Class AbstractExternalSecurity

  • All Implemented Interfaces:
    ExternalSecurity
    Direct Known Subclasses:
    DefaultExternalSecurity

    public abstract class AbstractExternalSecurity
    extends java.lang.Object
    implements ExternalSecurity

    Title: AbstractExternalSecurity. Default basic implementation of the ExternalSecurity interface, indicating the logging process will be handled by the MSTR application, using the credentials as provided by the user.

    Since:
    MicroStrategy Web 7.3.1 or earlier
    • Constructor Detail

      • AbstractExternalSecurity

        public AbstractExternalSecurity()
    • Method Detail

      • handlesAuthenticationRequest

        public int handlesAuthenticationRequest​(RequestKeys reqKeys,
                                                ContainerServices cntSvcs,
                                                int reason)
        Indicates how ExternalSecurity wants to handle the session (authentication) request
        Specified by:
        handlesAuthenticationRequest in interface ExternalSecurity
        Parameters:
        reqKeys - a RequestKeys valid instance
        cntSvcs - a ContainerServices valid instance
        reason - an int value representing the reason why session handling is required
        Returns:
        the default USE_MSTR_DEFAULT_LOGIN value
      • getCustomLoginURL

        public java.lang.String getCustomLoginURL​(java.lang.String originalURL,
                                                  java.lang.String desiredServer,
                                                  int desiredPort,
                                                  java.lang.String desiredProject)
        Returns the URL of a custom page that will handle the authentication request, in case the handlesAuthenticationRequest() method returned USE_CUSTOM_LOGIN_PAGE
        Specified by:
        getCustomLoginURL in interface ExternalSecurity
        Parameters:
        originalURL - the original url that was being called when the authentication request came up
        desiredServer - the server where the user requests to be logged to
        desiredPort - the port where the user requests to be logged to
        desiredProject - the project where the user requests to be logged to
        Returns:
        a null String value, since by default Web Universal will use the predefined login page
      • getFailureURL

        public java.lang.String getFailureURL​(int reqType,
                                              ContainerServices cntrSvcs)
        Once it has been determined the request has failed, this method will provide the URL information where the user should be taken next.
        Specified by:
        getFailureURL in interface ExternalSecurity
        Parameters:
        reqType - an int value indicating which request was the one that failed: AUTHENTICATION_REQUEST or AUTHORIZATION_REQUEST
        cntrSvcs - ContainerServices initialized instance
        Returns:
        a String with the URL to use for redirecting the user.
      • closeSessionOnLogout

        public boolean closeSessionOnLogout​(RequestKeys reqKeys,
                                            ContainerServices cntSvcs,
                                            WebIServerSession user)
        Method to be called when the user or system invokes a logout event. This method can also be used to perform any custom operations when the user is logged out and before the session is closed.
        Specified by:
        closeSessionOnLogout in interface ExternalSecurity
        Parameters:
        reqKeys - a RequestKeys valid instance
        cntSvcs - a ContainerServices valid instance
        user - the WebIServerSession instance representing the current opened session being used for the user request and the one from which the user is about to be logged out.
        Returns:
        a boolean value indicating if the session should be disconnected from the IServer and project or not.
        Since:
        MicroStrategy Web 8.0.0
      • canReconnectSession

        public boolean canReconnectSession​(ContainerServices cntSvcs,
                                           WebIServerSession currentSession,
                                           int reason)
        This method will be called each time Microstrategy Web tries to automatically reconnect a session that is still valid. At this point, it is always related to user preferences not matching the session values. There are certain user preferences that need to be applied at the time the session is created, namely:
        • Number and Date Locale
        • Session flags (cancel or remove pending jobs on logout)
        Since user preferences are saved in the Metadata, the values provided when the session is created are "guessed" by Web or the ESM. After creating a session these values are compared with the actual Preferences values. If they do not match and there is enough information in the session to be able to reconnect, Web will invoke this method to confirm that the session can be reconnected with the correct preferences values. This method gets invoked even if the handlesAuthenticationRequest method returns COLLECT_SESSION_NOW, so customers implementing an ESM that creates a session need not to worry about applying user preferences themselves. This method is also invoked when a user changes one of these preferences through the application and the "Enable seamless login" setting is on.
        Specified by:
        canReconnectSession in interface ExternalSecurity
        Parameters:
        cntSvcs - a ContainerServices valid instance
        currentSession - the WebIServerSession instance representing the current opened session.
        reason - The reason this method is called. Currently, there is only one reason ExternalSecurity.MISMATCHED_PREFERENCES
        Returns:
        If the ESM returns false, the session will not be reconnected and user-preferences will be used as-is.
        Since:
        MicroStrategy Web 8.0.2
      • setAppSessionManager

        public void setAppSessionManager​(WebAppSessionManager appSessionManager)
        Set the web web app session manager.
        Type Parameters:
        code - WebAppSessionManager projectList
      • getAppSessionManager

        public WebAppSessionManager getAppSessionManager()
        Get the web web app session manager.
        Returns:
        WebAppSessionManager
      • getWebLoginProvider

        public AbstractWebLoginProvider getWebLoginProvider​(int webLoginMode)
        Get the web login provider for a particular web login mode.
        Parameters:
        webLoginMode -
        Returns:
        AbstractWebLoginProvider
      • getServer

        protected java.lang.String getServer​(RequestKeys reqKeys)
        Returns the Server Name from RequestKeys.
        Parameters:
        reqKeys - a RequestKeys valid instance
        Returns:
        the Server Name
        Since:
        MicroStrategy Web 9.0.0
      • getProject

        protected java.lang.String getProject​(RequestKeys reqKeys)
        Returns the Project Name from RequestKeys
        Parameters:
        reqKeys - a RequestKeys valid instance
        Returns:
        the Project Name
        Since:
        MicroStrategy Web 9.0.0
      • getPort

        protected int getPort​(RequestKeys reqKeys)
        Returns the Port from RequestKeys
        Parameters:
        reqKeys - a RequestKeys valid instance
        Returns:
        the port
        Since:
        MicroStrategy Web 9.0.0