public final class SecurityService extends Object
Modifier and Type | Method and Description |
---|---|
String |
getAccessControledTemplate()
Returns the access controled template
|
String |
getAccessDeniedTemplate()
Returns the access denied template
|
LuteceAuthentication |
getAuthenticationService()
Gets the actual authentication implementation
|
String |
getDoLoginUrl()
Returns the DoLogin URL of the Authentication Service
|
String |
getDoLogoutUrl()
Returns the DoLogout URL of the Authentication Service
|
static SecurityService |
getInstance()
Get the unique instance of the Security Service
|
String |
getLoginPageUrl()
Returns the Login page URL of the Authentication Service
|
String |
getLostPasswordPageUrl()
Returns the lost password URL of the Authentication Service
|
String |
getNewAccountPageUrl()
Returns the new account page URL of the Authentication Service
|
LuteceUser |
getRegisteredUser(javax.servlet.http.HttpServletRequest request)
Gets the Lutece user registered in the Http session
|
LuteceUser |
getRemoteUser(javax.servlet.http.HttpServletRequest request)
Gets the LuteceUser attached to the current Http session
|
String[] |
getRolesByUser(LuteceUser user)
get all roles for this user : - user's roles - user's groups roles
|
LuteceUser |
getUser(String strUserLogin)
Returns user managed by the authentication service if this feature is
available.
|
Principal |
getUserPrincipal(javax.servlet.http.HttpServletRequest request)
Returns the user's principal
|
Collection<LuteceUser> |
getUsers()
Returns all users managed by the authentication service if this feature is
available.
|
String |
getViewAccountPageUrl()
Returns the view account page URL of the Authentication Service
|
static void |
init()
Initialize service
|
static boolean |
isAuthenticationEnable()
Returns the authentication's activation : enable or disable
|
boolean |
isExternalAuthentication()
Returns the authentication type : External or Lutece portal based
|
boolean |
isLoginUrl(javax.servlet.http.HttpServletRequest request)
Return true if the requested url is equal to LoginUrl
|
boolean |
isMultiAuthenticationSupported()
true when the service provides multi authentication support
|
boolean |
isPortalAuthenticationRequired()
Returns whether or not the portal needs authentication
|
boolean |
isUserInAnyRole(javax.servlet.http.HttpServletRequest request,
List<String> listRoles)
Checks if the user is associated to a at least a role
|
boolean |
isUserInRole(javax.servlet.http.HttpServletRequest request,
String strRole)
Checks if the user is associated to a given role
|
void |
loginUser(javax.servlet.http.HttpServletRequest request,
String strUserName,
String strPassword)
Checks user's login with the Authentication service.
|
void |
logoutUser(javax.servlet.http.HttpServletRequest request)
Logout the user
|
void |
registerUser(javax.servlet.http.HttpServletRequest request,
LuteceUser user)
Register the user in the Http session
|
LuteceUser |
remoteLoginUser(javax.servlet.http.HttpServletRequest request,
String strUserName,
String strPassword)
Checks user's login with the Authentication service.
|
void |
unregisterUser(javax.servlet.http.HttpServletRequest request)
Unregister the user in the Http session
|
public static void init() throws LuteceInitException
LuteceInitException
- if an error occurspublic static SecurityService getInstance()
public static boolean isAuthenticationEnable()
public LuteceUser getRemoteUser(javax.servlet.http.HttpServletRequest request) throws UserNotSignedException
request
- The Http requestUserNotSignedException
- If there is no current userpublic Principal getUserPrincipal(javax.servlet.http.HttpServletRequest request) throws UserNotSignedException
request
- The HTTP requestUserNotSignedException
- The UserNotSignedExceptionpublic boolean isUserInRole(javax.servlet.http.HttpServletRequest request, String strRole)
request
- The Http requeststrRole
- The Role namepublic boolean isUserInAnyRole(javax.servlet.http.HttpServletRequest request, List<String> listRoles)
request
- The Http requestlistRoles
- The Role listpublic String[] getRolesByUser(LuteceUser user)
user
- The userpublic void loginUser(javax.servlet.http.HttpServletRequest request, String strUserName, String strPassword) throws LoginException, LoginRedirectException
request
- The Http requeststrUserName
- The user's loginstrPassword
- The user's passwordLoginException
- The LoginExceptionLoginRedirectException
- if redirect exceptionpublic void logoutUser(javax.servlet.http.HttpServletRequest request)
request
- The HTTP requestpublic void registerUser(javax.servlet.http.HttpServletRequest request, LuteceUser user)
request
- The Http requestuser
- The current userpublic void unregisterUser(javax.servlet.http.HttpServletRequest request)
request
- The Http requestpublic LuteceUser getRegisteredUser(javax.servlet.http.HttpServletRequest request)
request
- The HTTP requestpublic boolean isExternalAuthentication()
public String getLoginPageUrl()
public String getDoLoginUrl()
public String getDoLogoutUrl()
public String getNewAccountPageUrl()
public String getViewAccountPageUrl()
public String getLostPasswordPageUrl()
public String getAccessDeniedTemplate()
public String getAccessControledTemplate()
public boolean isPortalAuthenticationRequired()
public LuteceUser remoteLoginUser(javax.servlet.http.HttpServletRequest request, String strUserName, String strPassword) throws LoginException, LoginRedirectException
request
- the requeststrUserName
- The user's loginstrPassword
- The user's passwordLoginException
- The LoginExceptionLoginRedirectException
- The redirect exceptionpublic boolean isLoginUrl(javax.servlet.http.HttpServletRequest request)
request
- The Http servlet requestpublic Collection<LuteceUser> getUsers()
public LuteceUser getUser(String strUserLogin)
strUserLogin
- the user loginpublic boolean isMultiAuthenticationSupported()
true
if multi authentication is supported,
false
otherwise.public LuteceAuthentication getAuthenticationService()
LuteceAuthentication
implementationCopyright © 2020 City of Paris. All rights reserved.