Overview  Package   Class  Tree  Deprecated  Index  Help 
Wildfire 3.2.4 Javadoc
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jivesoftware.wildfire.auth
Class AuthFactory

java.lang.Object
  extended by org.jivesoftware.wildfire.auth.AuthFactory

public class AuthFactory
extends Object

Pluggable authentication service. Users of Wildfire that wish to change the AuthProvider implementation used to authenticate users can set the AuthProvider.className XML property. For example, if you have configured Wildfire to use LDAP for user information, you'd want to send a custom implementation of AuthFactory to make LDAP auth queries. After changing the AuthProvider.className XML property, you must restart your application server.

Author:
Matt Tucker

Constructor Summary
AuthFactory()
           
 
Method Summary
static AuthToken authenticate(String username, String password)
          Authenticates a user with a username and plain text password and returns and AuthToken.
static AuthToken authenticate(String username, String token, String digest)
          Authenticates a user with a username, token, and digest and returns an AuthToken.
static String createDigest(String token, String password)
          Returns a digest given a token and password, according to JEP-0078.
static String decryptPassword(String encryptedPassword)
          Returns a decrypted version of the encrypted password.
static String encryptPassword(String password)
          Returns an encrypted version of the plain-text password.
static AuthProvider getAuthProvider()
          Returns the currently-installed AuthProvider.
static String getPassword(String username)
          Returns the user's password.
static boolean isDigestSupported()
          Returns true if the currently installed AuthProvider supports digest authentication according to JEP-0078.
static boolean isPlainSupported()
          Returns true if the currently installed AuthProvider supports authentication using plain-text passwords according to JEP-0078.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthFactory

public AuthFactory()
Method Detail

getAuthProvider

public static AuthProvider getAuthProvider()
Returns the currently-installed AuthProvider. Warning: in virtually all cases the auth provider should not be used directly. Instead, the appropriate methods in AuthFactory should be called. Direct access to the auth provider is only provided for special-case logic.

Returns:
the current UserProvider.

isPlainSupported

public static boolean isPlainSupported()
Returns true if the currently installed AuthProvider supports authentication using plain-text passwords according to JEP-0078. Plain-text authentication is not secure and should generally only be used over a TLS/SSL connection.

Returns:
true if plain text password authentication is supported.

isDigestSupported

public static boolean isDigestSupported()
Returns true if the currently installed AuthProvider supports digest authentication according to JEP-0078.

Returns:
true if digest authentication is supported.

getPassword

public static String getPassword(String username)
                          throws UserNotFoundException,
                                 UnsupportedOperationException
Returns the user's password. This method will throw an UnsupportedOperationException if this operation is not supported by the backend user store.

Parameters:
username - the username of the user.
Returns:
the user's password.
Throws:
UserNotFoundException - if the given user could not be found.
UnsupportedOperationException - if the provider does not support the operation (this is an optional operation).

authenticate

public static AuthToken authenticate(String username,
                                     String password)
                              throws UnauthorizedException
Authenticates a user with a username and plain text password and returns and AuthToken. If the username and password do not match the record of any user in the system, this method throws an UnauthorizedException.

Parameters:
username - the username.
password - the password.
Returns:
an AuthToken token if the username and password are correct.
Throws:
UnauthorizedException - if the username and password do not match any existing user.

authenticate

public static AuthToken authenticate(String username,
                                     String token,
                                     String digest)
                              throws UnauthorizedException
Authenticates a user with a username, token, and digest and returns an AuthToken. The digest should be generated using the createDigest(String, String) method. If the username and digest do not match the record of any user in the system, the method throws an UnauthorizedException.

Parameters:
username - the username.
token - the token that was used with plain-text password to generate the digest.
digest - the digest generated from plain-text password and unique token.
Returns:
an AuthToken token if the username and digest are correct for the user's password and given token.
Throws:
UnauthorizedException - if the username and password do not match any existing user.

createDigest

public static String createDigest(String token,
                                  String password)
Returns a digest given a token and password, according to JEP-0078.

Parameters:
token - the token used in the digest.
password - the plain-text password to be digested.
Returns:
the digested result as a hex string.

encryptPassword

public static String encryptPassword(String password)
Returns an encrypted version of the plain-text password. Encryption is performed using the Blowfish algorithm. The encryption key is stored as the Jive property "passwordKey". If the key is not present, it will be automatically generated.

Parameters:
password - the plain-text password.
Returns:
the encrypted password.
Throws:
UnsupportedOperationException - if encryption/decryption is not possible; for example, during setup mode.

decryptPassword

public static String decryptPassword(String encryptedPassword)
Returns a decrypted version of the encrypted password. Encryption is performed using the Blowfish algorithm. The encryption key is stored as the Jive property "passwordKey". If the key is not present, it will be automatically generated.

Parameters:
encryptedPassword - the encrypted password.
Returns:
the encrypted password.
Throws:
UnsupportedOperationException - if encryption/decryption is not possible; for example, during setup mode.
Overview  Package   Class  Tree  Deprecated  Index  Help 
Wildfire 3.2.4 Javadoc
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2007 Jive Software.