Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.jetspeed.security.spi.impl
Class PasswordExpirationInterceptor

java.lang.Object
  extended by org.apache.jetspeed.security.spi.impl.AbstractInternalPasswordCredentialInterceptorImpl
      extended by org.apache.jetspeed.security.spi.impl.PasswordExpirationInterceptor
All Implemented Interfaces:
org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor
public class PasswordExpirationInterceptor
extends AbstractInternalPasswordCredentialInterceptorImpl

Enforces a maximum lifespan for a password credential.

When on authentication a password its expiration date is reached, its expired flag is set. The DefaultCredentialHandler then will fail the authentication and subsequent authentications will fail immediately.

To ensure proper expiration handling, an empty (null) expiration date will be automatically filled in when the credential is loaded from the persistent store using the configured max lifespan in days.

When a password credential is created or a password is updated a new future expiration date is calculated.

An existing or already provided higher expiration date will be preserved though. This allows to (pre)set a (very) high expiration date, like with InternalCredential.MAX_DATE, for credentials which shouldn't expire.

Version:
$Id$
Author:
Ate Douma

Field Summary
private  long maxLifeSpanInMillis
           
 
Constructor Summary
PasswordExpirationInterceptor(int maxLifeSpanInDays)
           
 
Method Summary
 boolean afterAuthenticated(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, String userName, org.apache.jetspeed.security.om.InternalCredential credential, boolean authenticated)
           
 boolean afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider pcProvider, String userName, org.apache.jetspeed.security.om.InternalCredential credential)
           
 void beforeCreate(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, Collection credentials, String userName, org.apache.jetspeed.security.om.InternalCredential credential, String password)
          Calculates and sets the default expiration date and the expired flag to false
 void beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, Collection credentials, String userName, org.apache.jetspeed.security.om.InternalCredential credential, String password, boolean authenticated)
          Sets a new expiration date if a higher expiration date isn't set already and resets the expired flag
protected  void setExpiration(org.apache.jetspeed.security.om.InternalCredential credential)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

maxLifeSpanInMillis

private long maxLifeSpanInMillis
Constructor Detail

PasswordExpirationInterceptor

public PasswordExpirationInterceptor(int maxLifeSpanInDays)
Parameters:
maxLifeSpanInDays - default lifespan of password credentials in days
Method Detail

afterAuthenticated

public boolean afterAuthenticated(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
                                  String userName,
                                  org.apache.jetspeed.security.om.InternalCredential credential,
                                  boolean authenticated)
                           throws org.apache.jetspeed.security.SecurityException
Specified by:
afterAuthenticated in interface org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor
Overrides:
afterAuthenticated in class AbstractInternalPasswordCredentialInterceptorImpl
Returns:
true when the password credential is now expired
Throws:
org.apache.jetspeed.security.SecurityException
See Also:
InternalPasswordCredentialInterceptor.afterAuthenticated(org.apache.jetspeed.security.om.InternalUserPrincipal, java.lang.String, org.apache.jetspeed.security.om.InternalCredential, boolean)

afterLoad

public boolean afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider pcProvider,
                         String userName,
                         org.apache.jetspeed.security.om.InternalCredential credential)
                  throws org.apache.jetspeed.security.SecurityException
Specified by:
afterLoad in interface org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor
Overrides:
afterLoad in class AbstractInternalPasswordCredentialInterceptorImpl
Returns:
true when a new default expiration date is set
Throws:
org.apache.jetspeed.security.SecurityException
See Also:
InternalPasswordCredentialInterceptor.afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider, java.lang.String, org.apache.jetspeed.security.om.InternalCredential)

beforeCreate

public void beforeCreate(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
                         Collection credentials,
                         String userName,
                         org.apache.jetspeed.security.om.InternalCredential credential,
                         String password)
                  throws org.apache.jetspeed.security.SecurityException
Calculates and sets the default expiration date and the expired flag to false

Specified by:
beforeCreate in interface org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor
Overrides:
beforeCreate in class AbstractInternalPasswordCredentialInterceptorImpl
Throws:
org.apache.jetspeed.security.SecurityException
See Also:
InternalPasswordCredentialInterceptor.beforeCreate(org.apache.jetspeed.security.om.InternalUserPrincipal, java.util.Collection, java.lang.String, InternalCredential, java.lang.String)

beforeSetPassword

public void beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
                              Collection credentials,
                              String userName,
                              org.apache.jetspeed.security.om.InternalCredential credential,
                              String password,
                              boolean authenticated)
                       throws org.apache.jetspeed.security.SecurityException
Sets a new expiration date if a higher expiration date isn't set already and resets the expired flag

Specified by:
beforeSetPassword in interface org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor
Overrides:
beforeSetPassword in class AbstractInternalPasswordCredentialInterceptorImpl
Throws:
org.apache.jetspeed.security.SecurityException
See Also:
InternalPasswordCredentialInterceptor.beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal, java.util.Collection, java.lang.String, org.apache.jetspeed.security.om.InternalCredential, java.lang.String, boolean)

setExpiration

protected void setExpiration(org.apache.jetspeed.security.om.InternalCredential credential)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999-2007 Apache Software Foundation. All Rights Reserved.