Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.eaglei.repository.auth
Class Authentication

java.lang.Object
  extended by org.eaglei.repository.auth.Authentication

public final class Authentication
extends java.lang.Object

Authentication services: answer the question, "who am I, really?" and "do I have the Superuser role?". Note that other roles are enforced by the Access module, but since Superuser is special and is enforced by the authentication DB for the purpose of secure bootstrap, it is manged here. Started April, 2010

Version:
$Id: $
Author:
Larry Stone

Field Summary
static java.lang.String SUPERUSER_ROLE_NAME
          Superuser role name in Java servlet container, i.e.
 
Method Summary
static void decacheAuthentication(javax.servlet.http.HttpServletRequest request, User u)
          Invalidate the cached authenticated User if it matches the one that was modified by the User API.
static java.lang.String getAuthenticatedUsername(javax.servlet.http.HttpServletRequest request)
          Get the current authenticated username from container or other auth'n.
static org.openrdf.model.URI getPrincipalURI(javax.servlet.http.HttpServletRequest request)
          Find the URI of the :Person object for the current authenticated user, if there is any.
static User getPrincipalUser(javax.servlet.http.HttpServletRequest request)
          Find a User object for the current authenticated user, if one is available.
static boolean isSuperuser(javax.servlet.http.HttpServletRequest request)
          isSuperuser
static void logout(javax.servlet.http.HttpServletRequest request)
          Destroy current session and credentials (if possible) most web browsers cache the HTTP Basic creds so user needs to trash those explicitly right after running this.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SUPERUSER_ROLE_NAME

public static final java.lang.String SUPERUSER_ROLE_NAME
Superuser role name in Java servlet container, i.e. name of role that gets set by container authentication system

See Also:
Constant Field Values
Method Detail

getPrincipalURI

public static org.openrdf.model.URI getPrincipalURI(javax.servlet.http.HttpServletRequest request)
Find the URI of the :Person object for the current authenticated user, if there is any. If there is no URI (i.e. no :Person) for the current user then return the URI of a plausible Role - either the Superuser role if we have Superuser rights, or Anonymous otherwise.

Parameters:
request - a HttpServletRequest object.
Returns:
URI of the :Person object of current authenticated user, or if user is undocumented, the URI of their highest Role.

decacheAuthentication

public static void decacheAuthentication(javax.servlet.http.HttpServletRequest request,
                                         User u)
Invalidate the cached authenticated User if it matches the one that was modified by the User API.

Parameters:
request - a HttpServletRequest object.
u - user to decache, a org.eaglei.repository.User object.

getAuthenticatedUsername

public static java.lang.String getAuthenticatedUsername(javax.servlet.http.HttpServletRequest request)
Get the current authenticated username from container or other auth'n.

Returns:
the username or null if not auth'nd

getPrincipalUser

public static User getPrincipalUser(javax.servlet.http.HttpServletRequest request)
Find a User object for the current authenticated user, if one is available. Note that there MIGHT NOT be a User object if the authencated user has no RDF metadata; in this case it returns null. It also returns null when there is no authenticated user so this is not a good test for auth'n.

Parameters:
request - a HttpServletRequest object.
Returns:
a User object or null if not auth'n or no there is no RDF metadata for auth'n user

isSuperuser

public static boolean isSuperuser(javax.servlet.http.HttpServletRequest request)

isSuperuser

Predicate, true if current auth'd user has superuser role either in RDF assertion or in the container's authz.

Parameters:
request - a HttpServletRequest object.
Returns:
a boolean, true if current authenticated user has Superuser (Admin) privilege.

logout

public static void logout(javax.servlet.http.HttpServletRequest request)
Destroy current session and credentials (if possible) most web browsers cache the HTTP Basic creds so user needs to trash those explicitly right after running this.

Parameters:
request - a HttpServletRequest object.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2009-2011 Eagle-I. All Rights Reserved.