AuthenticationProvider

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

jet.server.api.custom.security
Interface AuthenticationProvider

public interface AuthenticationProvider

JReport Enterprise Server provides the ability to use customized user authentication scheme. Interface AuthenticationProvider provides ability to perform authentication check in customer's external security system. It is core interface in all interfaces of JReport security API
Since version 7.1, customer can implement the interface jet.server.api.custom.security.AuthenticationProvider and import the customized class file by modifying the following JReport Enterprise Server's properties file:
<SERVER PATH>/bin/server.properties or by specifying jvm -D parameter.

When using customized user authentication scheme, user should:
1. Write a class which implements the interface jet.server.api.custom.AuthenticationProvider.
2. Put the class into CLASSPATH which used by launching JReport Enterprise Server
3. Edit file <SERVER PATH>/bin/server.properties, add a name/value pair, name is custom.security.AuthenticationProvider, value points to the customized class. or specify customized class via -D paramter of jvm, name is com.jinfonet.AuthenticationProvider, value pointes to the customized class.
4. Restart JReport Enterprise Server and the customized user authentication is working.

Since:: version 7.1
See Also:: AuthorizationProvider

Method Summary
`void`	`addSecurityListener(SecurityListener listener)` Adds the specified security listener to receive security info changed event from customer's external security system.
`java.lang.String`	`changePassword(java.lang.String realmName, java.lang.String implUserName, java.lang.String userName, java.lang.String oldPwd, java.lang.String newPwd)` Change user password.
`boolean`	`isAdminUser(java.lang.String realmName, java.lang.String userName)` Check if the user can access the administration tools.
`boolean`	`isEnableEdit()` Indicates whether customer's external security system will be modified by invoking some methods in `AuthenticationProvider`. In common cases, invokeing `changePassword()` should take effect on customer's external security system, and cause modification of external security system, this method should return `true` in such case.
`boolean`	`isValidUser(java.lang.String realmName, java.lang.String userName, java.lang.String password)` Check if the user is a valid one.

Method Detail

isValidUser

boolean isValidUser(java.lang.String realmName,
                    java.lang.String userName,
                    java.lang.String password)

Check if the user is a valid one. A valid user must exist and provide valid password.

Parameters:: realmName - the realm name; userName - the user name; password - the user password
Returns:: true if the user exists and the password is true

isAdminUser

boolean isAdminUser(java.lang.String realmName,
                    java.lang.String userName)

Check if the user can access the administration tools.

Parameters:: realmName - the realm name; userName - the user name
Returns:: true if the user can access the administration tools.

changePassword

java.lang.String changePassword(java.lang.String realmName,
                                java.lang.String implUserName,
                                java.lang.String userName,
                                java.lang.String oldPwd,
                                java.lang.String newPwd)

Change user password.

Parameters:: realmName - the realm name; implUserName - the user name who invoke the action; userName - the user name whose password need to be changed; oldPwd - old password; newPwd - new password
Returns:: error message if fail, or null if success

addSecurityListener

void addSecurityListener(SecurityListener listener)

Adds the specified security listener to receive security info changed event from customer's external security system.

Parameters:: listener - the security listener, implemented by JReport Server.
Since:: version 8
See Also:: SecurityListener

isEnableEdit

boolean isEnableEdit()

Indicates whether customer's external security system will be modified by invoking some methods in AuthenticationProvider.
In common cases, invokeing changePassword() should take effect on customer's external security system, and cause modification of external security system, this method should return true in such case. If cusotmer's external security system will not be affected by invoking changePassword(), this method should return false.
Return value of method isEditing() with paramter SecurityWebAdaptor.ACTION_CHANGE_PASSWORD in jet.server.api.SecurityWebAdaptor is same with this method's return value.

Returns:: true if external security system will be affected by invoking changePassword(), otherwise return false.
Since:: version 8
See Also:: SecurityWebAdaptor