public class DefaultUser extends Object implements User, Serializable
User
,
Serialized FormConstructor and Description |
---|
DefaultUser(String accountName)
Instantiates a new user.
|
Modifier and Type | Method and Description |
---|---|
void |
addRole(String role)
Adds a role to this user's account.
|
void |
addRoles(Set<String> newRoles)
Adds a set of roles to this user's account.
|
void |
addSession(javax.servlet.http.HttpSession s)
Adds a session for this User.
|
void |
changePassword(String oldPassword,
String newPassword1,
String newPassword2)
Sets the user's password, performing a verification of the user's old password, the equality of the two new
passwords, and the strength of the new password.
|
Object |
clone()
Override clone and make final to prevent duplicate user objects.
|
void |
disable()
Disable this user's account.
|
void |
enable()
Enable this user's account.
|
long |
getAccountId()
Gets this user's account id number.
|
String |
getAccountName()
Gets this user's account name.
|
String |
getCSRFToken()
Gets the CSRF token for this user's current sessions.
|
HashMap |
getEventMap()
Returns the hashmap used to store security events for this user.
|
Date |
getExpirationTime()
Returns the date that this user's account will expire.
|
int |
getFailedLoginCount()
Returns the number of failed login attempts since the last successful login for an account.
|
Date |
getLastFailedLoginTime()
Returns the date of the last failed login time for a user.
|
String |
getLastHostAddress()
Returns the last host address used by the user.
|
Date |
getLastLoginTime()
Returns the date of the last successful login time for a user.
|
Date |
getLastPasswordChangeTime()
Gets the date of user's last password change.
|
Locale |
getLocale() |
String |
getName() |
Set<String> |
getRoles()
Gets the roles assigned to a particular account.
|
String |
getScreenName()
Gets the screen name (alias) for the current user.
|
Set |
getSessions()
Returns a Set containing the sessions associated with this User.
|
void |
incrementFailedLoginCount()
Increment failed login count.
|
boolean |
isAnonymous()
Checks if user is anonymous.
|
boolean |
isEnabled()
Checks if this user's account is currently enabled.
|
boolean |
isExpired()
Checks if this user's account is expired.
|
boolean |
isInRole(String role)
Checks if this user's account is assigned a particular role.
|
boolean |
isLocked()
Checks if this user's account is locked.
|
boolean |
isLoggedIn()
Tests to see if the user is currently logged in.
|
boolean |
isSessionAbsoluteTimeout()
Tests to see if this user's session has exceeded the absolute time out based
on ESAPI's configuration settings.
|
boolean |
isSessionTimeout()
Tests to see if the user's session has timed out from inactivity based
on ESAPI's configuration settings.
|
void |
lock()
Lock this user's account.
|
void |
loginWithPassword(String password)
Login with password.
|
void |
logout()
Logout this user.
|
void |
removeRole(String role)
Removes a role from this user's account.
|
void |
removeSession(javax.servlet.http.HttpSession s)
Removes a session for this User.
|
String |
resetCSRFToken()
Returns a token to be used as a prevention against CSRF attacks.
|
void |
setAccountName(String accountName)
Sets this user's account name.
|
void |
setExpirationTime(Date expirationTime)
Sets the date and time when this user's account will expire.
|
void |
setLastFailedLoginTime(Date lastFailedLoginTime)
Set the time of the last failed login for this user.
|
void |
setLastHostAddress(String remoteHost)
Set the last remote host address used by this user.
|
void |
setLastLoginTime(Date lastLoginTime)
Set the time of the last successful login for this user.
|
void |
setLastPasswordChangeTime(Date lastPasswordChangeTime)
Set the time of the last password change for this user.
|
void |
setLocale(Locale locale) |
void |
setRoles(Set<String> roles)
Sets the roles for this account.
|
void |
setScreenName(String screenName)
Sets the screen name (username alias) for this user.
|
String |
toString() |
void |
unlock()
Unlock this user's account.
|
boolean |
verifyPassword(String password)
Verify that the supplied password matches the password for this user.
|
public DefaultUser(String accountName)
accountName
- The name of this user's account.public void addRole(String role) throws AuthenticationException
addRole
in interface User
role
- the role to addAuthenticationException
- the authentication exceptionpublic void addRoles(Set<String> newRoles) throws AuthenticationException
addRoles
in interface User
newRoles
- the new roles to addAuthenticationException
- the authentication exceptionpublic void changePassword(String oldPassword, String newPassword1, String newPassword2) throws AuthenticationException, EncryptionException
changePassword
in interface User
oldPassword
- the old passwordnewPassword1
- the new passwordnewPassword2
- the new password - used to verify that the new password was typed correctlyAuthenticationException
- if newPassword1 does not match newPassword2, if oldPassword does not match the stored old password, or if the new password does not meet complexity requirementsEncryptionException
public long getAccountId()
getAccountId
in interface User
public String getAccountName()
getAccountName
in interface User
public String getCSRFToken()
getCSRFToken
in interface User
public Date getExpirationTime()
getExpirationTime
in interface User
public int getFailedLoginCount()
getFailedLoginCount
in interface User
public Date getLastFailedLoginTime()
getLastFailedLoginTime
in interface User
public String getLastHostAddress()
getLastHostAddress
in interface User
public Date getLastLoginTime()
getLastLoginTime
in interface User
public Date getLastPasswordChangeTime()
getLastPasswordChangeTime
in interface User
public String getScreenName()
getScreenName
in interface User
public void addSession(javax.servlet.http.HttpSession s)
addSession
in interface User
s
- The session to associate with this user.public void removeSession(javax.servlet.http.HttpSession s)
removeSession
in interface User
s
- The session to remove from being associated with this user.public Set getSessions()
getSessions
in interface User
public void incrementFailedLoginCount()
incrementFailedLoginCount
in interface User
public boolean isAnonymous()
isAnonymous
in interface User
public boolean isEnabled()
public boolean isExpired()
public boolean isInRole(String role)
public boolean isLocked()
public boolean isLoggedIn()
isLoggedIn
in interface User
public boolean isSessionAbsoluteTimeout()
isSessionAbsoluteTimeout
in interface User
public boolean isSessionTimeout()
isSessionTimeout
in interface User
public void loginWithPassword(String password) throws AuthenticationException
loginWithPassword
in interface User
password
- the passwordAuthenticationException
- if login failspublic void removeRole(String role)
removeRole
in interface User
role
- the role to removepublic String resetCSRFToken()
resetCSRFToken
in interface User
public void setAccountName(String accountName)
setAccountName
in interface User
accountName
- the new account namepublic void setExpirationTime(Date expirationTime)
setExpirationTime
in interface User
expirationTime
- the new expiration timepublic void setLastFailedLoginTime(Date lastFailedLoginTime)
setLastFailedLoginTime
in interface User
lastFailedLoginTime
- the date and time when the user just failed to login correctly.public void setLastHostAddress(String remoteHost) throws AuthenticationHostException
setLastHostAddress
in interface User
remoteHost
- The address of the user's current source host.AuthenticationHostException
public void setLastLoginTime(Date lastLoginTime)
setLastLoginTime
in interface User
lastLoginTime
- the date and time when the user just successfully logged in.public void setLastPasswordChangeTime(Date lastPasswordChangeTime)
setLastPasswordChangeTime
in interface User
lastPasswordChangeTime
- the date and time when the user just successfully changed his/her password.public void setRoles(Set<String> roles) throws AuthenticationException
setRoles
in interface User
roles
- the new rolesAuthenticationException
- the authentication exceptionpublic void setScreenName(String screenName)
setScreenName
in interface User
screenName
- the new screen namepublic String toString()
public boolean verifyPassword(String password)
verifyPassword
in interface User
password
- the password that the user enteredpublic final Object clone() throws CloneNotSupportedException
clone
in class Object
CloneNotSupportedException
public void setLocale(Locale locale)
public HashMap getEventMap()
User
getEventMap
in interface User
Copyright © 2023 The Open Web Application Security Project (OWASP). All rights reserved.