Class DelayedLoginAuthenticator
- All Implemented Interfaces:
Authenticator
This demonstrates the use of the DelayedResultReceiver
calls to return
authentication results after a period of time. A typical module may, for example, make a database call in this
period.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncheckUser
(UserSession session) The user login authorisation method which is called every time a user tries to login to the server.void
initialise
(SessionManager sessionManager, DelayedResultReceiver delayedReceiver, ServerNode serverNode, String loggerName) Called on startup of the Liberator Auth Module.Methods inherited from class com.caplin.server.auth.AuthenticatorAdaptor
authoriseHTTP, checkPermissionUpdate, checkRead, checkUpdate, checkWrite, discardObject, globalPermissionUpdate, mapObject, newObject, releaseObject, releaseUser, requestObject, shutdown
-
Constructor Details
-
DelayedLoginAuthenticator
public DelayedLoginAuthenticator()
-
-
Method Details
-
initialise
public void initialise(SessionManager sessionManager, DelayedResultReceiver delayedReceiver, ServerNode serverNode, String loggerName) Description copied from interface:Authenticator
Called on startup of the Liberator Auth Module.
Allows initialisation of required resources and connections. e.g. reading configuration files, connecting to a database or other external application, or constructing internal data structures.
The logger name can be used for obtaining the native logger java.util.logging.Logger.getLogger(String). This logger will log messages to the Liberator's auth log file.
- Specified by:
initialise
in interfaceAuthenticator
- Overrides:
initialise
in classAuthenticatorAdaptor
- Parameters:
sessionManager
- aSessionManager
instance that can be used for invalidating and ejecting user sessions in the Liberator.delayedReceiver
- aDelayedResultReceiver
instance that can be used for sending delayed authentication results after anAuthenticationResult.DELAYED
is used.serverNode
- aServerNode
instance that provides access to information about the server and its session count.loggerName
- the name of the logger that provides native logging output to the Liberator's auth log file (by default auth-rttpd.log).- See Also:
-
checkUser
Description copied from interface:Authenticator
The user login authorisation method which is called every time a user tries to login to the server.
This method should be used to perform authorisation of the user's credentials.
If the authentication requires the use of an external service (e.g. database) to verify the user credentials, the AuthenticationResult.DELAYED return code should be used, followed by a call to
DelayedResultReceiver#delayedCheckUserResult
when the result is available. This mechanism avoids the Liberator thread beeing blocked whilst waiting for the result, and the obvious associated performance impact.N.B. The delayed result functionality is only available for the checkUser and mapObject methods. To avoid unnecessary delays during methods such as checkRead, if the user's permission set is contained in a remote database or service, then it can be beneficial to cache this locally at logon time during this method execution.
Subsequent permission checks such as checkRead can then access the locally cached permission set for optimal performance.
If the cached permissions are then modified, thenSessionManager#invalidateAllSessions
orSessionManager#invalidateSessions
methods can be used as necessary to force the Liberator to re-validate the user's permissions.- Specified by:
checkUser
in interfaceAuthenticator
- Overrides:
checkUser
in classAuthenticatorAdaptor
- Parameters:
session
- theUserSession
object containing information about the user and their login details.- Returns:
- an
AuthenticationResult
instance - usuallyAuthenticationResult.OK
,AuthenticationResult.DENY
or one of the specific failure results such asAuthenticationResult.INVALID_USER
. - See Also:
-