restx.security

Class StdBasicPrincipalAuthenticator

java.lang.Object

restx.security.StdBasicPrincipalAuthenticator

All Implemented Interfaces:

BasicPrincipalAuthenticator

public class StdBasicPrincipalAuthenticator
extends Object
implements BasicPrincipalAuthenticator

Date: 14/12/13 Time: 14:46

Constructor Summary

Constructors

Constructor and Description
StdBasicPrincipalAuthenticator(UserService<?> users, SecuritySettings securitySettings)

Method Summary

Methods

Modifier and Type	Method and Description
com.google.common.base.Optional<? extends RestxPrincipal>	authenticate(String name, String passwordHash, com.google.common.collect.ImmutableMap<String,?> principalData) Authenticates a principal by name and passwordHash.
com.google.common.base.Optional<? extends RestxPrincipal>	findByName(String name) Finds a principal by name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

StdBasicPrincipalAuthenticator

public StdBasicPrincipalAuthenticator(UserService<?> users,
                              SecuritySettings securitySettings)

Method Detail

findByName

public com.google.common.base.Optional<? extends RestxPrincipal> findByName(String name)

Description copied from interface: BasicPrincipalAuthenticator

Finds a principal by name. This is used to load principals in the cache.

Specified by:

findByName in interface BasicPrincipalAuthenticator

Parameters:

name - the principal name

Returns:

the principal, absent if not found

authenticate

public com.google.common.base.Optional<? extends RestxPrincipal> authenticate(String name,
                                                                     String passwordHash,
                                                                     com.google.common.collect.ImmutableMap<String,?> principalData)

Description copied from interface: BasicPrincipalAuthenticator

Authenticates a principal by name and passwordHash.

Note that usually the passwordHash has been hashed on the client with a weak hashing function like md5, therefore it is strongly recommended to hash it again with salt and a strong hashing function like bcrypt.

Read http://codingkilledthecat.wordpress.com/2012/09/04/some-best-practices-for-web-app-authentication/ for some best practices about password authentication.

this method may choose to throw WebException when authentication fails to give additional details, or simply return an absent principal.

Specified by:

authenticate in interface BasicPrincipalAuthenticator

Parameters:

name - the principal name

passwordHash - the provided password hash (default is md5)

principalData - any additional data provided during authentication

Returns:

the authenticated principal if authentication is valid, an absent principal otherwise.