Package com.avoka.fc.core.security

Interface ISecurityManagerService

  • All Known Implementing Classes:
    SecurityManagerService
    public interface ISecurityManagerService
    Provides a Security Manager service interface.
    Since:
    3.5.0

    • Field Detail

    • Method Detail

      • createAuthenticationProvider

        org.springframework.security.authentication.AuthenticationProvider createAuthenticationProvider​(AuthenticationProvider providerEntity)
        Create an Spring Security AuthenticationProvider instance using the associated Portal and AuthenticationProvider configuration entity.
        Parameters:
        providerEntity - the AuthenticationProvider configuration entity
        Returns:
        a Spring Security AuthenticationProvider

      • createUserAndProfile

        UserAccount createUserAndProfile​(String loginName,
                                 String email,
                                 String password,
                                 String givenName,
                                 String familyName,
                                 String mobile,
                                 Map<String,​String> profileMap,
                                 String authenticationDomain,
                                 String userType,
                                 boolean isSelfRegistration)
                          throws ApplicationException,
                                 ApplicationEmailException
        Create a new user account and profile
        Parameters:
        loginName - the user id (required)
        email - the user email address (optional)
        password - the user password (required for Local userType accounts)
        givenName - the user first name (optional)
        familyName - the user last name (optional)
        mobile - the user mobile phone number (optional)
        profileMap - the map of user profile names and values to create
        authenticationDomain - the authentication domain (required for LDAP userType accounts)
        userType - the type of user account (required)
        isSelfRegistration - the flag specifying whether the user self registered
        Returns:
        the new user account
        Throws:
        ApplicationException - if an error occur creating the new user account
        ApplicationEmailException - if an error occur sending email notifications

      • getAuthenticationProviders

        List<org.springframework.security.authentication.AuthenticationProvider> getAuthenticationProviders()
        Return the list of Spring Security AuthenticationProvider instances.
        Returns:
        the list of Spring Security AuthenticationProvider instances

      • doesUserExist

        boolean doesUserExist​(String userId)
        Return true if a user with the given login name already exists.
        Parameters:
        userId - the user id or login name (required)
        Returns:
        true if a user with the given login name already exists

      • doesPasswordMatch

        boolean doesPasswordMatch​(String password,
                          UserAccount userAccount)
        Return true if the plain text password value matches the local user account password.
        Parameters:
        password - plain text password value (required)
        userAccount - the local user account, must a 'Local' user type (required)
        Returns:
        true if the plain text password value matches the local user account password

      • onSuccessfulLogin

        UserAccount onSuccessfulLogin​(String userId,
                              HttpServletRequest request)
        Event listener for successful user login event.
        Parameters:
        userId - the login userId (login name).
        request - the user HTTP request
        Returns:
        the logged in user account

      • onFailedLogin

        UserAccount onFailedLogin​(String userId,
                          HttpServletRequest request)
        Event listener for unsuccessful user login event.
        Parameters:
        userId - the login userId (login name).
        request - the user HTTP request
        Returns:
        the failed login user account, or null if no user found

      • onSessionExpiry

        void onSessionExpiry​(String userId,
                     Date lastAccessedTime)
        Event listener for the user session expiry or logout.
        Parameters:
        userId - the login userId (login name).
        lastAccessedTime - the time the user last accessed the application

      • onSessionExpiry

        void onSessionExpiry​(String userId,
                     Date lastAccessedTime,
                     String sessionId)
        Event listener for the user session expiry or logout.
        Parameters:
        userId - the login userId (login name).
        lastAccessedTime - the time the user last accessed the application
        sessionId - the user session id
        Since:
        4.1.3

      • validatePassword

        String validatePassword​(String password)
        Return null if the password is valid for the security manager configuration, otherwise return an error message.
        Parameters:
        password - the password value to validate (required)
        Returns:
        null if the password is valid for the security manager configuration, otherwise return an error message