Package com.inductiveautomation.ignition.gateway.authentication.impl

Class InternalUserSource

    • Constructor Detail

      • InternalUserSource

        public InternalUserSource​(UserSourceProfileKernel kernel,
                          int pwdHistory,
                          int pwdMinLength,
                          int pwdComplexity,
                          int pwdMaxAge)

    • Method Detail

      • createDefaultUserSource

        public static long createDefaultUserSource​(GatewayContext context,
                                           java.lang.String userSourceProfileName,
                                           java.lang.String userSourceProfileDescription)
                                    throws java.lang.Exception
        Creates an internal user source called "default" with user "admin"/"password" and role "Administrator". Returns the long id of the new profile.
        Throws:
        java.lang.Exception

      • createFirstUser

        public static long createFirstUser​(GatewayContext context,
                                   java.lang.String userSourceProfileName,
                                   java.lang.String userSourceProfileDescription,
                                   java.lang.String username,
                                   java.lang.String password,
                                   boolean preHashed)
                            throws java.lang.Exception
        Creates an internal user source called "default" with the supplied username and password and role "Administrator". Returns the long id of the new profile.
        Parameters:
        context - The GatewayContext instance
        userSourceProfileName - The name of the internal user source profile to be created
        userSourceProfileDescription - The description of the internal user source profile to be created
        username - The username, Must not be null
        password - The password either pre-encrypted or not. Must not be null
        preHashed - true if the password is already hashed, false if it is not yet hashed
        Returns:
        The profile id.
        Throws:
        java.lang.Exception

      • authenticate

        public AuthenticatedUser authenticate​(AuthChallenge challenge)
                               throws java.lang.Exception
        Description copied from interface: UserSourceProfile
        Called to both verify authentication for a given username/password pair, and to find the security roles for that user.
        Returns:
        An AuthenticatedUser that contains the user's roles if authentication succeeded, or null if it did not.
        Throws:
        PasswordExpiredException - if the user's password has expired and must be reset
        java.lang.Exception - if there was an unexpected problem encountered during authentication

      • getUsers

        @Nonnull
public java.util.Collection<User> getUsers()
                                    throws java.lang.Exception
        Description copied from interface: UserSourceProfile
        Retrieve all users from this profile. This can execute slowly (block) if need be. It will be called periodically by the manager and the results will be cached. Users from failover sources will be returned if hard failover is configured and triggered.
        Specified by:
        getUsers in interface UserSourceProfile
        Specified by:
        getUsers in class AbstractUserSourceProfile
        Throws:
        java.lang.Exception

      • findInternalUser

        @Nonnull
protected java.util.Optional<InternalUserRecord> findInternalUser​(PersistenceSession session,
                                                                  java.lang.String uname)
        Looks up the internal user record keyed on username, NOT case sensitive

      • getUser

        @Nonnull
public java.util.Optional<User> getUser​(java.lang.String userName)
                                 throws java.lang.Exception
        Description copied from interface: UserSourceProfile
        Fetch a User with the given user name. If more than one user exists with the given user name, the first user returned from the underlying data source is returned. Failover sources will be queried if hard failover is configured and the primary sources are unable to fetch the user due to an error. Failover sources will also be queried if soft failover is configured and the user is not found in the primary sources.
        Specified by:
        getUser in interface UserSourceProfile
        Overrides:
        getUser in class AbstractUserSourceProfile
        Parameters:
        userName - the user name of the User to fetch
        Returns:
        an Optional User with the given user name. the user may be from a failover user source (check User.getProfileName() to confirm)
        Throws:
        java.lang.Exception - if there is an unexpected problem fetching the user with the given user name
        See Also:
        UserSourceProfile.getUser(String, String)

      • getRoles

        @Nonnull
public java.util.Collection<java.lang.String> getRoles()
                                                throws java.lang.Exception
        Specified by:
        getRoles in interface UserSourceProfile
        Specified by:
        getRoles in class AbstractUserSourceProfile
        Returns:
        a collection of all possible role names for this profile. May be empty. Roles from failover sources will be returned if hard failover is configured and triggered.
        Throws:
        java.lang.Exception

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object

      • validatePassword

        public java.lang.String validatePassword​(@Nonnull
                                         User user,
                                         java.lang.String password)
        Description copied from interface: UserSourceProfile
        Validate the given password. Note that this doesn't mean it checks to see if this password matches the user's current password. Rather, it means that this password would be an acceptable new password for the user.
        Returns:
        A i18n key for the error message describing why the password is invalid, or null if the password is valid.

      • findUserInternalId

        protected java.lang.Long findUserInternalId​(PersistenceSession session,
                                            User user)