AuthUtil ( @enterprise 10.0 API)

java.lang.Object
- com.groiss.org.AuthUtil

```
public class AuthUtil
extends Object
```
Utilities for writing an authorization class.

Constructor Summary

Constructors
Constructor and Description

AuthUtil()

Constructors
Constructor and Description
`AuthUtil()`

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static void`	`addNodeCookie(HttpServletResponse res, String rn)`
`static String`	`authorizeBrowser(HttpServletRequest req, HttpServletResponse res, User u)` This function can be called from the client to instantiate a session.
`static void`	`authorizeBrowser(HttpServletRequest req, HttpServletResponse res, User u, String nextUrl)` This function can be called from the client to instantiate a session and send the session cookie to the browser.
`static void`	`checkSysadmPasswd(String passwd)`
`static Principal`	`checkUser(String userId, String passwd, String clientAddr)` Checks the user.
`static Principal`	`checkUser(String userId, String passwd, String clientAddr, boolean ignoreUnsuccessfulLogin)` Checks the user.
`static void`	`deleteNodeCookie(HttpServletResponse res)`
`static boolean`	`equalUserIds(String firstId, String secondId)` Checks if both id strings are equal respecting the configuration value for case sensitive user Id checking
`static String`	`getNodeCookieName()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AuthUtil
```
public AuthUtil()
```
- Method Detail
  - authorizeBrowser
```
public static String authorizeBrowser(HttpServletRequest req,
                                      HttpServletResponse res,
                                      User u)
                               throws IOException
```
    This function can be called from the client to instantiate a session. No cookie is being send back. The caller is responsible for dispatching the correct request. This can be accomplished via req.getRequestDispatcher(path).forward(req,res);
    
    Parameters:
    
    req - the HttpServletRequest
    
    res - the HttpServletResponse
    
    u - the user
    
    Returns:
    
    null, if no error condition occurred, or a string containing the error message which should be written back to the client; via res.getWriter().println(result);
    
    Throws:
    
    IOException
  - authorizeBrowser
```
public static void authorizeBrowser(HttpServletRequest req,
                                    HttpServletResponse res,
                                    User u,
                                    String nextUrl)
                             throws IOException
```
    This function can be called from the client to instantiate a session and send the session cookie to the browser.
    
    Parameters:
    
    req - the HttpServletRequest
    
    res - the HttpServletResponse
    
    u - the user
    
    nextUrl - the url for redirection When referer check is enabled (ep.check.http.referer), nextUrl must be also be in ep.check.http.referer.exempt).
    
    Throws:
    
    IOException
  - checkUser
```
public static Principal checkUser(String userId,
                                  String passwd,
                                  String clientAddr)
                           throws Exception
```
    Checks the user. Compares the password and checks whether the user is active. If one of the check fails an Exception is thrown. If the password is not correct an unsuccessful login will be recorded.
    
    Parameters:
    
    userId - the id of the user
    
    passwd - the passwd
    
    clientAddr - the ip address of the client
    
    Returns:
    
    the user with the given id, if found.
    
    Throws:
    
    Exception
  - checkUser
```
public static Principal checkUser(String userId,
                                  String passwd,
                                  String clientAddr,
                                  boolean ignoreUnsuccessfulLogin)
                           throws Exception
```
    Checks the user. Compares the password and checks whether the user is active. If one of the check fails an Exception is thrown. If the password is not correct an unsuccessful login will be recorded but only if parameter ignoreUnsuccessfulLogin ist not true.
    
    Parameters:
    
    userId - the id of the user
    
    passwd - the passwd
    
    clientAddr - the ip address of the client
    
    ignoreUnsuccessfulLogin - if true unsuccessful logins will not be recorded
    
    Returns:
    
    the user with the given id, if found.
    
    Throws:
    
    Exception
  - checkSysadmPasswd
```
public static void checkSysadmPasswd(String passwd)
```
  - equalUserIds
```
public static boolean equalUserIds(String firstId,
                                   String secondId)
```
    Checks if both id strings are equal respecting the configuration value for case sensitive user Id checking
    
    Parameters:
    
    firstId - a user Id string
    
    secondId - a user Id string to compare with firstId
    
    Returns:
    
    true if the ids are considered as equal, false otherwise
  - getNodeCookieName
```
public static String getNodeCookieName()
```
  - addNodeCookie
```
public static void addNodeCookie(HttpServletResponse res,
                                 String rn)
```
  - deleteNodeCookie
```
public static void deleteNodeCookie(HttpServletResponse res)
```

Class AuthUtil

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AuthUtil

Method Detail

authorizeBrowser

authorizeBrowser

checkUser

checkUser

checkSysadmPasswd

equalUserIds

getNodeCookieName

addNodeCookie

deleteNodeCookie