com.jfw.authentication
Class Authentication

java.lang.Object
  com.jfw.authentication.Authentication

public class Authentication
extends java.lang.Object

Used in the authentication phase.
The methods are logically divided in two categories:

1. not static methods for authenticate a user.
2. static methods that act as utilities methods.

Example

 Authentication authentication = new Authentication();
 UserData userData = authentication.authenticate(request, response);
 
 if(userData != null)
   System.out.println("user is authenticated");
 else
 {
   System.out.println("user is not authenticated");
   System.out.println("- username and/or password not found in request");
   System.out.println("- username and password found in request but not belong at a registered user");
 }
 

Field Summary

static java.lang.String	PASSWORD_IN_REQUEST_KEY The request parameter name of password field.
static java.lang.String	USER_DATA_IN_REQUEST_KEY The request attribute key associated with UserData object.
static java.lang.String	USER_DATA_IN_SESSION_KEY The session attribute key associated with UserData object.
static java.lang.String	USER_PROFILE_IN_REQUEST_KEY The request attribute key associated with UserProfile object.
static java.lang.String	USER_PROFILE_IN_SESSION_KEY The session attribute key associated with UserProfile object.
static java.lang.String	USERNAME_IN_REQUEST_KEY The request parameter name of username field.

Constructor Summary

Authentication()
Create an instance.

Authentication(java.lang.String connectionResourceName)
Create an instance.

Method Summary

static void	addUserDataInCookie(javax.servlet.http.HttpServletResponse response, UserData userData) Create a cookie with username and user id.
static void	addUserDataInSession(javax.servlet.http.HttpSession session, UserData userData) Add in session: the UserData object with key USER_DATA_IN_SESSION_KEY the UserProfile object with key USER_PROFILE_IN_SESSION_KEY.
UserData	authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) User authentication.
boolean	existUserInRequest(javax.servlet.http.HttpServletRequest request) Check if parameters username and password found in HttpServletRequest.
static java.lang.String	getPasswordFromRequest(javax.servlet.http.HttpServletRequest request) Return the value of request parameter password.
static UserData	getUserDataFromCookie(javax.servlet.http.HttpServletRequest request) Get user credentials from the authentication cookie.
static UserData	getUserDataFromDB(java.lang.String username, java.lang.String password, java.lang.String userId) Call method getUserDataFromDB(String,String,String,HashMap), the value of parameter outputdata is null.
static UserData	getUserDataFromDB(java.lang.String username, java.lang.String password, java.lang.String userId, java.util.HashMap outputdata) Get user data from database.
static java.lang.String	getUsernameFromRequest(javax.servlet.http.HttpServletRequest request) Return the value of request parameter username.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

USER_DATA_IN_SESSION_KEY

public static final java.lang.String USER_DATA_IN_SESSION_KEY

The session attribute key associated with UserData object.

See Also:

Constant Field Values

USER_DATA_IN_REQUEST_KEY

public static final java.lang.String USER_DATA_IN_REQUEST_KEY

The request attribute key associated with UserData object.

See Also:

Constant Field Values

USER_PROFILE_IN_SESSION_KEY

public static final java.lang.String USER_PROFILE_IN_SESSION_KEY

The session attribute key associated with UserProfile object.

See Also:

Constant Field Values

USER_PROFILE_IN_REQUEST_KEY

public static final java.lang.String USER_PROFILE_IN_REQUEST_KEY

The request attribute key associated with UserProfile object.

See Also:

Constant Field Values

USERNAME_IN_REQUEST_KEY

public static final java.lang.String USERNAME_IN_REQUEST_KEY

The request parameter name of username field.

See Also:

Constant Field Values

PASSWORD_IN_REQUEST_KEY

public static final java.lang.String PASSWORD_IN_REQUEST_KEY

The request parameter name of password field.

See Also:

Constant Field Values

Constructor Detail

Authentication

public Authentication()

Create an instance. The default database resource, defined in jfw.propertis, is used.

Authentication

public Authentication(java.lang.String connectionResourceName)

Create an instance. The database resource indicate by parameter connectionResourceName is used.

Parameters:

connectionResourceName - the database resource to use.

Method Detail

authenticate

public UserData authenticate(javax.servlet.http.HttpServletRequest request,
                             javax.servlet.http.HttpServletResponse response)
                      throws java.lang.Exception

User authentication.

Parameters:

request - an HttpServletRequest object.

response - an HttpServletResponse object.

Returns:

The returned object is not null if:

1. the UserData object exist in HttpSession (associated with key USER_DATA_IN_SESSION_KEY).
2. parameters username and password found in HttpServletRequest and exist in table USERS a user with that credentials.
3. the authentication cookie created in AuthenticationCookie.write(javax.servlet.http.HttpServletResponse, com.jfw.authentication.UserData, java.lang.String, java.lang.String, java.lang.String, java.lang.String, int) with name AuthenticationCookie.COOKIE_NAME found and contains credential data of an existing user.

In all other cases the method return null.

Throws:

java.lang.Exception

existUserInRequest

public boolean existUserInRequest(javax.servlet.http.HttpServletRequest request)

Check if parameters username and password found in HttpServletRequest.

Parameters:

request - an HttpServletRequest object.

Returns:

true if parameters exist, false in other case.

getUsernameFromRequest

public static java.lang.String getUsernameFromRequest(javax.servlet.http.HttpServletRequest request)

Return the value of request parameter username.

Parameters:

request - an HttpServletRequest object.

Returns:

the value of request parameter username.

getPasswordFromRequest

public static java.lang.String getPasswordFromRequest(javax.servlet.http.HttpServletRequest request)

Return the value of request parameter password.

Parameters:

request - an HttpServletRequest object.

Returns:

the value of request parameter password.

getUserDataFromDB

public static UserData getUserDataFromDB(java.lang.String username,
                                         java.lang.String password,
                                         java.lang.String userId,
                                         java.util.HashMap outputdata)
                                  throws java.lang.Exception

Get user data from database.
If parameter userId is not null then the query of table USERS use only this value in the where condition.
If parameter userId is null then the username and password parameters are used in the where condition.

Parameters:

username - the username to use. null is a valid value if userId is not null.

password - the password to use. null is a valid value if userId is not null.

userId - the user id to use. null is a valid value if username and password are not null.

outputdata - the HashMap to use for save data readed from database. See UserDataDB.execute(java.util.HashMap).

Returns:

an UserData object or null if user not found in database.

Throws:

java.lang.Exception

See Also:

UserDataDB

getUserDataFromDB

public static UserData getUserDataFromDB(java.lang.String username,
                                         java.lang.String password,
                                         java.lang.String userId)
                                  throws java.lang.Exception

Call method getUserDataFromDB(String,String,String,HashMap), the value of parameter outputdata is null.

Parameters:

username - the username to use. null is a valid value if userId is not null.

password - the password to use. null is a valid value if userId is not null.

userId - the user id to use. null is a valid value if username and password are not null.

Throws:

java.lang.Exception

getUserDataFromCookie

public static UserData getUserDataFromCookie(javax.servlet.http.HttpServletRequest request)
                                      throws java.lang.Exception

Get user credentials from the authentication cookie.
If cookie found then call the method getUserDataFromDB(java.lang.String, java.lang.String, java.lang.String, java.util.HashMap) and set:

1. parameters username and password at null
2. userId with the value found in cookie.

Parameters:

request - an HttpServletRequest object.

Returns:

the object returned by getUserDataFromDB(java.lang.String, java.lang.String, java.lang.String, java.util.HashMap).

Throws:

java.lang.Exception

See Also:

AuthenticationCookie

addUserDataInSession

public static void addUserDataInSession(javax.servlet.http.HttpSession session,
                                        UserData userData)

Add in session:

1. the UserData object with key USER_DATA_IN_SESSION_KEY
2. the UserProfile object with key USER_PROFILE_IN_SESSION_KEY.

Parameters:

session - an HttpSession object.

userData - an UserData object.

addUserDataInCookie

public static void addUserDataInCookie(javax.servlet.http.HttpServletResponse response,
                                       UserData userData)

Create a cookie with username and user id.
The cookie is available until the closure of the browser.

Parameters:

response - an HttpServletResponse object.

userData - an UserData object.