SecurityManager

java.lang.Object
- java.lang.Thread
- - org.openlowcode.server.security.SecurityManager

All Implemented Interfaces:

java.lang.Runnable
```
public class SecurityManager
extends java.lang.Thread
```
The central class ensuring users connected are registered

Author:

Open Lowcode SAS

Nested Class Summary
- Nested classes/interfaces inherited from class java.lang.Thread
  java.lang.Thread.State, java.lang.Thread.UncaughtExceptionHandler

Field Summary

Fields
Modifier and Type Field and Description

java.util.HashMap<java.lang.String,ServerSession> sessionsbyip
- Fields inherited from class java.lang.Thread
  MAX_PRIORITY, MIN_PRIORITY, NORM_PRIORITY

Fields
Modifier and Type	Field and Description
`java.util.HashMap<java.lang.String,ServerSession>`	`sessionsbyip`

Constructor Summary

Constructors
Constructor and Description
`SecurityManager(java.lang.String ldapconnectionstring, java.lang.String ldapuser, java.lang.String ldappassword)` creates a blank security manager with coordinates for connection to LDAP when required (typically to check password, LDAP user password is not stored on the database).

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Usersession`	`createSession(java.lang.String ipaddress, java.lang.String cid, java.lang.String user, java.lang.String password)` creates a session if user is valid
`Authority[]`	`getAuthoritiesForCurrentUser()`
`java.lang.String`	`getLDAPConnectionString()`
`java.lang.String`	`getLDAPPassword()`
`java.lang.String`	`getLDAPUser()`
`DataObjectId<Appuser>`	`isValidSession(java.lang.String ipaddress, java.lang.String cid)` This method is low performance way to get the user, and check that there is a valid session.
`void`	`run()`

Methods inherited from class java.lang.Thread
activeCount, checkAccess, clone, countStackFrames, currentThread, destroy, dumpStack, enumerate, getAllStackTraces, getContextClassLoader, getDefaultUncaughtExceptionHandler, getId, getName, getPriority, getStackTrace, getState, getThreadGroup, getUncaughtExceptionHandler, holdsLock, interrupt, interrupted, isAlive, isDaemon, isInterrupted, join, join, join, resume, setContextClassLoader, setDaemon, setDefaultUncaughtExceptionHandler, setName, setPriority, setUncaughtExceptionHandler, sleep, sleep, start, stop, stop, suspend, toString, yield

Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - sessionsbyip
```
public java.util.HashMap<java.lang.String,ServerSession> sessionsbyip
```
- Constructor Detail
  - SecurityManager
```
public SecurityManager(java.lang.String ldapconnectionstring,
                       java.lang.String ldapuser,
                       java.lang.String ldappassword)
```
    creates a blank security manager with coordinates for connection to LDAP when required (typically to check password, LDAP user password is not stored on the database). There should be one instance of the security manager per server. This class will launch a background daemon refreshing regularly the security cache.
    
    Parameters:
    
    ldapconnectionstring - connection string to the enterprise LDAP
    
    ldapuser - service user to connect to the enterprise LDAP
    
    ldappassword - service password to connect to the enterprise LDAP
- Method Detail
  - getLDAPConnectionString
```
public java.lang.String getLDAPConnectionString()
```
    Returns:
    
    the LDAP connection string
  - getLDAPUser
```
public java.lang.String getLDAPUser()
```
    Returns:
    
    the LDAP user
  - getLDAPPassword
```
public java.lang.String getLDAPPassword()
```
    Returns:
    
    the LDAP password
  - getAuthoritiesForCurrentUser
```
public Authority[] getAuthoritiesForCurrentUser()
```
    Returns:
    
    a list of authorities for the current user, null if user is not authorized
  - isValidSession
```
public DataObjectId<Appuser> isValidSession(java.lang.String ipaddress,
                                            java.lang.String cid)
```
    This method is low performance way to get the user, and check that there is a valid session. This method should only be called from the Connection management of user authorization for action. Indeed, the method is low performance and
    
    Parameters:
    
    ipaddress - the ip address of the connection
    
    Returns:
    
    null String if no session is found, else returns the user id
  - createSession
```
public Usersession createSession(java.lang.String ipaddress,
                                 java.lang.String cid,
                                 java.lang.String user,
                                 java.lang.String password)
```
    creates a session if user is valid
    
    Parameters:
    
    ipaddress - address the user is connecting from
    
    cid - id of the client on the user machine (to manage several connections for the same user, especially during tests)
    
    user - user the client want to login with
    
    password - password of the client user
    
    Returns:
    
    the session if user / password valid, null else
  - run
```
public void run()
```
    Specified by:
    
    run in interface java.lang.Runnable
    
    Overrides:
    
    run in class java.lang.Thread

Class SecurityManager

Nested Class Summary

Nested classes/interfaces inherited from class java.lang.Thread

Field Summary

Fields inherited from class java.lang.Thread

Constructor Summary

Method Summary

Methods inherited from class java.lang.Thread

Methods inherited from class java.lang.Object

Field Detail

sessionsbyip

Constructor Detail

SecurityManager

Method Detail

getLDAPConnectionString

getLDAPUser

getLDAPPassword

getAuthoritiesForCurrentUser

isValidSession

createSession

run