Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
SAP NetWeaver 7.20 (SP01) Composition Environment
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
com.sap.security.api.logon

Interface ILogonAuthentication

All Superinterfaces:
IAuthentication, IConfigurable
public interface ILogonAuthentication
extends IAuthentication

Extension from IAuthentication that provides more powerful authentication services. This interface is used only in portal authentication framework.

Method Summary
 IAuthScheme getAuthScheme(String authschemeName)
          Returns auth scheme by its name if available
 IAuthScheme[] getAuthSchemes()
          Returns the available auth schemes.
 ILogonFrontend getLogonFrontend(String authSchemeName)
          Returns the LogonFrontend for the auth scheme.
 boolean isAuthenticated(IUser user)
          Deprecated.  
 boolean isAuthSchemeSufficient(IUser user, String authscheme)
          Checks if the current logged in user has satisfied the autscheme with name authscheme.
 Subject logon(HttpServletRequest req, HttpServletResponse resp, String authscheme)
          Function that is intended for programmatic logon.
 
Methods inherited from interface com.sap.security.api.IAuthentication
forceLoggedInUser, forceLogoffUser, getLoggedInUser, getLoggedInUser, logout
 
Methods inherited from interface com.sap.security.api.IConfigurable
initialize
 

Method Detail

logon

Subject logon(HttpServletRequest req,
              HttpServletResponse resp,
              String authscheme)
              throws LoginException
Function that is intended for programmatic logon. Internally, this function is called by IAuthentication.forceLoggedInUser(HttpServletRequest,HttpServletResponse ). The function follows the specific syntax: The parameter authscheme determines which logon variant will be used, e.g. which authentication mechanism will be used. On successful return (i.e. if no exception is being thrown) a Subject is returned. In order to get an IUser object from this subject, call Subject.getPrincipals() and iterate through the returned Set of principals.

For error situations please see the below list of possible exceptions.

Parameters:
req - HttpServletRequest
resp - HttpServletResponse
authscheme - The name of the authscheme to perform logon.
Returns:
The subject or null otherwise.
Throws:
LoginException - if the logon fails. The message of the exception is the key for the error message.
Possible keys are
  • SecurityPolicy.USER_AUTH_FAILED: general logon failure. Logon id or password wrong, logon id not existent etc.
  • SecurityPolicy.ACCOUNT_LOCKED_LOGON: the user account is locked due to logon failures.
  • SecurityPolicy.CERT_AUTH_FAILED: the client certificate is not mapped to a user.
  • SecurityPolicy.ACCOUNT_LOCKED_ADMIN: the user account is locked by administrator and can't logon.
  • SecurityPolicy.SAPSTAR_ACTIVATED: the super user SAP* is activated and therefore no other user can logon.
  • SecurityPolicy.PASSWORD_EXPIRED: the user's password has expired.

isAuthSchemeSufficient

boolean isAuthSchemeSufficient(IUser user,
                               String authscheme)
Checks if the current logged in user has satisfied the autscheme with name authscheme.

Parameters:
user - object returned by IAuthentication.getLoggedInUser().
authscheme - authscheme to be satisfied
Returns:
true if yes, false if not.

getLogonFrontend

ILogonFrontend getLogonFrontend(String authSchemeName)
Returns the LogonFrontend for the auth scheme.

Parameters:
authSchemeName - name of the auth scheme
Returns:
the logon frontend or null

getAuthSchemes

IAuthScheme[] getAuthSchemes()
Returns the available auth schemes.

Returns:
the auth schemes

getAuthScheme

IAuthScheme getAuthScheme(String authschemeName)
Returns auth scheme by its name if available

Returns:
the auth scheme or null if it does not exist

isAuthenticated

boolean isAuthenticated(IUser user)
Deprecated. 

Check if the current user is already authenticated, i.e. if the IUser object is result of an authentication process.

Parameters:
user - user to check.
Returns:
true if authenticated, otherwise false.
Access Rights

This class can be accessed from:







SC


DC






[sap.com] ENGINEAPI


[sap.com] com.sap.security.api.sda






[sap.com] ENGFACADE


[sap.com] tc/je/usermanagement/api






[sap.com] CORE-TOOLS


[sap.com] com.sap.engine.client.lib





















  

      Overview 
      Package 
    Class 
      Use 
      Tree 
      Deprecated 
      Index 
      Help 
  





SAP NetWeaver 7.20 (SP01) Composition Environment







 PREV CLASS 
 NEXT CLASS

  FRAMES   
 NO FRAMES   
 









  SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD









Copyright 2010 SAP AG Complete Copyright Notice