Interface SystemAuthenticationControl.ScriptBuilder

Enclosing interface:
SystemAuthenticationControl

public static interface SystemAuthenticationControl.ScriptBuilder
A script builder may be used to create a script of commands to apply to the system authentication store at the server.

Each method call on the builder adds a line to the script and then the script may be built using the script method which produces a String script which may be sent to the server using updateStore.

Such a builder may be created using the scriptBuilder method.

From Diffusion 6.5, script builders are no longer immutable. Each builder operation mutates this script builder and returns it.

  • Method Details

    • addPrincipal

      SystemAuthenticationControl.ScriptBuilder addPrincipal(String name, String password, Set<String> roles)
      Add a new principal.

      The script will fail if the principal is already defined at the server.

      Parameters:
      name - principal name
      password - password
      roles - assigned roles, may be empty
      Returns:
      this builder, modified to add the principal
    • addPrincipal

      SystemAuthenticationControl.ScriptBuilder addPrincipal(String name, String password, Set<String> roles, String lockingPrincipal)
      Add a new locked principal.

      A locked principal can only be edited by the principal defined in the lock. The script will fail if the principal is already defined at the server.

      Parameters:
      name - principal name
      password - password
      roles - assigned roles, may be empty
      lockingPrincipal - the name of the principal that can edit this principal
      Returns:
      this builder, modified to add the principal
    • setPassword

      SystemAuthenticationControl.ScriptBuilder setPassword(String principal, String password)
      Set a principal's password.

      The principal must already be defined at the server in order to set the password.

      Parameters:
      principal - principal name
      password - password
      Returns:
      this builder, modified to set the password
    • verifyPassword

      SystemAuthenticationControl.ScriptBuilder verifyPassword(String principal, String password)
      Assert that a principal's password is password.

      This command does not update the store. It can be used in conjunction with setPassword to create a script that updates a password only if the previous password is supplied.

      Parameters:
      principal - principal name
      password - password
      Returns:
      this builder, modified to verify the password
    • assignRoles

      Change a principal's assigned roles.

      The specified principal must already be defined at the server.

      Parameters:
      principal - principal name
      roles - assigned roles
      Returns:
      this builder, modified to assign the roles
    • removePrincipal

      Remove a principal.

      The principal must be one that is already defined at the server.

      Parameters:
      principal - principal name
      Returns:
      this builder, modified to remove the principal
    • allowAnonymousConnections

      SystemAuthenticationControl.ScriptBuilder allowAnonymousConnections(Set<String> roles)
      Instruct the system authentication handler to allow anonymous connections.
      Parameters:
      roles - roles to assign to anonymous sessions. This may be empty
      Returns:
      this builder, modified to allow anonymous connections
    • denyAnonymousConnections

      SystemAuthenticationControl.ScriptBuilder denyAnonymousConnections()
      Instruct the system authentication handler to deny anonymous connections.
      Returns:
      this builder, modified to deny anonymous connections
    • abstainAnonymousConnections

      SystemAuthenticationControl.ScriptBuilder abstainAnonymousConnections()
      Instruct the system authentication handler to defer authentication decisions for anonymous connections to subsequent handlers.
      Returns:
      this builder, modified to abstain from authentication decisions for anonymous connections
    • trustClientProposedPropertyIn

      SystemAuthenticationControl.ScriptBuilder trustClientProposedPropertyIn(String propertyName, Set<String> allowedValues)
      Specifies the name of a client proposed session property that should be allowed by the system authenticator along with a set of permissible values. The property will only be allowed if the supplied value matches one of those in the set of values specified.
      Parameters:
      propertyName - specifies the name of the client proposed property to be allowed
      allowedValues - specifies a set of allowed values for the client proposed property
      Returns:
      this builder, modified to allow the specified client proposed property if its value matches one of those supplied
      Since:
      6.5
    • trustClientProposedPropertyMatches

      SystemAuthenticationControl.ScriptBuilder trustClientProposedPropertyMatches(String propertyName, String regex)
      Specifies the name of a client proposed session property that should be allowed by the system authenticator along with a regular expression to validate the property value. The property will only be allowed if the supplied value matches with the regular expression.
      Parameters:
      propertyName - specifies the name of the client proposed property to be allowed
      regex - regular expression which will be matched against supplied values to determine whether they are valid
      Returns:
      this builder, modified to allow the specified client proposed property if its value matches the given regular expression
      Since:
      6.5
    • ignoreClientProposedProperty

      SystemAuthenticationControl.ScriptBuilder ignoreClientProposedProperty(String propertyName)
      Specifies the name of a client proposed session property that should now be ignored by the system authenticator.

      This removes the effect of a previous request to trust the named property using trustClientProposedPropertyIn(java.lang.String, java.util.Set<java.lang.String>) or trustClientProposedPropertyMatches(java.lang.String, java.lang.String).

      Parameters:
      propertyName - specifies the name of the client proposed property to be ignored
      Returns:
      this builder, modified to ignore the specified client proposed property
      Since:
      6.5
    • append

      Append all the operations of other to this ScriptBuilder.
      Returns:
      a combined script builder
      Since:
      6.0
    • script

      String script()
      Create a script.
      Returns:
      the script