Class EinfraPasswordManagerModule
java.lang.Object
cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule
cz.metacentrum.perun.core.impl.modules.pwdmgr.EinfraPasswordManagerModule
- All Implemented Interfaces:
PasswordManagerModule
- Direct Known Subclasses:
SambaduPasswordManagerModule
Password manager for EINFRA login-namespace. It provides custom checks on login format and password strength. Also
implementation for alternative passwords is customized.
It calls generic pwd manager script logic with ".einfra"
- Author:
- Pavel Zlamal invalid input: '<'zlamal@cesnet.cz>
-
Field Summary
Modifier and TypeFieldDescriptionprotected final Pattern
protected final Pattern
protected final Pattern
protected final Pattern
protected final Pattern
protected final int
Fields inherited from class cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule
actualLoginNamespace, altPasswordManagerProgram, BIN_TRUE, DEFAULT_LOGIN_PATTERN, LOGIN_EXIST, PASSWORD_CHANGE, PASSWORD_CHECK, PASSWORD_CREATE, PASSWORD_DELETE, PASSWORD_RESERVE, PASSWORD_RESERVE_RANDOM, PASSWORD_VALIDATE, passwordManagerProgram, randomPasswordCharacters, randomPasswordLength, WEAKPASS
Fields inherited from interface cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule
ALT_PASSWORD_PREFIX, BIRTH_DAY_KEY, BIRTH_NUMBER_KEY, FIRST_NAME_KEY, LAST_NAME_KEY, LOGIN_PREFIX, MAIL_KEY, PASSWORD_KEY, TITLE_AFTER_KEY, TITLE_BEFORE_KEY
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
checkLoginFormat
(PerunSession sess, String login) void
checkPasswordStrength
(PerunSession sess, String login, String password) void
createAlternativePassword
(PerunSession sess, User user, String passwordId, String password) void
deleteAlternativePassword
(PerunSession sess, User user, String passwordId) handleSponsorship
(PerunSession sess, SponsoredUserData userData) Handles member's sponsorship in given namespace.boolean
isLoginPermitted
(PerunSession sess, String login) Checks, if the login is permitted for the Einfra namespace.void
reserveRandomPassword
(PerunSession sess, String userLogin) void
validatePassword
(PerunSession sess, String userLogin, User user) Methods inherited from class cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule
changePassword, checkPassword, createAltPwdManagerProcess, createPwdManagerProcess, deletePassword, generateAccount, generateRandomPassword, getActualLoginNamespace, handleAltPwdManagerExit, handleExit, handleGenericErrorCode, loginExist, reservePassword, sendPassword, setActualLoginNamespace
-
Field Details
-
einfraLoginPattern
-
einfraPasswordContainsDigit
-
einfraPasswordContainsLower
-
einfraPasswordContainsUpper
-
einfraPasswordContainsSpec
-
einfraPasswordMinLength
protected final int einfraPasswordMinLength- See Also:
-
-
Constructor Details
-
EinfraPasswordManagerModule
public EinfraPasswordManagerModule()
-
-
Method Details
-
checkLoginFormat
- Specified by:
checkLoginFormat
in interfacePasswordManagerModule
- Overrides:
checkLoginFormat
in classGenericPasswordManagerModule
- Throws:
InvalidLoginException
-
checkPasswordStrength
public void checkPasswordStrength(PerunSession sess, String login, String password) throws PasswordStrengthException - Specified by:
checkPasswordStrength
in interfacePasswordManagerModule
- Overrides:
checkPasswordStrength
in classGenericPasswordManagerModule
- Throws:
PasswordStrengthException
-
createAlternativePassword
public void createAlternativePassword(PerunSession sess, User user, String passwordId, String password) throws PasswordStrengthException - Specified by:
createAlternativePassword
in interfacePasswordManagerModule
- Overrides:
createAlternativePassword
in classGenericPasswordManagerModule
- Throws:
PasswordStrengthException
-
deleteAlternativePassword
- Specified by:
deleteAlternativePassword
in interfacePasswordManagerModule
- Overrides:
deleteAlternativePassword
in classGenericPasswordManagerModule
-
handleSponsorship
public String handleSponsorship(PerunSession sess, SponsoredUserData userData) throws InvalidLoginException, PasswordStrengthException Description copied from interface:PasswordManagerModule
Handles member's sponsorship in given namespace. Returns login, which should be used in the given namespace. This method is usually used to create an account in external systems.- Parameters:
sess
- sessionuserData
- information, about the user for which the sponsorship should be handled- Returns:
- login, or null, if no login was provided nor generated
- Throws:
InvalidLoginException
- if the provided login is invalid for the given namespacePasswordStrengthException
- if the password strength is too weak for given namespace
-
isLoginPermitted
Checks, if the login is permitted for the Einfra namespace.Login is verified in the given priority: 1) If the login is exceptionally allowed, returns true. 2) If the login matches some of the hardcoded prefixes, returns false. 3) Checks the specified login format in the instance configuration.
- Parameters:
sess
- sessionlogin
- checked login- Returns:
- true, if the given login is permitted, false otherwise
-
reserveRandomPassword
- Specified by:
reserveRandomPassword
in interfacePasswordManagerModule
- Overrides:
reserveRandomPassword
in classGenericPasswordManagerModule
- Throws:
InvalidLoginException
-
validatePassword
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException - Specified by:
validatePassword
in interfacePasswordManagerModule
- Overrides:
validatePassword
in classGenericPasswordManagerModule
- Throws:
InvalidLoginException
-