Package com.arsdigita.kernel.security

Provides user authentication, session tracking, and cryptography services.

See:
Description

Interface Summary

KeyStorage	This interface is an implementation detail that you most likely don't want to use or rely on.
SecurityHelper	Provides methods for determining security properties for a request.

Class Summary

AdminLoginModule	Supports login as an aribtrary user by checking whether a user ID has been set for the Subject.
CookieLoginModule	Logs in a user if the user has a valid authentication cookie.
CookieManager	Manages a string value stored in a cookie.
Credential	A unit of data that contains a string value, an expiration date, and a tamper-proof validator.
CredentialLoginModule	Loads an ID from a credential stored in the current HTTP request (for example, cookie or URL parameter).
CredentialManager	Provides methods for saving, retrieving, and deleting a string value from HTTP requests and responses.
Crypto	Provides cryptographic functions and stores the server's secret key.
DefaultSecurityHelper	Default implementation of SecurityHelper interface.
HTTPRequestCallback	Callback to retrieve the current HttpServletRequest.
HTTPResponseCallback	Callback to retrieve the current HttpServletResponse.
Initializer	Initializes security properties.
LifetimeCallback	Callback to determine whether the current login should last "forever" or just until the end of the current session.
LocalLoginModule	Checks a username and password in the database using com.arsdigita.kernel.UserAuthentication.
LoginConfig	Parses a login Configuration from an Initializer entry.
LoginContext	An in-house implementation of JAAS's LoginContext class.
MappingLoginModule	Superclass of LoginModules that map usernames to user IDs.
ParanoidSecurityHelper	Implementation of the SecurityHelper interface that always returns true for isSecure.
PartyPrincipal	A Principal that stores a numeric ID, such as a party ID.
PasswordLoginModule	Superclass of LoginModules that authenticate users using a username and password.
RecoveryLoginModule	Logs in a user for password recovery if the user has a valid authentication URL parameter.
SecurityConfig	SecurityConfig
SecurityLogger	Logs security-relevant events to a distinguished log category.
SecurityParameterProvider	Determines the URL parameters needed for user tracking.
SessionContext	Provide access to the JSESSIONID value as a BigDecimal.
URLLoginModule	Logs in a user if the user has a valid authentication URL parameter.
URLManager	Manages a string value stored in a URL parameter.
UserContext	Provides methods for logging in and logging out the current user and accessing the user ID.
UserIDLoginModule	Translates a username to a user ID using com.arsdigita.kernel.UserAuthentication.
UserLoginModule	Authenticates a user (loads a user ID) from a credential stored in the current HTTP request.
Util	Utility package of static security methods

Exception Summary

AccountException	Represents an error encountered while accessing a user account during login.
AccountExpiredException	Thrown when an account is accessed while expired.
AccountLockedException	Thrown when an account is accessed while locked.
AccountNotFoundException	Thrown when an account is not found.
CredentialEncodingException	Thrown when there is an error encoding a credential.
CredentialException	Represents an error encountered while handling an authentication credential during login.
CredentialExpiredException	Thrown when a credential has expired.
CredentialNotFoundException	Thrown when a credential is not found.
CredentialNotYetValidException	Thrown when a credential is not yet valid.
CredentialParsingException	Thrown when there is an error parsing a credential.
KernelLoginException

Package com.arsdigita.kernel.security Description

Provides user authentication, session tracking, and cryptography services. Supports Pluggable Authentication Modules (PAM) using the Java Authentication and Authorization Services (JAAS) API.