com.taggercat.security
Class DefaultSecurityProvider

java.lang.Object
  com.taggercat.security.DefaultSecurityProvider

All Implemented Interfaces:

SecurityProvider

public class DefaultSecurityProvider
extends java.lang.Object
implements SecurityProvider

The Default SecurityProvider implementation.
This class has two functions:

1. looks up the user's UserId and Password in the USER_CONF table for authentication
2. looks up the user's group names as well the corresponding group ids for the user

If you want to plug in your own SecurityProvider you need to do so using a customer ContextListener.

Constructor Summary

DefaultSecurityProvider()

Method Summary

void	authenticate(LoginInfo loginInfo, org.hibernate.Session session) Authenticates a user by looking up their user ID and password in the application's SQL user table.
void	close() Called when the application is shutting down, this is your opportunity to close any resource you may have open
void	init(javax.servlet.ServletContext servletContext) Initializes your object with servlet context.
void	setGroupMembershipNames(LoginInfo loginInfo, java.lang.String metadataCatalog, org.hibernate.Session session) Set a comma separated string of the group names this user belongs to.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DefaultSecurityProvider

public DefaultSecurityProvider()

Method Detail

authenticate

public void authenticate(LoginInfo loginInfo,
                         org.hibernate.Session session)

Authenticates a user by looking up their user ID and password in the application's SQL user table. When this method is called, the loginInfo object needs to have the user's loginName, password, and host fields set.
If authentication is successful, set the login.authenticated = true
otherwise, set the login.deniedReason string to something meaningful

Specified by:

authenticate in interface SecurityProvider

Throws:

java.lang.Exception

Parameters:

loginInfo - the user's login information

session - the hbn8Session with a transaction in progress

close

public void close()

Called when the application is shutting down, this is your opportunity to close any resource you may have open

Specified by:

close in interface SecurityProvider

init

public void init(javax.servlet.ServletContext servletContext)
          throws java.lang.SecurityException

Initializes your object with servlet context. If you fail to initialize your server connection, then throw a SecurityException and the web application will not be started.

Specified by:

init in interface SecurityProvider

Throws:

java.lang.SecurityException

Parameters:

servletContext - the servlet context

setGroupMembershipNames

public void setGroupMembershipNames(LoginInfo loginInfo,
                                    java.lang.String metadataCatalog,
                                    org.hibernate.Session session)

Description copied from interface: SecurityProvider

Set a comma separated string of the group names this user belongs to. The group names returned from the directory server should correspond to the names in the Application's USER_GROUPS_V view

Specified by:

setGroupMembershipNames in interface SecurityProvider

Parameters:

loginInfo - User information

metadataCatalog - the name of the database catalog for the meta data

session - the hibernate session to use