Class EinfraPasswordManagerModule
java.lang.Object
cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule
cz.metacentrum.perun.core.impl.modules.pwdmgr.EinfraPasswordManagerModule
- All Implemented Interfaces:
PasswordManagerModule
- Direct Known Subclasses:
SambaduPasswordManagerModule
Password manager for EINFRA login-namespace. It provides custom checks on login format and password strength. Also
implementation for alternative passwords is customized.
It calls generic pwd manager script logic with ".einfra"
- Author:
- Pavel Zlamal <zlamal@cesnet.cz>
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final Patternprotected final Patternprotected final Patternprotected final Patternprotected final Patternprotected final intFields inherited from class cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule
actualLoginNamespace, altPasswordManagerProgram, BIN_TRUE, DEFAULT_LOGIN_PATTERN, LOGIN_EXIST, PASSWORD_CHANGE, PASSWORD_CHECK, PASSWORD_CREATE, PASSWORD_DELETE, PASSWORD_RESERVE, PASSWORD_RESERVE_RANDOM, PASSWORD_VALIDATE, passwordManagerProgram, randomPasswordCharacters, randomPasswordLength, WEAKPASSFields inherited from interface cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule
ALT_PASSWORD_PREFIX, BIRTH_DAY_KEY, BIRTH_NUMBER_KEY, FIRST_NAME_KEY, LAST_NAME_KEY, LOGIN_PREFIX, MAIL_KEY, PASSWORD_KEY, TITLE_AFTER_KEY, TITLE_BEFORE_KEY -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidcheckLoginFormat(PerunSession sess, String login) voidcheckPasswordStrength(PerunSession sess, String login, String password) voidcreateAlternativePassword(PerunSession sess, User user, String passwordId, String password) voiddeleteAlternativePassword(PerunSession sess, User user, String passwordId) handleSponsorship(PerunSession sess, SponsoredUserData userData) Handles member's sponsorship in given namespace.booleanisLoginPermitted(PerunSession sess, String login) Checks, if the login is permitted for the Einfra namespace.voidreserveRandomPassword(PerunSession sess, String userLogin) voidvalidatePassword(PerunSession sess, String userLogin, User user) Methods inherited from class cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule
changePassword, checkPassword, createAltPwdManagerProcess, createPwdManagerProcess, deletePassword, generateAccount, generateRandomPassword, getActualLoginNamespace, handleAltPwdManagerExit, handleExit, handleGenericErrorCode, loginExist, reservePassword, sendPassword, setActualLoginNamespace
-
Field Details
-
einfraLoginPattern
-
einfraPasswordContainsDigit
-
einfraPasswordContainsLower
-
einfraPasswordContainsUpper
-
einfraPasswordContainsSpec
-
einfraPasswordMinLength
protected final int einfraPasswordMinLength- See Also:
-
-
Constructor Details
-
EinfraPasswordManagerModule
public EinfraPasswordManagerModule()
-
-
Method Details
-
checkLoginFormat
- Specified by:
checkLoginFormatin interfacePasswordManagerModule- Overrides:
checkLoginFormatin classGenericPasswordManagerModule- Throws:
InvalidLoginException
-
checkPasswordStrength
public void checkPasswordStrength(PerunSession sess, String login, String password) throws PasswordStrengthException - Specified by:
checkPasswordStrengthin interfacePasswordManagerModule- Overrides:
checkPasswordStrengthin classGenericPasswordManagerModule- Throws:
PasswordStrengthException
-
createAlternativePassword
public void createAlternativePassword(PerunSession sess, User user, String passwordId, String password) throws PasswordStrengthException - Specified by:
createAlternativePasswordin interfacePasswordManagerModule- Overrides:
createAlternativePasswordin classGenericPasswordManagerModule- Throws:
PasswordStrengthException
-
deleteAlternativePassword
- Specified by:
deleteAlternativePasswordin interfacePasswordManagerModule- Overrides:
deleteAlternativePasswordin classGenericPasswordManagerModule
-
handleSponsorship
public String handleSponsorship(PerunSession sess, SponsoredUserData userData) throws InvalidLoginException, PasswordStrengthException Description copied from interface:PasswordManagerModuleHandles member's sponsorship in given namespace. Returns login, which should be used in the given namespace. This method is usually used to create an account in external systems.- Parameters:
sess- sessionuserData- information, about the user for which the sponsorship should be handled- Returns:
- login, or null, if no login was provided nor generated
- Throws:
InvalidLoginException- if the provided login is invalid for the given namespacePasswordStrengthException- if the password strength is too weak for given namespace
-
isLoginPermitted
Checks, if the login is permitted for the Einfra namespace.Login is verified in the given priority: 1) If the login is exceptionally allowed, returns true. 2) If the login matches some of the hardcoded prefixes, returns false. 3) Checks the specified login format in the instance configuration.
- Parameters:
sess- sessionlogin- checked login- Returns:
- true, if the given login is permitted, false otherwise
-
reserveRandomPassword
- Specified by:
reserveRandomPasswordin interfacePasswordManagerModule- Overrides:
reserveRandomPasswordin classGenericPasswordManagerModule- Throws:
InvalidLoginException
-
validatePassword
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException - Specified by:
validatePasswordin interfacePasswordManagerModule- Overrides:
validatePasswordin classGenericPasswordManagerModule- Throws:
InvalidLoginException
-