AuthenticationProvider

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

jet.server.api.custom.security
Interface AuthenticationProvider

public interface AuthenticationProvider

JReport Server provides the ability to use customized user authentication scheme. Interface AuthenticationProvider provides ability to perform authentication check in customer's external security system. It is the core interface in all interfaces of JReport security API
Since version 7.1, customer can implement the interface jet.server.api.custom.security.AuthenticationProvider and import the customized class file by modifying the following JReport Server's properties file:
<SERVER PATH>/bin/server.properties or by specifying jvm -D parameter.

When using customized user authentication scheme, user should:
1. Write a class which implements the interface jet.server.api.custom.AuthenticationProvider.
2. Put the class into the CLASSPATH used by launching JReport Server
3. Edit the file <SERVER PATH>/bin/server.properties, add a name/value pair, the name is custom.security.AuthenticationProvider, the value points to the customized class. or specify customized class via -D paramter of jvm, the name is com.jinfonet.AuthenticationProvider, the value pointes to the customized class.
4. Restart JReport Server and the customized user authentication is working.

Since:: version 7.1
See Also:: AuthorizationProvider

Method Summary
`void`	`addSecurityListener(SecurityListener listener)` Adds the specified security listener to receive security information changed event from customer's external security system.
`java.lang.String`	`changePassword(java.lang.String realmName, java.lang.String implUserName, java.lang.String userName, java.lang.String oldPwd, java.lang.String newPwd)` Changes user password.
`boolean`	`isAdminUser(java.lang.String realmName, java.lang.String userName)` Check if the user can access the administration tools.
`boolean`	`isEnableEdit()` Indicates whether customer's external security system will be modified by invoking some methods in `AuthenticationProvider`. In common cases, invoking `changePassword()` should take effect on customer's external security system, and cause modification of external security system, this method should return `true` in such cases.
`boolean`	`isValidUser(java.lang.String realmName, java.lang.String userName, java.lang.String password)` Check if the user is a valid one.

Method Detail

isValidUser

boolean isValidUser(java.lang.String realmName,
                    java.lang.String userName,
                    java.lang.String password)

Check if the user is a valid one. A valid user must exist and provide valid password.

Parameters:: realmName - the realm name; userName - the user name; password - the user password
Returns:: true if the user exists and the password is true

isAdminUser

boolean isAdminUser(java.lang.String realmName,
                    java.lang.String userName)

Check if the user can access the administration tools.

Parameters:: realmName - the realm name; userName - the user name
Returns:: true if the user can access the administration tools.

changePassword

java.lang.String changePassword(java.lang.String realmName,
                                java.lang.String implUserName,
                                java.lang.String userName,
                                java.lang.String oldPwd,
                                java.lang.String newPwd)

Changes user password.

Parameters:: realmName - the realm name; implUserName - the user name who invoked the action; userName - the user name whose password needs to be changed; oldPwd - the old password; newPwd - the new password
Returns:: error message if failed, or null if successful

addSecurityListener

void addSecurityListener(SecurityListener listener)

Adds the specified security listener to receive security information changed event from customer's external security system.

Parameters:: listener - the security listener, implemented by JReport Server.
Since:: version 8
See Also:: SecurityListener

isEnableEdit

boolean isEnableEdit()

Indicates whether customer's external security system will be modified by invoking some methods in AuthenticationProvider.
In common cases, invoking changePassword() should take effect on customer's external security system, and cause modification of external security system, this method should return true in such cases. If customer's external security system will not be affected by invoking changePassword(), this method should return false.
Returned value of the method isEditing() with parameter SecurityWebAdaptor.ACTION_CHANGE_PASSWORD in jet.server.api.SecurityWebAdaptor is the same as this method's returned value.

Returns:: true if external security system will be affected by invoking changePassword(), otherwise return false.
Since:: version 8
See Also:: SecurityWebAdaptor