Style Intelligence v12.0

inetsoft.sree.security
Class SecurityEngine

java.lang.Object
  extended by inetsoft.sree.security.SecurityEngine

public class SecurityEngine
extends Object

This class is a factory class, which creates a SecurityProvider instance depending on the configuration of system security using EM Gui. It shields the general users from the lower implementations and provides a simpler programming interface. It also keeps a private set of entries, which are autenticated successfully.


Method Summary
 void addLoginListener(LoginListener listener)
          Add login listener.
 Principal authenticate(ClientInfo user, Object credential)
          It checks the authentication of specific entity.
static boolean authenticateAdmin(String userid, Object ticket)
          Authenticate the admin user.
static boolean authenticateEMUser(String userid, Object ticket, Principal principal)
           
 void changePassword(Principal principal, String password)
          Change the password for an entity.
 boolean checkPermission(Principal principal, String resource, char acc)
          Check the permission to access a resource.
static void clear()
          Clear the cached security object to the key.
 boolean containsAnonymous()
          Check if contains user anonymous.
 void fireLoginEvent(SRPrincipal user)
          Fire login event.
 ArrayList getActivePrincipalList()
          Get the active Principal list.
 SecurityProvider getDefaultSecurityProvider()
          Get default security provider.
 Set getEditableGroups(Principal principal)
          Get editable groups for current user, include: 1: direct groups 2: direct groups' sub groups for example, inetsoft(group) contains BJ(group) and (XiAn), BJDev(group) is in BJ, User1(user) is in BJ and BJDev, then for User1, this function should return BJ and BJDev.
 Set getEditableUsers(Principal principal)
          Get editable users, include all users in editable groups.
 String[] getEmails(String user)
          Get a list of all emails for a user.
 String[] getGroups()
          Get a list of all groups defined in the system.
 IdentityInfo getIdentityInfo(String name, int type)
          Get IdentityInfo by a name and type of identity.
 String[] getIndividualEmailAddresses()
          Get a list the email addresses of users that do not belong to any group.
 String[] getIndividualUsers()
          Get a list of all users not in any group except INDIVIDUAL.
static long getLastModified()
          Gets the date and time at which the security settings were last modified.
 Permission getPermission(String resource)
          Get the permission for the specified resource.
static Random getRandom()
          Get the random number generator for principals.
 String[] getRoles()
          Get a list of all roles in the system.
 String[] getRoles(String user)
          Get a list of all roles bound to a specific user.
 String[] getRootGroup(Principal principal)
          Get the direct root groups which contains the user, for example: inetsoft(group) contains BJ(group) and XiAn(group), User1(user) in group inetsoft and group BJ, then this function should return inetsoft.
static SecurityEngine getSecurity()
          Get a SecurityEngine object.
 SecurityProvider getSecurityProvider()
          Get the SecurityProvider object used by this system.
 inetsoft.uql.util.IdentityNode[] getSubIdentities(inetsoft.uql.util.IdentityNode node)
          Get sub nodes of security tree.
 inetsoft.uql.util.IdentityNode[] getSubIdentities(inetsoft.uql.util.IdentityNode node, String userFilter, String groupFilter, String roleFilter, boolean showUsers, boolean showGroups, boolean showRoles)
          Get sub nodes of security tree.
 String getUser(Principal principal)
          Get the user id from the principal.
 String[] getUsers()
          Get a list of all users in the system.
 String[] getUsers(String group)
          Get a list of all users in a group.
 SecurityProvider getVirtualSecurityProvider()
          Get the VirtualSecurityProvider object used by this system.
 Set getVisibleGroups(Principal principal)
          Get visible groups for current user, include: 1: editable groups 2: direct groups' parent groups for example, inetsoft(group) contains BJ(group) and (XiAn), BJDev(group) is in BJ, User1(user) is in BJ and BJDev, then for User1, this function should return inetsoft(visible but non-editable), BJ and BJDev(editable).
 void init()
          Initialize the engine.
 boolean isActiveUser(Principal principal)
          Determines if the specified principal has been authenticated and has an active session.
static boolean isAdministrator(String roleid)
          Return if the role is ADMINISTRATOR role or not.
static boolean isAdministratorGroup(String groupid)
          Return if the role is ADMINISTRATOR group or not.
 boolean isSameGroup(Principal principal, String otherUserName)
           
 boolean isValidIdentity(inetsoft.uql.util.Identity identity)
          Check if the specified identity is valid or not.
 boolean isValidUser(Principal principal)
          Check whether this user has logged in or not.
 void logout(Principal principal)
          Log the user out of the system.
static void removeIdentityCache(String name, int type)
           
 void removeLoginListener(LoginListener listener)
          Remove login listener.
 void removePermission(String resource)
          Remove the user permission.
 void setPermission(String resource, Permission perm)
          Set the permission for a specific resource.
static void touch()
          Updates the modification time stamp to the current date and time.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

init

public void init()
          throws SRSecurityException
Initialize the engine. This method must be called if the SecurityProvider is changed using EM Adm.

Throws:
SRSecurityException

getSecurity

public static SecurityEngine getSecurity()
                                  throws SRSecurityException
Get a SecurityEngine object.

Returns:
a SecurityEngine object
Throws:
SRSecurityException

addLoginListener

public void addLoginListener(LoginListener listener)
Add login listener.


removeLoginListener

public void removeLoginListener(LoginListener listener)
Remove login listener.


authenticateAdmin

public static boolean authenticateAdmin(String userid,
                                        Object ticket)
Authenticate the admin user.


authenticateEMUser

public static boolean authenticateEMUser(String userid,
                                         Object ticket,
                                         Principal principal)

clear

public static void clear()
Clear the cached security object to the key.


authenticate

public Principal authenticate(ClientInfo user,
                              Object credential)
It checks the authentication of specific entity. If the authentication succeeds, the entity will be saved.

Parameters:
user - the client info of the user to be authenticated.
credential - it wraps up the some secure message, such as user id and password
Returns:
a Principal Object if no security provider is set or the authentication checking is succeed or null if the authentication checking fails.

containsAnonymous

public boolean containsAnonymous()
Check if contains user anonymous.


fireLoginEvent

public void fireLoginEvent(SRPrincipal user)
Fire login event.


isAdministratorGroup

public static boolean isAdministratorGroup(String groupid)
Return if the role is ADMINISTRATOR group or not.


isAdministrator

public static boolean isAdministrator(String roleid)
Return if the role is ADMINISTRATOR role or not.


logout

public void logout(Principal principal)
Log the user out of the system.

Parameters:
principal - it represents an entity

getUsers

public String[] getUsers()
Get a list of all users in the system.

Returns:
list of users.

getUsers

public String[] getUsers(String group)
Get a list of all users in a group.

Returns:
list of users

getIndividualUsers

public String[] getIndividualUsers()
Get a list of all users not in any group except INDIVIDUAL.

Returns:
list of users.

getEmails

public String[] getEmails(String user)
Get a list of all emails for a user.

Returns:
list of emails.

getUser

public String getUser(Principal principal)
Get the user id from the principal.

Parameters:
principal - it represents an entity
Returns:
the user id

getGroups

public String[] getGroups()
Get a list of all groups defined in the system. If groups are nested, only the top level groups should be returned.

Returns:
a list of groups.

getRoles

public String[] getRoles(String user)
Get a list of all roles bound to a specific user.

Parameters:
user - user id
Returns:
a list of roles.

getRoles

public String[] getRoles()
Get a list of all roles in the system.

Returns:
a list of roles.

getIndividualEmailAddresses

public String[] getIndividualEmailAddresses()
Get a list the email addresses of users that do not belong to any group.

Returns:
a list of email addresses.

setPermission

public void setPermission(String resource,
                          Permission perm)
Set the permission for a specific resource. It is ignored if no security is provided.

Parameters:
resource - resource name, such as a replet path or a saved report path.
perm - permission setting.

removePermission

public void removePermission(String resource)
Remove the user permission. It is ignored if no security is provided.

Parameters:
resource - resource name, such as a replet registry name or a saved report path.

getPermission

public Permission getPermission(String resource)
Get the permission for the specified resource.

Parameters:
resource - resource name.
Returns:
permission setting or null if no permission is set for this resource.

checkPermission

public boolean checkPermission(Principal principal,
                               String resource,
                               char acc)
                        throws SecurityException
Check the permission to access a resource. It always returns true if no security is provided.

Parameters:
principal - it represents an entity
resource - resource name.
acc - permission. 'r' for read, 'w' for write, and 'd' for delete.
Returns:
true if the permission is granted to this principal
Throws:
if - the principal did not login
SecurityException

changePassword

public void changePassword(Principal principal,
                           String password)
                    throws SRSecurityException
Change the password for an entity. It is supported only on the security realms with password.

Parameters:
principal - it represents an entity
password - the new password
Throws:
SRSecurityException - if changing password failed.
SRSecurityException

getSecurityProvider

public SecurityProvider getSecurityProvider()
Get the SecurityProvider object used by this system.

Returns:
a SecurityProvider instance or null if no security provided is defined

getVirtualSecurityProvider

public SecurityProvider getVirtualSecurityProvider()
Get the VirtualSecurityProvider object used by this system.


getDefaultSecurityProvider

public SecurityProvider getDefaultSecurityProvider()
Get default security provider.


getSubIdentities

public inetsoft.uql.util.IdentityNode[] getSubIdentities(inetsoft.uql.util.IdentityNode node)
Get sub nodes of security tree. For better performance, user does not contain email, groups, roles, etc.


getSubIdentities

public inetsoft.uql.util.IdentityNode[] getSubIdentities(inetsoft.uql.util.IdentityNode node,
                                                         String userFilter,
                                                         String groupFilter,
                                                         String roleFilter,
                                                         boolean showUsers,
                                                         boolean showGroups,
                                                         boolean showRoles)
Get sub nodes of security tree. For better performance, user does not contain email, groups, roles, etc.


isActiveUser

public boolean isActiveUser(Principal principal)
Determines if the specified principal has been authenticated and has an active session.

Parameters:
principal - the principal to check.
Returns:
true if active; false otherwise.

isValidUser

public boolean isValidUser(Principal principal)
Check whether this user has logged in or not.


getIdentityInfo

public IdentityInfo getIdentityInfo(String name,
                                    int type)
Get IdentityInfo by a name and type of identity.

Parameters:
name - Name of the Identity
type - Type of the Identity

removeIdentityCache

public static void removeIdentityCache(String name,
                                       int type)

getRootGroup

public String[] getRootGroup(Principal principal)
Get the direct root groups which contains the user, for example: inetsoft(group) contains BJ(group) and XiAn(group), User1(user) in group inetsoft and group BJ, then this function should return inetsoft.


isSameGroup

public boolean isSameGroup(Principal principal,
                           String otherUserName)

getEditableGroups

public Set getEditableGroups(Principal principal)
Get editable groups for current user, include: 1: direct groups 2: direct groups' sub groups for example, inetsoft(group) contains BJ(group) and (XiAn), BJDev(group) is in BJ, User1(user) is in BJ and BJDev, then for User1, this function should return BJ and BJDev.


getEditableUsers

public Set getEditableUsers(Principal principal)
Get editable users, include all users in editable groups. for example, inetsoft(group) contains BJ(group) and (XiAn), BJDev(group) is in BJ, User1(user) is in BJ, User2(user) is in BJDev, then for User1, this function should return User1 and User2.


getVisibleGroups

public Set getVisibleGroups(Principal principal)
Get visible groups for current user, include: 1: editable groups 2: direct groups' parent groups for example, inetsoft(group) contains BJ(group) and (XiAn), BJDev(group) is in BJ, User1(user) is in BJ and BJDev, then for User1, this function should return inetsoft(visible but non-editable), BJ and BJDev(editable).


isValidIdentity

public boolean isValidIdentity(inetsoft.uql.util.Identity identity)
Check if the specified identity is valid or not.


getActivePrincipalList

public ArrayList getActivePrincipalList()
Get the active Principal list.


getRandom

public static Random getRandom()
Get the random number generator for principals.


getLastModified

public static long getLastModified()
Gets the date and time at which the security settings were last modified.

Returns:
the modification time stamp.

touch

public static void touch()
Updates the modification time stamp to the current date and time.

See Also:
getLastModified()

Copyright © 1996-2014 InetSoft Technology Corp. All Rights Reserved.