org.apache.jetspeed.security.spi.impl
Class PasswordHistoryInterceptor

java.lang.Object
  org.apache.jetspeed.security.spi.impl.AbstractInternalPasswordCredentialInterceptorImpl
      org.apache.jetspeed.security.spi.impl.PasswordHistoryInterceptor

All Implemented Interfaces:

org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor

public class PasswordHistoryInterceptor
extends AbstractInternalPasswordCredentialInterceptorImpl

Maintains a configurable FIFO stack of used password credentials for a principal. It also requires a unique password (with regards to the values currently in the stack) when a password is changed directly by the user itself.

The historical passwords are maintained as InternalCredential instances with as classname value HISTORICAL_PASSWORD_CREDENTIAL to distinguish them from the current password credential.

Implementation Note:
When a new password is about to be saved, a new copy of the current credential is saved as a historic password credential. This means that the current password credential instance, and thus also its key, remains the same.

Version:

$Id$

Author:

Ate Douma

Field Summary

static String	HISTORICAL_PASSWORD_CREDENTIAL Value used for InternalCredential.getClassname() to distinguish from current password credentials
private int	historySize
private static Comparator	internalCredentialCreationDateComparator

Constructor Summary

PasswordHistoryInterceptor(int historySize)

Method Summary

void	beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser, Collection credentials, String userName, org.apache.jetspeed.security.om.InternalCredential credential, String password, boolean authenticated)

Methods inherited from class org.apache.jetspeed.security.spi.impl.AbstractInternalPasswordCredentialInterceptorImpl

afterAuthenticated, afterLoad, beforeCreate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

historySize

private int historySize

HISTORICAL_PASSWORD_CREDENTIAL

public static final String HISTORICAL_PASSWORD_CREDENTIAL

Value used for InternalCredential.getClassname() to distinguish from current password credentials

See Also:

Constant Field Values

internalCredentialCreationDateComparator

private static final Comparator internalCredentialCreationDateComparator

Constructor Detail

PasswordHistoryInterceptor

public PasswordHistoryInterceptor(int historySize)

Parameters:

historySize - stack size maintained for historical passwords

Method Detail

beforeSetPassword

public void beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal internalUser,
                              Collection credentials,
                              String userName,
                              org.apache.jetspeed.security.om.InternalCredential credential,
                              String password,
                              boolean authenticated)
                       throws org.apache.jetspeed.security.SecurityException

Specified by:

beforeSetPassword in interface org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor

Overrides:

beforeSetPassword in class AbstractInternalPasswordCredentialInterceptorImpl

Throws:

org.apache.jetspeed.security.SecurityException

See Also:

InternalPasswordCredentialInterceptor.beforeSetPassword(org.apache.jetspeed.security.om.InternalUserPrincipal, java.util.Collection, java.lang.String, org.apache.jetspeed.security.om.InternalCredential, java.lang.String, boolean)