public interface OorianAuthenticator

Interface for application-provided authentication logic.

Applications implement this interface to define how user credentials are verified. The authenticator is registered with the framework via Application.setAuthenticator(OorianAuthenticator) and is accessible via Application.getAuthenticator().

Example:


 public class MyAuthenticator implements OorianAuthenticator
 {
     @Override
     public UserPrincipal authenticate(String username, String password)
     {
         User user = userDao.findByUsername(username);

         if (user != null && passwordHasher.verify(password, user.getPasswordHash()))
         {
             return new AppUser(user.getId(), user.getName(), user.getRoles());
         }

         return null;
     }
 }

Since:

2.1

Version:

1.0

Author:

Marvin P. Warble Jr.

See Also:

Method Summary

Modifier and Type

Method

Description

UserPrincipal

authenticate(String username, String password)

Verifies user credentials and returns the authenticated principal.

Method Details
- authenticate
  
  UserPrincipal authenticate(String username, String password)
  
  Verifies user credentials and returns the authenticated principal.
  Implementations should verify the provided credentials against their user store (database, LDAP, external service, etc.) and return a UserPrincipal representing the authenticated user, or null if authentication fails.
  
  This method should not throw exceptions for invalid credentials. A null return value indicates authentication failure. Exceptions should only be thrown for unexpected errors (database unavailable, etc.).
  
  Parameters:
  
  username - the username or identifier provided by the user
  
  password - the password provided by the user
  
  Returns:
  
  the authenticated UserPrincipal, or null if authentication fails

Interface OorianAuthenticator

Method Summary

Method Details

authenticate