|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.turbine.services.BaseInitable org.apache.turbine.services.BaseService org.apache.turbine.services.TurbineBaseService org.apache.jetspeed.services.security.ldap.LDAPUserManagement
Field Summary | |
protected static java.lang.String |
passwordsAlgorithm
|
protected static java.lang.String |
passwordsSuffix
|
protected java.lang.String[] |
roles
|
protected JetspeedRunDataService |
runDataService
|
protected static boolean |
securePasswords
|
Fields inherited from class org.apache.turbine.services.BaseService |
configuration, name, properties, serviceBroker |
Fields inherited from class org.apache.turbine.services.BaseInitable |
initableBroker, isInitialized |
Fields inherited from interface org.apache.jetspeed.services.security.UserManagement |
SERVICE_NAME |
Constructor Summary | |
LDAPUserManagement()
|
Method Summary | |
protected boolean |
accountExists(JetspeedUser user)
Check whether a specified user's account exists. |
protected boolean |
accountExists(JetspeedUser user,
boolean checkUniqueId)
|
protected void |
addDefaultPSML(JetspeedUser user)
|
void |
addUser(JetspeedUser user)
Adds a JetspeedUser into permanent storage. |
protected LDAPUser |
buildUser(javax.naming.directory.Attributes attributes)
|
void |
changePassword(JetspeedUser user,
java.lang.String oldPassword,
java.lang.String newPassword)
Allows for a user to change their own password. |
java.lang.String |
encryptPassword(java.lang.String password)
This method provides client-side encryption of passwords. |
void |
forcePassword(JetspeedUser user,
java.lang.String password)
Forcibly sets new password for a User. |
protected JetspeedRunData |
getRunData()
|
JetspeedUser |
getUser(java.security.Principal principal)
Retrieves a JetspeedUser given the primary principle. |
java.util.Iterator |
getUsers()
Retrieves a collection of all JetspeedUser s. |
java.util.Iterator |
getUsers(java.lang.String filter)
Retrieves a collection of JetspeedUser s filtered by a security
provider-specific query string. |
protected java.util.Iterator |
getUsersUsingLDAPSpecificFilter(java.lang.String filter,
java.lang.String[] attributesToFetch)
Retrieves a collection of JetspeedUser s filtered by a security
provider-specific query string. |
void |
init(javax.servlet.ServletConfig conf)
This is the early initialization method called by the Turbine Service framework |
static boolean |
passwordsMatch(JetspeedUser user,
java.lang.String suppliedPassword)
Check's if user's current password matches with the supplied password. |
void |
removeUser(java.security.Principal principal)
Removes a JetspeedUser from the permanent store. |
void |
saveUser(JetspeedUser user)
Saves a JetspeedUser 's attributes into permanent storage. |
Methods inherited from class org.apache.turbine.services.TurbineBaseService |
init, init, init, shutdown |
Methods inherited from class org.apache.turbine.services.BaseService |
getConfiguration, getName, getProperties, getServiceBroker, setName, setServiceBroker |
Methods inherited from class org.apache.turbine.services.BaseInitable |
getInit, getInitableBroker, setInit, setInitableBroker |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.apache.turbine.services.Service |
getConfiguration, getName, getProperties, setName, setServiceBroker |
Methods inherited from interface org.apache.turbine.services.Initable |
getInit, init, init, setInitableBroker, shutdown |
Field Detail |
protected static boolean securePasswords
protected static java.lang.String passwordsAlgorithm
protected static java.lang.String passwordsSuffix
protected JetspeedRunDataService runDataService
protected java.lang.String[] roles
Constructor Detail |
public LDAPUserManagement()
Method Detail |
public JetspeedUser getUser(java.security.Principal principal) throws JetspeedSecurityException
JetspeedUser
given the primary principle.
The principal can be any valid Jetspeed Security Principal:
org.apache.jetspeed.om.security.UserNamePrincipal
org.apache.jetspeed.om.security.UserIdPrincipal
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
getUser
in interface UserManagement
principal
- a principal identity to be retrieved.
JetspeedUser
associated to the principal identity.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied
due to insufficient privilege
JetspeedSecurityException
public java.util.Iterator getUsers() throws JetspeedSecurityException
JetspeedUser
s.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
getUsers
in interface UserManagement
JetspeedUser
entities.
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public java.util.Iterator getUsers(java.lang.String filter) throws JetspeedSecurityException
JetspeedUser
s filtered by a security
provider-specific query string. For example SQL, OQL, JDOQL.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
getUsers
in interface UserManagement
JetspeedUser
entities.
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
protected java.util.Iterator getUsersUsingLDAPSpecificFilter(java.lang.String filter, java.lang.String[] attributesToFetch) throws JetspeedSecurityException
JetspeedUser
s filtered by a security
provider-specific query string. For example SQL, OQL, JDOQL.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
JetspeedUser
entities.
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
protected LDAPUser buildUser(javax.naming.directory.Attributes attributes)
public void saveUser(JetspeedUser user) throws JetspeedSecurityException
JetspeedUser
's attributes into permanent storage.
The user's account is required to exist in the storage.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
saveUser
in interface UserManagement
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void addUser(JetspeedUser user) throws JetspeedSecurityException
JetspeedUser
into permanent storage.
The security service can throw a NotUniqueUserException
when the public
credentials fail to meet the security provider-specific unique constraints.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
addUser
in interface UserManagement
UserException
- when the security provider has a general failure retrieving users.
NotUniqueUserException
- when the public credentials fail to meet
the security provider-specific unique constraints.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
protected void addDefaultPSML(JetspeedUser user) throws JetspeedSecurityException
JetspeedSecurityException
public void removeUser(java.security.Principal principal) throws JetspeedSecurityException
JetspeedUser
from the permanent store.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
removeUser
in interface UserManagement
principal
- the principal identity to be retrieved.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void changePassword(JetspeedUser user, java.lang.String oldPassword, java.lang.String newPassword) throws JetspeedSecurityException
changePassword
in interface CredentialsManagement
user
- the JetspeedUser to change passwordoldPassword
- the current password supplied by the user.newPassword
- the current password requested by the user.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void forcePassword(JetspeedUser user, java.lang.String password) throws JetspeedSecurityException
forcePassword
in interface CredentialsManagement
user
- the user to change the password for.password
- the new password.
UserException
- when the security provider has a general
failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is
denied due to insufficient privilege
JetspeedSecurityException
public java.lang.String encryptPassword(java.lang.String password) throws JetspeedSecurityException
secure.passwords
are enabled in
JetspeedSecurity.properties,
the password will be encrypted, if not, it will be returned unchanged.
The secure.passwords.algorithm
property can be used
to chose which digest algorithm should be used for performing the
encryption. SHA
is used by default.
encryptPassword
in interface CredentialsManagement
password
- the password to process
JetspeedSecurityException
public static boolean passwordsMatch(JetspeedUser user, java.lang.String suppliedPassword)
Check's if user's current password matches with the supplied password.
user
- User whose password will be checkedsuppliedPassword
- Password to match
public void init(javax.servlet.ServletConfig conf) throws org.apache.turbine.services.InitializationException
Service
framework
conf
- The ServletConfig
throws
- a InitializationException
if the service
fails to initialize
org.apache.turbine.services.InitializationException
protected boolean accountExists(JetspeedUser user) throws UserException
user
- The user to be checked.
UserException
- If there was a general db access errorprotected boolean accountExists(JetspeedUser user, boolean checkUniqueId) throws UserException
UserException
protected JetspeedRunData getRunData()
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |