISignOn

Signs on to a Secured Application. This method is only invoked if the user has not already signed on. As part of a successful sign on, a SignOnReceipt object should be created and stored in the session using the setSignOnReceipt() method.
In addition, this method should initialize any connection pools that will be used by the secured application.

Parameters:

user - The user id identifying the user signing on to the application. If the isUserPromptRequired() method returned false, then pUserId will be null

password - The password for signing on to the application. If the isUserPromptRequired() method returned false, then pPassword will be null

secured - The Secured Application object representing the application which is being signed on to.

request - The HttpServletRequest representing the http request of the user. Additional sign on information can be stored as attributes in the request

Returns:

If the sign on was successful true should be returned. A return value of false or a thrown CMException indicates that the sign on failed.

CMException