com.arsdigita.kernel.security
Class UserContext

java.lang.Object
  extended bycom.arsdigita.kernel.security.UserContext

public class UserContext
extends Object

Provides methods for logging in and logging out the current user and accessing the user ID.

Author:
Sameer Ajmani

Field Summary
static String REGISTER_LOGIN_CONTEXT
          Name of the register login context.
static String REQUEST_LOGIN_CONTEXT
          Name of the per-request login context.
static String RETURN_URL_PARAM_NAME
          Deprecated. Use com.arsdigita.ui.login.LoginHelper.RETURN_URL_PARAM_NAME instead
static String versionId
           
 
Constructor Summary
UserContext(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)
          Creates a user context from an HTTP request.
 
Method Summary
static String encodeReturnURL(javax.servlet.http.HttpServletRequest req)
          Deprecated. This should be moved to a more appropriate class.
 SessionContext getSessionContext()
          Returns the SessionContext associated with this UserContext.
 User getUser()
          Returns a User object for the current user.
 BigDecimal getUserID()
          Returns the current user's ID.
 boolean isLoggedIn()
          Determines whether the user is logged in.
 boolean isRecovering()
          Determines whether the user is recovering a forgotten password.
 void login(BigDecimal userID)
          Logs in as the User with the given user ID.
 void login(String username)
          Logs in as the User with the given username.
 void login(String username, char[] password, boolean forever)
          Logs in the user.
 void login(User target)
          Logs in as the given User.
 void logout()
          Logs out the user.
static void redirectToLoginPage(javax.servlet.http.HttpServletRequest req)
          Creates a URL to send the user to the login page and then return to the current page.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

versionId

public static final String versionId
See Also:
Constant Field Values

REQUEST_LOGIN_CONTEXT

public static final String REQUEST_LOGIN_CONTEXT
Name of the per-request login context.

See Also:
Constant Field Values

REGISTER_LOGIN_CONTEXT

public static final String REGISTER_LOGIN_CONTEXT
Name of the register login context.

See Also:
Constant Field Values

RETURN_URL_PARAM_NAME

public static final String RETURN_URL_PARAM_NAME
Deprecated. Use com.arsdigita.ui.login.LoginHelper.RETURN_URL_PARAM_NAME instead

Name of the request parameter that stores the URL to return to after redirecting to the login page.

See Also:
Constant Field Values
Constructor Detail

UserContext

public UserContext(javax.servlet.http.HttpServletRequest req,
                   javax.servlet.http.HttpServletResponse res)
            throws RedirectException
Creates a user context from an HTTP request. Attempts to log in the user automatically to load the user ID. Code should access this class using KernelHelper.getKernelRequestContext(req).getUserContext().

Throws:
RedirectException - if the user should be redirected to the login page.
Method Detail

login

public void login(String username)
           throws javax.security.auth.login.LoginException
Logs in as the User with the given username.

Parameters:
username - the username of the target User
Throws:
AccountNotFoundException - if the target user does not exist.
javax.security.auth.login.LoginException - if login(User) fails.

login

public void login(BigDecimal userID)
           throws javax.security.auth.login.LoginException
Logs in as the User with the given user ID.

Parameters:
userID - the ID of the target User
Throws:
AccountNotFoundException - if the target user does not exist.
javax.security.auth.login.LoginException - if login(User) fails.

login

public void login(User target)
           throws javax.security.auth.login.LoginException
Logs in as the given User.

Parameters:
target - the User to become
Throws:
javax.security.auth.login.FailedLoginException - if the current user is not logged in, doesn't exist, or doesn't have admin privileges on the target user.
javax.security.auth.login.LoginException - if an error occurs.

getSessionContext

public SessionContext getSessionContext()
Returns the SessionContext associated with this UserContext.

Returns:
the current SessionContext.

isLoggedIn

public boolean isLoggedIn()
Determines whether the user is logged in.

Returns:
true if the user is logged in, false otherwise.

isRecovering

public boolean isRecovering()
Determines whether the user is recovering a forgotten password.

Returns:
true if the user is recovering, false otherwise.

getUserID

public BigDecimal getUserID()
Returns the current user's ID.

Returns:
the ID of the logged in user.
Throws:
IllegalStateException - if the user is not logged in.

getUser

public User getUser()
Returns a User object for the current user. Subsequent calls to this method return references to the same User object until the logout method is called.

Returns:
the User object for the logged in user or null if the user is not found.
Throws:
IllegalStateException - if the user is not logged in.

redirectToLoginPage

public static void redirectToLoginPage(javax.servlet.http.HttpServletRequest req)
Creates a URL to send the user to the login page and then return to the current page.

Throws:
LoginSignal

encodeReturnURL

public static String encodeReturnURL(javax.servlet.http.HttpServletRequest req)
Deprecated. This should be moved to a more appropriate class.

Encodes the given request into a return URL parameter. Returns URLencode(returnURL) where returnURL is returnURI?key=URLencode(val)&.... The original parameter values are doubly-encoded so that they are decoded appropriately.

Parameters:
req - the request to encode
Returns:
the URL-encoded parameter

login

public void login(String username,
                  char[] password,
                  boolean forever)
           throws javax.security.auth.login.LoginException
Logs in the user. Checks the session ID using SessionContext.

Parameters:
username - the user's username
password - the user's password
forever - true if the user requests permanent login
Throws:
javax.security.auth.login.LoginException - if login fails.

logout

public void logout()
            throws javax.security.auth.login.LoginException
Logs out the user. Clears the cached User object. Loads a new session ID using SessionContext.

Throws:
javax.security.auth.login.LoginException - if logout fails.


Copyright (c) 2004 Red Hat, Inc. Corporation. All Rights Reserved. Generated at July 21 2004:2337 UTC