jet.server.userman

Interface UserAuthenticator

public interface UserAuthenticator

Customized Authentication

JReport Enterprise Server provides the ability to use customized user authentication scheme. A customized user authentication scheme must implement the interface jet.server.UserAuthenticator, and import the customized class file by modifying the following JReport Enterprise Server's properties file:
<SERVER PATH>/bin/classes.properties

When using customized user authentication scheme, user should:
1. Write a class which implements the interface jet.server.UserAuthenticator.
2. Put the class into CLASSPATH which used by launching JReport Enterprise Server
3. Edit file <SERVER PATH>/bin/classes.properties, let name UserAuthenticator point to the customized class
4. Restart JReport Enterprise Server and the customized user authentication is working.

Field Summary

Fields

Modifier and Type	Field and Description
static int	ACCESS
static int	MANAGE

Method Summary

Modifier and Type	Method and Description
String	changePassword(String realmName, String implUserName, String userName, String oldPwd, String newPwd) Changes user password.
String	changePasswordEx(String realmName, String implUserName, String userName, String oldPwd, String newPwd) Changes user password.
boolean	getAuditState(String realmName, String userName, int type, boolean success) Gets the audit state setting.
UserMailList	getMailList() Gets the user mail list.
String	getPassword(String realmName, String userName) Gets the user password
Enumeration	getRealmNames() Gets the realm list.
Enumeration	getUserNames(String realmName) Gets the user names in the realm.
boolean	isPermissionOk(String realmName, String userName, String uri, int versionNumber, String cmd) Checks if the user has the permission to do the action on a specific version of resource
boolean	isPermissionOk(String realmName, String userName, String uri, String cmd) Checks if the user has the permission to do the action
boolean	isValidAdminUser(String realmName, String userName, String password) Checks if the user can access the administration tools.
boolean	isValidUser(String realmName, String userName, String password) Checks if the user is a valid one.

Field Detail

ACCESS

static final int ACCESS

See Also:

Constant Field Values

MANAGE

static final int MANAGE

See Also:

Constant Field Values

Method Detail

changePassword

String changePassword(String realmName,
                      String implUserName,
                      String userName,
                      String oldPwd,
                      String newPwd)

Changes user password.

Parameters:

realmName - the realm name

implUserName - the user name who invoked the action

userName - the user name whose password needs to be changed

oldPwd - the old password

newPwd - the new password

Returns:

error message if failed, or null if successful.

changePasswordEx

String changePasswordEx(String realmName,
                        String implUserName,
                        String userName,
                        String oldPwd,
                        String newPwd)
                 throws InvalidPasswordException

Changes user password.

Parameters:

realmName - the realm name

implUserName - the user name who invoked the action

userName - the user name whose password needs to be changed

oldPwd - the old password

newPwd - the new password

Returns:

error message if failed, or null if successful.

Throws:

InvalidPasswordException - if password not match advanced password rule

isPermissionOk

boolean isPermissionOk(String realmName,
                       String userName,
                       String uri,
                       String cmd)

Checks if the user has the permission to do the action

Parameters:

realmName - the realm name

userName - the user name

uri - the request URI the uri equals a special string APIConst.PRIVILEGE_URI which means this method is used to check privileges. For example, if this method is used to check privileges, it will be invoked as: isPermissionOk(realmName, userName, APIConst.PRIVILEGE_URI, cmd);

cmd - the action needed to be invoked. see brsow2cmd.htm for detailed information

Returns:

true if the user has the permission

isPermissionOk

boolean isPermissionOk(String realmName,
                       String userName,
                       String uri,
                       int versionNumber,
                       String cmd)

Checks if the user has the permission to do the action on a specific version of resource

Parameters:

realmName - the realm name

userName - the user name

uri - the request URI

versionNumber - version number of the resource specified by URI

cmd - the action needed to be invoked. see brsow2cmd.htm for detailed information

Returns:

true if the user has the permission

isValidUser

boolean isValidUser(String realmName,
                    String userName,
                    String password)

Checks if the user is a valid one. A valid user must exist and provide valid password.

Parameters:

realmName - the realm name

userName - the user name

password - the user password

Returns:

true if the user exists and the password is true

isValidAdminUser

boolean isValidAdminUser(String realmName,
                         String userName,
                         String password)

Checks if the user can access the administration tools.

Parameters:

realmName - the realm name

userName - the user name

password - the user password

Returns:

true if the user can access the administration tools.

getPassword

String getPassword(String realmName,
                   String userName)

Gets the user password

Parameters:

realmName - the realm name

userName - the user name

Returns:

the user password, null if any error occurs.

getRealmNames

Enumeration getRealmNames()

Gets the realm list. Almost everything, including user, group, resource and schedule, is defined within a realm. Users are different if they have same names but in different realms. We must use user name and realm name together to define a user.

Returns:

the realm names. Each element is a String.

getUserNames

Enumeration getUserNames(String realmName)

Gets the user names in the realm.

Parameters:

realmName - the realm name

Returns:

the user names in the realm. Each element is a String.

getAuditState

boolean getAuditState(String realmName,
                      String userName,
                      int type,
                      boolean success)

Gets the audit state setting. The audit setting differs with users. If one user's audit setting is false, the user's action will not be logged. Actions have different type. Now we define two types: ACCESS and MANAGE. ACCESS denotes action accessing to the resource and MANAGE denotes action managing the server. We can also select whether to log if the action succeeded or failed

Parameters:

realmName - the realm name

userName - the user name

type - the target type, which must be one of the constants defined above

success - denotes whether audit succeeded or failed

Returns:

the audit state

getMailList

UserMailList getMailList()

Gets the user mail list. Users can customize user mail list scheme by implementing the interface jet.server.api.UserMailList.

Returns:

the user mail list interface

See Also:

UserMailList