com.ibm.commerce.security.commands
Class LogonCmdImpl

java.lang.Object
  |
  +--CacheableCommandImpl
        |
        +--com.ibm.commerce.command.AbstractECTargetableCommand
              |
              +--com.ibm.commerce.command.ControllerCommandImpl
                    |
                    +--com.ibm.commerce.security.commands.LogonCmdImpl
All Implemented Interfaces:
AccCommand, ControllerCommand, ECCommand, ECTargetableCommand, LogonCmd

public class LogonCmdImpl
extends ControllerCommandImpl
implements LogonCmd

This controller command will log the user into the system. If the user is logging in from a guest shopper identity then the resources that exist under the guest shopper identity is migrated to the identity to which the user is logging in.

Before executing this task command, the methods listed below must be invoked.

              setLogonId
              setPassword
              setReLogonURL
              setPostLogonURL

Upon successful authentication the user is redirected to the URL specified by the setPostLogonURL. Upon unsuccessful authentication the user is redirected to the URL specified by setReLogonURL.

See Also:
Serialized Form

Field Summary
static java.lang.String COPYRIGHT
          Copyright field.
static java.lang.String ERRTASK_NAME
          Error task name.
 
Fields inherited from class com.ibm.commerce.command. ControllerCommandImpl
requestProperties, responseProperties, retriable, viewReqProperties
 
Fields inherited from class com.ibm.commerce.command. AbstractECTargetableCommand
commandContext
 
Fields inherited from interface com.ibm.commerce.security.commands. LogonCmd
defaultCommandClassName, NAME
 
Constructor Summary
LogonCmdImpl()
           
 
Method Summary
 java.lang.String getAuthenticateUserId()
          Retrieves the userId of the logged in user.
protected  java.lang.String getLogonId()
          Retrieves the logonId under which the current user wishes to logon.
protected  java.lang.String getLogonPassword()
          Retrieves the password to be used for authentication with the new logonId.
protected  MemberAccessBean getMemberObject()
          Get the member object.
protected  java.lang.String getPostLogonURL()
          Retrieves the URL to w which the user should be redirected to after successful authentication.
protected  java.lang.String getReLogonURL()
          Retrieves the URL to which the user should be redirected to if authentication was unsuccessful.
protected   UserRegistryAccessBean getUserRegistryObject()
          Get the user registry object.
protected  boolean isAccountDisabled()
          Whether or not the account is disabled.
protected  boolean isAnyParentOrgLocked()
          Returns true if any parent organization is locked.
 boolean isGeneric()
          Whether or not a generic user is permitted to execute this command.
protected  boolean isLDAPUsed()
          Whether or not authentication mode is LDAP.
protected  boolean isLogonAllowedNow()
          Whether or not the user is allowed to logon at this time.
protected  boolean isUserApproved()
          Whether or not the user is approved.
protected  boolean isUserRegisteredInOrg()
          Whether or not the user has a role in the org owning the store.
protected  boolean isValidCredentials()
          Based on the configuration parameters in the WCS configuration file, one of three authentication task will be called.
protected  void migrateUserEntries()
          This method will migrate 'resources' belonging to the current user to the identity, associated with the logon ID, which the user will be assuming once the logon is successful.
 void performExecute()
          Execute the command.
 void setLogonId(java.lang.String strLogonId)
          Set the logonId.
 void setLogonPassword(java.lang.String strPassword)
          Set the logonPassword.
 void setPostLogonURL(java.lang.String strPostLoginURL)
          Set the postLogonURL.
 void setReLogonURL(java.lang.String strReLoginURL)
          Set the relogonURL.
 void setRequestProperties( TypedProperty hshReqParameters)
          Set the request properties.
protected  void updateCmdContext()
          Switches the current user identity to the identity associated with the LoginID supplied to this Logon command.
 void updateLockoutInformation(boolean valid_credentials)
          Updates the lockount information
 void validateParameters()
          Validate the parameters.
 
Methods inherited from class com.ibm.commerce.command. ControllerCommandImpl
checkPermission, fulfills, getForUserId, getGeneric, getOwner, getRequestProperties, getResolvedRequestProperties, getResourceOwners, getResponseProperties, getRetriable, getViewInputProperties, isRetriable, mergeProperties, setForUserId, setGeneric, setOwner, setResponseProperties, setRetriable, setViewInputProperties
 
Methods inherited from class com.ibm.commerce.command. AbstractECTargetableCommand
accessControlCheck, checkIsAllowed, checkParameters, checkResourcePermission, createCommandExecutionEvent, execute, finalize, getAccCheck, getCommandContext, getCommandIfName, getCommandName, getCommandStoreId, getDefaultProperties, getResources, getStoreId, getUser, getUserId, isReadyToCallExecute, reset, setAccCheck, setCommandContext, setCommandIfName, setCommandStoreId, setDefaultProperties
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.ibm.commerce.command. ControllerCommand
checkPermission, execute, getGeneric, getRequestProperties, getResolvedRequestProperties, getResponseProperties, getRetriable, getViewInputProperties, isRetriable, mergeProperties, setGeneric, setRetriable, setViewInputProperties
 
Methods inherited from interface com.ibm.commerce.command. AccCommand
accessControlCheck, getAccCheck, getForUserId, getResourceOwners, setAccCheck, setForUserId, setOwner
 
Methods inherited from interface com.ibm.commerce.command. ECCommand
checkIsAllowed, checkResourcePermission, createCommandExecutionEvent, getCommandContext, getCommandIfName, getCommandName, getCommandStoreId, getDefaultProperties, getResources, getStoreId, getUser, getUserId, setCommandContext, setCommandIfName, setCommandStoreId, setDefaultProperties
 

Field Detail
public static final java.lang.String COPYRIGHT
Copyright field.
See Also:
Constant Field Values

ERRTASK_NAME

public static final java.lang.String ERRTASK_NAME
Error task name.
See Also:
Constant Field Values
Constructor Detail

LogonCmdImpl

public LogonCmdImpl()
Method Detail

getAuthenticateUserId

public java.lang.String getAuthenticateUserId()
Retrieves the userId of the logged in user.
Specified by:
getAuthenticateUserId in interface LogonCmd
Returns:
The userId.

getLogonId

protected java.lang.String getLogonId()
Retrieves the logonId under which the current user wishes to logon.
Returns:
The logonId.

getLogonPassword

protected java.lang.String getLogonPassword()
Retrieves the password to be used for authentication with the new logonId.
Returns:
The password.

getPostLogonURL

protected java.lang.String getPostLogonURL()
Retrieves the URL to w which the user should be redirected to after successful authentication.
Returns:
The post login URL.

getReLogonURL

protected java.lang.String getReLogonURL()
Retrieves the URL to which the user should be redirected to if authentication was unsuccessful.
Returns:
The relogin login URL.

isAccountDisabled

protected boolean isAccountDisabled()
                             throws ECSystemException
Whether or not the account is disabled.
Returns:
boolean true if the account is disabled.
Throws:
ECSystemException

isGeneric

public boolean isGeneric()
Whether or not a generic user is permitted to execute this command.
Specified by:
isGeneric in interface ControllerCommand
Overrides:
isGeneric in class ControllerCommandImpl
Returns:
boolean true if a generic user can execute this command; always true for this command

isLogonAllowedNow

protected boolean isLogonAllowedNow()
Whether or not the user is allowed to logon at this time.
Returns:
boolean true if the user is allowed to logon at this time.

isValidCredentials

protected boolean isValidCredentials()
                              throws ECException
Based on the configuration parameters in the WCS configuration file, one of three authentication task will be called. The three authentication task, include two pre-setup task. The first presetup task will authenticate the user against the WCS DB, while the second will authenticate the user against LDAP. The third task is left to customers to implement such that third party authentication schemes can be supported.
Returns:
Returns true if authentication is successful, false otherwise.
Throws:
ECException

migrateUserEntries

protected void migrateUserEntries()
                           throws ECException
This method will migrate 'resources' belonging to the current user to the identity, associated with the logon ID, which the user will be assuming once the logon is successful. The resources to be migrated include addresses, current orders, order items, orders, order templates, and shopping cart entries.
Throws:
ECException

performExecute

public void performExecute()
                    throws ECException
Execute the command. First, make sure that account is not disabled. Next, reassign the default roles if logging on from LDAP. If the user has rights to logon to the store, migrate the user's resources and update the command context.
Specified by:
performExecute in interface ECCommand
Overrides:
performExecute in class AbstractECTargetableCommand
Throws:
ECException

setLogonId

public void setLogonId(java.lang.String strLogonId)
Set the logonId.
Specified by:
setLogonId in interface LogonCmd
Parameters:
strLogonId - The logonId to use when logging on to the store.

setLogonPassword

public void setLogonPassword(java.lang.String strPassword)
Set the logonPassword.
Specified by:
setLogonPassword in interface LogonCmd
Parameters:
strPassword - The password to use when logging on to the store.

setPostLogonURL

public void setPostLogonURL(java.lang.String strPostLoginURL)
Set the postLogonURL.
Specified by:
setPostLogonURL in interface LogonCmd
Parameters:
strPostLoginURL - The post login URL.

setReLogonURL

public void setReLogonURL(java.lang.String strReLoginURL)
Set the relogonURL.
Specified by:
setReLogonURL in interface LogonCmd
Parameters:
strReLoginURL - The URL to redirect to if logon is not successful.

setRequestProperties

public void setRequestProperties(TypedProperty hshReqParameters)
                          throws ECApplicationException
Set the request properties. Extracts the logonId, reLogonURL, and postLogonURL from the request parameters passed in.
Specified by:
setRequestProperties in interface ControllerCommand
Overrides:
setRequestProperties in class ControllerCommandImpl
Parameters:
hshReqParameters - The request parameters.
Throws:
ECApplicationException

updateCmdContext

protected void updateCmdContext()
                         throws ECException
Switches the current user identity to the identity associated with the LoginID supplied to this Logon command.
Throws:
ECException

updateLockoutInformation

public void updateLockoutInformation(boolean valid_credentials)
                              throws ECException
Updates the lockount information
Parameters:
valid_credentials -
Throws:
ECException

validateParameters

public void validateParameters()
                        throws ECException
Validate the parameters. Ensures that reLogonURL and postLogonURL are specified. Also ensures that the logonId is for a registered shopper in the system, and that the password satisfies all defined policies.
Specified by:
validateParameters in interface ECCommand
Overrides:
validateParameters in class AbstractECTargetableCommand
Throws:
ECException

isAnyParentOrgLocked

protected boolean isAnyParentOrgLocked()
                                throws ECException
Returns true if any parent organization is locked.
Returns:
boolean
Throws:
ECException

isUserRegisteredInOrg

protected boolean isUserRegisteredInOrg()
                                 throws ECException
Whether or not the user has a role in the org owning the store.
Returns:
boolean true if the user has a role with the org owning the store.
Throws:
Exception.
ECException

isUserApproved

protected boolean isUserApproved()
Whether or not the user is approved.
Returns:
boolean true if the user is approved.

getUserRegistryObject

protected UserRegistryAccessBean getUserRegistryObject()
Get the user registry object.
Returns:
UserRegistryAccessBean The user registry object.

getMemberObject

protected MemberAccessBean getMemberObject()
Get the member object.
Returns:
MemberAccessBean The member object.

isLDAPUsed

protected boolean isLDAPUsed()
Whether or not authentication mode is LDAP.
Returns:
boolean true if LDAP authentication is used.