com.ibm.commerce.security.commands

Class DBAuthenticationCmdImpl

java.lang.Object

com.ibm.websphere.command.TargetableCommandImpl

com.ibm.websphere.command.CacheableCommandImpl

com.ibm.commerce.command.MeasuredCacheableCommandImpl

com.ibm.commerce.command.AbstractECTargetableCommand

com.ibm.commerce.command.TaskCommandImpl

com.ibm.commerce.security.commands.DBAuthenticationCmdImpl

All Implemented Interfaces:

com.ibm.commerce.command.CacheableECCommand, ECCommand, ECTargetableCommand, TaskCommand, DBAuthenticationCmd, com.ibm.websphere.cache.Sizeable, com.ibm.websphere.command.CacheableCommand, com.ibm.websphere.command.Command, com.ibm.websphere.command.CommandCaller, com.ibm.websphere.command.TargetableCommand, java.io.Serializable

public class DBAuthenticationCmdImpl
extends TaskCommandImpl
implements DBAuthenticationCmd

If the WebSphere Commerce server is configured to authenticate against a database, this task command either authenticates or updates a credential set.

Before executing this task command, the methods listed below must be invoked.

• setMerchantKey
• setLogonId
• setPassword

If the setUpdateFlag is called, this task command updates the credentials set in the database.

If the setUpdateFlag is not called, this task command verifies the credentials when executed. To determine whether the authentication is successful, call isValidCredentials.

Error View Task: DBAuthenticationErrorView

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	COPYRIGHT IBM Copyright statement
static java.lang.String	ERRTASK_NAME Error task name.

Fields inherited from class com.ibm.websphere.command.TargetableCommandImpl

LOCAL

Fields inherited from interface com.ibm.commerce.security.commands.DBAuthenticationCmd

defaultCommandClassName, NAME

Fields inherited from interface com.ibm.websphere.command.Command

serialVersionUID

Constructor Summary

Constructors

Constructor and Description
DBAuthenticationCmdImpl()

Method Summary

Modifier and Type	Method and Description
boolean	isValidCredentials() A boolean result flag is set to indicate if the authentication succeeds.
void	markPasswordAsTemporary() This method sets the updated password as temporary.
void	performExecute() This method executes this command.
void	performOneWayHashAuthentication() This method will be executed if the user has an one-way hashed password.
void	performReversibleAuthentication() This method will be executed if the user has a reversibly encrypted password.
void	setEncipheredMerchantKey(java.lang.String strEncipheredMerchantKey) Deprecated. Retrieve the merchantkey by first calling ConfigProperties.singleton().getMerchantKey() and then call setMerchantKey(String) to set the merchant key to be used by the command.
void	setLogonId(java.lang.String strLogonId) This method sets the logon ID under which the current user wishes to logon.
void	setPassword(java.lang.String strPassword) This method sets the password to use for authentication with a new logon ID.
void	setUpdateFlag() This method is called to indicate that instead of verifying the credentials, the credentials should be set in the database.
void	validateParameters() This method validates the parameters by ensuring that the logon ID, password, and merchant key are all non-zero length strings.

Methods inherited from class com.ibm.commerce.command.AbstractECTargetableCommand

accessControlCheck, checkIsAllowed, checkResourcePermission, createCommandExecutionEvent, execute, getAccCheck, getCommandContext, getCommandIfName, getCommandName, getCommandStoreId, getDefaultProperties, getExceptionInvokeParameters, getObjectSize, getPostInvokeParameters, getPreInvokeParameters, getResources, getStoreId, getUser, getUserId, isReadyToCallExecute, reset, setAccCheck, setCommandContext, setCommandIfName, setCommandStoreId, setDefaultProperties

Methods inherited from class com.ibm.websphere.command.CacheableCommandImpl

executeFromCache, getCaller, getEntryInfo, getId, getSharingPolicy, postExecute, preExecute, setCaller, setObjectSize, unionDependencies, updateCache

Methods inherited from class com.ibm.websphere.command.TargetableCommandImpl

getCommandTarget, getCommandTargetName, getTargetPolicy, hasOutputProperties, setCommandTarget, setCommandTargetName, setHasOutputProperties, setOutputProperties, setTargetPolicy

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.ibm.commerce.command.CacheableECCommand

execute

Methods inherited from interface com.ibm.websphere.command.CacheableCommand

executeFromCache, getCaller, getEntryInfo, getId, getSharingPolicy, postExecute, preExecute, setCaller, updateCache

Methods inherited from interface com.ibm.websphere.command.TargetableCommand

getCommandTarget, getCommandTargetName, hasOutputProperties, setCommandTarget, setCommandTargetName, setOutputProperties

Methods inherited from interface com.ibm.websphere.command.Command

isReadyToCallExecute, reset

Methods inherited from interface com.ibm.websphere.command.CommandCaller

unionDependencies

Methods inherited from interface com.ibm.commerce.command.ECCommand

checkIsAllowed, checkResourcePermission, createCommandExecutionEvent, getAccCheck, getCommandContext, getCommandIfName, getCommandName, getCommandStoreId, getDefaultProperties, getExceptionInvokeParameters, getPostInvokeParameters, getPreInvokeParameters, getResources, getStoreId, getUser, getUserId, setAccCheck, setCommandContext, setCommandIfName, setCommandStoreId, setDefaultProperties

Field Detail

COPYRIGHT

public static final java.lang.String COPYRIGHT

IBM Copyright statement

See Also:

Constant Field Values

ERRTASK_NAME

public static final java.lang.String ERRTASK_NAME

Error task name.

See Also:

Constant Field Values

Constructor Detail

DBAuthenticationCmdImpl

public DBAuthenticationCmdImpl()

Method Detail

isValidCredentials

public boolean isValidCredentials()

A boolean result flag is set to indicate if the authentication succeeds. This method will return this result flag to indicate if the authentication was successful.

Specified by:

isValidCredentials in interface DBAuthenticationCmd

Returns:

"True", if the authentication is successful.

markPasswordAsTemporary

public void markPasswordAsTemporary()

This method sets the updated password as temporary.

Specified by:

markPasswordAsTemporary in interface DBAuthenticationCmd

performExecute

public void performExecute()
                    throws ECException

This method executes this command. Delegates to the performOneWayHasnAuthentication or performReversibleAuthentication, depending on the value of the Security/one-way hash parameter in the instance.xml file.

Specified by:

performExecute in interface ECCommand

Specified by:

performExecute in interface com.ibm.websphere.command.TargetableCommand

Overrides:

performExecute in class AbstractECTargetableCommand

Throws:

ECException

performOneWayHashAuthentication

public void performOneWayHashAuthentication()
                                     throws ECException

This method will be executed if the user has an one-way hashed password. Depending on the update flag, this method will either update or verify the credentials. If update flag is set to true, it will first generate a salt and one-way hashed the new password. Then, update the user credentials with the new password. If update flag is set to false, it will one way hash the password and verify it is the same as the current one stored in the database.

Throws:

ECException

performReversibleAuthentication

public void performReversibleAuthentication()
                                     throws ECException

This method will be executed if the user has a reversibly encrypted password. Depending on the update flag, this method will either update or verify the credentials. If update flag is set to true, it will first encrypt the new password and then update the user credentials with it. If update flag is set to false, it will verify it is the same as the decrypted value of the current one stored in the database.

Throws:

ECException

setEncipheredMerchantKey

public void setEncipheredMerchantKey(java.lang.String strEncipheredMerchantKey)

Deprecated. Retrieve the merchantkey by first calling ConfigProperties.singleton().getMerchantKey() and then call setMerchantKey(String) to set the merchant key to be used by the command.

This method sets the enciphered merchant key to use in the encryption of the password. This command task implicitly decrypts the enciphered merchant key. This key should only be set if the merchant key was not set.

Specified by:

setEncipheredMerchantKey in interface DBAuthenticationCmd

Parameters:

strEncipheredMerchantKey - The enciphered merchant key.

setLogonId

public void setLogonId(java.lang.String strLogonId)

This method sets the logon ID under which the current user wishes to logon.

Specified by:

setLogonId in interface DBAuthenticationCmd

Parameters:

strLogonId - The logon ID.

setPassword

public void setPassword(java.lang.String strPassword)

This method sets the password to use for authentication with a new logon ID.

Specified by:

setPassword in interface DBAuthenticationCmd

Parameters:

strPassword - The password.

setUpdateFlag

public void setUpdateFlag()

This method is called to indicate that instead of verifying the credentials, the credentials should be set in the database.

Specified by:

setUpdateFlag in interface DBAuthenticationCmd

validateParameters

public void validateParameters()
                        throws ECException

This method validates the parameters by ensuring that the logon ID, password, and merchant key are all non-zero length strings.

Specified by:

validateParameters in interface ECCommand

Overrides:

validateParameters in class AbstractECTargetableCommand

Throws:

ECException