com.orientechnologies.orient.server.security

Class ODefaultServerSecurity

java.lang.Object

com.orientechnologies.orient.server.security.ODefaultServerSecurity

All Implemented Interfaces:

OSecurityFactory, OSecuritySystem, OServerLifecycleListener, OServerSecurity

public class ODefaultServerSecurity
extends Object
implements OSecurityFactory, OServerLifecycleListener, OServerSecurity

Provides an implementation of OServerSecurity.

Author:

S. Colin Leister

Constructor Summary

Constructors

Constructor and Description
ODefaultServerSecurity(OServer oServer, OServerConfigurationManager serverCfg)

Method Summary

Modifier and Type	Method and Description
boolean	arePasswordsStored()
String	authenticate(String username, String password)
OAuditingService	getAuditing() OServerSecurity Interface
String	getAuthenticationHeader(String databaseName)
OSecurityAuthenticator	getAuthenticator(String authMethod) Returns the authenticator based on name, if one exists.
ODocument	getComponentConfig(String name)
ODocument	getConfig()
protected String	getConfigProperty(String name)
OSecurityAuthenticator	getPrimaryAuthenticator() Returns the first authenticator in the list, which is the primary authenticator.
protected OServer	getServer()
OSyslog	getSyslog()
OUser	getSystemUser(String username, String dbName) Returns the "System User" associated with 'username' from the system database.
OServerUserConfiguration	getUser(String username) Some authenticators support maintaining a list of users and associated resources (and sometimes passwords).
boolean	isAuthorized(String username, String resource)
boolean	isDefaultAllowed()
boolean	isEnabled()
boolean	isSingleSignOnSupported()
protected void	loadComponents()
void	log(OAuditingOperation operation, String dbName, String username, String message) Logs to the auditing service, if installed.
OSecurity	newSecurity() OSecurityFactory Interface
void	onAfterActivate()
void	onAfterDeactivate()
void	onAfterDynamicPlugins()
void	onBeforeActivate() OServerLifecycleListener Interface
void	onBeforeDeactivate()
ODatabase<?>	openDatabase(String dbName)
void	registerSecurityClass(Class<?> cls)
void	reload(ODocument configDoc)
void	reload(String cfgPath)
void	reloadComponent(String name, ODocument jsonConfig)
void	securityRecordChange(String dbURL, ODocument record) Called each time one of the security classes (OUser, ORole, OServerRole) is modified.
void	shutdown()
void	unregisterSecurityClass(Class<?> cls)
void	validatePassword(String password)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ODefaultServerSecurity

public ODefaultServerSecurity(OServer oServer,
                              OServerConfigurationManager serverCfg)

Method Detail

shutdown

public void shutdown()

Specified by:

shutdown in interface OSecuritySystem

isDefaultAllowed

public boolean isDefaultAllowed()

Specified by:

isDefaultAllowed in interface OSecuritySystem

authenticate

public String authenticate(String username,
                           String password)

Specified by:

authenticate in interface OSecuritySystem

getServer

protected OServer getServer()

getAuthenticationHeader

public String getAuthenticationHeader(String databaseName)

Specified by:

getAuthenticationHeader in interface OSecuritySystem

getConfig

public ODocument getConfig()

Specified by:

getConfig in interface OSecuritySystem

getComponentConfig

public ODocument getComponentConfig(String name)

Specified by:

getComponentConfig in interface OSecuritySystem

getSystemUser

public OUser getSystemUser(String username,
                           String dbName)

Returns the "System User" associated with 'username' from the system database. If not found, returns null. dbName is used to filter the assigned roles. It may be null.

Specified by:

getSystemUser in interface OSecuritySystem

isAuthorized

public boolean isAuthorized(String username,
                            String resource)

Specified by:

isAuthorized in interface OSecuritySystem

isEnabled

public boolean isEnabled()

Specified by:

isEnabled in interface OSecuritySystem

arePasswordsStored

public boolean arePasswordsStored()

Specified by:

arePasswordsStored in interface OSecuritySystem

isSingleSignOnSupported

public boolean isSingleSignOnSupported()

Specified by:

isSingleSignOnSupported in interface OSecuritySystem

validatePassword

public void validatePassword(String password)
                      throws OInvalidPasswordException

Specified by:

validatePassword in interface OSecuritySystem

Throws:

OInvalidPasswordException

getAuditing

public OAuditingService getAuditing()

OServerSecurity Interface

Specified by:

getAuditing in interface OServerSecurity

getAuthenticator

public OSecurityAuthenticator getAuthenticator(String authMethod)

Description copied from interface: OServerSecurity

Returns the authenticator based on name, if one exists.

Specified by:

getAuthenticator in interface OServerSecurity

getPrimaryAuthenticator

public OSecurityAuthenticator getPrimaryAuthenticator()

Description copied from interface: OServerSecurity

Returns the first authenticator in the list, which is the primary authenticator.

Specified by:

getPrimaryAuthenticator in interface OServerSecurity

getUser

public OServerUserConfiguration getUser(String username)

Description copied from interface: OServerSecurity

Some authenticators support maintaining a list of users and associated resources (and sometimes passwords).

Specified by:

getUser in interface OServerSecurity

openDatabase

public ODatabase<?> openDatabase(String dbName)

Specified by:

openDatabase in interface OServerSecurity

getSyslog

public OSyslog getSyslog()

Specified by:

getSyslog in interface OServerSecurity

log

public void log(OAuditingOperation operation,
                String dbName,
                String username,
                String message)

Description copied from interface: OSecuritySystem

Logs to the auditing service, if installed.

Specified by:

log in interface OSecuritySystem

dbName - May be null or empty.

username - May be null or empty.

registerSecurityClass

public void registerSecurityClass(Class<?> cls)

Specified by:

registerSecurityClass in interface OSecuritySystem

unregisterSecurityClass

public void unregisterSecurityClass(Class<?> cls)

Specified by:

unregisterSecurityClass in interface OSecuritySystem

reload

public void reload(String cfgPath)

Specified by:

reload in interface OSecuritySystem

reload

public void reload(ODocument configDoc)

Specified by:

reload in interface OSecuritySystem

reloadComponent

public void reloadComponent(String name,
                            ODocument jsonConfig)

Specified by:

reloadComponent in interface OSecuritySystem

securityRecordChange

public void securityRecordChange(String dbURL,
                                 ODocument record)

Called each time one of the security classes (OUser, ORole, OServerRole) is modified.

Specified by:

securityRecordChange in interface OSecuritySystem

onBeforeActivate

public void onBeforeActivate()

OServerLifecycleListener Interface

Specified by:

onBeforeActivate in interface OServerLifecycleListener

onAfterActivate

public void onAfterActivate()

Specified by:

onAfterActivate in interface OServerLifecycleListener

onAfterDynamicPlugins

public void onAfterDynamicPlugins()

Specified by:

onAfterDynamicPlugins in interface OServerSecurity

onBeforeDeactivate

public void onBeforeDeactivate()

Specified by:

onBeforeDeactivate in interface OServerLifecycleListener

onAfterDeactivate

public void onAfterDeactivate()

Specified by:

onAfterDeactivate in interface OServerLifecycleListener

loadComponents

protected void loadComponents()

getConfigProperty

protected String getConfigProperty(String name)

newSecurity

public OSecurity newSecurity()

OSecurityFactory Interface

Specified by:

newSecurity in interface OSecurityFactory