java.lang.Object
- com.thingworx.security.authentication.AuthenticationUtilities

@ThingworxExtensionApiClass(since={6,6},
                            canInstantiate=true)
public abstract class AuthenticationUtilities
extends java.lang.Object

Field Summary

Fields
Modifier and Type	Field	Description
`static SecurityMonitorThing`	`_securityMonitorThing`
`static java.lang.String`	`AUTHENTICATION_FAILED`
`static java.lang.String`	`THINGWORX_SSO_AUTHENTICATOR_EXCEPTION`
`static java.lang.String`	`THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE`

Constructor Summary

Constructors
Constructor Description

AuthenticationUtilities()

Method Summary

All Methods Static Methods Concrete Methods Deprecated Methods
Modifier and Type	Method	Description
`static SecurityMonitorThing`	`getSecurityMonitorThing()`
`static void`	`handleLogout(javax.servlet.http.HttpServletRequest httpRequest)`
`static boolean`	`matchesLogoutRequest(javax.servlet.http.HttpServletRequest httpRequest)`
`static void`	`redirectToMain(javax.servlet.http.HttpServletResponse httpResponse)`
`static void`	`validateCredentials(java.lang.String user, java.lang.String password)`
`static void`	`validateCredentials(java.lang.String userName, java.lang.String password, javax.servlet.http.HttpServletRequest req)`
`static User`	`validateEnabledThingworxUser(java.lang.String userName)`	Deprecated. Use `validateThingworxUser(String)`
`static User`	`validateThingworxUser(java.lang.String userName)`	Validates the userName parameter specified.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

public static final java.lang.String THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

See Also:: Constant Field Values

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

public static final java.lang.String THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

See Also:: Constant Field Values

_securityMonitorThing

public static SecurityMonitorThing _securityMonitorThing

AUTHENTICATION_FAILED

public static final java.lang.String AUTHENTICATION_FAILED

See Also:: Constant Field Values

Constructor Detail
- AuthenticationUtilities
```
public AuthenticationUtilities()
```

Method Detail

getSecurityMonitorThing

@ThingworxExtensionApiMethod(since={6,6})
public static SecurityMonitorThing getSecurityMonitorThing()

matchesLogoutRequest

@ThingworxExtensionApiMethod(since={6,6})
public static boolean matchesLogoutRequest(javax.servlet.http.HttpServletRequest httpRequest)

handleLogout

@ThingworxExtensionApiMethod(since={6,6})
public static void handleLogout(javax.servlet.http.HttpServletRequest httpRequest)

validateCredentials

@ThingworxExtensionApiMethod(since={6,6})
public static void validateCredentials(java.lang.String user,
                                       java.lang.String password)
                                throws AuthenticatorException

Throws:: AuthenticatorException - If an error occurs

validateCredentials

@ThingworxExtensionApiMethod(since={6,6})
public static void validateCredentials(java.lang.String userName,
                                       java.lang.String password,
                                       javax.servlet.http.HttpServletRequest req)
                                throws AuthenticatorException

Throws:: AuthenticatorException - If an error occurs

validateThingworxUser
```
@ThingworxExtensionApiMethod(since={6,6})
public static User validateThingworxUser(java.lang.String userName)
                                  throws AuthenticatorException
```
Validates the userName parameter specified. A User is valid if it exists, if it is enabled, if it is not locked. The user and its password are not verified/validated against a external Directory Service, if one is configured. The user is only validated against the User state data (exception password) contained within Thingworx. This method is most useful in CustomAuthenticator implementations that want to validate the User state data within Thingworx, but validate the password externally, for instance in an IDP.

Parameters:

userName - The name of the User

Returns:

The valid User

Throws:

AuthenticatorException - If the user is not valid this exception is thrown containing an InvalidRequestException. The InvalidRequestException contains a failed authentication message and a unauthorized status code

validateEnabledThingworxUser

@Deprecated
@ThingworxExtensionApiMethod(since={6,6})
public static User validateEnabledThingworxUser(java.lang.String userName)
                                         throws AuthenticatorException

Deprecated.

Use validateThingworxUser(String)

Parameters:: userName - Name of the User.
Returns:: The User
Throws:: AuthenticatorException - If an error occurs.

redirectToMain

@ThingworxExtensionApiMethod(since={6,6})
public static void redirectToMain(javax.servlet.http.HttpServletResponse httpResponse)
                           throws java.io.IOException

Throws:: java.io.IOException - If an error occurs

Class AuthenticationUtilities

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

_securityMonitorThing

AUTHENTICATION_FAILED

Constructor Detail

AuthenticationUtilities

Method Detail

getSecurityMonitorThing

matchesLogoutRequest

handleLogout

validateCredentials

validateCredentials

validateThingworxUser

validateEnabledThingworxUser

redirectToMain