AbstractSecurityManager (JVx - Enterprise Application Framework (ver. 0.8))

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sibvisions.rad.server.security
Class AbstractSecurityManager

java.lang.Object
  com.sibvisions.rad.server.security.AbstractSecurityManager

All Implemented Interfaces:: ISecurityManager, IPasswordValidator

Direct Known Subclasses:: DBSecurityManager, XmlSecurityManager

public abstract class AbstractSecurityManager
extends Object
implements ISecurityManager, IPasswordValidator
extends Object
implements ISecurityManager, IPasswordValidator

The AbstractSecurityManager is the base class for ISecurityManager implementations but it does not implement the security methods. It supports security managers with important and usable methods.

Constructor Summary
`AbstractSecurityManager()`

Method Summary
`void`	`checkPassword(ISession pSession, String pPassword)` Checks if a password is strength enough to be used.
`protected boolean`	`comparePassword(IConfiguration pConfig, String pPassword, String pConfirmPassword)` Compares two passwords to be identical.
`static String`	`getEncryptedPassword(IConfiguration pConfig, String pPassword)` Gets the password, encrypted with the algorithm specified in an application configuration.
`protected IPasswordValidator`	`getPasswordValidator(IConfiguration pConfig)` Gets the password validator from an application configuration.
`static boolean`	`isPasswordEncryptionEnabled(IConfiguration pConfig)` Checks if the password encryption is enabled.
`protected void`	`validatePassword(ISession pSession, String pOldPassword, String pNewPassword)` Validates a new password against an old password an uses a preconfigured password validator for checking the strength of the new password.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface com.sibvisions.rad.server.security.ISecurityManager
`changePassword, getAccessController, logout, validateAuthentication`

Constructor Detail

AbstractSecurityManager

public AbstractSecurityManager()

Method Detail

checkPassword

public void checkPassword(ISession pSession,
                          String pPassword)

Checks if a password is strength enough to be used.

Specified by:: checkPassword in interface IPasswordValidator

Parameters:: pSession - the session which wants to change the password; pPassword - the new password

comparePassword

protected boolean comparePassword(IConfiguration pConfig,
                                  String pPassword,
                                  String pConfirmPassword)
                           throws Exception

Compares two passwords to be identical.

Parameters:: pConfig - the application configuration; pPassword - base password (plain text); pConfirmPassword - confirmation password (encrypted or plain text)
Returns:: true if the passwords are identical, otherwise false
Throws:: Exception - if the password encryption causes an error

getPasswordValidator

protected IPasswordValidator getPasswordValidator(IConfiguration pConfig)

Gets the password validator from an application configuration.

Parameters:: pConfig - the application configuration
Returns:: the IPasswordValidator or null if no validator is specified

validatePassword

protected void validatePassword(ISession pSession,
                                String pOldPassword,
                                String pNewPassword)
                         throws Exception

Validates a new password against an old password an uses a preconfigured password validator for checking the strength of the new password.

Parameters:: pSession - the session which changes the password; pOldPassword - the old/current password; pNewPassword - the new password
Throws:: Exception - if the password validation failed, e.g. old = new, new is not strength enough, ...

getEncryptedPassword

public static String getEncryptedPassword(IConfiguration pConfig,
                                          String pPassword)
                                   throws Exception

Gets the password, encrypted with the algorithm specified in an application configuration.

Parameters:: pConfig - the application configuration; pPassword - the plain text password
Returns:: the encrypted password
Throws:: Exception - if the encryption fails

isPasswordEncryptionEnabled

public static boolean isPasswordEncryptionEnabled(IConfiguration pConfig)

Checks if the password encryption is enabled. That means that the config parameter /application/securitymanager/passwordalgorithm contains an algorithm. PLAIN is not interpreted as algorithm.

Parameters:: pConfig - the application configuration
Returns:: true if the password should be encrypted