public class AuthenticatorController extends Object implements AuthenticationService, org.openbase.jul.iface.Launchable<Void>, org.openbase.jul.iface.VoidInitializable
Constructor and Description |
---|
AuthenticatorController() |
AuthenticatorController(byte[] serviceServerPrivateKey) |
AuthenticatorController(CredentialStore credentialStore) |
AuthenticatorController(CredentialStore credentialStore,
byte[] serviceServerPrivateKey) |
Modifier and Type | Method and Description |
---|---|
void |
activate() |
Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> |
changeCredentials(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange)
Changes the credentials for a given user.
|
void |
deactivate() |
static String |
getInitialPassword()
Get the initial password which is randomly generated on startup with an empty
credentialStore.
|
Future<Boolean> |
hasUser(String userId) |
void |
init() |
boolean |
isActive() |
Future<Boolean> |
isAdmin(String userId)
Returns whether a given user has admin rights or not.
|
Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> |
register(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange)
Registers a client or user.
|
Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> |
removeUser(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange)
Removes a user or client.
|
Future<rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper> |
requestClientServerTicket(rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper ticketAuthenticatorWrapper)
Request a ClientServerTicket from the AuthenticatorService.
|
Future<rst.domotic.authentication.AuthenticatedValueType.AuthenticatedValue> |
requestServiceServerSecretKey(rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper ticketAuthenticatorWrapper)
Validates the client server ticket and returns the service server secret key encrypted
with the session key.
|
Future<rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper> |
requestTicketGrantingTicket(String id)
Request a TicketGrantingTicket from the AuthenticatorService.
|
Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> |
setAdministrator(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange)
Appoints a normal user to an administrator.
|
Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> |
validateClientServerTicket(rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper ticketAuthenticatorWrapper)
Validate a ClientServierTicket.
|
void |
waitForActivation() |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
public AuthenticatorController() throws org.openbase.jul.exception.InitializationException
org.openbase.jul.exception.InitializationException
public AuthenticatorController(CredentialStore credentialStore) throws org.openbase.jul.exception.InitializationException
org.openbase.jul.exception.InitializationException
public AuthenticatorController(byte[] serviceServerPrivateKey) throws org.openbase.jul.exception.InitializationException
org.openbase.jul.exception.InitializationException
public AuthenticatorController(CredentialStore credentialStore, byte[] serviceServerPrivateKey) throws org.openbase.jul.exception.InitializationException
org.openbase.jul.exception.InitializationException
public void init() throws org.openbase.jul.exception.InitializationException, InterruptedException
init
in interface org.openbase.jul.iface.DefaultInitializable
init
in interface org.openbase.jul.iface.DefaultInitializableImpl<Void>
init
in interface org.openbase.jul.iface.VoidInitializable
org.openbase.jul.exception.InitializationException
InterruptedException
public void activate() throws org.openbase.jul.exception.CouldNotPerformException, InterruptedException
activate
in interface org.openbase.jul.iface.Activatable
org.openbase.jul.exception.CouldNotPerformException
InterruptedException
public void deactivate() throws org.openbase.jul.exception.CouldNotPerformException, InterruptedException
deactivate
in interface org.openbase.jul.iface.Activatable
org.openbase.jul.exception.CouldNotPerformException
InterruptedException
public boolean isActive()
isActive
in interface org.openbase.jul.iface.Activatable
public void waitForActivation() throws org.openbase.jul.exception.CouldNotPerformException, InterruptedException
org.openbase.jul.exception.CouldNotPerformException
InterruptedException
public Future<rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper> requestTicketGrantingTicket(String id) throws org.openbase.jul.exception.CouldNotPerformException
AuthenticationService
requestTicketGrantingTicket
in interface AuthenticationService
id
- the id of the client whose password is used for the
encryption of the session keyorg.openbase.jul.exception.NotAvailableException
- If the clientId could not be found.org.openbase.jul.exception.CouldNotPerformException
- In the case of an internal server error or if the remote call fails.public Future<rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper> requestClientServerTicket(rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper ticketAuthenticatorWrapper) throws org.openbase.jul.exception.CouldNotPerformException
AuthenticationService
requestClientServerTicket
in interface AuthenticationService
ticketAuthenticatorWrapper
- a wrapper containing the authenticator
encrypted with the TicketGrantingService session key and the unchanged
TicketGrantingTicketorg.openbase.jul.exception.RejectedException
- If timestamp in Authenticator does not fit to time period in TGT,
if clientID in Authenticator does not match clientID in TGT or, if the decryption of the
Authenticator or TGT fails, probably because the wrong keys were used.org.openbase.jul.exception.CouldNotPerformException
- In the case of an internal server error or if the remote call fails.public Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> validateClientServerTicket(rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper ticketAuthenticatorWrapper) throws org.openbase.jul.exception.CouldNotPerformException
AuthenticationService
validateClientServerTicket
in interface AuthenticationService
ticketAuthenticatorWrapper
- a wrapper containing the authenticator
encrypted with the session key and the unchanged ClientServerTicketorg.openbase.jul.exception.RejectedException
- If timestamp in Authenticator does not fit to time period in TGT,
if clientID in Authenticator does not match clientID in TGT or, if the decryption of the
Authenticator or CST fails, probably because the wrong keys were used.org.openbase.jul.exception.CouldNotPerformException
- In the case of an internal server error or if the remote call fails.public Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> changeCredentials(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange) throws org.openbase.jul.exception.CouldNotPerformException, org.openbase.jul.exception.RejectedException, org.openbase.jul.exception.PermissionDeniedException
AuthenticationService
changeCredentials
in interface AuthenticationService
loginCredentialsChange
- Wrapper containing the user's ID, new and old password,
and a TicketAuthenticatorWrapper to authenticate the user.org.openbase.jul.exception.RejectedException
- If the password change fails (invalid ticket, user has no permission, old password doesn't match).org.openbase.jul.exception.PermissionDeniedException
- If the user has no permission to change this password.org.openbase.jul.exception.CouldNotPerformException
public Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> register(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange) throws org.openbase.jul.exception.CouldNotPerformException, org.openbase.jul.exception.RejectedException, org.openbase.jul.exception.PermissionDeniedException
AuthenticationService
register
in interface AuthenticationService
loginCredentialsChange
- Wrapper containing the user's ID, password or public key, isAdmin flag,
and a TicketAuthenticatorWrapper to authenticate the user.org.openbase.jul.exception.RejectedException
- If the password change fails (invalid ticket, user has no permission, old password doesn't match)
or if the decryption fails, because the wrong keys were used.org.openbase.jul.exception.PermissionDeniedException
- If the user has no permission to change this password.org.openbase.jul.exception.CouldNotPerformException
public Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> removeUser(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange) throws org.openbase.jul.exception.CouldNotPerformException, org.openbase.jul.exception.RejectedException, org.openbase.jul.exception.PermissionDeniedException
AuthenticationService
removeUser
in interface AuthenticationService
loginCredentialsChange
- change of credentials (id of user to remove)org.openbase.jul.exception.RejectedException
- If the password change fails (invalid ticket, user has no permission, old password doesn't match)
or if the decryption fails, because the wrong keys were used.org.openbase.jul.exception.PermissionDeniedException
- If the user has no permission to change this password.org.openbase.jul.exception.CouldNotPerformException
public Future<rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper> setAdministrator(rst.domotic.authentication.LoginCredentialsChangeType.LoginCredentialsChange loginCredentialsChange) throws org.openbase.jul.exception.CouldNotPerformException, org.openbase.jul.exception.RejectedException, org.openbase.jul.exception.PermissionDeniedException
AuthenticationService
setAdministrator
in interface AuthenticationService
loginCredentialsChange
- Wrapper containing the user's ID, password or public key, isAdmin flag,
and a TicketAuthenticatorWrapper to authenticate the user.org.openbase.jul.exception.RejectedException
- If the password change fails (invalid ticket, user has no permission)
or if the decryption fails, because the wrong keys were used.org.openbase.jul.exception.PermissionDeniedException
- If the user has no permission to change this password.org.openbase.jul.exception.CouldNotPerformException
public Future<rst.domotic.authentication.AuthenticatedValueType.AuthenticatedValue> requestServiceServerSecretKey(rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper ticketAuthenticatorWrapper) throws org.openbase.jul.exception.CouldNotPerformException
AuthenticationService
requestServiceServerSecretKey
in interface AuthenticationService
ticketAuthenticatorWrapper
- a wrapper containing the authenticator
encrypted with the session key and the unchanged ClientServerTicketorg.openbase.jul.exception.CouldNotPerformException
- if the validation of the client server ticket fails or the logged in client is not the service serverpublic Future<Boolean> isAdmin(String userId) throws org.openbase.jul.exception.NotAvailableException
AuthenticationService
isAdmin
in interface AuthenticationService
userId
- ID of the user to check for.org.openbase.jul.exception.NotAvailableException
- If the user could not be found.public static String getInitialPassword()
public Future<Boolean> hasUser(String userId)
hasUser
in interface AuthenticationService
Copyright © 2017–2018 openbase.org. All rights reserved.