Interface ISecurityManagerService

All Known Implementing Classes:
SecurityManagerService

public interface ISecurityManagerService
Provides a Security Manager service interface.
Since:
3.5.0
  • Field Details

  • Method Details

    • createAuthenticationProvider

      org.springframework.security.authentication.AuthenticationProvider createAuthenticationProvider(AuthenticationProvider providerEntity)
      Create an Spring Security AuthenticationProvider instance using the associated Portal and AuthenticationProvider configuration entity.
      Parameters:
      providerEntity - the AuthenticationProvider configuration entity
      Returns:
      a Spring Security AuthenticationProvider
    • createUserAndProfile

      UserAccount createUserAndProfile(String loginName, String email, String password, String givenName, String familyName, String mobile, Map<String,String> profileMap, String authenticationDomain, String userType, boolean isSelfRegistration) throws ApplicationException, ApplicationEmailException
      Create a new user account and profile
      Parameters:
      loginName - the user id (required)
      email - the user email address (optional)
      password - the user password (required for Local userType accounts)
      givenName - the user first name (optional)
      familyName - the user last name (optional)
      mobile - the user mobile phone number (optional)
      profileMap - the map of user profile names and values to create
      authenticationDomain - the authentication domain (required for LDAP userType accounts)
      userType - the type of user account (required)
      isSelfRegistration - the flag specifying whether the user self registered
      Returns:
      the new user account
      Throws:
      ApplicationException - if an error occur creating the new user account
      ApplicationEmailException - if an error occur sending email notifications
    • getAuthenticationProviders

      List<org.springframework.security.authentication.AuthenticationProvider> getAuthenticationProviders()
      Return the list of Spring Security AuthenticationProvider instances.
      Returns:
      the list of Spring Security AuthenticationProvider instances
    • doesUserExist

      boolean doesUserExist(String userId)
      Return true if a user with the given login name already exists.
      Parameters:
      userId - the user id or login name (required)
      Returns:
      true if a user with the given login name already exists
    • doesPasswordMatch

      boolean doesPasswordMatch(String password, UserAccount userAccount)
      Return true if the plain text password value matches the local user account password.
      Parameters:
      password - plain text password value (required)
      userAccount - the local user account, must a 'Local' user type (required)
      Returns:
      true if the plain text password value matches the local user account password
    • onSuccessfulLogin

      UserAccount onSuccessfulLogin(String userId, jakarta.servlet.http.HttpServletRequest request)
      Event listener for successful user login event.
      Parameters:
      userId - the login userId (login name).
      request - the user HTTP request
      Returns:
      the logged in user account
    • onFailedLogin

      UserAccount onFailedLogin(String userId, jakarta.servlet.http.HttpServletRequest request)
      Event listener for unsuccessful user login event.
      Parameters:
      userId - the login userId (login name).
      request - the user HTTP request
      Returns:
      the failed login user account, or null if no user found
    • onSessionExpiry

      void onSessionExpiry(String userId, Date lastAccessedTime)
      Event listener for the user session expiry or logout.
      Parameters:
      userId - the login userId (login name).
      lastAccessedTime - the time the user last accessed the application
    • onSessionExpiry

      void onSessionExpiry(String userId, Date lastAccessedTime, String sessionId)
      Event listener for the user session expiry or logout.
      Parameters:
      userId - the login userId (login name).
      lastAccessedTime - the time the user last accessed the application
      sessionId - the user session id
      Since:
      4.1.3
    • validatePassword

      String validatePassword(String password, UserAccount userAccount)
      Return null if the password is valid for the security manager configuration, otherwise return an error message.
      Parameters:
      password - the password value to validate (required)
      userAccount - the user account against which the password will be validated
      Returns:
      null if the password is valid for the security manager configuration, otherwise return an error message