com.ebasetech.xi.api
Interface SecurityManager

public interface SecurityManager

SecurityManager provides a centralized interface for all security related services. It contains methods to logon or logoff a user or to check security privliges and credentials.

The SecurityManager is accessed using EbaseSystem.getSecurityManager().

Since:

V4.4

Method Summary

boolean	checkCredentialValue(java.lang.String credentialName, java.lang.String credentialValue) Returns true if the user credential identified by credentialName exists with the value credentialValue, otherwise returns false.
java.lang.String	getCredential(java.lang.String credentialName) Returns the credential value for the user credential identified by credentialName, or null if the credential does not exist or no user is logged on.
java.lang.String	getUserName() Returns the user name when a user is logged on or null when no user is logged on.
boolean	hasRole(java.lang.String roleName) Returns true when a user is logged on and the user has the role identified by roleName, otherwise returns false.
boolean	isAuthorized(java.lang.String type, java.lang.String name, java.lang.String function) Returns true when a user is logged on and the user has the authorization identified by type, name and function;otherwise returns false.
boolean	isDesignerUser() Returns true when a form has been submitted from the designer, otherwise returns false.
boolean	isUserLoggedOn() Returns true when a user is logged on, otherwise returns false.
void	logoff() Logs a user off the system, this is the reverse of method logon(String[][]).
void	logon(java.lang.String[][] inParameters) Logs a user onto the system by calling the System Logon Service.

Method Detail

getUserName

java.lang.String getUserName()

Returns the user name when a user is logged on or null when no user is logged on.

Since:

V4.4

See Also:

logon(String[][])

isUserLoggedOn

boolean isUserLoggedOn()

Returns true when a user is logged on, otherwise returns false.

Since:

V4.4

See Also:

logon(String[][])

hasRole

boolean hasRole(java.lang.String roleName)

Returns true when a user is logged on and the user has the role identified by roleName, otherwise returns false. User roles are established by the System Logon Service when the user logs on.

Further documentation.

Since:

V4.4

See Also:

logon(String[][])

isAuthorized

boolean isAuthorized(java.lang.String type,
                     java.lang.String name,
                     java.lang.String function)

Returns true when a user is logged on and the user has the authorization identified by type, name and function;otherwise returns false.

Authorizations are only applicable when the built in Ebase Xi Security system is being used; when security is configured externally e.g. in an LDAP system such as Active Directory, authorizations cannot be used. Authorizations represent an alternative to roles, see hasRole(String). User authorizations are established by the System Logon Service when the user logs on.

Further documentation.

Since:

V4.4

See Also:

logon(String[][])

getCredential

java.lang.String getCredential(java.lang.String credentialName)

Returns the credential value for the user credential identified by credentialName, or null if the credential does not exist or no user is logged on. User credentials are established by the System Logon Service when the user logs on.

Further documentation.

Since:

V4.4

See Also:

checkCredentialValue(String, String), logon(String[][])

checkCredentialValue

boolean checkCredentialValue(java.lang.String credentialName,
                             java.lang.String credentialValue)

Returns true if the user credential identified by credentialName exists with the value credentialValue, otherwise returns false. User credentials are established by the System Logon Service when the user logs on.

Further documentation.

Since:

V4.4

See Also:

getCredential(String), logon(String[][])

logoff

void logoff()

Logs a user off the system, this is the reverse of method logon(String[][]). Method isUserLoggedOn() returns false after this method is invoked. Note that the user's session is not terminated by calling this method.

Since:

V4.4

logon

void logon(java.lang.String[][] inParameters)
           throws com.ebasetech.xi.exceptions.LogonException

Logs a user onto the system by calling the System Logon Service. Any roles and credentials associated with the user are also loaded as implemented by the Logon Service logic.

If the logon fails for any reason or returns a null userid, a LogonException is thrown. A LogonException contains the error code and error description returned from the Logon Service. These are available as methods LogonException.getErrorCode() and LogonException.getMessage() respectively.

When the logon is successful, method isUserLoggedOn() returns true, the user name can be obtained using method getUserName() and the other methods in this interface can be used to access the user's security roles and credentials as loaded by the Logon Service.

Further documentation.

Javascript example:

 try {
   system.securityManager.logon( [ 
          ["Script", fields.USER.value], 
          ["Script", fields.PASSWORD.value] 
           ] );
 }
 catch (e) {
   event.owner.addErrorMessage(e.javaException.message);
 }
 

Parameters:

inParameters - up to 3 pairs of parameters, where each pair contains 2 strings corresponding to the parameter source type and parameter value.

Throws:

com.ebasetech.xi.exceptions.LogonException - if any error occurs. This exception contains methods to obtain the detailed error code and error description returned from the Logon Service.

Since:

V4.4

isDesignerUser

boolean isDesignerUser()

Returns true when a form has been submitted from the designer, otherwise returns false.

When a form is submitted from the designer, the designer user's security (userid plus authorizations) is transferred to the runtime environment. Such forms always return true to method isUserLoggedOn().

Since:

V4.4