[Java] Class r1.rpc.LoginHandler

[Java] Class r1.rpc.LoginHandler

 Server API

r1.rpc
Class LoginHandler

java.lang.Object
  extended by r1.rpc.LoginHandler

public abstract class LoginHandler
extends java.lang.Object

This class implements a login system that supports CHAP and plain-text-password. You must extend this class with a concrete class that provide a way to save and retrieve. That class's name must be specified as the value for the loginHandlerClass init-parameter for the RPCServlet.

There are up to five methods that you may override and implement.

The return value of doEncrypt() method indicates whether to use CHAP or plain-text-password login. By default, it returns true, indicating CHAP. If plain-text-password login is desired, override this method.

There are four abstract methods that need be implemented. Methods #loadUser(String) and getPasswordDigest(String) are required; savePasswordDigest(String,String) and createUser(String,String,Object) must be implemented for CHAP login.

Nested Class Summary
static class LoginHandler.PasswordNotRetrievableException
           
 
Constructor Summary
LoginHandler()
           
 
Method Summary
abstract  java.lang.String createUser(java.lang.String id, java.lang.String digest, java.lang.Object data)
          In a CHAP system, to create a user with the user ID, the pasword digest, and possible extra user information in data.
protected  boolean doEncrypt()
          Encryption type.
 java.lang.String getPasswordDigest(java.lang.String id)
          To return the password text or digest (in the case of CHAP) for a user ID.
abstract  java.lang.Object loadUser(java.lang.String id, java.lang.String password_digest)
          To load the user object for the given id.
protected  java.lang.Object login(java.lang.String id, java.lang.String password_digest)
          The login method used by the framework.
protected  void logout()
          Invalidates the HTTP session.
abstract  void savePasswordDigest(java.lang.String id, java.lang.String digest)
          To save the password text or digest (in the case of CHAP) for a user ID.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

LoginHandler

public LoginHandler()
Method Detail

getPasswordDigest

public java.lang.String getPasswordDigest(java.lang.String id)
                                   throws LoginHandler.PasswordNotRetrievableException
To return the password text or digest (in the case of CHAP) for a user ID. It can throw a LoginHandler.PasswordNotRetrievableException so that the login() method would bypass checking password.

Throws:
LoginHandler.PasswordNotRetrievableException

savePasswordDigest

public abstract void savePasswordDigest(java.lang.String id,
                                        java.lang.String digest)
To save the password text or digest (in the case of CHAP) for a user ID.

createUser

public abstract java.lang.String createUser(java.lang.String id,
                                            java.lang.String digest,
                                            java.lang.Object data)
                                     throws java.lang.Exception
In a CHAP system, to create a user with the user ID, the pasword digest, and possible extra user information in data. The data must be a R1-RPC/J serializable type, which is the same as required by the façade and VO classes.

Parameters:
id - this can be null, in which case a new ID will be created. If that ID already exists, this method should throw an exception.
digetst - the password digest sent by the client.
data - extra user information. It must be a R1-RPC/J serializable type, which is the same as required by the façade and VO classes.
Returns:
the (new) user ID.
Throws:
java.lang.Exception
See Also:
RemoteVO, RemoteFacade

loadUser

public abstract java.lang.Object loadUser(java.lang.String id,
                                          java.lang.String password_digest)
To load the user object for the given id.

Returns:
the user object, which must be a R1-RPC/J serializable type, the same as required by the façade and VO classes.
See Also:
RemoteVO, RemoteFacade

login

protected java.lang.Object login(java.lang.String id,
                                 java.lang.String password_digest)
                          throws javax.security.auth.login.LoginException
The login method used by the framework. Override to do pre- and/or post-login work.

Throws:
javax.security.auth.login.LoginException

logout

protected void logout()
Invalidates the HTTP session. Override to do pre- and/or post-logout clean-up.

doEncrypt

protected boolean doEncrypt()
Encryption type. Default is true, indicating CHAP login. Override and return false to plain-text-password login.