org.dspace.app.xmlui.utils

Class AuthenticationUtil

java.lang.Object

org.dspace.app.xmlui.utils.AuthenticationUtil

public class AuthenticationUtil
extends Object

Methods for authenticating the user. This is DSpace platform code, as opposed to the site-specific authentication code, that resides in implementations of the org.dspace.eperson.AuthenticationMethod interface.

Author:

Scott Phillips, Robert Tansley

Field Summary

Fields

Modifier and Type	Field and Description
protected static AuthenticationService	authenticationService
protected static AuthorizeService	authorizeService
protected static EPersonService	ePersonService
protected static GroupService	groupService
static String	REQUEST_INTERRUPTED Session attribute name for storing the return URL where the user should be redirected too once successfully authenticated.
static String	REQUEST_INTERRUPTED_CHARACTERS
static String	REQUEST_INTERRUPTED_HEADER These store a message giving a reason for why the request is being interrupted.
static String	REQUEST_INTERRUPTED_MESSAGE
static String	REQUEST_RESUME

Constructor Summary

Constructors

Constructor and Description
AuthenticationUtil()

Method Summary

Methods

Modifier and Type	Method and Description
static boolean	allowSetPassword(Map objectModel, String email) Determine if the EPerson (to be created or already created) has the ability to set their own password.
static Context	authenticate(Map objectModel, String email, String password, String realm) Authenticate the current DSpace content based upon given authentication credentials.
static Context	authenticateImplicit(Map objectModel) Perform implicit authentication.
static boolean	canSelfRegister(Map objectModel, String email) Determine if the email can register itself or needs to be created by a site administrator first.
static EPerson	createNewEperson(Map objectModel, String email) Construct a new, mostly blank, eperson for the given email address.
static void	interruptRequest(Map objectModel, String header, String message, String characters) Interrupt the current request and store if for later resumption.
static boolean	isInterupptedRequest(Map objectModel) Is there a currently interrupted request?
static boolean	isLoggedIn(javax.servlet.http.HttpServletRequest request) Has this user authenticated?
static void	logIn(Map objectModel, EPerson eperson) Log the given user in as a real authenticated user.
static void	loginAs(Context context, javax.servlet.http.HttpServletRequest request, EPerson loginAs) Assume the login as another user.
static void	logOut(Context context, javax.servlet.http.HttpServletRequest request) Log the user out.
static String	resumeInterruptedRequest(Map objectModel) Set the interrupted request to a resumable state.
static void	resumeLogin(Context context, javax.servlet.http.HttpServletRequest request) Check to see if there are any session attributes indicating a currently authenticated user.
static javax.servlet.http.HttpServletRequest	resumeRequest(javax.servlet.http.HttpServletRequest realHttpRequest) Check to see if this request should be resumed.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REQUEST_INTERRUPTED

public static final String REQUEST_INTERRUPTED

Session attribute name for storing the return URL where the user should be redirected too once successfully authenticated.

See Also:

Constant Field Values

REQUEST_RESUME

public static final String REQUEST_RESUME

See Also:

Constant Field Values

REQUEST_INTERRUPTED_HEADER

public static final String REQUEST_INTERRUPTED_HEADER

These store a message giving a reason for why the request is being interrupted.

See Also:

Constant Field Values

REQUEST_INTERRUPTED_MESSAGE

public static final String REQUEST_INTERRUPTED_MESSAGE

See Also:

Constant Field Values

REQUEST_INTERRUPTED_CHARACTERS

public static final String REQUEST_INTERRUPTED_CHARACTERS

See Also:

Constant Field Values

authorizeService

protected static final AuthorizeService authorizeService

authenticationService

protected static final AuthenticationService authenticationService

ePersonService

protected static final EPersonService ePersonService

groupService

protected static final GroupService groupService

Constructor Detail

AuthenticationUtil

public AuthenticationUtil()

Method Detail

authenticate

public static Context authenticate(Map objectModel,
                   String email,
                   String password,
                   String realm)
                            throws SQLException

Authenticate the current DSpace content based upon given authentication credentials. The AuthenticationManager will consult the configured authentication stack to determine the best method.

Parameters:

objectModel - Cocoon's object model.

email - The email credentials provided by the user.

password - The password credentials provided by the user.

realm - The realm credentials provided by the user.

Returns:

Return a current context with either the eperson attached if the authentication was successful or or no eperson attached if the attempt failed.

Throws:

SQLException

authenticateImplicit

public static Context authenticateImplicit(Map objectModel)
                                    throws SQLException

Perform implicit authentication. The authenticationManager will consult the authentication stack for any methods that can implicitly authenticate this session. If the attempt was successful then the returned context will have an eperson attached other wise the context will not have an eperson attached.

Parameters:

objectModel - Cocoon's object model.

Returns:

This requests DSpace context.

Throws:

SQLException

logIn

public static void logIn(Map objectModel,
         EPerson eperson)
                  throws SQLException

Log the given user in as a real authenticated user. This should only be used after a user has presented credentials and they have been validated. This method signature is provided to be easier to call from flow scripts.

Parameters:

objectModel - The cocoon object model.

eperson - the eperson logged in

Throws:

SQLException

resumeLogin

public static void resumeLogin(Context context,
               javax.servlet.http.HttpServletRequest request)
                        throws SQLException

Check to see if there are any session attributes indicating a currently authenticated user. If there is then log this user in.

Parameters:

context - DSpace context

request - HTTP Request

Throws:

SQLException

loginAs

public static void loginAs(Context context,
           javax.servlet.http.HttpServletRequest request,
           EPerson loginAs)
                    throws SQLException,
                           AuthorizeException

Assume the login as another user. Only site administrators may perform the action.

Parameters:

context - The current DSpace context logged in as a site administrator

request - The real HTTP request.

loginAs - Whom to login as.

Throws:

SQLException

AuthorizeException - using an I18nTransformer key as the message

logOut

public static void logOut(Context context,
          javax.servlet.http.HttpServletRequest request)
                   throws SQLException

Log the user out.

Parameters:

context - DSpace context

request - HTTP request

Throws:

SQLException

canSelfRegister

public static boolean canSelfRegister(Map objectModel,
                      String email)
                               throws SQLException

Determine if the email can register itself or needs to be created by a site administrator first.

Parameters:

objectModel - The Cocoon object model

email - The email of the person to be registered.

Returns:

true if the email can register, otherwise false.

Throws:

SQLException

allowSetPassword

public static boolean allowSetPassword(Map objectModel,
                       String email)
                                throws SQLException

Determine if the EPerson (to be created or already created) has the ability to set their own password.

Parameters:

objectModel - The Cocoon object model

email - The email address of the EPerson.

Returns:

true if allowed.

Throws:

SQLException

createNewEperson

public static EPerson createNewEperson(Map objectModel,
                       String email)
                                throws SQLException,
                                       AuthorizeException

Construct a new, mostly blank, eperson for the given email address. This should only be called once the email address has been verified.

Parameters:

objectModel - The Cocoon object model.

email - The email address of the new eperson.

Returns:

A newly created EPerson object.

Throws:

SQLException

AuthorizeException

isInterupptedRequest

public static boolean isInterupptedRequest(Map objectModel)

Is there a currently interrupted request?

Parameters:

objectModel - The Cocoon object Model

interruptRequest

public static void interruptRequest(Map objectModel,
                    String header,
                    String message,
                    String characters)

Interrupt the current request and store if for later resumption. This request will send an HTTP redirect telling the client to authenticate first. Once that has been finished then the request can be resumed.

Parameters:

objectModel - The Cocoon object Model

header - A message header (i18n tag)

message - A message for why the request was interrupted (i18n tag)

characters - An untranslated message, perhaps an error message?

resumeInterruptedRequest

public static String resumeInterruptedRequest(Map objectModel)

Set the interrupted request to a resumable state. The next request that the server receives (for this session) that has the same servletPath will be replaced with the previously interrupted request.

Parameters:

objectModel - The Cocoon object Model

Returns:

null.

resumeRequest

public static javax.servlet.http.HttpServletRequest resumeRequest(javax.servlet.http.HttpServletRequest realHttpRequest)

Check to see if this request should be resumed.

Parameters:

realHttpRequest - The current real request

Returns:

Either the current real request or a stored request that was previously interrupted.

isLoggedIn

public static boolean isLoggedIn(javax.servlet.http.HttpServletRequest request)

Has this user authenticated?

Parameters:

request -

Returns:

true if request is in a session having a user ID.