Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.benow.web.security
Class RepoSecurityWebService

java.lang.Object
  extended by org.benow.security.service.SecurityServiceImpl
      extended by org.benow.web.security.RepoSecurityWebService
All Implemented Interfaces:
org.benow.java.spec.Markup, org.benow.security.service.SecurityService, org.benow.service.Service, SecurityWebService
public class RepoSecurityWebService
extends org.benow.security.service.SecurityServiceImpl
implements SecurityWebService

Nested Class Summary
 class RepoSecurityWebService.InviteEmailInfo
           
 class RepoSecurityWebService.LoginInfo
           
 class RepoSecurityWebService.ReminderEmailInfo
           
 
Nested classes/interfaces inherited from interface org.benow.web.security.SecurityWebService
SecurityWebService.ModuleInfo
 
Nested classes/interfaces inherited from interface org.benow.java.spec.Markup
org.benow.java.spec.Markup.ParamName, org.benow.java.spec.Markup.ReturnDescription
 
Field Summary
static org.benow.java.config.entry.ClassConfigurationEntry CFG_JOIN_HANDLER_CLASS
           
static java.lang.String PROP_LOGIN_REDIRECT
          RepoSecurityWebService.class.getName()+".loginRedirect" if in system properties will be used as post-login redirect
static java.lang.String PROP_LOGOUT_REDIRECT
          RepoSecurityWebService.class.getName()+".logoutRedirect" if in system properties will be used as post-logout redirect
 
Fields inherited from interface org.benow.web.security.SecurityWebService
SESSION_POST_LOGIN_URL
 
Constructor Summary
RepoSecurityWebService()
           
 
Method Summary
 org.benow.security.user.User acceptLoginAgreement(boolean acceptLoginAgreement)
          Accept the login agreement as redirected to if a login agreement has been specified.
 org.benow.security.user.User addInvitedUser(java.lang.String name, java.lang.String pass, java.lang.String passVerify, java.lang.String email, java.lang.String captcha, java.lang.String confirm, java.lang.String redir)
           
 void addPermissions(org.benow.security.permission.Role role, java.util.List<org.benow.security.permission.Permission> permissions)
          Add permissions to role
 void addPermissions(java.lang.String userName, java.util.List<org.benow.security.permission.Permission> permissions)
          Add individually assigned permissions to user
 void addRoles(org.benow.security.user.User user, java.util.List<org.benow.security.permission.Role> roles)
          Add roles to user
 org.benow.security.user.User addUser(java.lang.String name, java.lang.String pass, java.lang.String passVerify, java.lang.String email, java.lang.String captcha)
          Adds the given user.
 void assertInvited(java.lang.String email)
           
 void changePassword(java.lang.String username, java.lang.String current, java.lang.String changed)
           
 void changePasswordForCurrentUser(java.lang.String current, java.lang.String changed)
          Change the password of the current user.
 void confirm(java.lang.String user, java.lang.String code)
           
 org.benow.security.permission.Role createRole(java.lang.String name)
           
 org.benow.security.user.User createUser(java.lang.String name, java.lang.String password, java.lang.String email, java.lang.String description, boolean requirePassChange)
          Creates a new user
 void deleteUser(java.lang.Object key)
          Deletes the user with the given key.
protected  void execJoinHandler(org.benow.repository.security.UserImpl user)
          Runs the join handler, as defined in CFG_JOIN_HANDLER_CLASS.
 org.benow.security.user.User getCurrentUser()
           
 java.util.List<SecurityWebService.ModuleInfo> getEditableUserModules(java.lang.String userName)
          Gets the user modules for the given user which may be edited.
 java.util.List<org.benow.security.permission.Permission> getPermissions()
           
 java.util.List<org.benow.security.permission.Permission> getPermissionsNotInRole(java.lang.String roleName)
           
 java.util.List<org.benow.security.permission.Permission> getPermissionsNotInUser(java.lang.String userName)
           
 org.benow.security.permission.Role getRole(java.lang.String name)
           
 java.util.List<org.benow.security.permission.Role> getRoles()
           
 org.benow.security.user.User getUser(java.lang.String name)
           
 org.benow.java.spec.argument.ClassSpecification getUserModuleSpecification(java.lang.Class<? extends org.benow.security.user.UserModule> moduleClass)
           
 java.util.List<org.benow.java.spec.argument.ClassSpecification> getUserModuleSpecifications()
           
 java.util.List<org.benow.security.user.User> getUsers()
           
 org.benow.security.user.User invite(java.lang.String email, java.lang.String captcha, java.lang.String joinRedirect)
          Invite a user at the given email address, redirecting them to the given location on join.
 org.benow.security.user.User login(java.lang.String username, java.lang.String password)
          Login as the given user.
 org.benow.security.user.User login(java.lang.String username, java.lang.String password, java.lang.String redirect)
          Login as the given user.
 org.benow.security.user.User login(java.lang.String username, java.lang.String password, java.lang.String redirect, boolean remember)
          Login as the given user.
 void logout()
          Logout, removing assocation with authenticated user.
 void logout(java.lang.String redirect)
          Logout, redirecting to given location
 org.benow.security.user.User reinvite(java.lang.String email)
          Re-invites the user at the given email
 void removePermissions(org.benow.security.permission.Role role, java.util.List<org.benow.security.permission.Permission> permissions)
          Remove permissions from role
 void removePermissions(java.lang.String userName, java.util.List<org.benow.security.permission.Permission> permissions)
          Remove individually assigned permissions from user
 void removeRoles(org.benow.security.user.User user, java.util.List<org.benow.security.permission.Role> roles)
          Remove roles from user
 void resendConfirmation(java.lang.String email)
          Resend the confirmation email sent during the registration (addUser) process to the user with the given email.
 void resendConfirmation(org.benow.security.user.User user)
           
 void restart()
          Restart the application.
static boolean restartSupported()
           
 void sendReminder(java.lang.String email)
          Sends a password reminder email to a registered user
 void setDisabled(java.lang.Object userKey, boolean disabled)
          Sets the disabled status for the user with the given key.
static void setLoginRedirect(java.lang.String redirect)
           
static void setLogoutRedirect(java.lang.String redirect)
           
 void setupAP(java.lang.String value)
           
 void unconfirm(java.lang.String user)
           
static java.lang.String unescapeRedir(java.lang.String redir)
          Unescapes a uri that had been previously escaped in an email
 void update(org.benow.security.permission.Role role)
           
 org.benow.security.user.User updateUser(java.lang.Object key, java.lang.String name, java.lang.String currentPassword, java.lang.String password, java.lang.String email, java.lang.String description, boolean requirePassChange)
          Updates the user with the given key
 
Methods inherited from class org.benow.security.service.SecurityServiceImpl
getLoginAgreement, login
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.benow.web.security.SecurityWebService
getLoginAgreement
 

Field Detail

PROP_LOGOUT_REDIRECT

public static final java.lang.String PROP_LOGOUT_REDIRECT
RepoSecurityWebService.class.getName()+".logoutRedirect" if in system properties will be used as post-logout redirect

PROP_LOGIN_REDIRECT

public static final java.lang.String PROP_LOGIN_REDIRECT
RepoSecurityWebService.class.getName()+".loginRedirect" if in system properties will be used as post-login redirect

CFG_JOIN_HANDLER_CLASS

public static final org.benow.java.config.entry.ClassConfigurationEntry CFG_JOIN_HANDLER_CLASS
Constructor Detail

RepoSecurityWebService

public RepoSecurityWebService()
Method Detail

setLogoutRedirect

public static void setLogoutRedirect(java.lang.String redirect)

setLoginRedirect

public static void setLoginRedirect(java.lang.String redirect)

addRoles

public void addRoles(org.benow.security.user.User user,
                     java.util.List<org.benow.security.permission.Role> roles)
Description copied from interface: SecurityWebService
Add roles to user

Specified by:
addRoles in interface SecurityWebService

createRole

public org.benow.security.permission.Role createRole(java.lang.String name)
Specified by:
createRole in interface SecurityWebService

unconfirm

public void unconfirm(java.lang.String user)
               throws RedirectException
Specified by:
unconfirm in interface SecurityWebService
Throws:
RedirectException

getRole

public org.benow.security.permission.Role getRole(java.lang.String name)
                                           throws org.benow.repository.NoSuchObjectException
Specified by:
getRole in interface SecurityWebService
Throws:
org.benow.repository.NoSuchObjectException

getRoles

public java.util.List<org.benow.security.permission.Role> getRoles()
Specified by:
getRoles in interface SecurityWebService

getPermissions

public java.util.List<org.benow.security.permission.Permission> getPermissions()
Specified by:
getPermissions in interface SecurityWebService
Returns:
all known permissions

getUsers

public java.util.List<org.benow.security.user.User> getUsers()
Specified by:
getUsers in interface SecurityWebService

removeRoles

public void removeRoles(org.benow.security.user.User user,
                        java.util.List<org.benow.security.permission.Role> roles)
Description copied from interface: SecurityWebService
Remove roles from user

Specified by:
removeRoles in interface SecurityWebService

updateUser

public org.benow.security.user.User updateUser(java.lang.Object key,
                                               java.lang.String name,
                                               java.lang.String currentPassword,
                                               java.lang.String password,
                                               java.lang.String email,
                                               java.lang.String description,
                                               boolean requirePassChange)
                                        throws RedirectException,
                                               org.benow.repository.NoSuchObjectException
Description copied from interface: SecurityWebService
Updates the user with the given key

Specified by:
updateUser in interface SecurityWebService
Parameters:
key - key of user to update
name - new name for user
currentPassword - current password of user
password - new password of user
email - new email
description - new description
requirePassChange - if true, a password change will be required at next login
Returns:
updated user
Throws:
RedirectException
org.benow.repository.NoSuchObjectException

createUser

public org.benow.security.user.User createUser(java.lang.String name,
                                               java.lang.String password,
                                               java.lang.String email,
                                               java.lang.String description,
                                               boolean requirePassChange)
                                        throws RedirectException
Description copied from interface: SecurityWebService
Creates a new user

Specified by:
createUser in interface SecurityWebService
Parameters:
name - name of new user, must be unique or a securityexception is thrown
password - password for new user
email - email for new user
description - description for new user
requirePassChange - true if a password change is to be done on next login
Returns:
created user
Throws:
RedirectException

update

public void update(org.benow.security.permission.Role role)
Specified by:
update in interface SecurityWebService

addPermissions

public void addPermissions(org.benow.security.permission.Role role,
                           java.util.List<org.benow.security.permission.Permission> permissions)
Description copied from interface: SecurityWebService
Add permissions to role

Specified by:
addPermissions in interface SecurityWebService

removePermissions

public void removePermissions(org.benow.security.permission.Role role,
                              java.util.List<org.benow.security.permission.Permission> permissions)
Description copied from interface: SecurityWebService
Remove permissions from role

Specified by:
removePermissions in interface SecurityWebService

login

public org.benow.security.user.User login(java.lang.String username,
                                          java.lang.String password,
                                          java.lang.String redirect)
                                   throws org.benow.security.service.LoginAgreementException,
                                          java.lang.SecurityException,
                                          java.lang.Exception
Description copied from interface: SecurityWebService
Login as the given user. Once logged in, actions are associated with user. username may be username or email corresponding to a username.

Specified by:
login in interface SecurityWebService
redirect - location to redirect to on successful login
Throws:
org.benow.security.service.LoginAgreementException - if there is a login agreement to be accepted.
java.lang.SecurityException - on bad name or password
java.lang.Exception

login

public org.benow.security.user.User login(java.lang.String username,
                                          java.lang.String password,
                                          java.lang.String redirect,
                                          boolean remember)
                                   throws org.benow.security.service.LoginAgreementException,
                                          java.lang.SecurityException,
                                          java.lang.Exception
Description copied from interface: SecurityWebService
Login as the given user. Once logged in, actions are associated with user. username may be username or email corresponding to a username.

Specified by:
login in interface SecurityWebService
redirect - location to redirect to on successful login
remember - if true, remember user information in a cookie, so that repeated logins not required
Throws:
org.benow.security.service.LoginAgreementException - if there is a login agreement to be accepted.
java.lang.SecurityException - on bad name or password
java.lang.Exception

login

public org.benow.security.user.User login(java.lang.String username,
                                          java.lang.String password)
                                   throws java.lang.Exception
Description copied from interface: SecurityWebService
Login as the given user. Once logged in, actions are associated with user. username may be username or email corresponding to a username.

Specified by:
login in interface org.benow.security.service.SecurityService
Specified by:
login in interface SecurityWebService
Overrides:
login in class org.benow.security.service.SecurityServiceImpl
Throws:
java.lang.Exception

acceptLoginAgreement

public org.benow.security.user.User acceptLoginAgreement(boolean acceptLoginAgreement)
                                                  throws java.lang.SecurityException,
                                                         RedirectException
Description copied from interface: SecurityWebService
Accept the login agreement as redirected to if a login agreement has been specified.

Specified by:
acceptLoginAgreement in interface SecurityWebService
Returns:
Throws:
java.lang.SecurityException
RedirectException

sendReminder

public void sendReminder(java.lang.String email)
                  throws java.lang.SecurityException,
                         org.benow.repository.ObjectRepositoryError,
                         javax.mail.MessagingException
Description copied from interface: SecurityWebService
Sends a password reminder email to a registered user

Specified by:
sendReminder in interface SecurityWebService
Throws:
java.lang.SecurityException
org.benow.repository.ObjectRepositoryError
javax.mail.MessagingException

changePassword

public void changePassword(java.lang.String username,
                           java.lang.String current,
                           java.lang.String changed)
                    throws java.lang.SecurityException,
                           java.lang.Exception
Specified by:
changePassword in interface SecurityWebService
Throws:
java.lang.SecurityException
java.lang.Exception

logout

public void logout(java.lang.String redirect)
            throws java.lang.Exception
Description copied from interface: SecurityWebService
Logout, redirecting to given location

Specified by:
logout in interface SecurityWebService
Throws:
java.lang.Exception

logout

public void logout()
            throws java.lang.Exception
Description copied from interface: SecurityWebService
Logout, removing assocation with authenticated user.

Specified by:
logout in interface org.benow.security.service.SecurityService
Specified by:
logout in interface SecurityWebService
Overrides:
logout in class org.benow.security.service.SecurityServiceImpl
Throws:
java.lang.Exception

addUser

public org.benow.security.user.User addUser(java.lang.String name,
                                            java.lang.String pass,
                                            java.lang.String passVerify,
                                            java.lang.String email,
                                            java.lang.String captcha)
                                     throws TerseWebException,
                                            RedirectException,
                                            java.net.MalformedURLException,
                                            javax.mail.MessagingException
Adds the given user.

When the user has been added, a join handler is called to handle the join of the user. The default join handler is the EmailConfirmJoinHandler. Set CFG_JOIN_HANDLER_CLASS to specify alternative join handling.

Specified by:
addUser in interface SecurityWebService
Throws:
TerseWebException
RedirectException
java.net.MalformedURLException
javax.mail.MessagingException

execJoinHandler

protected void execJoinHandler(org.benow.repository.security.UserImpl user)
                        throws RedirectException
Runs the join handler, as defined in CFG_JOIN_HANDLER_CLASS.

Parameters:
user -
Throws:
RedirectException

resendConfirmation

public void resendConfirmation(java.lang.String email)
                        throws RedirectException
Description copied from interface: SecurityWebService
Resend the confirmation email sent during the registration (addUser) process to the user with the given email.

Specified by:
resendConfirmation in interface SecurityWebService
Throws:
RedirectException

resendConfirmation

public void resendConfirmation(org.benow.security.user.User user)
                        throws RedirectException
Throws:
RedirectException

confirm

public void confirm(java.lang.String user,
                    java.lang.String code)
             throws org.benow.repository.NoSuchObjectException,
                    RedirectException,
                    java.net.MalformedURLException,
                    javax.mail.MessagingException
Specified by:
confirm in interface SecurityWebService
Throws:
org.benow.repository.NoSuchObjectException
RedirectException
java.net.MalformedURLException
javax.mail.MessagingException

restartSupported

public static boolean restartSupported()

restart

public void restart()
             throws org.benow.util.NotSupportedError
Description copied from interface: SecurityWebService
Restart the application. Only applicable if restart ability (via wrapper script) has been indicated by presence of System property: restartSupported=true.

Specified by:
restart in interface SecurityWebService
Throws:
org.benow.util.NotSupportedError - if restart is not supported

getUser

public org.benow.security.user.User getUser(java.lang.String name)
Specified by:
getUser in interface SecurityWebService

getCurrentUser

public org.benow.security.user.User getCurrentUser()
Specified by:
getCurrentUser in interface SecurityWebService
Returns:
the current user

addPermissions

public void addPermissions(java.lang.String userName,
                           java.util.List<org.benow.security.permission.Permission> permissions)
Description copied from interface: SecurityWebService
Add individually assigned permissions to user

Specified by:
addPermissions in interface SecurityWebService

removePermissions

public void removePermissions(java.lang.String userName,
                              java.util.List<org.benow.security.permission.Permission> permissions)
Description copied from interface: SecurityWebService
Remove individually assigned permissions from user

Specified by:
removePermissions in interface SecurityWebService

setupAP

public void setupAP(java.lang.String value)
             throws java.lang.Exception
Specified by:
setupAP in interface SecurityWebService
Throws:
java.lang.Exception

reinvite

public org.benow.security.user.User reinvite(java.lang.String email)
                                      throws java.lang.Exception
Description copied from interface: SecurityWebService
Re-invites the user at the given email

Specified by:
reinvite in interface SecurityWebService
Parameters:
email - email address for user to reinvite
Returns:
invited user
Throws:
org.benow.repository.NoSuchObjectException - if user with given email was never previously invited
AlreadyJoinedException - if user has already accepted a previous invitation
java.lang.Exception

invite

public org.benow.security.user.User invite(java.lang.String email,
                                           java.lang.String captcha,
                                           java.lang.String joinRedirect)
                                    throws java.lang.Exception
Description copied from interface: SecurityWebService
Invite a user at the given email address, redirecting them to the given location on join.

Specified by:
invite in interface SecurityWebService
Parameters:
email - email address of user to invite
captcha - the user entered value of the associated captcha
joinRedirect - uri to redirect the user to after join
Returns:
the newly created, but unconfirmed user
Throws:
NoRemainingInvitationsException
javax.mail.MessagingException
java.net.MalformedURLException
InvalidCaptchaException
java.lang.Exception

unescapeRedir

public static java.lang.String unescapeRedir(java.lang.String redir)
Unescapes a uri that had been previously escaped in an email

Parameters:
redir -
Returns:

assertInvited

public void assertInvited(java.lang.String email)
                   throws NotInvitedException,
                          AlreadyJoinedException,
                          RedirectException
Specified by:
assertInvited in interface SecurityWebService
Throws:
NotInvitedException - if user at email was not invited.
AlreadyJoinedException - if the user with the given email has already joined
RedirectException - if there is a current user (not anonymous), the user will be logged out and current page will be redisplayed

addInvitedUser

public org.benow.security.user.User addInvitedUser(java.lang.String name,
                                                   java.lang.String pass,
                                                   java.lang.String passVerify,
                                                   java.lang.String email,
                                                   java.lang.String captcha,
                                                   java.lang.String confirm,
                                                   java.lang.String redir)
                                            throws TerseWebException,
                                                   RedirectException,
                                                   java.net.MalformedURLException,
                                                   javax.mail.MessagingException,
                                                   InvalidCaptchaException
Specified by:
addInvitedUser in interface SecurityWebService
Throws:
TerseWebException
RedirectException
java.net.MalformedURLException
javax.mail.MessagingException
InvalidCaptchaException

changePasswordForCurrentUser

public void changePasswordForCurrentUser(java.lang.String current,
                                         java.lang.String changed)
                                  throws java.lang.SecurityException,
                                         java.lang.Exception
Description copied from interface: SecurityWebService
Change the password of the current user.

Specified by:
changePasswordForCurrentUser in interface SecurityWebService
Throws:
java.lang.SecurityException
java.lang.Exception

getPermissionsNotInRole

public java.util.List<org.benow.security.permission.Permission> getPermissionsNotInRole(java.lang.String roleName)
Specified by:
getPermissionsNotInRole in interface SecurityWebService
Returns:
permissions not held by role of given name

getPermissionsNotInUser

public java.util.List<org.benow.security.permission.Permission> getPermissionsNotInUser(java.lang.String userName)
Specified by:
getPermissionsNotInUser in interface SecurityWebService
Returns:
permissions not held by user of given name

deleteUser

public void deleteUser(java.lang.Object key)
                throws org.benow.repository.NoSuchObjectException
Description copied from interface: SecurityWebService
Deletes the user with the given key. The administrator, default (anonymous) and template:registered cannot be deleted. Requires admin permission

Specified by:
deleteUser in interface SecurityWebService
Throws:
org.benow.repository.NoSuchObjectException

getEditableUserModules

public java.util.List<SecurityWebService.ModuleInfo> getEditableUserModules(java.lang.String userName)
Description copied from interface: SecurityWebService
Gets the user modules for the given user which may be edited. In order to be edited, there must be a html/admin/security/modules/X.page where X is the simple or full user module class name.

Specified by:
getEditableUserModules in interface SecurityWebService
Returns:

getUserModuleSpecifications

public java.util.List<org.benow.java.spec.argument.ClassSpecification> getUserModuleSpecifications()
Specified by:
getUserModuleSpecifications in interface SecurityWebService

getUserModuleSpecification

public org.benow.java.spec.argument.ClassSpecification getUserModuleSpecification(java.lang.Class<? extends org.benow.security.user.UserModule> moduleClass)
                                                                           throws org.benow.java.spec.SpecificationException
Specified by:
getUserModuleSpecification in interface SecurityWebService
Throws:
org.benow.java.spec.SpecificationException

setDisabled

public void setDisabled(java.lang.Object userKey,
                        boolean disabled)
                 throws org.benow.repository.NoSuchObjectException
Description copied from interface: SecurityWebService
Sets the disabled status for the user with the given key. If a user is disabled, they may not login.

Specified by:
setDisabled in interface SecurityWebService
Parameters:
userKey - key of user to adjust disabled status
disabled - true to disable, false to not be disabled
Throws:
org.benow.repository.NoSuchObjectException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD