Package com.thingworx.security.authentication

Class AuthenticationUtilities

java.lang.Object

com.thingworx.security.authentication.AuthenticationUtilities

@ThingworxExtensionApiClass(since={6,6},
                            canInstantiate=true)
public abstract class AuthenticationUtilities
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
static SecurityMonitorThing	_securityMonitorThing
static final String	AUTHENTICATION_FAILED
static final String	THINGWORX_SSO_AUTHENTICATOR_EXCEPTION
static final String	THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

Constructor Summary

Constructors

Constructor	Description
AuthenticationUtilities()	Initializes this instace with default values.

Method Summary

Modifier and Type	Method	Description
static SecurityMonitorThing	getSecurityMonitorThing()
static void	handleLogout(jakarta.servlet.http.HttpServletRequest httpRequest)
static boolean	matchesLogoutRequest(jakarta.servlet.http.HttpServletRequest httpRequest)
static void	redirectToMain(jakarta.servlet.http.HttpServletResponse httpResponse)
static void	validateCredentials(String user, String password)
static void	validateCredentials(String userName, String password, jakarta.servlet.http.HttpServletRequest req)
static User	validateEnabledThingworxUser(String userName)	Deprecated. Use validateThingworxUser(String)
static User	validateThingworxUser(String userName)	Validates the userName parameter specified.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

public static final String THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

See Also:

• Constant Field Values

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

public static final String THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

See Also:

• Constant Field Values

_securityMonitorThing

public static SecurityMonitorThing _securityMonitorThing

AUTHENTICATION_FAILED

public static final String AUTHENTICATION_FAILED

See Also:

• Constant Field Values

Constructor Details

AuthenticationUtilities

public AuthenticationUtilities()

Initializes this instace with default values.

Method Details

getSecurityMonitorThing

@ThingworxExtensionApiMethod(since={6,6})
public static SecurityMonitorThing getSecurityMonitorThing()

matchesLogoutRequest

@ThingworxExtensionApiMethod(since={6,6})
public static boolean matchesLogoutRequest(jakarta.servlet.http.HttpServletRequest httpRequest)

handleLogout

@ThingworxExtensionApiMethod(since={6,6})
public static void handleLogout(jakarta.servlet.http.HttpServletRequest httpRequest)

validateCredentials

@ThingworxExtensionApiMethod(since={6,6})
public static void validateCredentials(String user,
 String password)
                                throws AuthenticatorException

Throws:

AuthenticatorException

validateCredentials

@ThingworxExtensionApiMethod(since={6,6})
public static void validateCredentials(String userName,
 String password,
 jakarta.servlet.http.HttpServletRequest req)
                                throws AuthenticatorException

Throws:

AuthenticatorException

validateThingworxUser

@ThingworxExtensionApiMethod(since={6,6})
public static User validateThingworxUser(String userName)
                                  throws AuthenticatorException

Validates the userName parameter specified. A User is valid if it exists, if it is enabled, if it is not locked. The user and its password are not verified/validated against a external Directory Service, if one is configured. The user is only validated against the User state data (exception password) contained within Thingworx. This method is most useful in CustomAuthenticator implementations that want to validate the User state data within Thingworx, but validate the password externally, for instance in an IDP.

Parameters:

userName - The name of the User

Returns:

The valid User

Throws:

AuthenticatorException - If the user is not valid this exception is thrown containing an InvalidRequestException. The InvalidRequestException contains a failed authentication message and a unauthorized status code

validateEnabledThingworxUser

@Deprecated
@ThingworxExtensionApiMethod(since={6,6})
public static User validateEnabledThingworxUser(String userName)
                                         throws AuthenticatorException

Deprecated.

Use validateThingworxUser(String)

Parameters:

userName - Name of the User.

Returns:

The User

Throws:

AuthenticatorException - If an error occurs.

redirectToMain

@ThingworxExtensionApiMethod(since={6,6})
public static void redirectToMain(jakarta.servlet.http.HttpServletResponse httpResponse)
                           throws IOException

Throws:

IOException