com.bea.p13n.usermgmt
Interface UserManager

public interface UserManager

extends javax.ejb.EJBObject

Remote Interface for the UserManager session bean. This is the synchronization point between user profile support and the weblogic security realm. Any user management operations should be done here, rather than through the realm directly. This class depends on the following environment variables in the calling UserManager's environment context:

• jdbc/commercePool: a javax.sql.DataSource pointing to the commercePool database connection pool.
• ejb/UserProfileManager: an ejb-ref pointing to the default UserProfileManager deployment.
• ejb/ProfileType/...: any alternative profile types should have an ejb-ref entry of the form ejb/ProfileType/<profile type name> that points to the appropriate UserProfileManager for that type. These are optional, applicable only if other profile types are used.

Any methods that create or remove users delegate to the realm. If the underlying realm does not support these operations, a UserManagementException will be thrown.

Method Summary

void	authenticate(java.lang.String username, java.lang.String password) Throws an AuthenticationException if the user is not a valid user or credentials are invalid.
ProfileWrapper	createUser(java.lang.String username, java.lang.String password) Creates a user with the given username and password.
ProfileWrapper	createUser(java.lang.String username, java.lang.String password, java.lang.String profileType) Creates a user with a specific profile type.
java.lang.String[]	getProfileTypeNames() Return a list of profile type names that are registered with the UserManager.
java.util.List	getUserNames(java.lang.String searchExpression, int limit) Returns a List of users' names matching the search expression
ProfileWrapper	getUserProfile(java.lang.String username)
ProfileManager	getUserProfileManager(java.lang.String username) Returns the appropriate ProfileManager deployment for this user, based on the user's profile type.
void	removeUser(java.lang.String username) Removes a user from the system.
void	setPassword(java.lang.String username, java.lang.String password) Sets the password for a user in the realm.
boolean	userExists(java.lang.String username) Determines if a user exists.

Methods inherited from interface javax.ejb.EJBObject

getEJBHome, getHandle, getPrimaryKey, isIdentical, remove

Method Detail

authenticate

public void authenticate(java.lang.String username,
                         java.lang.String password)
                  throws java.rmi.RemoteException,
                         AuthenticationException

Throws an AuthenticationException if the user is not a valid user or credentials are invalid. This method is only used to verify a username and password, it does not do anything to set the user as the "current" system user.

Parameters:

username - the username for the user

password - the password for the user

Throws:

AuthenticationException - if the user is not a valid user or credentials are incorrect

java.rmi.RemoteException - because of EJB contract

getUserProfile

public ProfileWrapper getUserProfile(java.lang.String username)
                              throws java.rmi.RemoteException

Parameters:

username - the username for the user

Returns:

a user profile for a user

Throws:

java.rmi.RemoteException - because of EJB contract

getUserProfileManager

public ProfileManager getUserProfileManager(java.lang.String username)
                                     throws java.rmi.RemoteException

Returns the appropriate ProfileManager deployment for this user, based on the user's profile type. If the user exists in the realm, but does not have a profile yet, a profile will be created at this time.

Parameters:

username - the username for the user

Returns:

a user profile for a user

Throws:

java.rmi.RemoteException - because of EJB contract

userExists

public boolean userExists(java.lang.String username)
                   throws java.rmi.RemoteException

Determines if a user exists. This method simply checks the realm for a user with the given name.

Parameters:

username - the user to look for

Returns:

true if the user exists, false if it does not

createUser

public ProfileWrapper createUser(java.lang.String username,
                                 java.lang.String password)
                          throws java.rmi.RemoteException,
                                 UserAlreadyExistsException,
                                 InvalidUsernameException,
                                 InvalidPasswordException

Creates a user with the given username and password. This user will use the default UserProfileManager for profile entries.

Parameters:

username - the username for the new user

password - the password for the new user

Returns:

a ProfileManager that can be used to access the new User

Throws:

InvalidPasswordException - if the password is malformed or otherwise invalid

InvalidUsernameException - if the username is malformed or otherwise invalid

java.rmi.RemoteException - because of EJB contract

UserAlreadyExistsException - if the username is already in use

createUser

public ProfileWrapper createUser(java.lang.String username,
                                 java.lang.String password,
                                 java.lang.String profileType)
                          throws java.rmi.RemoteException,
                                 UserAlreadyExistsException,
                                 InvalidUsernameException,
                                 InvalidPasswordException

Creates a user with a specific profile type.

Parameters:

username - the username for the new user

password - the password for the new user

profileType - the name of the profile type for the new user

Returns:

a ProfileManager that can be used to access the new User

Throws:

InvalidPasswordException - if the password is malformed or otherwise invalid

InvalidUsernameException - if the username is malformed or otherwise invalid

java.rmi.RemoteException - because of EJB contract

UserAlreadyExistsException - if the username is already in use

setPassword

public void setPassword(java.lang.String username,
                        java.lang.String password)
                 throws java.rmi.RemoteException,
                        InvalidPasswordException

Sets the password for a user in the realm. This depends on the current WLS realm's user class implementing weblogic.security.acl.CredentialChanger.

Parameters:

username - the username of the user

password - the new password for the user

Throws:

InvalidPasswordException - if the password is malformed or otherwise invalid

java.rmi.RemoteException - because of EJB contract

removeUser

public void removeUser(java.lang.String username)
                throws java.rmi.RemoteException,
                       InvalidUsernameException

Removes a user from the system. This will remove both the realm and profile records for this user.

Parameters:

username - the username of the user to remove

Throws:

java.rmi.RemoteException - because of EJB contract

InvalidUsernameException - if the user is protected and cannot be deleted

getUserNames

public java.util.List getUserNames(java.lang.String searchExpression,
                                   int limit)
                            throws java.rmi.RemoteException

Returns a List of users' names matching the search expression

Parameters:

searchExpression - a wildcard search expression

limit - a limit of results to return

Throws:

java.rmi.RemoteException - because of EJB contract

getProfileTypeNames

public java.lang.String[] getProfileTypeNames()
                                       throws java.rmi.RemoteException

Return a list of profile type names that are registered with the UserManager.

Returns:

a String array of profile type names; or null if none are defined