Class UserDirectoryUserAuthority

  extended by atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      extended by atg.nucleus.GenericService
          extended by atg.userdirectory.UserDirectoryUserAuthority
All Implemented Interfaces:
atg.naming.AbsoluteNameable, NameContextBindingListener, NameContextElement, atg.naming.NameContextParentable, NameResolver, AdminableService, atg.nucleus.Configured, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener,, UserAuthority, UserAuthority2, java.util.EventListener

public class UserDirectoryUserAuthority
extends GenericService
implements UserAuthority2,

A user authority appropriate for working with one or more user directories.

This user authority does not provide login support. If you need login support from one or more of its members, you should create a UserDirectoryLoginUserAuthority for each required user directory.

See Also:
UserAuthority, UserDirectoryLoginUserAuthority

Field Summary
static java.lang.String CLASS_VERSION
Fields inherited from class atg.nucleus.GenericService
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
Fields inherited from interface atg.nucleus.logging.ApplicationLogging
Constructor Summary
Method Summary
 void addAuthenticationFailedListener(DataListener listener)
          Adds a listener for "authentication failed" events.
 void addAuthenticationSucceededListener(DataListener listener)
          Adds a listener for "authentication succeeded" events.
static void addPrincipalResolver(java.lang.String pName, atg.userdirectory.PrincipalResolver pResolver)
          Adds a new identity resolver.
 void addSpecialPersona(Persona pPersona)
          Adds the indicated persona to the special persona list.
 atg.userdirectory.AccessRightLookup getAccessRightLookup()
          Returns property AccessRightLookup
 int getCacheLifetime()
          Returns the lifetime of cached persona information.
 Persona getPersona(java.lang.Object pId)
          Returns a persona for the given ID object.
 Persona getPersona(java.lang.String pDirectoryName, java.lang.Class pPrincipalType, java.lang.String pPrincipalName)
          Returns the persona for the named principal in the named directory.
 Persona getPersona(UserDirectory pDirectory, pPrincipal)
 Persona getPersonaForAccessRight(java.lang.String pAccessRightName, UserDirectory pUserDirectory)
          Gets a persona for the given access right
 Persona getPersonaForPrincipal( pPrincipal)
          Given a user directory principal, return its persona. getPrincipal(Persona pPersona)
 DirectoryPrincipal getPrincipalForPersona(Persona pPersona)
          Returns the Principal from the user directory that was used to create the Persona.
 Persona[] getSpecialPersonae()
          Returns the special personae supported by this user authority.
 boolean getSupportsEveryone()
          If true, this user authority supports the "EVERYONE" special persona.
 java.lang.String getUserAuthorityName()
          Returns the name of the user authority.
 ServiceMap getUserDirectories()
          Returns the set of user directories that this user authority works with.
 UserDirectory getUserDirectory(Persona pPersona)
          Given a persona, returns the user directory from which it was derived.
 java.lang.String getUserDirectoryName(Persona pPersona)
          Given a persona, returns the name of the user directory from the user directory service map.
 void invalidateAllPersonae()
          Invalidates all cached persona information produced by this directory.
 void invalidatePersona(Persona pPersona)
          Invalidates the cached persona information, forcing a re-verification of the existance of the persona as well as its internal cache information.
 void removeAuthenticationFailedListener(DataListener listener)
          Removes a listener for "authentication failed" events.
 void removeAuthenticationSucceededListener(DataListener listener)
          Removes a listener for "authentication succeeded" events.
 void removeSpecialPersona(Persona pPersona)
          Removes the indicated persona from the special persona list.
 void setAccessRightLookup(atg.userdirectory.AccessRightLookup pAccessRightLookup)
          Sets property accessRightLookup
 void setCacheLifetime(int pLifetimeSecs)
          Changes the lifetime of cached persona information.
 void setPasswordHasher(PasswordHasher pPasswordHasher)
          Changes the password hasher used by this user authority.
 void setSpecialPersonae(Persona[] pPersonae)
          Changes the set of special personae supported by this user authority.
 void setSupportsEveryone(boolean pSupported)
          If set to true, this adds the "EVERYONE" special persona to the list of special personae supported by this user authority.
 void setUserAuthorityName(java.lang.String pNewName)
          Changes the name of this authority.
 void setUserDirectories(ServiceMap pDirectoryMap)
          Changes the set of user directories that this user authority works with.
 java.lang.String toString()
 void userDestroyed(User user)
          Called by a User object when it is destroyed.
Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStartService, doStopService, getAbsoluteName, getAdminServlet, getAdminServletOutputStreamEncoding, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isAdminServletUseServletOutputStream, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, reResolveThis, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setAdminServletOutputStreamEncoding, setAdminServletUseServletOutputStream, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogDebugTrace, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail


public static java.lang.String CLASS_VERSION
Constructor Detail


public UserDirectoryUserAuthority()
Method Detail


public void setAccessRightLookup(atg.userdirectory.AccessRightLookup pAccessRightLookup)
Sets property accessRightLookup

pAccessRightlookup - service that looks up access rights


public atg.userdirectory.AccessRightLookup getAccessRightLookup()
Returns property AccessRightLookup

a service that looks up access rights


public int getCacheLifetime()
Returns the lifetime of cached persona information. This is how long a persona's sub-persona information may remain out-of-date with respect to the underlying user directory.

If you need to ensure that a persona is up-to-date, you can force reloading of the cached data by calling UserDirectoryUserAuthority.invalidatePersona().

See Also:


public void setCacheLifetime(int pLifetimeSecs)
Changes the lifetime of cached persona information. This is how long a persona's sub-persona information may remain out-of-date with respect to the underlying user directory.

If you need to ensure that a persona is up-to-date, you can force reloading of the cached data by calling UserDirectoryUserAuthority.invalidatePersona().

See Also:


public void setUserAuthorityName(java.lang.String pNewName)
Changes the name of this authority.


public void setPasswordHasher(PasswordHasher pPasswordHasher)
Changes the password hasher used by this user authority.


public ServiceMap getUserDirectories()
Returns the set of user directories that this user authority works with.


public void setUserDirectories(ServiceMap pDirectoryMap)
Changes the set of user directories that this user authority works with. WARNING: Changing the set of user directories after ACLs have been created or object ownership assigned using this user authority is fraught with peril.


public boolean getSupportsEveryone()
If true, this user authority supports the "EVERYONE" special persona.


public void setSupportsEveryone(boolean pSupported)
If set to true, this adds the "EVERYONE" special persona to the list of special personae supported by this user authority. If set to false, it removes it.


public void setSpecialPersonae(Persona[] pPersonae)
Changes the set of special personae supported by this user authority.


public static void addPrincipalResolver(java.lang.String pName,
                                        atg.userdirectory.PrincipalResolver pResolver)
Adds a new identity resolver.


public getPrincipal(Persona pPersona)

Returns the Principal from the user directory that was used to create the Persona. This has been deprecated in favor of getPrincipalForPersona().

See Also:


public DirectoryPrincipal getPrincipalForPersona(Persona pPersona)
Returns the Principal from the user directory that was used to create the Persona.


public Persona getPersona(java.lang.String pDirectoryName,
                          java.lang.Class pPrincipalType,
                          java.lang.String pPrincipalName)
Returns the persona for the named principal in the named directory.


public Persona getPersona(UserDirectory pDirectory,

Given a user directory and principal, return its Persona. This method has been deprecated in favor of getPersonaForPrincipal().

See Also:


public Persona getPersonaForPrincipal( pPrincipal)
Given a user directory principal, return its persona.


public Persona getPersonaForAccessRight(java.lang.String pAccessRightName,
                                        UserDirectory pUserDirectory)
Gets a persona for the given access right

pAccessRightName - the name of the access right to get the persona of
pUserDirectory - the user directory that contains the access right


public UserDirectory getUserDirectory(Persona pPersona)
Given a persona, returns the user directory from which it was derived.


public java.lang.String getUserDirectoryName(Persona pPersona)
Given a persona, returns the name of the user directory from the user directory service map.


public void invalidatePersona(Persona pPersona)
Invalidates the cached persona information, forcing a re-verification of the existance of the persona as well as its internal cache information.

If you need to invalidate the entire identity cache, use invalidateAllPersonae().

Specified by:
invalidatePersona in interface
See Also:


public void invalidateAllPersonae()
Invalidates all cached persona information produced by this directory. This can cause a hiccup in security system performance; if you can, it's better to use invalidatePersona().

Specified by:
invalidateAllPersonae in interface
See Also:


public void addSpecialPersona(Persona pPersona)
Adds the indicated persona to the special persona list.


public void removeSpecialPersona(Persona pPersona)
Removes the indicated persona from the special persona list.


public java.lang.String getUserAuthorityName()
Returns the name of the user authority.

Specified by:
getUserAuthorityName in interface UserAuthority


public void userDestroyed(User user)
Called by a User object when it is destroyed. This can be used to clean up internal references to the user object.

Specified by:
userDestroyed in interface UserAuthority


public Persona getPersona(java.lang.Object pId)
Returns a persona for the given ID object. This is typically used by an ACL parser, where the ID is usually a string. Returns null if there is no persona for the indicated ID.

Specified by:
getPersona in interface UserAuthority


public void addAuthenticationSucceededListener(DataListener listener)
Adds a listener for "authentication succeeded" events.

Specified by:
addAuthenticationSucceededListener in interface UserAuthority


public void removeAuthenticationSucceededListener(DataListener listener)
Removes a listener for "authentication succeeded" events.

Specified by:
removeAuthenticationSucceededListener in interface UserAuthority


public void addAuthenticationFailedListener(DataListener listener)
Adds a listener for "authentication failed" events.

Specified by:
addAuthenticationFailedListener in interface UserAuthority


public void removeAuthenticationFailedListener(DataListener listener)
Removes a listener for "authentication failed" events.

Specified by:
removeAuthenticationFailedListener in interface UserAuthority


public Persona[] getSpecialPersonae()
Returns the special personae supported by this user authority. These are personae that are supported in ACLs but that are not persisted by the back-end system.

Specified by:
getSpecialPersonae in interface UserAuthority2


public java.lang.String toString()
toString in class java.lang.Object