directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject directory-fortress-core git commit: FC-127 - AuthN Validator - javadoc
Date Fri, 11 Dec 2015 23:36:17 GMT
Repository: directory-fortress-core
Updated Branches:
  refs/heads/master 88476cd86 -> bcdae9402


 FC-127 - AuthN Validator - javadoc


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/bcdae940
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/bcdae940
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/bcdae940

Branch: refs/heads/master
Commit: bcdae940298e70c101187b2df0d886d42ae97fbe
Parents: 88476cd
Author: Shawn McKinney <smckinney@apache.org>
Authored: Fri Dec 11 00:56:09 2015 -0600
Committer: Shawn McKinney <smckinney@apache.org>
Committed: Fri Dec 11 00:56:09 2015 -0600

----------------------------------------------------------------------
 .../fortress/core/util/AuthNValidator.java      | 67 +++++++++++++++++---
 1 file changed, 58 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/bcdae940/src/main/java/org/apache/directory/fortress/core/util/AuthNValidator.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/util/AuthNValidator.java b/src/main/java/org/apache/directory/fortress/core/util/AuthNValidator.java
index d38cb79..9ec732c 100644
--- a/src/main/java/org/apache/directory/fortress/core/util/AuthNValidator.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/AuthNValidator.java
@@ -27,33 +27,82 @@ import org.apache.directory.fortress.core.util.time.Time;
 import org.apache.directory.fortress.core.util.time.Validator;
 
 /**
- * This class performs authentication validation.  This validator will ensure the current
user has been authenticated before activating the role into the session.
+ * This class performs authentication validation.  This validator will ensure the current
user has been authenticated
+ * before activating the role into the session.
+ * <p/>
+ * <ol>
+ * <li> Create a new class, that extends this one.
+ * <pre>
+ * package org.mycompany.myutil;
+ * import org.apache.directory.fortress.core.model.Constraint;
+ * import org.apache.directory.fortress.core.model.Session;
+ * import org.apache.directory.fortress.core.util.time.Time;
+ *
+ *  public class AuthNUserValidator extends AuthNValidator
+ * </pre>
+ * <li> Implement the abstract method validate.  Must call the super.validate.
+ *  <pre>
+ *
+ * public int validate(Session session, Constraint constraint, Time time, VUtil.ConstraintType
type )
+ * {
+ *   super.setRoleName( "AuthNUsers" );
+ *   super.setAuthenticated( true );
+ *   return super.validate( session, constraint, time, type );
+ * }
+ *  </pre>
+ * <li> Place the name of the role to verify.
+ * <pre>
+ * // This can be any valid role name here:
+ * super.setRoleName( "AuthNUsers" );
+ * </pre>
+ * <li> Set the preferred authentication status.
+ * <pre>
+ * // This can be true or false:
+ * super.setAuthenticated( true );
+ * </pre>
+ * <li> Add a new property to allowed fortress validators.  Where N is an integer and
in order of the other enabled validators:
+ * <pre>
+ * temporal.validator.0:org.apache.directory.fortress.core.util.time.Date
+ * temporal.validator.1:org.apache.directory.fortress.core.util.time.LockDate
+ * temporal.validator.2:org.apache.directory.fortress.core.util.time.Timeout
+ * temporal.validator.3:org.apache.directory.fortress.core.util.time.ClockTime
+ * temporal.validator.4:org.apache.directory.fortress.core.util.time.Day
+ * temporal.validator.5:org.mycompany.myutil.AuthNUserValidator
+ * </pre>
+ * <li> Add the compiled Class to runtime classpath.
+ * <li> Add the new role.
+ * <li> Assign to users as needed.
+ * </ol>
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
-public abstract class AuthNValidator
-    implements Validator
+public abstract class AuthNValidator implements Validator
 {
     private String roleName;
     private boolean isAuthenticated;
 
     /**
-     * This method is called during user-role activation, {@link org.apache.directory.fortress.core.util.VUtil#validateConstraints}
and ensures the current user has been
+     * This method is called during user-role activation, {@link org.apache.directory.fortress.core.util
+     * .VUtil#validateConstraints} and ensures the current user has been
      * proper authentication status before activating the specified role into the session.
+     * <p/>
+     * This validation routine will automatically pass if session.isAuthenticated matches
the isAuthenticated member
+     * variable AND the role matches the subclasses name AND type == ROLE.
      *
-     * This validation routine will automatically pass if session.isAuthenticated matches
the isAuthenticated member variable AND the role matches the subclasses name AND type == ROLE.
-     *
-     * @param session    contains the isAuthenticated flag.  If 'true', user must be authenticated
before role may be authenticated.  If 'false' user must not be authenticated for role to activate.
+     * @param session    contains the isAuthenticated flag.  If 'true', user must be authenticated
before role may be
+     *                   authenticated.  If 'false' user must not be authenticated for role
to activate.
      * @param constraint contains the role name.
      * @param time       contains the current time stamp.
      * @param type       only constraints of type role use this.
-     * @return '0' if validation succeeds else {@link org.apache.directory.fortress.core.GlobalErrIds#ACTV_FAILED_AUTHN}
if failed.
+     * @return '0' if validation succeeds else {@link org.apache.directory.fortress.core
+     * .GlobalErrIds#ACTV_FAILED_AUTHN} if failed.
      */
 
     public int validate(Session session, Constraint constraint, Time time, VUtil.ConstraintType
type)
     {
         int rc = 0;
-        if(type == VUtil.ConstraintType.ROLE && constraint.getName().equalsIgnoreCase(
roleName ) && session.isAuthenticated() == isAuthenticated )
+        if ( type == VUtil.ConstraintType.ROLE && constraint.getName().equalsIgnoreCase(
roleName ) && session
+            .isAuthenticated() == isAuthenticated )
         {
             rc = GlobalErrIds.ACTV_FAILED_AUTHN;
         }


Mime
View raw message