loginCustomer(String, String, int, int, String, long, String, boolean, List< String >) method

Syntax

CustomerSession loginCustomer ( String identifier , String plainTextCredential , int identifierType , int credentialType , String origin , long callerId , String orgUnit , boolean allPrivilegesRequired , List< String > requiredPrivileges ) throws EntityNotFoundException, CustomerStatusException, CredentialValidationException, SessionException, InternalCustomerException, MissingLoginPrivilegeException

Parameters

• identifier – the identification to load the customer by (MSISDN, username, ...).
• plainTextCredential – the credential to check (PIN, password, ...).
• identifierType – the type of the identification provided in identification.
• credentialType – the type of the credential provided in credential
• origin – the origin is stored with the session that is created. Specifies where the login operation is initiating from.
• callerId – represents the ID of the caller of the operation. Used for tracking/audit purposes.
• orgUnit – the customers orgunit
• allPrivilegesRequired – this flag indicates if the customer must have all of the required privileges, or if one is sufficient
• requiredPrivileges – this is the list of privileges the customer must have to log in successfully; if the customer does not have these privileges, the login will fail and the customer status, wrong-credential-counter, etc. will not be changed (irrespective of whether or not the customer provided the right password), if this list is empty or null, no privilege checking will happen.

Returns

the created CustomerSession

Exceptions

• EntityNotFoundException –
• CustomerStatusException –
• CredentialValidationException –
• SessionException –
• InternalCustomerException –
• MissingLoginPrivilegeException –

Usage

Logs in an end-user into an application by checking username, credential, and creating a new session. This method runs in its

own transaction

to make sure that wrong credential checks are persisted. The session id that is returned should be used for each subsequent request and is valid either until it times out or a logout is called.

In case of an incorrect credential the Credential Policies are used to determine the next action. In case the credential was correct but it is temporary (system generated) or has expired the

CredentialOkButExpiredException

is thrown.

the created CustomerSession