public interface PasswordProvider
implementation
may claim to know nothing
for a particular user name. See checkPassword(String, String, boolean)
for
more information.SecuritySystem
,
Permissions
Modifier and Type | Method and Description |
---|---|
void |
changePassword(java.lang.String user,
java.lang.String password)
Attempts to change the password for the given user.
|
java.lang.Boolean |
checkPassword(java.lang.String user,
java.lang.String password,
boolean readOnly)
Authenticates the give user given the password token.
|
boolean |
hasPassword(java.lang.String user)
Returns true if this provider considers itself responsible for the given
user name.
|
boolean hasPassword(java.lang.String user)
checkPassword(String, String, boolean)
.
hasPassword(String)
will not do this. This is typically only of
importance during changePassword(String, String)
since a
provider which is not responsible for a password should not attempt to
change it, and before a provider has not created a user, it is also not
responsible.java.lang.Boolean checkPassword(java.lang.String user, java.lang.String password, boolean readOnly)
Boolean
in order to signal that this provider is not responsible
for the given user and can make no decision. Concrete implementations may
decide to return false for all unknown users. If readOnly is false, then
some implementations may choose to create new users.void changePassword(java.lang.String user, java.lang.String password) throws PasswordChangeException
PasswordChangeException
, for example if the provider uses a
read-only medium.PasswordChangeException