UserSources
- public class UserSources extends HashMap<String, UserSource>
This singleton class is the primary resource for authenticating users and resolving principals to roles.
Key concepts:
User name: A string which identifies a user uniquely across one realm. Why is this so? Because it is possible, that two different people from collaborating work groups with similar names have the same user name in their group e.g. “mueller@uni1.de” and “mueller@uni2.de” or two people from different user groups use the name “admin”. In the “mueller” example the domain name of the email is the realm of authentication.
Realm: A string which uniquely identifies “where a user comes from”. It guarantees the authentication of a user with a particular user name. Currently the possible realms are quite limited. Only “CaosDB” (which is controlled by the internal user source) and “PAM” which delegates authentication to the host system via PAM (Pluggable Authentication Module) are known and extension is not too easy.
User Source: An instance which provides the access to a realm where users can be authenticated.
Principal: The combination of realm and user name - hence a system-wide unique identifier for users and the primary key to identifying who did what and who is allowed to to do what.
- Author:
Timm Fitschen (t.fitschen@indiscale.com)
Fields
KEY_DEFAULT_REALM
KEY_REALMS
KEY_REALM_CLASS
USERNAME_PASSWORD_AUTHENTICATION
Methods
add
- public static UserSource add(UserSource src)
getDefaultRealm
getDefaultRoles
getDefaultUserEmail
getDefaultUserEmail
getDefaultUserStatus
- public static UserStatus getDefaultUserStatus(String realm, String username)
getDefaultUserStatus
- public static UserStatus getDefaultUserStatus(Principal p)
getInternalRealm
- public static UserSource getInternalRealm()
guessRealm
guessRealm
initMap
- public void initMap()
isActive
isRoleExisting
isUserExisting
isValid
logUserVisit
put
- public UserSource put(UserSource src)