Openfire 3.6.3 Javadoc

org.jivesoftware.openfire.auth
Class DefaultAuthProvider

java.lang.Object
  extended by org.jivesoftware.openfire.auth.DefaultAuthProvider
All Implemented Interfaces:
AuthProvider

public class DefaultAuthProvider
extends Object
implements AuthProvider

Default AuthProvider implementation. It authenticates against the ofUser database table and supports plain text and digest authentication. Because each call to authenticate() makes a database connection, the results of authentication should be cached whenever possible.

Author:
Matt Tucker

Constructor Summary
DefaultAuthProvider()
          Constructs a new DefaultAuthProvider.
 
Method Summary
 void authenticate(String username, String password)
          Returns if the username and password are valid; otherwise this method throws an UnauthorizedException.
 void authenticate(String username, String token, String digest)
          Returns if the username, token, and digest are valid; otherwise this method throws an UnauthorizedException.
 String getPassword(String username)
          Returns the user's password.
 boolean isDigestSupported()
          Returns true if this AuthProvider supports digest authentication according to JEP-0078.
 boolean isPlainSupported()
          Returns true if this AuthProvider supports authentication using plain-text passwords according to JEP--0078.
 void setPassword(String username, String password)
          Sets the users's password.
 boolean supportsPasswordRetrieval()
          Returns true if this UserProvider is able to retrieve user passwords from the backend user store.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultAuthProvider

public DefaultAuthProvider()
Constructs a new DefaultAuthProvider.

Method Detail

authenticate

public void authenticate(String username,
                         String password)
                  throws UnauthorizedException
Description copied from interface: AuthProvider
Returns if the username and password are valid; otherwise this method throws an UnauthorizedException.

If AuthProvider.isPlainSupported() returns false, this method should throw an UnsupportedOperationException.

Specified by:
authenticate in interface AuthProvider
Parameters:
username - the username or full JID.
password - the passwordl
Throws:
UnauthorizedException - if the username and password do not match any existing user.

authenticate

public void authenticate(String username,
                         String token,
                         String digest)
                  throws UnauthorizedException
Description copied from interface: AuthProvider
Returns if the username, token, and digest are valid; otherwise this method throws an UnauthorizedException.

If AuthProvider.isDigestSupported() returns false, this method should throw an UnsupportedOperationException.

Specified by:
authenticate in interface AuthProvider
Parameters:
username - the username or full JID.
token - the token that was used with plain-text password to generate the digest.
digest - the digest generated from plain-text password and unique token.
Throws:
UnauthorizedException - if the username and password do not match any existing user.

isPlainSupported

public boolean isPlainSupported()
Description copied from interface: AuthProvider
Returns true if this AuthProvider supports authentication using plain-text passwords according to JEP--0078. Plain text authentication is not secure and should generally only be used for a TLS/SSL connection.

Specified by:
isPlainSupported in interface AuthProvider
Returns:
true if plain text password authentication is supported by this AuthProvider.

isDigestSupported

public boolean isDigestSupported()
Description copied from interface: AuthProvider
Returns true if this AuthProvider supports digest authentication according to JEP-0078.

Specified by:
isDigestSupported in interface AuthProvider
Returns:
true if digest authentication is supported by this AuthProvider.

getPassword

public String getPassword(String username)
                   throws UserNotFoundException
Description copied from interface: AuthProvider
Returns the user's password. This method should throw an UnsupportedOperationException if this operation is not supported by the backend user store.

Specified by:
getPassword in interface AuthProvider
Parameters:
username - the username of the user.
Returns:
the user's password.
Throws:
UserNotFoundException - if the given user's password could not be loaded.

setPassword

public void setPassword(String username,
                        String password)
                 throws UserNotFoundException
Description copied from interface: AuthProvider
Sets the users's password. This method should throw an UnsupportedOperationException if this operation is not supported by the backend user store.

Specified by:
setPassword in interface AuthProvider
Parameters:
username - the username of the user.
password - the new plaintext password for the user.
Throws:
UserNotFoundException - if the given user could not be loaded.

supportsPasswordRetrieval

public boolean supportsPasswordRetrieval()
Description copied from interface: AuthProvider
Returns true if this UserProvider is able to retrieve user passwords from the backend user store. If this operation is not supported then AuthProvider.getPassword(String) will throw an UnsupportedOperationException if invoked.

Specified by:
supportsPasswordRetrieval in interface AuthProvider
Returns:
true if this UserProvider is able to retrieve user passwords from the backend user store.

Openfire 3.6.3 Javadoc

Copyright © 2003-2008 Jive Software.