1/*2 * Copyright 2000-2001,2004 The Apache Software Foundation.3 * 4 * Licensed under the Apache License, Version 2.0 (the "License");5 * you may not use this file except in compliance with the License.6 * You may obtain a copy of the License at7 * 8 * http://www.apache.org/licenses/LICENSE-2.09 * 10 * Unless required by applicable law or agreed to in writing, software11 * distributed under the License is distributed on an "AS IS" BASIS,12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.13 * See the License for the specific language governing permissions and14 * limitations under the License.15 */1617packageorg.apache.jetspeed.services.security;
1819import java.util.Iterator;
20import java.security.Principal;
2122import org.apache.turbine.services.Service;
23import org.apache.jetspeed.om.security.JetspeedUser;
2425/***26 * <p> The <code>UserManagement</code> interface describes contract between 27 * the portal and security provider required for Jetspeed User Management.28 * This interface enables an application to be independent of the underlying 29 * user management technology.30 *31 * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>32 * @version $Id: UserManagement.java,v 1.3 2004/02/23 03:58:11 jford Exp $33 */3435publicinterfaceUserManagementextends Service, CredentialsManagement36 {
37public String SERVICE_NAME = "UserManagement";
3839/***40 * Retrieves a <code>JetspeedUser</code> given the primary principle.41 * The principal can be any valid Jetspeed Security Principal:42 * <code>org.apache.jetspeed.om.security.UserNamePrincipal</code>43 * <code>org.apache.jetspeed.om.security.UserIdPrincipal</code>44 * 45 * The security service may optionally check the current user context46 * to determine if the requestor has permission to perform this action.47 *48 * @param principal a principal identity to be retrieved.49 * @return a <code>JetspeedUser</code> associated to the principal identity.50 * @exception UserException when the security provider has a general failure retrieving a user.51 * @exception UnknownUserException when the security provider cannot match52 * the principal identity to a user.53 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 54 */55JetspeedUser getUser(Principal principal)
56 throws JetspeedSecurityException;
5758/***59 * Retrieves a collection of all <code>JetspeedUser</code>s.60 * The security service may optionally check the current user context61 * to determine if the requestor has permission to perform this action.62 *63 * @return a collection of <code>JetspeedUser</code> entities.64 * @exception UserException when the security provider has a general failure retrieving users.65 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 66 */67 Iterator getUsers()
68 throws JetspeedSecurityException;
6970/***71 * Retrieves a collection of <code>JetspeedUser</code>s filtered by a security 72 * provider-specific query string. For example SQL, OQL, JDOQL.73 * The security service may optionally check the current user context74 * to determine if the requestor has permission to perform this action.75 *76 * @return a collection of <code>JetspeedUser</code> entities.77 * @exception UserException when the security provider has a general failure retrieving users.78 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 79 */80 Iterator getUsers(String filter)
81 throws JetspeedSecurityException;
8283/***84 * Saves a <code>JetspeedUser</code>'s attributes into permanent storage. 85 * The user's account is required to exist in the storage.86 * The security service may optionally check the current user context87 * to determine if the requestor has permission to perform this action.88 *89 * @exception UserException when the security provider has a general failure retrieving users.90 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 91 */92void saveUser(JetspeedUser user)
93 throws JetspeedSecurityException;
9495/***96 * Adds a <code>JetspeedUser</code> into permanent storage. 97 * The security service can throw a <code>NotUniqueUserException</code> when the public98 * credentials fail to meet the security provider-specific unique constraints.99 * The security service may optionally check the current user context100 * to determine if the requestor has permission to perform this action.101 *102 * @exception UserException when the security provider has a general failure retrieving users.103 * @exception NotUniqueUserException when the public credentials fail to meet 104 * the security provider-specific unique constraints.105 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 106 */107void addUser(JetspeedUser user)
108 throws JetspeedSecurityException;
109110/***111 * Removes a <code>JetspeedUser</code> from the permanent store.112 * The security service may optionally check the current user context113 * to determine if the requestor has permission to perform this action.114 *115 * @param principal the principal identity to be retrieved.116 * @exception UserException when the security provider has a general failure retrieving a user.117 * @exception UnknownUserException when the security provider cannot match118 * the principal identity to a user.119 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 120 */121void removeUser(Principal principal)
122 throws JetspeedSecurityException;
123124 }