public interface UserManager
A user manager extracts the current user from a request (its session) or tries to find appropriate login data in the request to authenticate the user.
Each scope (e.g. frontend, backend) has its own user manager, which is defined in the system configuration
(security.scopes.[scope-type].manager). This acutally references the name of the UserManagerFactory
used to create a user manager for the scope.
Modifier and Type | Method and Description |
---|---|
void |
attachToSession(UserInfo user,
WebContext ctx)
Makes the currently authenticated user persistent by storing the required information in the session.
|
UserInfo |
bindToRequest(WebContext ctx)
Tries to find the current user in the current session or by checking the request for valid credentials
|
void |
detachFromSession(UserInfo user,
WebContext ctx)
Removes all stored data from the session
This can be considered a logout operation.
|
UserInfo |
findUserByCredentials(WebContext ctx,
String user,
String password)
Tries to find a user with the given credentials.
|
UserInfo |
findUserByName(WebContext ctx,
String user)
Tries to find a user with the given username.
|
UserInfo |
findUserForRequest(WebContext ctx)
Tries to find the current user in the current session.
|
boolean |
isKeepLoginSupported()
Determines if the login can be stored longer than a usual session.
|
boolean |
isLoginSupported()
Determines if a login via username and password is possible.
|
@Nonnull UserInfo bindToRequest(@Nonnull WebContext ctx)
ctx
- the request to attach toUserInfo.NOBODY
can be used.@Nonnull UserInfo findUserForRequest(@Nonnull WebContext ctx)
bindToRequest(WebContext)
this
will not try to log a user in via credentials found in the request.ctx
- the request to attach toUserInfo.NOBODY
can be used.@Nullable UserInfo findUserByName(@Nullable WebContext ctx, String user)
ctx
- the current HTTP request if one is presentuser
- the login name of the user to find@Nullable UserInfo findUserByCredentials(@Nullable WebContext ctx, String user, String password)
ctx
- the current HTTP request if one is presentuser
- the login name of the user to findpassword
- the password of the user to findvoid attachToSession(@Nonnull UserInfo user, @Nonnull WebContext ctx)
user
- the user to storectx
- the request containing the sessionvoid detachFromSession(@Nonnull UserInfo user, @Nonnull WebContext ctx)
This can be considered a logout operation.
user
- the user to logoutctx
- the request containing the sessionboolean isLoginSupported()
boolean isKeepLoginSupported()
Copyright © 2018. All rights reserved.