Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

planetj.dataengine.security.http
Class GenericSignOn

java.lang.Object
  extended byplanetj.dataengine.security.http.GenericSignOn
All Implemented Interfaces:
ISignOn, java.io.Serializable
Direct Known Subclasses:
DBCommonConnectionPoolSignOn, DBPersonalConnectionPoolSignOn, DXApplicationSignOn, OSPlusOperationSignOn, SignOnAndRegistrationSignOn, SQLOperationSignOn, TableAuthenticationSignOn, UnsecuredSignOn, UserListSignOn
public abstract class GenericSignOn
extends java.lang.Object
implements ISignOn, java.io.Serializable

Provides a partial implementation of the SignOn interface. The signOff(), sessionExpired(), and isAlreadySignedOn() methods are given minimal implementations which should be sufficient for most sign on techniques which do not hold open resources during the time a user is signed on.

See Also:
Serialized Form

Field Summary
 
Fields inherited from interface planetj.dataengine.security.http.ISignOn
GLOBAL_SIGNON_KEY_OPERATION_ID, GLOBAL_SIGNON_KEY_SYSTEM_ALIAS, TIMEOUT_SECONDS
 
Constructor Summary
protected GenericSignOn()
          GenericSignOn constructor
 
Method Summary
 java.lang.String getFailureMessage(java.lang.String userid, ISecured secured, HttpServletRequest req)
          Gets the message to display when a sign on fails
 int getMaximumSignOnFailures(java.lang.String pUserId, ISecured pSecuredApp, HttpServletRequest pReq)
          Gets the maximum number of consecutive signon failures a user is allowed.
 java.lang.String getSignOnURI(ISecured secured, HttpServletRequest request)
          Get the URI to call for signing on to the secured object.
 boolean isAdditionalSignOnRequired(java.lang.String user, java.lang.String password, ISecured secured, HttpServletRequest req)
          Tests if an additional signon step is necessary.
 boolean isAlreadySignedOn(java.lang.String pUserId, ISecured pSecuredApplication, HttpServletRequest pReq)
          Tests if the user has signed on to the secured application already.
 boolean isUserPromptRequired(ISecured pSecuredApplication, HttpServletRequest pReq)
          Tests if the user should be prompted for user id, password, etc when this class is used to sign on
 void prepareForSignOn(ISecured secured, HttpServletRequest request, HttpServletResponse response)
          If any subclasses need to do anything special before sign on, they can override this method and call it accordingly.
 void processSignOnAttemptsExhausted(ISecured secured, DataEngineServlet servlet, HttpServletRequest req, HttpServletResponse res)
          This method is invoked when the user has failed the signon the maximum allowable times.
 void sessionExpired(SignOnReceipt pReceipt)
          This method is invoked when the session in which a SignOnReceipt is stored expires.
 void signOff(java.lang.String pUserId, ISecured pSecuredApp, HttpServletRequest pReq)
          Signs the user off of the securedapplication.
static LayoutDisplayPropertyGroup updateProperties(LayoutDisplayPropertyGroup current, LayoutDisplayPropertyGroup newProps, HttpServletRequest request)
          Deprecated. Just invoked LayoutDisplayPropertyGroup.updateProperties() instead
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface planetj.dataengine.security.http.ISignOn
signOn
 

Constructor Detail

GenericSignOn

protected GenericSignOn()
GenericSignOn constructor

Method Detail

getFailureMessage

public java.lang.String getFailureMessage(java.lang.String userid,
                                          ISecured secured,
                                          HttpServletRequest req)
                                   throws CMException
Gets the message to display when a sign on fails

Specified by:
getFailureMessage in interface ISignOn
Throws:
CMException

getMaximumSignOnFailures

public int getMaximumSignOnFailures(java.lang.String pUserId,
                                    ISecured pSecuredApp,
                                    HttpServletRequest pReq)
                             throws CMException
Gets the maximum number of consecutive signon failures a user is allowed. A negative number indicates that there is no maximum

Specified by:
getMaximumSignOnFailures in interface ISignOn
Throws:
CMException

getSignOnURI

public java.lang.String getSignOnURI(ISecured secured,
                                     HttpServletRequest request)
                              throws CMException
Description copied from interface: ISignOn
Get the URI to call for signing on to the secured object.

Specified by:
getSignOnURI in interface ISignOn
Parameters:
secured - ISecured object being signed into
request - HttpServletRequest
Throws:
CMException

isAdditionalSignOnRequired

public boolean isAdditionalSignOnRequired(java.lang.String user,
                                          java.lang.String password,
                                          ISecured secured,
                                          HttpServletRequest req)
                                   throws CMException
Tests if an additional signon step is necessary. This method is only invoked after the user has submitted signon information. If they are required to submit aditional info, this method should return true

Specified by:
isAdditionalSignOnRequired in interface ISignOn
Throws:
CMException

isAlreadySignedOn

public boolean isAlreadySignedOn(java.lang.String pUserId,
                                 ISecured pSecuredApplication,
                                 HttpServletRequest pReq)
                          throws CMException
Tests if the user has signed on to the secured application already.

Specified by:
isAlreadySignedOn in interface ISignOn
Parameters:
pUserId - The user id that the user may or may not be signed on as. If this parameter is null, then this method should return true if the user is signed on to the secured application with any user id. If this parameter is not null, this method should return true only if the user is signed on with this specific user id.
pSecuredApplication - The secured application to which the user may or may not be signed on
Throws:
CMException

isUserPromptRequired

public boolean isUserPromptRequired(ISecured pSecuredApplication,
                                    HttpServletRequest pReq)
                             throws CMException
Tests if the user should be prompted for user id, password, etc when this class is used to sign on

Specified by:
isUserPromptRequired in interface ISignOn
Throws:
CMException

prepareForSignOn

public void prepareForSignOn(ISecured secured,
                             HttpServletRequest request,
                             HttpServletResponse response)
                      throws CMException
If any subclasses need to do anything special before sign on, they can override this method and call it accordingly.

Specified by:
prepareForSignOn in interface ISignOn
Throws:
CMException

processSignOnAttemptsExhausted

public void processSignOnAttemptsExhausted(ISecured secured,
                                           DataEngineServlet servlet,
                                           HttpServletRequest req,
                                           HttpServletResponse res)
                                    throws java.io.IOException,
                                           ServletException,
                                           CMException
This method is invoked when the user has failed the signon the maximum allowable times. This method is responsible for forwarding the response to the user.

Specified by:
processSignOnAttemptsExhausted in interface ISignOn
Throws:
java.io.IOException
ServletException
CMException

sessionExpired

public void sessionExpired(SignOnReceipt pReceipt)
This method is invoked when the session in which a SignOnReceipt is stored expires.

Specified by:
sessionExpired in interface ISignOn

signOff

public void signOff(java.lang.String pUserId,
                    ISecured pSecuredApp,
                    HttpServletRequest pReq)
             throws CMException
Signs the user off of the securedapplication. This is an optional method - it is okay to provide an empty implementation. Keep in mind that this method may never be invoked since the user may stop using the application without logging off.

Specified by:
signOff in interface ISignOn
Throws:
CMException

updateProperties

public static LayoutDisplayPropertyGroup updateProperties(LayoutDisplayPropertyGroup current,
                                                          LayoutDisplayPropertyGroup newProps,
                                                          HttpServletRequest request)
Deprecated. Just invoked LayoutDisplayPropertyGroup.updateProperties() instead

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD