com.arsdigita.kernel.security
Class RecoveryLoginModule

java.lang.Object
  extended bycom.arsdigita.kernel.security.CredentialLoginModule
      extended bycom.arsdigita.kernel.security.UserLoginModule
          extended bycom.arsdigita.kernel.security.RecoveryLoginModule
All Implemented Interfaces:
javax.security.auth.spi.LoginModule

public class RecoveryLoginModule
extends UserLoginModule

Logs in a user for password recovery if the user has a valid authentication URL parameter.

Author:
Sameer Ajmani

Field Summary
static String versionId
           
 
Fields inherited from class com.arsdigita.kernel.security.UserLoginModule
NORMAL_CREDENTIAL_NAME, SECURE_CREDENTIAL_NAME
 
Fields inherited from class com.arsdigita.kernel.security.CredentialLoginModule
FOREVER_SECS, LIFETIME_SECS, RENEW_SECS, TIMEOUT_SECS
 
Constructor Summary
RecoveryLoginModule()
          Creates a UserLoginModule that uses a URLManager to manage the credential value.
 
Method Summary
 boolean abort()
          Ignores the results of the other login modules and calls commit().
 boolean commit()
          If this login module succeeded, sets the Subject as "recovering".
protected  String getCredentialName()
          Gets the name of the credential.
static String getParamName()
          Returns the name of this login module's URL parameter.
static String getParamValue(BigDecimal userID)
          Returns a URL parameter value that will allow the given user to log in and change their password without entering their old password.
 void initialize(javax.security.auth.Subject subject, javax.security.auth.callback.CallbackHandler handler, Map shared, Map options)
          Initializes this login module and its CredentialManager with the given login context information.
static boolean isRecovering(javax.security.auth.Subject subject)
          Determines whether the given Subject is recovering by checking whether it has a recovery credential.
 
Methods inherited from class com.arsdigita.kernel.security.UserLoginModule
getLifetime, shouldInvalidateSession
 
Methods inherited from class com.arsdigita.kernel.security.CredentialLoginModule
credentialHasValue, credentialIsOld, credentialIsSet, getForever, getRequest, getResponse, isSecure, loadID, login, logout, requestIsExcluded, saveID
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

versionId

public static final String versionId
See Also:
Constant Field Values
Constructor Detail

RecoveryLoginModule

public RecoveryLoginModule()
Creates a UserLoginModule that uses a URLManager to manage the credential value. Overrides URLManager.shouldSetValue() to return false so that the recover credential is never propagated to future requests.

Method Detail

initialize

public void initialize(javax.security.auth.Subject subject,
                       javax.security.auth.callback.CallbackHandler handler,
                       Map shared,
                       Map options)
Description copied from class: CredentialLoginModule
Initializes this login module and its CredentialManager with the given login context information. This method is called by LoginContext after this class is instantiated.

Specified by:
initialize in interface javax.security.auth.spi.LoginModule
Overrides:
initialize in class UserLoginModule

commit

public boolean commit()
               throws javax.security.auth.login.LoginException
If this login module succeeded, sets the Subject as "recovering". Ignores the results of other login modules.

Specified by:
commit in interface javax.security.auth.spi.LoginModule
Overrides:
commit in class CredentialLoginModule
Returns:
super.commit().
Throws:
javax.security.auth.login.LoginException - if an error occurs.

abort

public boolean abort()
              throws javax.security.auth.login.LoginException
Ignores the results of the other login modules and calls commit().

Specified by:
abort in interface javax.security.auth.spi.LoginModule
Overrides:
abort in class CredentialLoginModule
Returns:
this.commit().
Throws:
javax.security.auth.login.LoginException - if an error occurs.

getCredentialName

protected String getCredentialName()
                            throws javax.security.auth.login.LoginException
Gets the name of the credential.

Overrides:
getCredentialName in class UserLoginModule
Returns:
getParamName()
Throws:
javax.security.auth.login.LoginException - if an error occurs.

isRecovering

public static boolean isRecovering(javax.security.auth.Subject subject)
Determines whether the given Subject is recovering by checking whether it has a recovery credential.

Returns:
true if the Subject has the recovery credential, false otherwise.

getParamName

public static String getParamName()
Returns the name of this login module's URL parameter. To allow a user to recover from a lost password, provide the user with a link to the change password page with this URL parameter set to getParamValue().

Returns:
the name of the recovery login URL parameter.
See Also:
getParamValue(BigDecimal)

getParamValue

public static String getParamValue(BigDecimal userID)
                            throws CredentialEncodingException
Returns a URL parameter value that will allow the given user to log in and change their password without entering their old password. Use with care, as this value also allows the user to log in as usual.

Parameters:
userID - the ID of the user that needs to recover
Returns:
the value of the recovery login URL parameter.
Throws:
CredentialEncodingException - if unable to create the value.
See Also:
getParamName()


Copyright (c) 2004 Red Hat, Inc. Corporation. All Rights Reserved. Generated at July 20 2004:2337 UTC