|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.turbine.services.BaseInitable org.apache.turbine.services.BaseService org.apache.turbine.services.TurbineBaseService org.apache.jetspeed.services.security.nosecurity.NoUserManagement
The NoUserManagement
class is a Jetspeed
security provider, implementing the UserManagement
and CredentialsManagement
interfaces. It does not manage any users - no users are listed, no users are saved, any
request for a user is satisfied with a temp. User object.
Field Summary |
Fields inherited from class org.apache.turbine.services.BaseService |
configuration, name, properties, serviceBroker |
Fields inherited from class org.apache.turbine.services.BaseInitable |
initableBroker, isInitialized |
Fields inherited from interface org.apache.jetspeed.services.security.UserManagement |
SERVICE_NAME |
Constructor Summary | |
NoUserManagement()
|
Method Summary | |
void |
addUser(JetspeedUser user)
Adds a JetspeedUser into permanent storage. |
void |
changePassword(JetspeedUser user,
java.lang.String oldPassword,
java.lang.String newPassword)
Allows for a user to change their own password. |
java.lang.String |
encryptPassword(java.lang.String password)
This method provides client-side encryption of passwords. |
void |
forcePassword(JetspeedUser user,
java.lang.String password)
Forcibly sets new password for a User. |
JetspeedUser |
getUser(java.security.Principal principal)
Retrieves a JetspeedUser given the primary principle. |
java.util.Iterator |
getUsers()
Retrieves a collection of all JetspeedUser s. |
java.util.Iterator |
getUsers(java.lang.String filter)
Retrieves a collection of JetspeedUser s filtered by a security
provider-specific query string. |
void |
removeUser(java.security.Principal principal)
Removes a JetspeedUser from the permanent store. |
void |
saveUser(JetspeedUser user)
Saves a JetspeedUser 's attributes into permanent storage. |
Methods inherited from class org.apache.turbine.services.TurbineBaseService |
init, init, init, init, shutdown |
Methods inherited from class org.apache.turbine.services.BaseService |
getConfiguration, getName, getProperties, getServiceBroker, setName, setServiceBroker |
Methods inherited from class org.apache.turbine.services.BaseInitable |
getInit, getInitableBroker, setInit, setInitableBroker |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.apache.turbine.services.Service |
getConfiguration, getName, getProperties, setName, setServiceBroker |
Methods inherited from interface org.apache.turbine.services.Initable |
getInit, init, init, setInitableBroker, shutdown |
Constructor Detail |
public NoUserManagement()
Method Detail |
public JetspeedUser getUser(java.security.Principal principal) throws JetspeedSecurityException
JetspeedUser
given the primary principle.
The principal can be any valid Jetspeed Security Principal:
org.apache.jetspeed.om.security.UserNamePrincipal
org.apache.jetspeed.om.security.UserIdPrincipal
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
getUser
in interface UserManagement
principal
- a principal identity to be retrieved.
JetspeedUser
associated to the principal identity.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public java.util.Iterator getUsers() throws JetspeedSecurityException
JetspeedUser
s.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
getUsers
in interface UserManagement
JetspeedUser
entities.
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public java.util.Iterator getUsers(java.lang.String filter) throws JetspeedSecurityException
JetspeedUser
s filtered by a security
provider-specific query string. For example SQL, OQL, JDOQL.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
getUsers
in interface UserManagement
JetspeedUser
entities.
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void saveUser(JetspeedUser user) throws JetspeedSecurityException
JetspeedUser
's attributes into permanent storage.
The user's account is required to exist in the storage.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
saveUser
in interface UserManagement
UserException
- when the security provider has a general failure retrieving users.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void addUser(JetspeedUser user) throws JetspeedSecurityException
JetspeedUser
into permanent storage.
The security service can throw a NotUniqueUserException
when the public
credentials fail to meet the security provider-specific unique constraints.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
addUser
in interface UserManagement
UserException
- when the security provider has a general failure retrieving users.
NotUniqueUserException
- when the public credentials fail to meet
the security provider-specific unique constraints.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void removeUser(java.security.Principal principal) throws JetspeedSecurityException
JetspeedUser
from the permanent store.
The security service may optionally check the current user context
to determine if the requestor has permission to perform this action.
removeUser
in interface UserManagement
principal
- the principal identity to be retrieved.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void changePassword(JetspeedUser user, java.lang.String oldPassword, java.lang.String newPassword) throws JetspeedSecurityException
changePassword
in interface CredentialsManagement
user
- the user to change the password for.oldPassword
- the current password supplied by the user.newPassword
- the current password requested by the user.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public void forcePassword(JetspeedUser user, java.lang.String password) throws JetspeedSecurityException
forcePassword
in interface CredentialsManagement
user
- the user to change the password for.password
- the new password.
UserException
- when the security provider has a general failure retrieving a user.
UnknownUserException
- when the security provider cannot match
the principal identity to a user.
InsufficientPrivilegeException
- when the requestor is denied due to insufficient privilege
JetspeedSecurityException
public java.lang.String encryptPassword(java.lang.String password) throws JetspeedSecurityException
secure.passwords
are enabled in JetspeedSecurity properties,
the password will be encrypted, if not, it will be returned unchanged.
The secure.passwords.algorithm
property can be used
to chose which digest algorithm should be used for performing the
encryption. SHA
is used by default.
encryptPassword
in interface CredentialsManagement
password
- the password to process
JetspeedSecurityException
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |