Package com.caplin.server.auth

Class AuthenticationResult

java.lang.Object
com.caplin.server.auth.AuthenticationResult
public class AuthenticationResult extends Object

Static instances of this class are used to provide various authentication results to the Liberator.

Most calls to Authenticator methods are required to return one of the static instances of this class to indicate the result of the authentication operation.

  • Field Details

    • OK

      public static final AuthenticationResult OK
      Use to indicate a successful authentication result.

    • AGAIN

      public static final AuthenticationResult AGAIN

      Use only when performing content-based permissioning where the content is not yet available.

      When RTTPObject.getType() returns a 200 code this indicates the object is an active object that hasn't had its content populated. By returning this result you indicate you are not ready to authenticate and would like another call to Authenticator.checkRead when the content is available.

    • DELAYED

      public static final AuthenticationResult DELAYED

      Use in combination with DelayedResultReceiver.delayedCheckUserResult or DelayedResultReceiver.delayedMapObjectResult when the authentication result is not yet available.

      When the system receives this authentication result it waits for a callback for the final authentication result. This is used when the result may take some time to compute - e.g. when a database call needs to be made or a remote server needs to generate mapping information. The call to the authentication interface is blocking, so it is recommended that this result is used in these cases to avoid inhibiting server performance.

    • DENY

      public static final AuthenticationResult DENY

      Use to indicate that authorisation or authentication is denied.

      This is the standard failure result. Use for all object-level authentication failures and any user login authorisation failures where one of the more specific failures (e.g. INVALID_USER is not appropriate.

    • FALSE

      public static final AuthenticationResult FALSE

      Indicates no object name mapping has taken place.

      Use only as a return code from Authenticator.mapObject(com.caplin.server.auth.UserSession, com.caplin.server.auth.MapObject). If the object name is not mapped then this authentication result should be used.

    • INVALID_USER

      public static final AuthenticationResult INVALID_USER

      Use when the supplied user name is not valid.

      This authentication result is used when the user name passed in the AuthenticationUser object to Authenticator.checkUser is deemed invalid.

      It may be preferrable to use this result in the case where the user name is valid and the password is not, rather that the INVALID_PASS result.

    • INVALID_PASS

      public static final AuthenticationResult INVALID_PASS

      Use when the supplied password is not valid and you want this information known to the client.

      This authentication result can be used when the user name passed in the AuthenticationUser object to Authenticator.checkUser is deemed invalid.

      it is more secure to use the INVALID_USER result is even when the only the password is incorrect. This is recommended, unless the client specifically needs to know that the password was invalid.

    • INVALID_ADDR

      public static final AuthenticationResult INVALID_ADDR

      Use when authentication is denied because the supplied ip address is deemed unacceptable.

      May be used for location-based authentication or for blocking ip address ranges.

    • ACCT_EXPIRED

      public static final AuthenticationResult ACCT_EXPIRED
      Use to indicate the supplied login credentials are for an expired user account.

    • USER_LC_EXCEEDED

      public static final AuthenticationResult USER_LC_EXCEEDED
      Use to indicate the supplied login credentials have exceeded their concurrent maximum allowed login count.

    • SITE_LC_EXCEEDED

      public static final AuthenticationResult SITE_LC_EXCEEDED
      Use to indicate that some global maximum session count has been met/exceeded.

    • ERROR

      public static final AuthenticationResult ERROR

      Use when an error has occured in the authentication process.

      This return code will be treated as an authentication failure so should be used with appropriate caution.

    • USER1

      public static final AuthenticationResult USER1

      Use to indicate a custom authentication result.

      The following 5 return codes can be used to indicate a custom authentication result to the client. The client must be aware of the meaning of each different result and handle it accordingly.

    • USER2

      public static final AuthenticationResult USER2
      Use to indicate a custom authentication result.

    • USER3

      public static final AuthenticationResult USER3
      Use to indicate a custom authentication result.

    • USER4

      public static final AuthenticationResult USER4
      Use to indicate a custom authentication result.

    • USER5

      public static final AuthenticationResult USER5
      Use to indicate a custom authentication result.

  • Method Details

    • toString

      public String toString()
      Provides a string representing the authentication result
      Overrides:
      toString in class Object
      Returns:
      a textual representation of the authentication result