Package org.opencms.security.twofactor
Class CmsTwoFactorAuthenticationUserPolicy
- java.lang.Object
-
- org.opencms.security.twofactor.CmsTwoFactorAuthenticationUserPolicy
-
public class CmsTwoFactorAuthenticationUserPolicy extends java.lang.Object
A policy that determines which users should use two-factor authentication.A policy consists of two lists of rules: an include list, and an exclude list. A user should use two-factor authentification if they match at least one rule in the include list, and no rule in the exclude list. However, if the include list does not contain any rules, only the exclude list is checked.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
CmsTwoFactorAuthenticationUserPolicy.CheckType
The rule type.static class
CmsTwoFactorAuthenticationUserPolicy.Rule
Represents a single rule configured for a policy.protected static class
CmsTwoFactorAuthenticationUserPolicy.UserCheckContext
A context object used to keep user-related data around which may be needed by multiple rules, so we only need read it once (e.g.
-
Constructor Summary
Constructors Constructor Description CmsTwoFactorAuthenticationUserPolicy(java.util.List<CmsTwoFactorAuthenticationUserPolicy.Rule> include, java.util.List<CmsTwoFactorAuthenticationUserPolicy.Rule> exclude)
Creates a new policy object.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
shouldUseTwoFactorAuthentication(CmsObject cms, CmsUser user)
Checks whether the given user should use two-factor-authentication according to this policy.
-
-
-
Constructor Detail
-
CmsTwoFactorAuthenticationUserPolicy
public CmsTwoFactorAuthenticationUserPolicy(java.util.List<CmsTwoFactorAuthenticationUserPolicy.Rule> include, java.util.List<CmsTwoFactorAuthenticationUserPolicy.Rule> exclude)
Creates a new policy object.- Parameters:
include
- the list of include rulesexclude
- the list of exclude rules
-
-
Method Detail
-
shouldUseTwoFactorAuthentication
public boolean shouldUseTwoFactorAuthentication(CmsObject cms, CmsUser user)
Checks whether the given user should use two-factor-authentication according to this policy.- Parameters:
cms
- the current CMS contextuser
- the user to check- Returns:
- true if the user should use two-factor authentication
-
-