planetj.dataengine.security.http
Class SQLOperationSignOn

java.lang.Object
  planetj.dataengine.security.http.GenericSignOn
      planetj.dataengine.security.http.SQLOperationSignOn

All Implemented Interfaces:

ISignOn, java.io.Serializable

Direct Known Subclasses:

LocalSQLOperationSignOn

public class SQLOperationSignOn

extends GenericSignOn

See Also:

Serialized Form

Field Summary

static java.lang.String	CHECKED_ALREADY
static java.lang.String	CLASS_KEY
static java.lang.String	PRIMARY_SIGNON_RESULTS

Fields inherited from interface planetj.dataengine.security.http.ISignOn

GLOBAL_SIGNON_KEY_OPERATION_ID, GLOBAL_SIGNON_KEY_SYSTEM_ALIAS, TIMEOUT_SECONDS

Constructor Summary

SQLOperationSignOn()

Method Summary

java.lang.String	getFailureMessage(java.lang.String userid, ISecured secured, HttpServletRequest req) Gets the message to display when a sign on fails
int	getMaximumSignOnFailures(java.lang.String pUserId, ISecured pSecuredApp, HttpServletRequest pReq) Gets the maximum number of consecutive signon failures a user is allowed.
protected Operation	getSignOnOperation(Application app, HttpServletRequest req) Gets the current signon operation
java.lang.String	getSignOnURI(ISecured secured, HttpServletRequest request) Get the URI to call for signing on to the secured object.
boolean	isAdditionalSignOnRequired(java.lang.String user, java.lang.String password, ISecured secured, HttpServletRequest req) Tests if an additional signon step is necessary.
boolean	isAlreadySignedOn(java.lang.String userId, ISecured secured, HttpServletRequest request) Check if user has already signed on to secured application.
boolean	isUserPromptRequired(ISecured pSecuredApplication, HttpServletRequest pReq) Tests if the user should be prompted for user id, password, etc when this class is used to sign on
void	prepareForSignOn(ISecured secured, HttpServletRequest request, HttpServletResponse response) If any subclasses need to do anything special before sign on, they can override this method and call it accordingly.
void	processSignOnAttemptsExhausted(ISecured secured, DataEngineServlet servlet, HttpServletRequest req, HttpServletResponse res) This method is invoked when the user has failed the signon the maximum allowable times.
void	signOff(java.lang.String userId, ISecured secured, HttpServletRequest request) Signs the user off of the secured application.
boolean	signOn(java.lang.String user, java.lang.String password, ISecured secured, HttpServletRequest request) Attempts to signon the user
protected boolean	signOnInternal(java.lang.String user, java.lang.String password, ISecured secured, HttpServletRequest request) Attempts to signon the user.

Methods inherited from class planetj.dataengine.security.http.GenericSignOn

sessionExpired, updateProperties

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PRIMARY_SIGNON_RESULTS

public static final java.lang.String PRIMARY_SIGNON_RESULTS

See Also:

Constant Field Values

CHECKED_ALREADY

public static final java.lang.String CHECKED_ALREADY

See Also:

Constant Field Values

CLASS_KEY

public static final java.lang.String CLASS_KEY

See Also:

Constant Field Values

Constructor Detail

SQLOperationSignOn

public SQLOperationSignOn()

Method Detail

getFailureMessage

public java.lang.String getFailureMessage(java.lang.String userid,
                                          ISecured secured,
                                          HttpServletRequest req)
                                   throws CMException

Gets the message to display when a sign on fails

Specified by:

getFailureMessage in interface ISignOn

Overrides:

getFailureMessage in class GenericSignOn

Throws:

CMException

getMaximumSignOnFailures

public int getMaximumSignOnFailures(java.lang.String pUserId,
                                    ISecured pSecuredApp,
                                    HttpServletRequest pReq)
                             throws CMException

Gets the maximum number of consecutive signon failures a user is allowed. A negative number indicates that there is no maximum

Specified by:

getMaximumSignOnFailures in interface ISignOn

Overrides:

getMaximumSignOnFailures in class GenericSignOn

Throws:

CMException

getSignOnOperation

protected Operation getSignOnOperation(Application app,
                                       HttpServletRequest req)
                                throws CMException

Gets the current signon operation

Throws:

CMException

getSignOnURI

public java.lang.String getSignOnURI(ISecured secured,
                                     HttpServletRequest request)
                              throws CMException

Description copied from interface: ISignOn

Get the URI to call for signing on to the secured object.

Specified by:

getSignOnURI in interface ISignOn

Overrides:

getSignOnURI in class GenericSignOn

Throws:

CMException

isAdditionalSignOnRequired

public boolean isAdditionalSignOnRequired(java.lang.String user,
                                          java.lang.String password,
                                          ISecured secured,
                                          HttpServletRequest req)
                                   throws CMException

Tests if an additional signon step is necessary. This method is only invoked after the user has submitted signon information. If they are required to submit aditional info, this method should return true

Specified by:

isAdditionalSignOnRequired in interface ISignOn

Overrides:

isAdditionalSignOnRequired in class GenericSignOn

Throws:

CMException

isAlreadySignedOn

public boolean isAlreadySignedOn(java.lang.String userId,
                                 ISecured secured,
                                 HttpServletRequest request)
                          throws CMException

Check if user has already signed on to secured application.

Specified by:

isAlreadySignedOn in interface ISignOn

Overrides:

isAlreadySignedOn in class GenericSignOn

Parameters:

userId - Id of user signing in.

secured - Secured application signing in to.

request - The http request

Throws:

CMException

isUserPromptRequired

public boolean isUserPromptRequired(ISecured pSecuredApplication,
                                    HttpServletRequest pReq)
                             throws CMException

Description copied from class: GenericSignOn

Tests if the user should be prompted for user id, password, etc when this class is used to sign on

Specified by:

isUserPromptRequired in interface ISignOn

Overrides:

isUserPromptRequired in class GenericSignOn

Throws:

CMException

prepareForSignOn

public void prepareForSignOn(ISecured secured,
                             HttpServletRequest request,
                             HttpServletResponse response)
                      throws CMException

Description copied from class: GenericSignOn

If any subclasses need to do anything special before sign on, they can override this method and call it accordingly.

Specified by:

prepareForSignOn in interface ISignOn

Overrides:

prepareForSignOn in class GenericSignOn

Throws:

CMException

processSignOnAttemptsExhausted

public void processSignOnAttemptsExhausted(ISecured secured,
                                           DataEngineServlet servlet,
                                           HttpServletRequest req,
                                           HttpServletResponse res)
                                    throws java.io.IOException,
                                           ServletException,
                                           CMException

This method is invoked when the user has failed the signon the maximum allowable times. This method is responsible for forwarding the response to the user.

Specified by:

processSignOnAttemptsExhausted in interface ISignOn

Overrides:

processSignOnAttemptsExhausted in class GenericSignOn

Throws:

java.io.IOException

ServletException

CMException

signOff

public void signOff(java.lang.String userId,
                    ISecured secured,
                    HttpServletRequest request)
             throws CMException

Signs the user off of the secured application. This is an optional method - it is okay to provide an empty implementation. Keep in mind that this method may never be invoked since the user may stop using the secured application without logging off.

Specified by:

signOff in interface ISignOn

Overrides:

signOff in class GenericSignOn

Throws:

CMException

signOn

public boolean signOn(java.lang.String user,
                      java.lang.String password,
                      ISecured secured,
                      HttpServletRequest request)
               throws CMException

Attempts to signon the user

Parameters:

user - The userid for the signon. This value is only used if the userid is not contained in the request

request - The http request

password - The password for signing on to the application. If the isUserPromptRequired() method returned false, then pPassword will be null

secured - The Secured Application object representing the application which is being signed on to.

Returns:

If the sign on was successful true should be returned. A return value of false or a thrown CMException indicates that the sign on failed.

Throws:

CMException

signOnInternal

protected boolean signOnInternal(java.lang.String user,
                                 java.lang.String password,
                                 ISecured secured,
                                 HttpServletRequest request)
                          throws CMException

Attempts to signon the user. No output messages are displayed.

Parameters:

user - The userid for the signon. This value is only used if the userid is not contained in the request

request - The http request

Throws:

CMException