org.apache.jetspeed.security.spi.impl
Class ValidatePasswordOnLoadInterceptor

java.lang.Object
  extended by org.apache.jetspeed.security.spi.impl.AbstractInternalPasswordCredentialInterceptorImpl
      extended by org.apache.jetspeed.security.spi.impl.ValidatePasswordOnLoadInterceptor
All Implemented Interfaces:
InternalPasswordCredentialInterceptor

public class ValidatePasswordOnLoadInterceptor
extends AbstractInternalPasswordCredentialInterceptorImpl

Checks if a (pre)set password in the persitent store is valid according to the configured validator when loaded from the persistent store.

If the password checks out to be invalid, an error is logged and the credential is flagged to be updateRequired.

Version:
$Id$
Author:
Ate Douma

Constructor Summary
ValidatePasswordOnLoadInterceptor()
           
 
Method Summary
 boolean afterLoad(PasswordCredentialProvider pcProvider, java.lang.String userName, InternalCredential credential)
           Invoked after a password credential is loaded from the persistent store.
 
Methods inherited from class org.apache.jetspeed.security.spi.impl.AbstractInternalPasswordCredentialInterceptorImpl
afterAuthenticated, beforeCreate, beforeSetPassword
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ValidatePasswordOnLoadInterceptor

public ValidatePasswordOnLoadInterceptor()
Method Detail

afterLoad

public boolean afterLoad(PasswordCredentialProvider pcProvider,
                         java.lang.String userName,
                         InternalCredential credential)
                  throws SecurityException
Description copied from interface: InternalPasswordCredentialInterceptor

Invoked after a password credential is loaded from the persistent store.

If true is returned the credential is expected to be updated and its changes will be stored again.

A thrown SecurityException will be logged as an error and result in the credential to be ignored as if not existing (like for authentication).

Specified by:
afterLoad in interface InternalPasswordCredentialInterceptor
Overrides:
afterLoad in class AbstractInternalPasswordCredentialInterceptorImpl
Parameters:
pcProvider - provides callback access to for instance the configured CredentialPasswordEncoder and CredentialPasswordValidator
userName - the name of the principal to which the credential belongs
credential - the credential just loaded from the persistent store
Returns:
true is the password was invalid and update is required
Throws:
SecurityException
See Also:
InternalPasswordCredentialInterceptor.afterLoad(org.apache.jetspeed.security.spi.PasswordCredentialProvider, java.lang.String, org.apache.jetspeed.security.om.InternalCredential)


Copyright © 1999-2009 Apache Software Foundation. All Rights Reserved.