Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
JSecurity
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jsecurity.authc
Interface Account

All Known Subinterfaces:
AuthorizingAccount
All Known Implementing Classes:
SimpleAccount, SimpleAuthorizingAccount
public interface Account

An Account represents system-specific account/user information in an application-independent manner. Instead of forcing a JSecurity user to implement User or Role interfaces and being invasive on an application's data model, the application instead returns instances of this interface to represent such data. This enables a cleaner pluggable implementation and abstracts an application's core classes away from JSecurity.

In fact, JSecurity's default implementations of this interface are usually good for the majority of applications and no additional implementation is required.

Please note: Since JSecurity sometimes logs account operations, please ensure your Account's toString() implementation does not print out account credentials (password, etc), as these might be viewable to someone reading your logs. This is good practice anyway, and account principals should rarely (if ever) be printed out for any reason. If you're using JSecurity's default implementations of this interface, they only ever print the account principal, so you do not need to do anything additional.

Since:
0.9
Author:
Jeremy Haile, Les Hazlewood
See Also:
SimpleAccount, SimpleAuthorizingAccount

Method Summary
 Object getCredentials()
          The account's credentials as stored in the system associated with the account identifier, such as a password or private key.
 Object getPrincipal()
          Returns the account's identifying principal, such as a user id or username.
 boolean isCredentialsExpired()
          Determines if the user's credentials (e.g. password) have expired and must be changed before login is allowed.
 boolean isLocked()
          Determines if the account is locked, meaning that the user is not allowed to log in due to a manual or automatic lockout.
 

Method Detail

getPrincipal

Object getPrincipal()
Returns the account's identifying principal, such as a user id or username.

In a multi-realm configuration, the object returned from this method might be an implementation-specific object representing multiple principals. This might be an instance of java.util.Collection, but it does not have to be - it is up to the Authenticator's modular authentication strategy as to exactly what is returned.

Returns:
the account's primary principal, such as a user id or username, or in a multi-realm configuration, maybe more than one principal encapsulated by an implementation-specific instance.

getCredentials

Object getCredentials()
The account's credentials as stored in the system associated with the account identifier, such as a password or private key.

It could be encrypted in which case an Realm must be aware of the fact (e.g. via configuration) in order to interpret and compare the credentials value.

Returns:
the account's credentials verifying the identifier

isLocked

boolean isLocked()
Determines if the account is locked, meaning that the user is not allowed to log in due to a manual or automatic lockout.

Returns:
true if the account is locked and the user should be denied authentication, false otherwise.

isCredentialsExpired

boolean isCredentialsExpired()
Determines if the user's credentials (e.g. password) have expired and must be changed before login is allowed.

Returns:
true if the user's credentials are expired and the user should be denied authentication, false otherwise.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
JSecurity
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2008 JSecurity.