Class LockOutManager


  • public class LockOutManager
    extends Object
    The LockOutManager manages the LockOutProvider configured for this server, caches knowledge of whether accounts are disabled or enabled, and provides a single point of entry for handling locked/disabled accounts. The provider can be specified in system properties by adding:
    • provider.lockout.className = my.lock.out.provider
    Author:
    Daniel Henninger
    • Method Detail

      • getLockOutProvider

        public static LockOutProvider getLockOutProvider()
        Returns the currently-installed LockOutProvider. Warning: in virtually all cases the lockout provider should not be used directly. Instead, the appropriate methods in LockOutManager should be called. Direct access to the lockout provider is only provided for special-case logic.
        Returns:
        the current LockOutProvider.
      • getInstance

        public static LockOutManager getInstance()
        Returns a singleton instance of LockOutManager.
        Returns:
        a LockOutManager instance.
      • getDisabledStatus

        public LockOutFlag getDisabledStatus​(String username)
        Returns a LockOutFlag for a given username, which contains information about the time period that the specified account is going to be disabled.
        Parameters:
        username - Username of account to request status of.
        Returns:
        The LockOutFlag instance describing the accounts disabled status or null if user account specified is not currently locked out (disabled).
      • isAccountDisabled

        public boolean isAccountDisabled​(String username)
        Returns true or false if an account is currently locked out.
        Parameters:
        username - Username of account to check on.
        Returns:
        True or false if the account is currently locked out.
      • disableAccount

        public void disableAccount​(String username,
                                   Date startTime,
                                   Date endTime)
                            throws UnsupportedOperationException
        Sets an account to disabled, starting at an optional time and ending at an optional time. If either times are set to null, the lockout is considered "forever" in that direction. For example, if you had a start time of 2 hours from now, and a null end time, then the account would be locked out in two hours, and never unlocked until someone manually unlcoked the account.
        Parameters:
        username - User whose account will be disabled.
        startTime - When to start the lockout, or null if immediately.
        endTime - When to end the lockout, or null if forever.
        Throws:
        UnsupportedOperationException - if the provider is readonly.
      • enableAccount

        public void enableAccount​(String username)
                           throws UnsupportedOperationException
        Enables an account that may or may not have previously been disabled. This erases any knowledge of a lockout, including one that wasn't necessarily in effect at the time the method was called.
        Parameters:
        username - User to enable.
        Throws:
        UnsupportedOperationException - if the provider is readonly.
      • recordFailedLogin

        public void recordFailedLogin​(String username)
        "Records" (notifies all listeners) that a failed login occurred.
        Parameters:
        username - Locked out user that attempted to login.