AuthUtil ( @enterprise 9.0 API)

java.lang.Object
- com.groiss.org.AuthUtil

public class AuthUtil
extends java.lang.Object

Utilities for writing an authorization class.

Constructor Summary

Constructors
Constructor and Description

AuthUtil()

Constructors
Constructor and Description
`AuthUtil()`

Method Summary

Methods
Modifier and Type	Method and Description
`static void`	`addNodeCookie(javax.servlet.http.HttpServletResponse res, com.groiss.server.RunningNode rn)`
`static java.lang.String`	`authorizeBrowser(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, User u)` This function can be called from the client to instantiate a session.
`static void`	`authorizeBrowser(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res, User u, java.lang.String nextUrl)` This function can be called from the client to instantiate a session and send the session cookie to the browser.
`static void`	`checkSysadmPasswd(java.lang.String passwd)`
`static java.security.Principal`	`checkUser(java.lang.String userId, java.lang.String passwd, java.lang.String clientAddr)` Checks the user.
`static java.security.Principal`	`checkUser(java.lang.String userId, java.lang.String passwd, java.lang.String clientAddr, boolean ignoreUnsuccessfulLogin)` Checks the user.
`static void`	`deleteNodeCookie(javax.servlet.http.HttpServletResponse res)`
`static java.lang.String`	`getNodeCookieName()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AuthUtil
```
public AuthUtil()
```
- Method Detail
  - authorizeBrowser
```
public static java.lang.String authorizeBrowser(javax.servlet.http.HttpServletRequest req,
                                javax.servlet.http.HttpServletResponse res,
                                User u)
                                         throws java.io.IOException
```
    This function can be called from the client to instantiate a session. No cookie is being send back. The caller is responsible for dispatching the correct request. This can be accomplished via req.getRequestDispatcher(path).forward(req,res);
    
    Parameters:
    req - the HttpServletRequest
    res - the HttpServletResponse
    u - the user
    
    Returns:
    null, if no error condition occurred, or a string containing the error message which should be written back to the client; via res.getWriter().println(result);
    
    Throws:
    
    java.io.IOException
  - authorizeBrowser
```
public static void authorizeBrowser(javax.servlet.http.HttpServletRequest req,
                    javax.servlet.http.HttpServletResponse res,
                    User u,
                    java.lang.String nextUrl)
                             throws java.io.IOException
```
    This function can be called from the client to instantiate a session and send the session cookie to the browser.
    
    Parameters:
    req - the HttpServletRequest
    res - the HttpServletResponse
    u - the user
    nextUrl - the url for redirection When referer check is enabled (ep.check.http.referer), nextUrl must be also be in ep.check.http.referer.exempt).
    
    Throws:
    
    java.io.IOException
  - checkUser
```
public static java.security.Principal checkUser(java.lang.String userId,
                                java.lang.String passwd,
                                java.lang.String clientAddr)
                                         throws java.lang.Exception
```
    Checks the user. Compares the password and checks whether the user is active. If one of the check fails an Exception is thrown. If the password is not correct an unsuccessful login will be recorded.
    
    Parameters:
    userId - the id of the user
    passwd - the passwd
    clientAddr - the ip address of the client
    
    Returns:
    the user with the given id, if found.
    
    Throws:
    
    java.lang.Exception
  - checkUser
```
public static java.security.Principal checkUser(java.lang.String userId,
                                java.lang.String passwd,
                                java.lang.String clientAddr,
                                boolean ignoreUnsuccessfulLogin)
                                         throws java.lang.Exception
```
    Checks the user. Compares the password and checks whether the user is active. If one of the check fails an Exception is thrown. If the password is not correct an unsuccessful login will be recorded but only if parameter ignoreUnsuccessfulLogin ist not true.
    
    Parameters:
    userId - the id of the user
    passwd - the passwd
    clientAddr - the ip address of the client
    ignoreUnsuccessfulLogin - if true unsuccessful logins will not be recorded
    
    Returns:
    the user with the given id, if found.
    
    Throws:
    
    java.lang.Exception
  - checkSysadmPasswd
```
public static void checkSysadmPasswd(java.lang.String passwd)
```
  - getNodeCookieName
```
public static java.lang.String getNodeCookieName()
```
  - addNodeCookie
```
public static void addNodeCookie(javax.servlet.http.HttpServletResponse res,
                 com.groiss.server.RunningNode rn)
```
  - deleteNodeCookie
```
public static void deleteNodeCookie(javax.servlet.http.HttpServletResponse res)
```

Class AuthUtil

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AuthUtil

Method Detail

authorizeBrowser

authorizeBrowser

checkUser

checkUser

checkSysadmPasswd

getNodeCookieName

addNodeCookie

deleteNodeCookie