com.thingworx.security.authentication

Class AuthenticationUtilities

java.lang.Object

com.thingworx.security.authentication.AuthenticationUtilities

@ThingworxExtensionApiClass(since={6,6},
                            canInstantiate=true)
public abstract class AuthenticationUtilities
extends java.lang.Object

Field Summary

Fields

Modifier and Type	Field and Description
static SecurityMonitorThing	_securityMonitorThing
static java.lang.String	AUTHENTICATION_FAILED
static java.lang.String	THINGWORX_SSO_AUTHENTICATOR_EXCEPTION
static java.lang.String	THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

Constructor Summary

Constructors

Constructor and Description
AuthenticationUtilities()

Method Summary

Modifier and Type	Method and Description
static SecurityMonitorThing	getSecurityMonitorThing()
static void	handleLogout(javax.servlet.http.HttpServletRequest httpRequest)
static boolean	matchesLogoutRequest(javax.servlet.http.HttpServletRequest httpRequest)
static void	redirectToMain(javax.servlet.http.HttpServletResponse httpResponse)
static void	validateCredentials(java.lang.String user, java.lang.String password)
static void	validateCredentials(java.lang.String userName, java.lang.String password, javax.servlet.http.HttpServletRequest req)
static User	validateEnabledThingworxUser(java.lang.String userName) Deprecated. Use validateThingworxUser(String)
static User	validateThingworxUser(java.lang.String userName) Validates the userName parameter specified.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

public static final java.lang.String THINGWORX_SSO_AUTHENTICATOR_EXCEPTION

See Also:

Constant Field Values

THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

public static final java.lang.String THINGWORX_SSO_AUTHENTICATOR_EXCEPTION_RECOVERABLE

See Also:

Constant Field Values

_securityMonitorThing

public static SecurityMonitorThing _securityMonitorThing

AUTHENTICATION_FAILED

public static final java.lang.String AUTHENTICATION_FAILED

See Also:

Constant Field Values

Constructor Detail

AuthenticationUtilities

public AuthenticationUtilities()

Method Detail

getSecurityMonitorThing

@ThingworxExtensionApiMethod(since={6,6})
public static SecurityMonitorThing getSecurityMonitorThing()

matchesLogoutRequest

@ThingworxExtensionApiMethod(since={6,6})
public static boolean matchesLogoutRequest(javax.servlet.http.HttpServletRequest httpRequest)

handleLogout

@ThingworxExtensionApiMethod(since={6,6})
public static void handleLogout(javax.servlet.http.HttpServletRequest httpRequest)

validateCredentials

@ThingworxExtensionApiMethod(since={6,6})
public static void validateCredentials(java.lang.String user,
                                                                                 java.lang.String password)
                                                                          throws AuthenticatorException

Throws:

AuthenticatorException - If an error occurs

validateCredentials

@ThingworxExtensionApiMethod(since={6,6})
public static void validateCredentials(java.lang.String userName,
                                                                                 java.lang.String password,
                                                                                 javax.servlet.http.HttpServletRequest req)
                                                                          throws AuthenticatorException

Throws:

AuthenticatorException - If an error occurs

validateThingworxUser

@ThingworxExtensionApiMethod(since={6,6})
public static User validateThingworxUser(java.lang.String userName)
                                                                            throws AuthenticatorException

Validates the userName parameter specified. A User is valid if it exists, if it is enabled, if it is not locked. The user and its password are not verified/validated against a external Directory Service, if one is configured. The user is only validated against the User state data (exception password) contained within Thingworx. This method is most useful in CustomAuthenticator implementations that want to validate the User state data within Thingworx, but validate the password externally, for instance in an IDP.

Parameters:

userName - The name of the User

Returns:

The valid User

Throws:

AuthenticatorException - If the user is not valid this exception is thrown containing an InvalidRequestException. The InvalidRequestException contains a failed authentication message and a unauthorized status code

validateEnabledThingworxUser

@Deprecated
 @ThingworxExtensionApiMethod(since={6,6})
public static User validateEnabledThingworxUser(java.lang.String userName)
                                                                                                throws AuthenticatorException

Deprecated. Use validateThingworxUser(String)

Parameters:

userName - Name of the User.

Returns:

The User

Throws:

AuthenticatorException - If an error occurs.

redirectToMain

@ThingworxExtensionApiMethod(since={6,6})
public static void redirectToMain(javax.servlet.http.HttpServletResponse httpResponse)
                                                                     throws java.io.IOException

Throws:

java.io.IOException - If an error occurs