Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

atg.userdirectory
Class UserDirectoryUserAuthority

java.lang.Object
  extended by atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      extended by atg.nucleus.GenericService
          extended by atg.userdirectory.UserDirectoryUserAuthority
All Implemented Interfaces:
NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, atg.nucleus.logging.VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, atg.security.CachingUserAuthority, UserAuthority, UserAuthority2, java.util.EventListener
public class UserDirectoryUserAuthority
extends GenericService
implements UserAuthority2, atg.security.CachingUserAuthority

A user authority appropriate for working with one or more user directories.

This user authority does not provide login support. If you need login support from one or more of its members, you should create a UserDirectoryLoginUserAuthority for each required user directory.

See Also:
UserAuthority, UserDirectoryLoginUserAuthority

Field Summary
static java.lang.String CLASS_VERSION
           
 
Fields inherited from class atg.nucleus.GenericService
SERVICE_INFO_KEY
 
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
DEFAULT_LOG_TRACE_STATUS
 
Fields inherited from interface atg.nucleus.logging.ApplicationLogging
DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS
 
Constructor Summary
UserDirectoryUserAuthority()
           
 
Method Summary
 void addAuthenticationFailedListener(DataListener listener)
          Adds a listener for "authentication failed" events.
 void addAuthenticationSucceededListener(DataListener listener)
          Adds a listener for "authentication succeeded" events.
static void addPrincipalResolver(java.lang.String pName, atg.userdirectory.PrincipalResolver pResolver)
          Adds a new identity resolver.
 void addSpecialPersona(Persona pPersona)
          Adds the indicated persona to the special persona list.
 int getCacheLifetime()
          Returns the lifetime of cached persona information.
 Persona getPersona(java.lang.Object pId)
          Returns a persona for the given ID object.
 Persona getPersona(java.lang.String pDirectoryName, java.lang.Class pPrincipalType, java.lang.String pPrincipalName)
          Returns the persona for the named principal in the named directory.
 Persona getPersona(UserDirectory pDirectory, java.security.Principal pPrincipal)
          Deprecated.  
 Persona getPersonaForPrincipal(java.security.Principal pPrincipal)
          Given a user directory principal, return its persona.
 java.security.Principal getPrincipal(Persona pPersona)
          Deprecated.  
 DirectoryPrincipal getPrincipalForPersona(Persona pPersona)
          Returns the Principal from the user directory that was used to create the Persona.
 Persona[] getSpecialPersonae()
          Returns the special personae supported by this user authority.
 boolean getSupportsEveryone()
          If true, this user authority supports the "EVERYONE" special persona.
 java.lang.String getUserAuthorityName()
          Returns the name of the user authority.
 ServiceMap getUserDirectories()
          Returns the set of user directories that this user authority works with.
 UserDirectory getUserDirectory(Persona pPersona)
          Given a persona, returns the user directory from which it was derived.
 java.lang.String getUserDirectoryName(Persona pPersona)
          Given a persona, returns the name of the user directory from the user directory service map.
 void invalidateAllPersonae()
          Invalidates all cached persona information produced by this directory.
 void invalidatePersona(Persona pPersona)
          Invalidates the cached persona information, forcing a re-verification of the existance of the persona as well as its internal cache information.
 void removeAuthenticationFailedListener(DataListener listener)
          Removes a listener for "authentication failed" events.
 void removeAuthenticationSucceededListener(DataListener listener)
          Removes a listener for "authentication succeeded" events.
 void removeSpecialPersona(Persona pPersona)
          Removes the indicated persona from the special persona list.
 void setCacheLifetime(int pLifetimeSecs)
          Changes the lifetime of cached persona information.
 void setPasswordHasher(PasswordHasher pPasswordHasher)
          Changes the password hasher used by this user authority.
 void setSpecialPersonae(Persona[] pPersonae)
          Changes the set of special personae supported by this user authority.
 void setSupportsEveryone(boolean pSupported)
          If set to true, this adds the "EVERYONE" special persona to the list of special personae supported by this user authority.
 void setUserAuthorityName(java.lang.String pNewName)
          Changes the name of this authority.
 void setUserDirectories(ServiceMap pDirectoryMap)
          Changes the set of user directories that this user authority works with.
 void userDestroyed(User user)
          Called by a User object when it is destroyed.
 
Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStartService, doStopService, getAbsoluteName, getAdminServlet, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService
 
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION
Constructor Detail

UserDirectoryUserAuthority

public UserDirectoryUserAuthority()
Method Detail

getCacheLifetime

public int getCacheLifetime()
Returns the lifetime of cached persona information. This is how long a persona's sub-persona information may remain out-of-date with respect to the underlying user directory.

If you need to ensure that a persona is up-to-date, you can force reloading of the cached data by calling UserDirectoryUserAuthority.invalidatePersona().

See Also:
invalidatePersona

setCacheLifetime

public void setCacheLifetime(int pLifetimeSecs)
Changes the lifetime of cached persona information. This is how long a persona's sub-persona information may remain out-of-date with respect to the underlying user directory.

If you need to ensure that a persona is up-to-date, you can force reloading of the cached data by calling UserDirectoryUserAuthority.invalidatePersona().

See Also:
invalidatePersona

setUserAuthorityName

public void setUserAuthorityName(java.lang.String pNewName)
Changes the name of this authority.

setPasswordHasher

public void setPasswordHasher(PasswordHasher pPasswordHasher)
Changes the password hasher used by this user authority.

getUserDirectories

public ServiceMap getUserDirectories()
Returns the set of user directories that this user authority works with.

setUserDirectories

public void setUserDirectories(ServiceMap pDirectoryMap)
Changes the set of user directories that this user authority works with. WARNING: Changing the set of user directories after ACLs have been created or object ownership assigned using this user authority is fraught with peril.

getSupportsEveryone

public boolean getSupportsEveryone()
If true, this user authority supports the "EVERYONE" special persona.

setSupportsEveryone

public void setSupportsEveryone(boolean pSupported)
If set to true, this adds the "EVERYONE" special persona to the list of special personae supported by this user authority. If set to false, it removes it.

setSpecialPersonae

public void setSpecialPersonae(Persona[] pPersonae)
Changes the set of special personae supported by this user authority.

addPrincipalResolver

public static void addPrincipalResolver(java.lang.String pName,
                                        atg.userdirectory.PrincipalResolver pResolver)
Adds a new identity resolver.

getPrincipal

public java.security.Principal getPrincipal(Persona pPersona)
Deprecated. 

Returns the Principal from the user directory that was used to create the Persona. This has been deprecated in favor of getPrincipalForPersona().

See Also:
getPrincipalForPersona(atg.security.Persona)

getPrincipalForPersona

public DirectoryPrincipal getPrincipalForPersona(Persona pPersona)
Returns the Principal from the user directory that was used to create the Persona.

getPersona

public Persona getPersona(java.lang.String pDirectoryName,
                          java.lang.Class pPrincipalType,
                          java.lang.String pPrincipalName)
Returns the persona for the named principal in the named directory.

getPersona

public Persona getPersona(UserDirectory pDirectory,
                          java.security.Principal pPrincipal)
Deprecated. 

Given a user directory and principal, return its Persona. This method has been deprecated in favor of getPersonaForPrincipal().

See Also:
getPersonaForPrincipal

getPersonaForPrincipal

public Persona getPersonaForPrincipal(java.security.Principal pPrincipal)
Given a user directory principal, return its persona.

getUserDirectory

public UserDirectory getUserDirectory(Persona pPersona)
Given a persona, returns the user directory from which it was derived.

getUserDirectoryName

public java.lang.String getUserDirectoryName(Persona pPersona)
Given a persona, returns the name of the user directory from the user directory service map.

invalidatePersona

public void invalidatePersona(Persona pPersona)
Invalidates the cached persona information, forcing a re-verification of the existance of the persona as well as its internal cache information.

If you need to invalidate the entire identity cache, use invalidateAllPersonae().

Specified by:
invalidatePersona in interface atg.security.CachingUserAuthority
See Also:
invalidateAllPersonae()

invalidateAllPersonae

public void invalidateAllPersonae()
Invalidates all cached persona information produced by this directory. This can cause a hiccup in security system performance; if you can, it's better to use invalidatePersona().

Specified by:
invalidateAllPersonae in interface atg.security.CachingUserAuthority
See Also:
invalidatePersona(atg.security.Persona)

addSpecialPersona

public void addSpecialPersona(Persona pPersona)
Adds the indicated persona to the special persona list.

removeSpecialPersona

public void removeSpecialPersona(Persona pPersona)
Removes the indicated persona from the special persona list.

getUserAuthorityName

public java.lang.String getUserAuthorityName()
Returns the name of the user authority.

Specified by:
getUserAuthorityName in interface UserAuthority

userDestroyed

public void userDestroyed(User user)
Called by a User object when it is destroyed. This can be used to clean up internal references to the user object.

Specified by:
userDestroyed in interface UserAuthority

getPersona

public Persona getPersona(java.lang.Object pId)
Returns a persona for the given ID object. This is typically used by an ACL parser, where the ID is usually a string. Returns null if there is no persona for the indicated ID.

Specified by:
getPersona in interface UserAuthority

addAuthenticationSucceededListener

public void addAuthenticationSucceededListener(DataListener listener)
Adds a listener for "authentication succeeded" events.

Specified by:
addAuthenticationSucceededListener in interface UserAuthority

removeAuthenticationSucceededListener

public void removeAuthenticationSucceededListener(DataListener listener)
Removes a listener for "authentication succeeded" events.

Specified by:
removeAuthenticationSucceededListener in interface UserAuthority

addAuthenticationFailedListener

public void addAuthenticationFailedListener(DataListener listener)
Adds a listener for "authentication failed" events.

Specified by:
addAuthenticationFailedListener in interface UserAuthority

removeAuthenticationFailedListener

public void removeAuthenticationFailedListener(DataListener listener)
Removes a listener for "authentication failed" events.

Specified by:
removeAuthenticationFailedListener in interface UserAuthority

getSpecialPersonae

public Persona[] getSpecialPersonae()
Returns the special personae supported by this user authority. These are personae that are supported in ACLs but that are not persisted by the back-end system.

Specified by:
getSpecialPersonae in interface UserAuthority2
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD