public interface SecurityManager
SecurityManager
provides a centralized interface for all security related services. It contains methods
to logon or logoff a user or to check security privileges and credentials.
The SecurityManager is accessed using EbaseSystem.getSecurityManager()
.
Modifier and Type | Method and Description |
---|---|
boolean |
checkCredentialValue(java.lang.String credentialName,
java.lang.String credentialValue)
Returns
true if the user credential identified by credentialName exists with the value credentialValue ,
otherwise returns false . |
java.lang.String |
getCredential(java.lang.String credentialName)
Returns the credential value for the user credential identified by
credentialName , or null if
the credential does not exist or no user is logged on. |
java.lang.String |
getUserName()
Returns the user name when a user is logged on or
null when no user is logged on. |
boolean |
hasRole(java.lang.String roleName)
Returns
true when a user is logged on and the user has the role identified by roleName ,
otherwise returns false . |
boolean |
isAuthorized(java.lang.String type,
java.lang.String name,
java.lang.String function)
Returns
true when a user is logged on and the user has the authorization identified by type ,
name and function ;otherwise returns false . |
boolean |
isDesignerUser()
Returns
true when a form has been submitted from the designer, otherwise returns false . |
boolean |
isUserLoggedOn()
Returns
true when a user is logged on, otherwise returns false . |
void |
logoff()
Logs a user off the system, this is the reverse of method
logon(String[][]) . |
void |
logon(java.lang.String[][] inParameters)
Logs a user onto the system by calling the default System Logon Service identified by
the web service name ebaseLogonService.
|
void |
logon(java.lang.String webServiceName,
java.lang.String[][] inParameters)
Logs a user onto the system by calling the specific System Logon Service identified by
parameter webServiceName.
|
java.lang.String getUserName()
null
when no user is logged on.logon(String[][])
boolean isUserLoggedOn()
true
when a user is logged on, otherwise returns false
.logon(String[][])
boolean hasRole(java.lang.String roleName)
true
when a user is logged on and the user has the role identified by roleName
,
otherwise returns false
. User roles are established by the System Logon Service when the user
logs on.
logon(String[][])
boolean isAuthorized(java.lang.String type, java.lang.String name, java.lang.String function)
true
when a user is logged on and the user has the authorization identified by type
,
name
and function
;otherwise returns false
.
Authorizations are only applicable when the built in Ebase Xi Security system is being used;
when security is configured externally e.g. in an LDAP system such as Active Directory, authorizations cannot be used.
Authorizations represent an alternative to roles, see hasRole(String)
.
User authorizations are established by the System Logon Service when the user logs on.
logon(String[][])
java.lang.String getCredential(java.lang.String credentialName)
credentialName
, or null
if
the credential does not exist or no user is logged on. User credentials are established by the System Logon Service when the user
logs on.
checkCredentialValue(String, String)
,
logon(String[][])
boolean checkCredentialValue(java.lang.String credentialName, java.lang.String credentialValue)
true
if the user credential identified by credentialName
exists with the value credentialValue
,
otherwise returns false
. User credentials are established by the System Logon Service when the user
logs on.
getCredential(String)
,
logon(String[][])
void logoff()
logon(String[][])
.
Method isUserLoggedOn()
returns false
after this method is invoked.
Note that the user's session is not terminated by calling this method.void logon(java.lang.String[][] inParameters) throws com.ebasetech.xi.exceptions.LogonException
If the logon fails for any reason or returns a null userid, a
LogonException
is thrown. A LogonException
contains the error code and
error description returned from the Logon Service. These are available as methods
LogonException.getErrorCode()
and
LogonException.getMessage()
respectively.
When the logon is successful, method isUserLoggedOn()
returns true
,
the user name can be obtained using method getUserName()
and the other methods in
this interface can be used to access the user's security roles and credentials as loaded by the Logon Service.
Javascript example:
try { system.securityManager.logon( [ ["Script", fields.USER.value], ["Script", fields.PASSWORD.value] ] ); } catch (e) { event.owner.addErrorMessage(e.javaException.message); }
inParameters
- an array of arrays containing up to 3 pairs of parameters, where each pair contains 2 strings
corresponding to the parameter source type and parameter value.com.ebasetech.xi.exceptions.LogonException
- if any error occurs. This exception contains methods to obtain the detailed error code and
error description returned from the Logon Service.void logon(java.lang.String webServiceName, java.lang.String[][] inParameters) throws com.ebasetech.xi.exceptions.LogonException
If the logon fails for any reason or returns a null userid, a
LogonException
is thrown. A LogonException
contains the error code and
error description returned from the Logon Service. These are available as methods
LogonException.getErrorCode()
and
LogonException.getMessage()
respectively.
When the logon is successful, method isUserLoggedOn()
returns true
,
the user name can be obtained using method getUserName()
and the other methods in
this interface can be used to access the user's security roles and credentials as loaded by the Logon Service.
Javascript example:
try { system.securityManager.logon( "testLogonService", [ ["Script", fields.USER.value], ["Script", fields.PASSWORD.value] ] ); } catch (e) { event.owner.addErrorMessage(e.javaException.message); }
webServiceName
- the web service name for the Logon Service to be invokedinParameters
- an array of arrays containing up to 3 pairs of parameters, where each pair contains 2 strings
corresponding to the parameter source type and parameter value.com.ebasetech.xi.exceptions.LogonException
- if any error occurs. This exception contains methods to obtain the detailed error code and
error description returned from the Logon Service.boolean isDesignerUser()
true
when a form has been submitted from the designer, otherwise returns false
.
When a form is submitted from the designer, the designer user's security (userid plus authorizations) is transferred
to the runtime environment. Such forms always return true
to method isUserLoggedOn()
.