Package com.caplin.server.auth

Class AuthenticationResult

  • public class AuthenticationResult
extends java.lang.Object

    Static instances of this class are used to provide various authentication results to the Liberator.

    Most calls to Authenticator methods are required to return one of the static instances of this class to indicate the result of the authentication operation.

    • Field Detail

      • OK

        public static final AuthenticationResult OK
        Use to indicate a successful authentication result.

      • AGAIN

        public static final AuthenticationResult AGAIN

        Use only when performing content-based permissioning where the content is not yet available.

        When RTTPObject.getType() returns a 200 code this indicates the object is an active object that hasn't had its content populated. By returning this result you indicate you are not ready to authenticate and would like another call to Authenticator.checkRead when the content is available.

      • DELAYED

        public static final AuthenticationResult DELAYED

        Use in combination with DelayedResultReceiver.delayedCheckUserResult or DelayedResultReceiver.delayedMapObjectResult when the authentication result is not yet available.

        When the system receives this authentication result it waits for a callback for the final authentication result. This is used when the result may take some time to compute - e.g. when a database call needs to be made or a remote server needs to generate mapping information. The call to the authentication interface is blocking, so it is recommended that this result is used in these cases to avoid inhibiting server performance.

      • DENY

        public static final AuthenticationResult DENY

        Use to indicate that authorisation or authentication is denied.

        This is the standard failure result. Use for all object-level authentication failures and any user login authorisation failures where one of the more specific failures (e.g. INVALID_USER is not appropriate.

      • INVALID_USER

        public static final AuthenticationResult INVALID_USER

        Use when the supplied user name is not valid.

        This authentication result is used when the user name passed in the AuthenticationUser object to Authenticator.checkUser is deemed invalid.

        It may be preferrable to use this result in the case where the user name is valid and the password is not, rather that the INVALID_PASS result.

      • INVALID_PASS

        public static final AuthenticationResult INVALID_PASS

        Use when the supplied password is not valid and you want this information known to the client.

        This authentication result can be used when the user name passed in the AuthenticationUser object to Authenticator.checkUser is deemed invalid.

        it is more secure to use the INVALID_USER result is even when the only the password is incorrect. This is recommended, unless the client specifically needs to know that the password was invalid.

      • INVALID_ADDR

        public static final AuthenticationResult INVALID_ADDR

        Use when authentication is denied because the supplied ip address is deemed unacceptable.

        May be used for location-based authentication or for blocking ip address ranges.

      • ACCT_EXPIRED

        public static final AuthenticationResult ACCT_EXPIRED
        Use to indicate the supplied login credentials are for an expired user account.

      • USER_LC_EXCEEDED

        public static final AuthenticationResult USER_LC_EXCEEDED
        Use to indicate the supplied login credentials have exceeded their concurrent maximum allowed login count.

      • SITE_LC_EXCEEDED

        public static final AuthenticationResult SITE_LC_EXCEEDED
        Use to indicate that some global maximum session count has been met/exceeded.

      • ERROR

        public static final AuthenticationResult ERROR

        Use when an error has occured in the authentication process.

        This return code will be treated as an authentication failure so should be used with appropriate caution.

      • USER1

        public static final AuthenticationResult USER1

        Use to indicate a custom authentication result.

        The following 5 return codes can be used to indicate a custom authentication result to the client. The client must be aware of the meaning of each different result and handle it accordingly.

      • USER2

        public static final AuthenticationResult USER2
        Use to indicate a custom authentication result.

      • USER3

        public static final AuthenticationResult USER3
        Use to indicate a custom authentication result.

      • USER4

        public static final AuthenticationResult USER4
        Use to indicate a custom authentication result.

      • USER5

        public static final AuthenticationResult USER5
        Use to indicate a custom authentication result.

    • Method Detail

      • toString

        public java.lang.String toString()
        Provides a string representing the authentication result
        Overrides:
        toString in class java.lang.Object
        Returns:
        a textual representation of the authentication result