Class DefaultAuthenticationService
java.lang.Object
de.hybris.platform.servicelayer.internal.service.AbstractService
de.hybris.platform.servicelayer.internal.service.AbstractBusinessService
de.hybris.platform.servicelayer.security.auth.impl.DefaultAuthenticationService
- All Implemented Interfaces:
AuthenticationService,Serializable,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.InitializingBean
public class DefaultAuthenticationService
extends AbstractBusinessService
implements AuthenticationService
Implementation backed by a
UserManager- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class de.hybris.platform.servicelayer.internal.service.AbstractService
AbstractService.SerializableDTO -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringConfiguration constant forlogin.anonymous.always.disabled/which allows changing the (default) disabling of the anonymous account.Fields inherited from class de.hybris.platform.servicelayer.internal.service.AbstractBusinessService
modelService, sessionService, txManagerFields inherited from class de.hybris.platform.servicelayer.internal.service.AbstractService
tenant -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected InvalidCredentialsExceptionfor security reasons we should throw same exception for both cases: user not found password does not match You can overwrite this method and adapt the exception and/or test that should be thrown in this caseprotected InvalidCredentialsExceptionbuildInvalidCredentialsException(String message) checkCredentials(String login, String password) check credentials.login the user identified with login and password.voidlogout()log out the current user.voidsetPasswordEncoderService(PasswordEncoderService passwordEncoderService) voidsetUserService(UserService userService) Methods inherited from class de.hybris.platform.servicelayer.internal.service.AbstractBusinessService
getModelService, getSessionService, getTxManager, setModelService, setSessionService, setTxManagerMethods inherited from class de.hybris.platform.servicelayer.internal.service.AbstractService
afterPropertiesSet, getCurrentTenant, setBeanName, setCurrentTenant, writeReplace
-
Field Details
-
LOGIN_ANONYMOUS_ALWAYS_DISABLED
Configuration constant forlogin.anonymous.always.disabled/which allows changing the (default) disabling of the anonymous account.- See Also:
-
-
Constructor Details
-
DefaultAuthenticationService
public DefaultAuthenticationService()
-
-
Method Details
-
login
Description copied from interface:AuthenticationServicelogin the user identified with login and password. login means the credentials are checked and the user is being set as current user on the session (see UserService.setCurrentUser(UserModel)) Implementation note: The default implementation checks against the Jalo user UID and the password.- Specified by:
loginin interfaceAuthenticationService- Parameters:
login- the loginpassword- the password- Returns:
- the same usermodel that is also set as current user in the session
- Throws:
InvalidCredentialsException- if username/login does not match
-
checkCredentials
Description copied from interface:AuthenticationServicecheck credentials. this method does not set the user on the current session.- Specified by:
checkCredentialsin interfaceAuthenticationService- Parameters:
login- the loginpassword- the password- Returns:
- the UserModel
- Throws:
InvalidCredentialsException- if username/login does not match
-
logout
public void logout()Description copied from interface:AuthenticationServicelog out the current user. this closes the underlaying session- Specified by:
logoutin interfaceAuthenticationService
-
buildInvalidCredentialsException
for security reasons we should throw same exception for both cases:- user not found
- password does not match You can overwrite this method and adapt the exception and/or test that should be thrown in this case
- Returns:
- InvalidCredentialsException
-
buildInvalidCredentialsException
-
setUserService
-
setPasswordEncoderService
-