Class AuthNMethod

Description

An AuthNMethod is an abstract class that corresponds to a method of

authenticating Agents. It deals with verifying the tokens passed to it and authenticating them. AuthNMethods do not keep track of any authentication state information. They simply provide a means of querying stores of information to determine if tokens are valid or not.

AuthNMethods deal with two types of tokens. The first are arbitrary data that is passed by the user trying to authenticate. This data may be an array with elements for 'username' and 'password', it might be a string operated on by a private key, it might be a Kerberos Ticket, or pretty much anything else. It is up to a given AuthNMethod to pass the tokens passed to it to appropriate AuthNTokens objects for the handling of this data. AuthNTokens objects provide access to a string 'identifier' for given tokens data that can be used by other systems to identify this set of tokens. Additionally, the AuthNTokens objects can be initialized with an identifier and then passed to the authentication method for querying on the existance or associated properties of the user that corresponds to the identifier.

  • version: $Id: AuthNMethod.abstract.php,v 1.13 2007/09/04 20:25:37 adamfranco Exp $
  • license: GNU General Public License (GPL)
  • copyright: Copyright © 2005, Middlebury College

Located in /harmoni/core/oki2/agentmanagement/AuthNMethods/AuthNMethod.abstract.php (line 37)


	
			
Direct descendents
Class Description
LDAPAuthNMethod The LDAPAuthNMethod is used to authenticate against an LDAP system.
SQLDatabaseAuthNMethod The SQLDatabaseAuthNMethod is used to authenticate against a SQL database.
Method Summary
object AuthNMethod ()
void addTokens (object AuthNTokens $authNTokens)
void assignConfiguration (object Properties $configuration)
boolean authenticate (mixed $tokens)
boolean authenticateTokens (object AuthNTokens $authNTokens)
object Tokens createTokens (mixed $tokens)
object Tokens createTokensForIdentifier (string $identifier)
object Tokens createTokensObject ()
void deleteTokens (object AuthNTokens $authNTokens)
boolean exists (mixed $tokens)
object AgentIterator getAllGroups (object AuthNTokens $authNTokens)
object AgentIterator getGroup (object Id $id)
object AgentIterator getGroupsContainingGroup (object Id $id, mixed $includeSubgroups)
object AgentIterator getGroupsContainingTokens (object AuthNTokens $authNTokens, mixed $includeSubgroups)
object Properties getProperties (mixed $tokens)
object Properties getPropertiesForTokens (object AuthNTokens $authNTokens)
object AgentIterator getRootGroups (object AuthNTokens $authNTokens)
object ObjectIterator getTokensBySearch (string $searchString)
object Type getType ()
boolean isGroup (object Id $id)
void setType (object Type $type)
boolean supportsDirectory ()
boolean tokensExist (object AuthNTokens $authNTokens)
void updatePropertiesForTokens (object AuthNTokens $authNTokens, object Properties $newProperties)
void updateTokens (object AuthNTokens $oldAuthNTokens, object AuthNTokens $newAuthNTokens)
void _populateProperties (object AuthNTokens $authNTokens, object Properties $properties)
Methods
Constructor AuthNMethod (line 47)

Constructor. Does not take any configuration. assignConfiguration() Should be used for this purpose.

  • since: 3/1/05
  • access: public
object AuthNMethod ()
addTokens (line 283)

Add tokens to the system.

  • since: 3/1/05
  • access: public
void addTokens (object AuthNTokens $authNTokens)

Redefined in descendants as:
assignConfiguration (line 57)

Store the configuration.

  • since: 3/24/05
  • access: public
void assignConfiguration (object Properties $configuration)
  • object Properties $configuration

Redefined in descendants as:
authenticate (line 147)

Authenticate a agent tokens

  • since: 3/1/05
  • access: public
boolean authenticate (mixed $tokens)
  • mixed $tokens
authenticateTokens (line 159)

Authenticate a Tokens object

  • since: 3/1/05
  • access: public
boolean authenticateTokens (object AuthNTokens $authNTokens)

Redefined in descendants as:
createTokens (line 117)

Create a Tokens object that provides common access to the contents of the tokens passed to the system by the user or returned from the underlying system.

  • since: 3/1/05
  • access: public
object Tokens createTokens (mixed $tokens)
  • mixed $tokens
createTokensForIdentifier (line 133)

Create a Tokens object for a given identifier. An identifier is often a username, but does not have to be as long as it is a string unique within this authentication method.

  • since: 3/1/05
  • access: public
object Tokens createTokensForIdentifier (string $identifier)
  • string $identifier
createTokensObject (line 95)

Create a Tokens Object

  • since: 3/1/05
  • access: public
object Tokens createTokensObject ()

Redefined in descendants as:
deleteTokens (line 308)

Add tokens and associated Properties to the system.

  • since: 3/1/05
  • access: public
void deleteTokens (object AuthNTokens $authNTokens)

Redefined in descendants as:
exists (line 172)

Return true if the tokens can be matched in the system.

  • since: 3/1/05
  • access: public
boolean exists (mixed $tokens)
  • mixed $tokens
getAllGroups (line 412)

Answer an iterator of all groups

  • since: 2/23/06
  • access: public
object AgentIterator getAllGroups (object AuthNTokens $authNTokens)

Redefined in descendants as:
getDisplayNameForTokens (line 373)

Should return the 'display_name_property' value for tokens

  • since: 10/25/05
  • access: public
string getDisplayNameForTokens (object AuthNTokens $authNTokens)
getGroup (line 437)

Answer a group by Id

  • since: 2/23/06
  • access: public
object AgentIterator getGroup (object Id $id)
  • object Id $id

Redefined in descendants as:
getGroupsContainingGroup (line 477)

Answer an iterator of groups that contain the Id. If $includeSubgroups is true then groups will be returned if any descendent group contains the Id.

  • since: 2/23/06
  • access: public
object AgentIterator getGroupsContainingGroup (object Id $id, mixed $includeSubgroups)
  • object Id $id

Redefined in descendants as:
getGroupsContainingTokens (line 463)

Answer an iterator of groups that contain the tokens. If $includeSubgroups is true then groups will be returned if any descendent group contains the tokens.

  • since: 2/23/06
  • access: public
object AgentIterator getGroupsContainingTokens (object AuthNTokens $authNTokens, mixed $includeSubgroups)

Redefined in descendants as:
getProperties (line 199)

Return Properties associated with the tokens. The properties will have the AuthNMethod Type as their Type. One Property that should always be included is 'identifier' which corresponds to the identifier for the tokens.

  • since: 3/1/05
  • access: public
object Properties getProperties (mixed $tokens)
  • mixed $tokens
getPropertiesForTokens (line 213)

Return Properties associated with the Tokens. The properties will have the AuthNMethod Type as their Type. One Property that should always be included is 'identifier' which corresponds to the identifier for the tokens

  • since: 3/1/05
  • access: public
object Properties getPropertiesForTokens (object AuthNTokens $authNTokens)
getRootGroups (line 425)

Answer an iterator of the top-level groups, may be equivalent to getAllGroups() if this directory is not hierarchically organized.

  • since: 2/23/06
  • access: public
object AgentIterator getRootGroups (object AuthNTokens $authNTokens)

Redefined in descendants as:
  • LDAPAuthNMethod::getRootGroups() : Answer an iterator of the top-level groups, may be equivalent to getAllGroups() if this directory is not hierarchically organized.
getTokensBySearch (line 258)

Get an iterator of the AuthNTokens that match the search string passed.

The '*' wildcard character can be present in the string and will be converted to the system wildcard for the AuthNMethod if wildcards are supported or removed (and the exact string searched for) if they are not supported.

When multiple fields are searched on an OR search is performed, i.e. '*ach*' would match username/fullname 'achapin'/'Chapin, Alex' as well as 'zsmith'/'Smith, Zach'.

  • since: 3/3/05
  • access: public
object ObjectIterator getTokensBySearch (string $searchString)
  • string $searchString

Redefined in descendants as:
getType (line 83)

Return the Type of this AuthNMethod

  • since: 3/1/05
  • access: public
object Type getType ()
isGroup (line 449)

Answer a true if the Id corresponds to a valid group

  • since: 2/23/06
  • access: public
boolean isGroup (object Id $id)
  • object Id $id

Redefined in descendants as:
setType (line 71)

Set the Type of this AuthNMethod. This should only be used by the AuthNMethod manager, not classes outside of this package.

  • since: 3/2/05
  • access: protected
void setType (object Type $type)
  • object Type $type
supportsDirectory (line 399)

Answer TRUE if this AuthN method supports directory functionality

  • since: 2/23/06
  • access: public
boolean supportsDirectory ()

Redefined in descendants as:
supportsPropertyUpdates (line 346)

Return TRUE if this method supports property updates.

  • since: 3/1/05
  • access: public
boolean supportsPropertyUpdates ()

Redefined in descendants as:
supportsTokenAddition (line 270)

Return TRUE if this method supports token addition.

  • since: 3/1/05
  • access: public
boolean supportsTokenAddition ()

Redefined in descendants as:
supportsTokenDeletion (line 295)

Return TRUE if this method supports token deletion.

  • since: 3/1/05
  • access: public
boolean supportsTokenDeletion ()

Redefined in descendants as:
supportsTokenUpdates (line 320)

Return TRUE if this method supports token updates.

  • since: 3/1/05
  • access: public
boolean supportsTokenUpdates ()

Redefined in descendants as:
tokensExist (line 184)

Return true if the AuthNTokens can be matched in the system.

  • since: 3/1/05
  • access: public
boolean tokensExist (object AuthNTokens $authNTokens)

Redefined in descendants as:
updatePropertiesForTokens (line 360)

Update the properties for the given tokens

  • since: 3/1/05
  • access: public
void updatePropertiesForTokens (object AuthNTokens $authNTokens, object Properties $newProperties)

Redefined in descendants as:
updateTokens (line 334)

Update old tokens to new tokens in the system.

  • since: 3/1/05
  • access: public
void updateTokens (object AuthNTokens $oldAuthNTokens, object AuthNTokens $newAuthNTokens)

Redefined in descendants as:
_populateProperties (line 237)

A private method used to populate the Properties that correspond to the given AuthNTokens

  • since: 3/1/05
  • access: private
void _populateProperties (object AuthNTokens $authNTokens, object Properties $properties)

Redefined in descendants as:

Documentation generated on Wed, 19 Sep 2007 10:21:35 -0400 by phpDocumentor 1.3.0RC3