com.ibm.commerce.security.commands

Class DBAuthenticationCmdImpl

  • All Implemented Interfaces:
    com.ibm.commerce.command.CacheableECCommand, ECCommand, ECTargetableCommand, TaskCommand, DBAuthenticationCmd, com.ibm.websphere.cache.Sizeable, com.ibm.websphere.command.CacheableCommand, com.ibm.websphere.command.Command, com.ibm.websphere.command.CommandCaller, com.ibm.websphere.command.TargetableCommand, java.io.Serializable


    public class DBAuthenticationCmdImpl
    extends TaskCommandImpl
    implements DBAuthenticationCmd

    If the WebSphere Commerce server is configured to authenticate against a database, this task command either authenticates or updates a credential set.

    Before executing this task command, the methods listed below must be invoked.

    • setMerchantKey
    • setLogonId
    • setPassword

    If the setUpdateFlag is called, this task command updates the credentials set in the database.

    If the setUpdateFlag is not called, this task command verifies the credentials when executed. To determine whether the authentication is successful, call isValidCredentials.

    Error View Task: DBAuthenticationErrorView

    See Also:
    Serialized Form
    • Field Detail

      • COPYRIGHT

        public static final java.lang.String COPYRIGHT
        IBM Copyright statement
        See Also:
        Constant Field Values
      • ERRTASK_NAME

        public static final java.lang.String ERRTASK_NAME
        Error task name.
        See Also:
        Constant Field Values
    • Constructor Detail

      • DBAuthenticationCmdImpl

        public DBAuthenticationCmdImpl()
    • Method Detail

      • isValidCredentials

        public boolean isValidCredentials()
        A boolean result flag is set to indicate if the authentication succeeds. This method will return this result flag to indicate if the authentication was successful.
        Specified by:
        isValidCredentials in interface DBAuthenticationCmd
        Returns:
        "True", if the authentication is successful.
      • performExecute

        public void performExecute()
                            throws ECException
        This method executes this command. Delegates to the performOneWayHasnAuthentication or performReversibleAuthentication, depending on the value of the Security/one-way hash parameter in the instance.xml file.
        Specified by:
        performExecute in interface ECCommand
        Specified by:
        performExecute in interface com.ibm.websphere.command.TargetableCommand
        Overrides:
        performExecute in class AbstractECTargetableCommand
        Throws:
        ECException
      • performOneWayHashAuthentication

        public void performOneWayHashAuthentication()
                                             throws ECException
        This method will be executed if the user has an one-way hashed password. Depending on the update flag, this method will either update or verify the credentials. If update flag is set to true, it will first generate a salt and one-way hashed the new password. Then, update the user credentials with the new password. If update flag is set to false, it will one way hash the password and verify it is the same as the current one stored in the database.
        Throws:
        ECException
      • performReversibleAuthentication

        public void performReversibleAuthentication()
                                             throws ECException
        This method will be executed if the user has a reversibly encrypted password. Depending on the update flag, this method will either update or verify the credentials. If update flag is set to true, it will first encrypt the new password and then update the user credentials with it. If update flag is set to false, it will verify it is the same as the decrypted value of the current one stored in the database.
        Throws:
        ECException
      • setEncipheredMerchantKey

        public void setEncipheredMerchantKey(java.lang.String strEncipheredMerchantKey)
        Deprecated. Retrieve the merchantkey by first calling ConfigProperties.singleton().getMerchantKey() and then call setMerchantKey(String) to set the merchant key to be used by the command.
        This method sets the enciphered merchant key to use in the encryption of the password. This command task implicitly decrypts the enciphered merchant key. This key should only be set if the merchant key was not set.
        Specified by:
        setEncipheredMerchantKey in interface DBAuthenticationCmd
        Parameters:
        strEncipheredMerchantKey - The enciphered merchant key.
      • setLogonId

        public void setLogonId(java.lang.String strLogonId)
        This method sets the logon ID under which the current user wishes to logon.
        Specified by:
        setLogonId in interface DBAuthenticationCmd
        Parameters:
        strLogonId - The logon ID.
      • setPassword

        public void setPassword(java.lang.String strPassword)
        This method sets the password to use for authentication with a new logon ID.
        Specified by:
        setPassword in interface DBAuthenticationCmd
        Parameters:
        strPassword - The password.
      • setUpdateFlag

        public void setUpdateFlag()
        This method is called to indicate that instead of verifying the credentials, the credentials should be set in the database.
        Specified by:
        setUpdateFlag in interface DBAuthenticationCmd