planetj.dataengine.security.http
Class UnsecuredSignOn

java.lang.Object
  |
  +--planetj.dataengine.security.http.GenericSignOn
        |
        +--planetj.dataengine.security.http.UnsecuredSignOn

All Implemented Interfaces:

ISignOn, Serializable

Direct Known Subclasses:

LocalUsersOnly, RefererSignOn

public class UnsecuredSignOn

extends GenericSignOn

When Secured applications do not specify a sign on class, this class is used to automatically sign users on to the application (users are not required to specify a userid or password).

See Also:

Serialized Form

Field Summary

Fields inherited from interface planetj.dataengine.security.http.ISignOn

GLOBAL_SIGNON_KEY_OPERATION_ID, GLOBAL_SIGNON_KEY_SYSTEM_ALIAS, TIMEOUT_SECONDS

Constructor Summary

UnsecuredSignOn()

Method Summary

boolean	isUserPromptRequired(ISecured pSecuredApplication, javax.servlet.http.HttpServletRequest pReq) Tests if the user should be prompted for user id, password, etc when this class is used to sign on
boolean	signOn(String pUserId, String pPassword, ISecured pSecuredApplication, javax.servlet.http.HttpServletRequest pReq) Signs on to a Secured Application.
static boolean	signOnUnsecured(ISignOn signOn, ISecured secured, javax.servlet.http.HttpServletRequest request) Carries out an unsecured sign on to the given secured Object.

Methods inherited from class planetj.dataengine.security.http.GenericSignOn

getFailureMessage, getMaximumSignOnFailures, getSignOnURI, isAdditionalSignOnRequired, isAlreadySignedOn, prepareForSignOn, processSignOnAttemptsExhausted, sessionExpired, signOff, updateProperties

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

UnsecuredSignOn

public UnsecuredSignOn()

Method Detail

isUserPromptRequired

public boolean isUserPromptRequired(ISecured pSecuredApplication,
                                    javax.servlet.http.HttpServletRequest pReq)

Tests if the user should be prompted for user id, password, etc when this class is used to sign on

Specified by:

isUserPromptRequired in interface ISignOn

Overrides:

isUserPromptRequired in class GenericSignOn

signOn

public boolean signOn(String pUserId,
                      String pPassword,
                      ISecured pSecuredApplication,
                      javax.servlet.http.HttpServletRequest pReq)
               throws CMException

Signs on to a Secured Application. This method is only invoked if the user has not already signed on. As part of the sign on process, a SignOnReceipt object should be created and stored in the session using the setSignOnReceipt() method. In addition, this method should initialize any connection pools that will be used by the secured application.

Parameters:

pUserId - The user id identifying the user signing on to the application

pPassword - The password for signing on to the application

pReq - The HttpServletRequest representing the http request of the user. Additional sign on information can be stored as attributes in the request

pSecuredApplication - The Secured Application object representing the application which is being signed on to.

Returns:

If the sign on was successful true should be returned. A return value of false or a thrown CMException indicates that the sign on failed.

CMException

signOnUnsecured

public static boolean signOnUnsecured(ISignOn signOn,
                                      ISecured secured,
                                      javax.servlet.http.HttpServletRequest request)
                               throws CMException

Carries out an unsecured sign on to the given secured Object.

Parameters:

secured - The secured object representing the application which is being signed on to.

request - The HttpServletRequest representing the http request of the user. Additional sign on information can be stored as attributes in the request.

Returns:

true if signed on successfully; false otherwise.

CMException