Class AuthNValidator

  • All Implemented Interfaces:
    Validator

    public abstract class AuthNValidator
    extends Object
    implements Validator
    This class performs authentication validation. This validator will ensure the current user has been authenticated before activating the role into the session.

    1. Create a new class, that extends this one.
       package org.mycompany.myutil;
       import org.apache.directory.fortress.core.model.Constraint;
       import org.apache.directory.fortress.core.model.Session;
       import org.apache.directory.fortress.core.util.time.Time;
      
        public class AuthNUserValidator extends AuthNValidator
       
    2. Implement the abstract method validate. Must call the super.validate.
      
       public int validate(Session session, Constraint constraint, Time time, VUtil.ConstraintType type )
       {
         super.setRoleName( "AuthNUsers" );
         super.setAuthenticated( true );
         return super.validate( session, constraint, time, type );
       }
        
    3. Place the name of the role to verify.
       // This can be any valid role name here:
       super.setRoleName( "AuthNUsers" );
       
    4. Set the preferred authentication status.
       // This can be true or false:
       super.setAuthenticated( true );
       
    5. Add a new property to allowed fortress validators. Where N is an integer and in order of the other enabled validators:
       temporal.validator.0:org.apache.directory.fortress.core.util.time.Date
       temporal.validator.1:org.apache.directory.fortress.core.util.time.LockDate
       temporal.validator.2:org.apache.directory.fortress.core.util.time.Timeout
       temporal.validator.3:org.apache.directory.fortress.core.util.time.ClockTime
       temporal.validator.4:org.apache.directory.fortress.core.util.time.Day
       temporal.validator.5:org.mycompany.myutil.AuthNUserValidator
       
    6. Add the compiled Class to runtime classpath.
    7. Add the new role.
    8. Assign to users as needed.
    Author:
    Apache Directory Project
    • Constructor Detail

      • AuthNValidator

        public AuthNValidator()
    • Method Detail

      • validate

        public int validate​(Session session,
                            Constraint constraint,
                            Time time,
                            VUtil.ConstraintType type)
        This method is called during user-role activation, .VUtil#validateConstraints and ensures the current user has been proper authentication status before activating the specified role into the session.

        This validation routine will automatically pass if session.isAuthenticated matches the isAuthenticated member variable AND the role matches the subclasses name AND type == ROLE.

        Specified by:
        validate in interface Validator
        Parameters:
        session - contains the isAuthenticated flag. If 'true', user must be authenticated before role may be authenticated. If 'false' user must not be authenticated for role to activate.
        constraint - contains the role name.
        time - contains the current time stamp.
        type - only constraints of type role use this.
        Returns:
        '0' if validation succeeds else .GlobalErrIds#ACTV_FAILED_AUTHN if failed.
      • getRoleName

        protected String getRoleName()
      • setRoleName

        protected void setRoleName​(String roleName)
      • isAuthenticated

        protected boolean isAuthenticated()
      • setAuthenticated

        protected void setAuthenticated​(boolean isAuthenticated)