Class AuthenticationUtilities
java.lang.Object
com.thingworx.security.authentication.AuthenticationUtilities
@ThingworxExtensionApiClass(since={6,6},
canInstantiate=true)
public abstract class AuthenticationUtilities
extends Object
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic SecurityMonitorThingstatic final Stringstatic final Stringstatic final String -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic SecurityMonitorThingstatic voidhandleLogout(javax.servlet.http.HttpServletRequest httpRequest) static booleanmatchesLogoutRequest(javax.servlet.http.HttpServletRequest httpRequest) static voidredirectToMain(javax.servlet.http.HttpServletResponse httpResponse) static voidvalidateCredentials(String user, String password) static voidvalidateCredentials(String userName, String password, javax.servlet.http.HttpServletRequest req) static UservalidateEnabledThingworxUser(String userName) Deprecated.static UservalidateThingworxUser(String userName)
Validates the userName parameter specified.
-
Field Details
-
THINGWORX_SSO_AUTHENTICATOR_EXCEPTION
- See Also:
-
THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE
- See Also:
-
_securityMonitorThing
-
AUTHENTICATION_FAILED
- See Also:
-
-
Constructor Details
-
AuthenticationUtilities
public AuthenticationUtilities()
-
-
Method Details
-
getSecurityMonitorThing
@ThingworxExtensionApiMethod(since={6,6}) public static SecurityMonitorThing getSecurityMonitorThing() -
matchesLogoutRequest
@ThingworxExtensionApiMethod(since={6,6}) public static boolean matchesLogoutRequest(javax.servlet.http.HttpServletRequest httpRequest) -
handleLogout
@ThingworxExtensionApiMethod(since={6,6}) public static void handleLogout(javax.servlet.http.HttpServletRequest httpRequest) -
validateCredentials
@ThingworxExtensionApiMethod(since={6,6}) public static void validateCredentials(String user, String password) throws AuthenticatorException - Throws:
AuthenticatorException- If an error occurs
-
validateCredentials
@ThingworxExtensionApiMethod(since={6,6}) public static void validateCredentials(String userName, String password, javax.servlet.http.HttpServletRequest req) throws AuthenticatorException - Throws:
AuthenticatorException- If an error occurs
-
validateThingworxUser
@ThingworxExtensionApiMethod(since={6,6}) public static User validateThingworxUser(String userName) throws AuthenticatorException
Validates the userName parameter specified. AUseris valid if it exists, if it is enabled, if it is not locked. The user and its password are not verified/validated against a external Directory Service, if one is configured. The user is only validated against the User state data (exception password) contained within Thingworx. This method is most useful in CustomAuthenticator implementations that want to validate the User state data within Thingworx, but validate the password externally, for instance in an IDP.- Parameters:
userName- The name of theUser- Returns:
- The valid
User - Throws:
AuthenticatorException- If the user is not valid this exception is thrown containing anInvalidRequestException. TheInvalidRequestExceptioncontains a failed authentication message and a unauthorized status code
-
validateEnabledThingworxUser
@Deprecated @ThingworxExtensionApiMethod(since={6,6}) public static User validateEnabledThingworxUser(String userName) throws AuthenticatorException Deprecated.- Parameters:
userName- Name of theUser.- Returns:
- The
User - Throws:
AuthenticatorException- If an error occurs.
-
redirectToMain
@ThingworxExtensionApiMethod(since={6,6}) public static void redirectToMain(javax.servlet.http.HttpServletResponse httpResponse) throws IOException - Throws:
IOException- If an error occurs
-
validateThingworxUser(String)