Package examples

Class DelayedLoginAuthenticator

  • All Implemented Interfaces:
    Authenticator
    public class DelayedLoginAuthenticator
extends AuthenticatorAdaptor
    A basic Authenticator that extends the AuthenticatorAdaptor and overrides the checkUser method

    This demonstrates the use of the DelayedResultReceiver calls to return authentication results after a period of time. A typical module may, for example, make a database call in this period.

    • Constructor Detail

      • DelayedLoginAuthenticator

        public DelayedLoginAuthenticator()

    • Method Detail

      • initialise

        public void initialise​(SessionManager sessionManager,
                       DelayedResultReceiver delayedReceiver,
                       ServerNode serverNode,
                       java.lang.String loggerName)
        Description copied from interface: Authenticator

        Called on startup of the Liberator Auth Module.

        Allows initialisation of required resources and connections. e.g. reading configuration files, connecting to a database or other external application, or constructing internal data structures.

        The logger name can be used for obtaining the native logger java.util.logging.Logger.getLogger(String). This logger will log messages to the Liberator's auth log file.

        Specified by:
        initialise in interface Authenticator
        Overrides:
        initialise in class AuthenticatorAdaptor
        Parameters:
        sessionManager - a SessionManager instance that can be used for invalidating and ejecting user sessions in the Liberator.
        delayedReceiver - a DelayedResultReceiver instance that can be used for sending delayed authentication results after an AuthenticationResult.DELAYED is used.
        serverNode - a ServerNode instance that provides access to information about the server and its session count.
        loggerName - the name of the logger that provides native logging output to the Liberator's auth log file (by default auth-rttpd.log).
        See Also:
        Authenticator.initialise

      • checkUser

        public AuthenticationResult checkUser​(UserSession session)
        Description copied from interface: Authenticator

        The user login authorisation method which is called every time a user tries to login to the server.

        This method should be used to perform authorisation of the user's credentials.

        If the authentication requires the use of an external service (e.g. database) to verify the user credentials, the AuthenticationResult.DELAYED return code should be used, followed by a call to DelayedResultReceiver#delayedCheckUserResult when the result is available. This mechanism avoids the Liberator thread beeing blocked whilst waiting for the result, and the obvious associated performance impact.

        N.B. The delayed result functionality is only available for the checkUser and mapObject methods. To avoid unnecessary delays during methods such as checkRead, if the user's permission set is contained in a remote database or service, then it can be beneficial to cache this locally at logon time during this method execution.
        Subsequent permission checks such as checkRead can then access the locally cached permission set for optimal performance.
        If the cached permissions are then modified, then SessionManager#invalidateAllSessions or SessionManager#invalidateSessions methods can be used as necessary to force the Liberator to re-validate the user's permissions.

        Specified by:
        checkUser in interface Authenticator
        Overrides:
        checkUser in class AuthenticatorAdaptor
        Parameters:
        session - the UserSession object containing information about the user and their login details.
        Returns:
        an AuthenticationResult instance - usually AuthenticationResult.OK , AuthenticationResult.DENY or one of the specific failure results such as AuthenticationResult.INVALID_USER.
        See Also:
        Authenticator.checkUser