Class ProfileServices

  extended by atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      extended by atg.nucleus.GenericService
          extended by atg.userprofiling.ProfileServices
All Implemented Interfaces:
NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, atg.userprofiling.ProfileServiceConstants, java.util.EventListener
Direct Known Subclasses:

public class ProfileServices
extends GenericService
implements atg.userprofiling.ProfileServiceConstants

A collection of web services that duplicate common userprofiling functionality provided via form handlers and repository functions

Field Summary
static java.lang.String CLASS_VERSION
          Class version string
Fields inherited from class atg.nucleus.GenericService
Fields inherited from interface atg.userprofiling.ProfileServiceConstants
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
Fields inherited from interface atg.nucleus.logging.ApplicationLogging
Constructor Summary
Method Summary
 void addProperties(RepositoryItem pGuestUser, RepositoryItem pAuthenticatedUser, java.lang.String[] pPropertiesToAdd)
          Adds values from multi-valued properties from the guest user to the authenticated user
 void addProperty(java.lang.String pPropertyName, RepositoryItem pGuestUser, RepositoryItem pAuthenticatedUser)
          Adds a specific multi-valued property's values from the given guest user to the given authenticated user
 void addSwapEventListener(atg.userprofiling.ProfileSwapEventListener pListener)
          Adds a ProfileSwapEventListener to the list of listeners that care about ProfileSwapEvents
 void addUpdateListener(atg.userprofiling.ProfileUpdateListener pListener)
          Adds the given update listener to the list of listeners we already know about
 RepositoryItem addXMLItem(java.lang.String pItemAsXML, boolean pPersist)
          Adds or creates the given pItemAsXML, depending on the value of pPersist.
 boolean canClientEncryptPasswords()
          Tests to see whether we can allow clients to encrypt their passwords.
protected  void commitTransaction()
          Commits the current transaction
 void copyProperties(RepositoryItem pGuestUser, RepositoryItem pAuthenticatedUser, java.lang.String[] pPropertiesToCopy)
          Copies the properties named in pPropertiesToCopy from the pGuestUser to the pAuthenticatedUser
 java.lang.String createUser(java.lang.String pProfileAsXML)
          Creates a persistent user using the profile values given in pProfileAsXML.
 boolean deleteUser(java.lang.String pProfileId)
          Deletes a persistent user whose id matches pProfileId.
protected  void doCreateUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Creates a user that is present as the request parameter, XML_ITEM_PARAM
protected  void doDeleteUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Deletes a user that matches the id present as the request parameter, UPDATE_ID_PARAM.
protected  void doLoginUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Logs in a user.
protected  void doLoginUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse, boolean pTrusted)
          Logs in a user.
protected  void doLogoutUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called to logout a user.
protected  void doSetPassword(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called to actually change the current user's password.
 void doStartService()
          Called when this service starts, after its properties have been set.
protected  void doUpdateUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Updates the user that is present as the request parameter, XML_ITEM_PARAM.
 void encryptPassword(MutableRepositoryItem pProfile)
          Takes the cleartext password of the given profile, encrypts it, and resets it to the encrypted version
 boolean endOperation(DynamoHttpServletRequest pRequest)
          Checks the given request to see if the OPERATION_END_PARAM is present and set to true
 java.lang.Object endOperationValue(DynamoHttpServletRequest pRequest)
          Gets the value of the OPERATION_END_PARAM_NAME from the given request.
protected  javax.transaction.Transaction ensureTransaction()
          This method ensures that a transaction exists before returning.
 long getBadPasswordDelay()
          Get property badPasswordDelay DEFAULT: 1000 (1 second)
 java.lang.String getCreateProfileType()
          Get property createProfileType DEFAULT: user
 Profile getCurrentProfile()
          Gets the profile of the current thread's user
 java.lang.String getCurrentProfileId()
          Gets the profileId of the current thread's user
 PasswordHasher getLoginPasswordHasher()
          Gets a password hasher for logging in
 java.lang.String getLoginProfileType()
          Get property loginProfileType DEFAULT: user
 java.lang.String getLogoutProfileType()
          Get property logoutProfileType DEFAULT: user
 java.lang.String getMappingFile(Repository pRepository, java.lang.String pItemDescriptorName)
          Gets a mapping file for a particular repository:itemDescriptorName combination
 atg.repository.xml.ItemDescriptorMappingManager getMappingManager()
          Get property mappingManager DEFAULT: null
 long getMaxAuthenticationWait()
          Get property maxAuthenticationWait DEFAULT: 30000 (30 seconds)
 java.lang.String getPasswordHashAlgorithm()
          Gets the algorithm for the password hasher used by the profile property manager
 java.lang.String getPasswordHashKey()
          Gets a hashkey for a password.
 java.lang.String getProfile(java.lang.String pProfileId)
          Gets the profile using the given profile id
 java.lang.String getProfile(java.lang.String pProfileId, java.lang.String pMappingFile)
          Gets the profile using the given profile id, and applies the given mapping file to the returned Repo2Xml string
 java.lang.String getProfileId(java.lang.String pLogin)
          Gets the profile id of the person with the given login
 java.lang.String getProfilePath()
          Get property profilePath DEFAULT: /atg/userprofiling/Profile
 ProfileTools getProfileTools()
          Get property profileTools DEFAULT: null
 java.lang.String[] getPropertiesToAddOnLogin()
          Get property propertiesToAddOnLogin DEFAULT: null
 java.lang.String[] getPropertiesToCopyOnLogin()
          Get property propertiesToCopyOnLogin DEFAULT: null
 RepositoryItem getRepositoryItemFromXML(java.lang.String pItemAsXML)
          Gets a RepositoryItem object from the given XML representation The item is matched based on the id property in the XML file
 RepositoryItem getRepositoryItemFromXML(java.lang.String pItemAsXML, java.lang.String[] pMatchedProperties)
          Gets a RepositoryItem object from the given XML representation The item is matched based on the id property in the XML file
 java.lang.String getRequestLocalePath()
          Get property RequestLocalePath DEFAULT: /atg/dynamo/servlet/RequestLocale
 javax.transaction.TransactionManager getTransactionManager()
          Get property transactionManager DEFAULT: null
 atg.userprofiling.ProfileUpdateListener[] getUpdateEventListeners()
          Get property UpdateEventListeners DEFAULT: null
 AddService getXmlAddService()
          Get property XmlAddService DEFAULT: null
 GetService getXmlGetService()
          Get property xmlGetService DEFAULT: null
 java.lang.String getXMLItem(RepositoryItem pItem, Repository pRepository, java.lang.String pItemDescriptorName, java.lang.String pMappingFile)
          Transforms the given repository item into XML, possibly using a mapping file to cull properties
 UpdateService getXmlUpdateService()
          Get property xmlUpdateService DEFAULT: null
 boolean isAllowEncryptedPasswords()
          Get property AllowEncryptedPasswords DEFAULT: true
 boolean isExpireSessionOnLogout()
          Get property expireSessionOnLogout DEFAULT: true
 boolean isGenerateLoginEvents()
          Get property GenerateLoginEvents DEFAULT: true
 boolean isGenerateLogoutEvents()
          Get property GenerateLogoutEvents DEFAULT: true
 boolean isGenerateRegisterEvents()
          Get property GenerateRegisterEvents DEFAULT: true
 boolean isGenerateUpdateEvents()
          Get property GenerateUpdateEvents DEFAULT: true
 boolean isUseDefaultMappings()
          Get property UseDefaultMappings DEFAULT: true
 boolean isUsingLDAPProfile()
          Get property usingLDAPProfile DEFAULT: false
 java.lang.String loginTrustedUser(java.lang.String pLogin)
          Attempts to login a user using the given login.
 java.lang.String loginUser(java.lang.String pLogin, java.lang.String pPassword)
          Attempts to login a user using the given login and password.
 java.lang.String loginUser(java.lang.String pLogin, java.lang.String pPassword, boolean pIsPasswordEncrypted)
          Attempts to login a user using the given login and password.
 void logoutUser()
          Logs out the current user.
protected  void postCreateUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called after a new user is created.
protected  void postDeleteUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called after a user is succesfully deleted.
protected  void postLoginUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called after a user is successfully logged in.
protected  void postLoginUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse, boolean pTrusted)
          Called after a user is successfully logged in.
protected  void postLogoutUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called after a user is logged out.
protected  void postSetPassword(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called after the current user's password is setd.
protected  void postUpdateUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called after a user is updated.
protected  void preCreateUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called before a user is created.
protected  void preDeleteUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called before a user is deleted.
protected  void preLoginUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called before a login actually takes place.
protected  void preLoginUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse, boolean pTrusted)
          Called before a login actually takes place.
protected  void preLogoutUser(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called before a user is logged out.
protected  void preSetPassword(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Called before the current user's password is changed.
 void removeSwapEventListener(atg.userprofiling.ProfileSwapEventListener pListener)
          Removes a ProfileSwapEventListener to the list of listeners that care about ProfileSwapEvents
 void removeUpdateListener(atg.userprofiling.ProfileUpdateListener pListener)
          Removes the given update listener from the list of listeners we already know about
 void sendProfileSwapEvent(int pEventType, RepositoryItem pPreSwapItem, RepositoryItem pPostSwapItem)
          Sends a ProfileSwapEvent using the given arguments
 void sendUpdateEvent(atg.userprofiling.ProfileUpdateEvent pEvent)
          Sends the given update event to all of the registered update listeners
 void setAllowEncryptedPasswords(boolean pAllowEncryptedPasswords)
          Set property AllowEncryptedPasswords DEFAULT: true
 void setBadPasswordDelay(long pBadPasswordDelay)
          Set property badPasswordDelay DEFAULT: 1000 (1 second)
 void setContactInfo(java.lang.String pProfileId, java.lang.String pContactInfoAsXML)
          Changes the contact info property for a user.
 void setCreateProfileType(java.lang.String pCreateProfileType)
          Set property createProfileType DEFAULT: user
 void setExpireSessionOnLogout(boolean pExpireSessionOnLogout)
          Set property expireSessionOnLogout DEFAULT: true
 void setGenerateLoginEvents(boolean pGenerateLoginEvents)
          Set property GenerateLoginEvents DEFAULT: true
 void setGenerateLogoutEvents(boolean pGenerateLogoutEvents)
          Set property GenerateLogoutEvents DEFAULT: true
 void setGenerateRegisterEvents(boolean pGenerateRegisterEvents)
          Set property GenerateRegisterEvents DEFAULT: true
 void setGenerateUpdateEvents(boolean pGenerateUpdateEvents)
          Set property GenerateUpdateEvents DEFAULT: true
 void setLocale(java.lang.String pProfileId, java.lang.String pLocaleName)
          Changes the locale property for a user.
 void setLoginProfileType(java.lang.String pLoginProfileType)
          Set property loginProfileType DEFAULT: user
 void setLogoutProfileType(java.lang.String pLogoutProfileType)
          Set property logoutProfileType DEFAULT: user
 void setMappingManager(atg.repository.xml.ItemDescriptorMappingManager pMappingManager)
          Set property mappingManager DEFAULT: null
 void setMaxAuthenticationWait(long pMaxAuthenticationWait)
          Set property maxAuthenticationWait DEFAULT: 30000 (30 seconds)
 void setPassword(java.lang.String pProfileId, java.lang.String pOldPassword, java.lang.String pNewPassword)
          Allows a user to set their own password.
 void setProfilePath(java.lang.String pProfilePath)
          Set property profilePath DEFAULT: /atg/userprofiling/Profile
 void setProfileTools(ProfileTools pProfileTools)
          Set property profileTools DEFAULT: null
 void setPropertiesToAddOnLogin(java.lang.String[] pPropertiesToAddOnLogin)
          Set property propertiesToAddOnLogin DEFAULT: null
 void setPropertiesToCopyOnLogin(java.lang.String[] pPropertiesToCopyOnLogin)
          Set property propertiesToCopyOnLogin DEFAULT: null
 void setRequestLocalePath(java.lang.String pRequestLocalePath)
          Set property RequestLocalePath DEFAULT: /atg/dynamo/servlet/RequestLocale
 void setSessionLocale(java.lang.String pLocaleName)
          Sets the locale of the current session by changing the session-scoped RequestLocale component.
 void setTransactionManager(javax.transaction.TransactionManager pTransactionManager)
          Set property transactionManager DEFAULT: null
 void setUpdateEventListeners(atg.userprofiling.ProfileUpdateListener[] pUpdateEventListeners)
          Set property UpdateEventListeners DEFAULT: null
 void setUseDefaultMappings(boolean pUseDefaultMappings)
          Set property UseDefaultMappings DEFAULT: true
 void setUsingLDAPProfile(boolean pUsingLDAPProfile)
          Set property usingLDAPProfile DEFAULT: false
 void setXmlAddService(AddService pXmlAddService)
          Set property XmlAddService DEFAULT: null
 void setXmlGetService(GetService pXmlGetService)
          Set property xmlGetService DEFAULT: null
 void setXmlUpdateService(UpdateService pXmlUpdateService)
          Set property xmlUpdateService DEFAULT: null
 void updateLDAPProfileAttributes(MutableRepositoryItem pItem)
          Updates profile attributes pertaining to LDAP.
 void updateUser(java.lang.String pProfileAsXML)
          Updates a persistent user using the profile values given in pProfileAsXML.
 void updateUser(java.lang.String pProfileAsXML, java.lang.String[] pMatchProperties)
          Updates a persistent user using the profile values given in pProfileAsXML.
 void updateXMLItem(java.lang.String pItemAsXML, java.lang.String[] pMatchedProperties)
          Updates a Repo2Xml item
Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStopService, getAbsoluteName, getAdminServlet, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail


public static java.lang.String CLASS_VERSION
Class version string

Constructor Detail


public ProfileServices()
Method Detail


public void setAllowEncryptedPasswords(boolean pAllowEncryptedPasswords)
Set property AllowEncryptedPasswords DEFAULT: true

pAllowEncryptedPasswords - true if services that accept or require passwords allow those passwords to be encrypted. This only applies to services that compare password values, not services that set passwords. Services that set passwords should NOT be called with encrypted passwords


public boolean isAllowEncryptedPasswords()
Get property AllowEncryptedPasswords DEFAULT: true

true if services that accept or require passwords allow those passwords to be encrypted. This only applies to services that compare password values, not services that set passwords. Services that set passwords should NOT be called with encrypted passwords


public void setUseDefaultMappings(boolean pUseDefaultMappings)
Set property UseDefaultMappings DEFAULT: true

pUseDefaultMappings - true if services that return Repo2Xml items should use default mapping files supplied by the ItemMappingManager configured for this component. This property is ignored if a mapping file is explicitly passed to the service


public boolean isUseDefaultMappings()
Get property UseDefaultMappings DEFAULT: true

true if services that return Repo2Xml items should use default mapping files supplied by the ItemMappingManager configured for this component. This property is ignored if a mapping file is explicitly passed to the service


public void setGenerateLoginEvents(boolean pGenerateLoginEvents)
Set property GenerateLoginEvents DEFAULT: true

pGenerateLoginEvents - true if login events should be fired when a login occurs


public boolean isGenerateLoginEvents()
Get property GenerateLoginEvents DEFAULT: true

true if login events should be fired when a login occurs


public void setGenerateUpdateEvents(boolean pGenerateUpdateEvents)
Set property GenerateUpdateEvents DEFAULT: true

pGenerateUpdateEvents - true if update events should be fired when an update occurs


public boolean isGenerateUpdateEvents()
Get property GenerateUpdateEvents DEFAULT: true

true if update events should be fired when an update occurs


public void setGenerateRegisterEvents(boolean pGenerateRegisterEvents)
Set property GenerateRegisterEvents DEFAULT: true

pGenerateRegisterEvents - true if register events should be fired when someone registers


public boolean isGenerateRegisterEvents()
Get property GenerateRegisterEvents DEFAULT: true

true if register events should be fired when someone registers


public void setGenerateLogoutEvents(boolean pGenerateLogoutEvents)
Set property GenerateLogoutEvents DEFAULT: true

pGenerateLogoutEvents - true if a logout events should be fired when a user logs out


public boolean isGenerateLogoutEvents()
Get property GenerateLogoutEvents DEFAULT: true

true if a logout events should be fired when a user logs out


public void setUpdateEventListeners(atg.userprofiling.ProfileUpdateListener[] pUpdateEventListeners)
Set property UpdateEventListeners DEFAULT: null

pUpdateEventListeners - an array of objects that listen for ProfileUpdateEvents i.e. events that are fired when user updates occur through services in this class


public atg.userprofiling.ProfileUpdateListener[] getUpdateEventListeners()
Get property UpdateEventListeners DEFAULT: null

an array of objects that listen for ProfileUpdateEvents i.e. events that are fired when user updates occur through services in this class


public void setRequestLocalePath(java.lang.String pRequestLocalePath)
Set property RequestLocalePath DEFAULT: /atg/dynamo/servlet/RequestLocale

pRequestLocalePath - the path to a session-scoped RequestLocale component, which handles locale-based redirecting on a per-session basis


public java.lang.String getRequestLocalePath()
Get property RequestLocalePath DEFAULT: /atg/dynamo/servlet/RequestLocale

the path to a session-scoped RequestLocale component, which handles locale-based redirecting on a per-session basis


public void setProfilePath(java.lang.String pProfilePath)
Set property profilePath DEFAULT: /atg/userprofiling/Profile

pProfilePath - the path to the profile component used in all userprofiling operations


public java.lang.String getProfilePath()
Get property profilePath DEFAULT: /atg/userprofiling/Profile

the path to the profile component used in all userprofiling operations


public void setCreateProfileType(java.lang.String pCreateProfileType)
Set property createProfileType DEFAULT: user

pCreateProfileType - when creating a new profile, this it the item type it should be i.e. item descriptor name


public java.lang.String getCreateProfileType()
Get property createProfileType DEFAULT: user

when creating a new profile, this it the item type it should be i.e. item descriptor name


public void setLoginProfileType(java.lang.String pLoginProfileType)
Set property loginProfileType DEFAULT: user

pLoginProfileType - when logging in a user, the item type that their profile is expected to be. If there are many possible profile types due to subtyping, then this value should be set to their collective supertype


public java.lang.String getLoginProfileType()
Get property loginProfileType DEFAULT: user

when logging in a user, the item type that their profile is expected to be. If there are many possible profile types due to subtyping, then this value should be set to their collective supertype


public void setLogoutProfileType(java.lang.String pLogoutProfileType)
Set property logoutProfileType DEFAULT: user

pLogoutProfileType - when a user logs out, this is the item type that next guest user will have


public java.lang.String getLogoutProfileType()
Get property logoutProfileType DEFAULT: user

when a user logs out, this is the item type that next guest user will have


public void setUsingLDAPProfile(boolean pUsingLDAPProfile)
Set property usingLDAPProfile DEFAULT: false

pUsingLDAPProfile - true if these userprofiling services act upon an LDAP-based profile (this includes composite profiles with an LDAP component)


public boolean isUsingLDAPProfile()
Get property usingLDAPProfile DEFAULT: false

true if these userprofiling services act upon an LDAP-based profile (this includes composite profiles with an LDAP component)


public void setBadPasswordDelay(long pBadPasswordDelay)
Set property badPasswordDelay DEFAULT: 1000 (1 second)

pBadPasswordDelay - the number of milliseconds to pause when a login is attempted with a bad password. This value must not be negative


public long getBadPasswordDelay()
Get property badPasswordDelay DEFAULT: 1000 (1 second)

the number of milliseconds to pause when a login is attempted with a bad password


public void setExpireSessionOnLogout(boolean pExpireSessionOnLogout)
Set property expireSessionOnLogout DEFAULT: true

pExpireSessionOnLogout - true if a person's entire session should be expired after they logout


public boolean isExpireSessionOnLogout()
Get property expireSessionOnLogout DEFAULT: true

true if a person's entire session should be expired after they logout


public void setPropertiesToCopyOnLogin(java.lang.String[] pPropertiesToCopyOnLogin)
Set property propertiesToCopyOnLogin DEFAULT: null

pPropertiesToCopyOnLogin - an array of properties that should be copied from a guest user to a persistent user upon login. Both single-value and multi-valued properties will be copied entirely i.e. any previous values are overwritten


public java.lang.String[] getPropertiesToCopyOnLogin()
Get property propertiesToCopyOnLogin DEFAULT: null

an array of properties that should be copied from a guest user to a persistent user upon login. Both single-value and multi-valued properties will be copied entirely i.e. any previous values are overwritten


public void setPropertiesToAddOnLogin(java.lang.String[] pPropertiesToAddOnLogin)
Set property propertiesToAddOnLogin DEFAULT: null

pPropertiesToAddOnLogin - an array of multi-valued properties whose values should be added from a guest user to the existing values of a persistent user when the guest logs in


public java.lang.String[] getPropertiesToAddOnLogin()
Get property propertiesToAddOnLogin DEFAULT: null

an array of multi-valued properties whose values should be added from a guest user to the existing values of a persistent user when the guest logs in


public void setMappingManager(atg.repository.xml.ItemDescriptorMappingManager pMappingManager)
Set property mappingManager DEFAULT: null

pMappingManager - the service that controls mapping files for all item descriptors. This is used to provide default mapping files for particular repository:itemDescriptor pairs, so if a service returns Repo2Xml items of a type that has had an ItemDescriptorMapping defined for it, that mapping will automatically be applied before the Repo2Xml item is returned (unless useDefaultMappings is false)


public atg.repository.xml.ItemDescriptorMappingManager getMappingManager()
Get property mappingManager DEFAULT: null

the service that controls mapping files for all item descriptors. This is used to provide default mapping files for particular repository:itemDescriptor pairs, so if a service returns Repo2Xml items of a type that has had an ItemDescriptorMapping defined for it, that mapping will automatically be applied before the Repo2Xml item is returned (unless useDefaultMappings is false)


public void setXmlAddService(AddService pXmlAddService)
Set property XmlAddService DEFAULT: null

pXmlAddService - a service that knows how to add Repo2Xml items to a repository


public AddService getXmlAddService()
Get property XmlAddService DEFAULT: null

a service that knows how to add Repo2Xml items to a repository


public void setXmlGetService(GetService pXmlGetService)
Set property xmlGetService DEFAULT: null

pXmlGetService - the service that turns a RepositoryItem into an xml representation (known as a Repo2Xml item)


public GetService getXmlGetService()
Get property xmlGetService DEFAULT: null

the service that turns a RepositoryItem into an xml representation (known as a Repo2Xml item)


public void setXmlUpdateService(UpdateService pXmlUpdateService)
Set property xmlUpdateService DEFAULT: null

pXmlUpdateService - a service that knows how to add Repo2Xml items to a repository


public UpdateService getXmlUpdateService()
Get property xmlUpdateService DEFAULT: null

a service that knows how to add Repo2Xml items to a repository


public void setProfileTools(ProfileTools pProfileTools)
Set property profileTools DEFAULT: null

pProfileTools - a collection of utility methods that help perform common funtions used by several profile services


public ProfileTools getProfileTools()
Get property profileTools DEFAULT: null

a collection of utility methods that help perform common funtions used by several profile services


public void setTransactionManager(javax.transaction.TransactionManager pTransactionManager)
Set property transactionManager DEFAULT: null

pTransactionManager - the transaction manager for all web services


public javax.transaction.TransactionManager getTransactionManager()
Get property transactionManager DEFAULT: null

the transaction manager for all web services


public void setMaxAuthenticationWait(long pMaxAuthenticationWait)
Set property maxAuthenticationWait DEFAULT: 30000 (30 seconds)

pMaxAuthenticationWait - the number of milliseconds allowed before an encrypted login conversation becomes invalid. An encrypted login conversation requires a client to call several methods in order to correctly encrypt a password to be passed to the login web service. The timer for this conversation is started when getPasswordHashKey is called, since this hashkey is intended to be temporary and unique for one login attempt. The timer ends when loginUser is called. The difference in time between those two calls should not exceed pMaxAuthenticationWait, otherwise the login attempt is considered invalid.


public long getMaxAuthenticationWait()
Get property maxAuthenticationWait DEFAULT: 30000 (30 seconds)

the number of milliseconds allowed before an encrypted login conversation becomes invalid. An encrypted login conversation requires a client to call several methods in order to correctly encrypt a password to be passed to the login web service. The timer for this conversation is started when getPasswordHashKey is called, since this hashkey is intended to be temporary and unique for one login attempt. The timer ends when loginUser is called. The difference in time between those two calls should not exceed pMaxAuthenticationWait, otherwise the login attempt is considered invalid.


public void addSwapEventListener(atg.userprofiling.ProfileSwapEventListener pListener)
Adds a ProfileSwapEventListener to the list of listeners that care about ProfileSwapEvents

pListener - the ProfileSwapEventListener to add


public void removeSwapEventListener(atg.userprofiling.ProfileSwapEventListener pListener)
Removes a ProfileSwapEventListener to the list of listeners that care about ProfileSwapEvents

pListener - the ProfileSwapEventListener to remove


public void setSessionLocale(java.lang.String pLocaleName)
                      throws javax.servlet.ServletException
Sets the locale of the current session by changing the session-scoped RequestLocale component. This method does NOT change the value of the "locale" profile property for the current profile. Use the setLocale to accomplish this. This method is also intended to be called in the context of an HTTP request.

pLocaleName - the locale to change to for the length of the session. If this is null, then the current locale will be set to the default locale for the RequestLocale component
javax.servlet.ServletException - if an error occurs trying to change the locale, or this method is not called in the context of an HTTP request


public void setPassword(java.lang.String pProfileId,
                        java.lang.String pOldPassword,
                        java.lang.String pNewPassword)
                 throws javax.servlet.ServletException
Allows a user to set their own password. Specifically, the password property of the given user will be set to the pNewPassword supplied. This "password property" is defined as the profile property whose name matches the profileTools.propertyManager.passwordPropertyName property value. The password that is to be changed should belong to the current session's profile.

This method is not intended to be used by an admin changing someone else's password, use adminSetPassword if you wish to do this.

This method calls preSetPassword, doSetPassword , and postSetPassword in turn, to do the actual property change.

The following request parameters are set in this method PASSWORD_PARAM - for the old password NEW_PASSWORD_PARAM - for the new password UPDATE_ID_PARAM - the id of the profile being updated

Extensions of this class, or of the preSet, doSet, and postSet methods can use these parameters to get access to this methods original arguments This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

pProfileId - the id of the current profile, whose password is being changed. This argument is used by the ProfileOwnerPolicy to ensure that the person who calls this service is the person who is in the current session, if this security policy is applied. This argument must not be null
pOldPassword - the old password that is being changed. This is needed to verify the credentials of the current profile before changing the password. This argument can be null (if your profile repository allows null passwords)
pNewPassword - the new value for the user's password property. This argument can be null (if your profile repository allows null passwords)
javax.servlet.ServletException - if an error occurs changing the password


protected void preSetPassword(DynamoHttpServletRequest pRequest,
                              DynamoHttpServletResponse pResponse)
                       throws javax.servlet.ServletException
Called before the current user's password is changed. This implementation does nothing

pRequest - the current request, which is guaranteed to contain the following parameters:

PASSWORD_PARAM - for the old password

NEW_PASSWORD_PARAM - for the new password

UPDATE_ID_PARAM - the id of the profile being updated

pResponse - the current response
javax.servlet.ServletException - if an error occurs here


protected void doSetPassword(DynamoHttpServletRequest pRequest,
                             DynamoHttpServletResponse pResponse)
                      throws javax.servlet.ServletException
Called to actually change the current user's password. The parameter in the given request that contains the password will be encrypted before being set on the user. This encryption is performed by the profileTools.propertyManager.passwordHasher object

pRequest - the current request, which is guaranteed to contain the following parameters:

PASSWORD_PARAM - for the old password

NEW_PASSWORD_PARAM - for the new password

UPDATE_ID_PARAM - the id of the profile being updated

pResponse - the current response
javax.servlet.ServletException - occurs in the following cases:
  • If there is no current profile i.e. we are not in the context of a request or session
  • If the old password set as a parameter in pRequest does not match the given profile's current password (note that the password in the request will be encrypted before comparing its value with the current profile's password)
  • If the value of the UPDATE_ID_PARAM request parameter does not refer to a valid repository item
  • If there is a repository error while trying to set the new password


protected void postSetPassword(DynamoHttpServletRequest pRequest,
                               DynamoHttpServletResponse pResponse)
                        throws javax.servlet.ServletException
Called after the current user's password is setd. This implementation does nothing

pRequest - the current request, which is guaranteed to contain the following parameters:

PASSWORD_PARAM - for the old password

NEW_PASSWORD_PARAM - for the new password

UPDATE_ID_PARAM - the id of the profile being updated

pResponse - the current response
javax.servlet.ServletException - if an error occurs here


public java.lang.String getProfile(java.lang.String pProfileId)
                            throws RepositoryException
Gets the profile using the given profile id

A transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

pProfileId - the id of the profile to get. If null is entered for this argument, then null is returned
an Repo2Xml representation of the found profile, or null if no profile was found with that id. Depending on the value of useDefaultMappings, a default mapping file could be applied to the resulting Repo2Xml
RepositoryException - if an error occurs trying to retrieve the item


public java.lang.String getProfile(java.lang.String pProfileId,
                                   java.lang.String pMappingFile)
                            throws RepositoryException
Gets the profile using the given profile id, and applies the given mapping file to the returned Repo2Xml string

A transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

pProfileId - the id of the profile to get. If null is entered for this argument, then this method returns null
pMappingFile - a mapping file that dictates what profile properties are returned in the resulting XML. If null is entered for this argument, then a default mapping file could be applied, depending on the value of useDefaultMappings
an Repo2Xml representation of the found profile, or null if no profile was found with that id
RepositoryException - if any of the following occurs:
  • No valid profile repository is found
  • The profile repository throws an error trying to retrieve the item


public java.lang.String getProfileId(java.lang.String pLogin)
                              throws RepositoryException
Gets the profile id of the person with the given login

A transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

pLogin - the login to find the id for. If this argument is null, then null is returned
the profile id of the person with given login, or null if no profile exists with that login
RepositoryException - if an error occurs trying to find the person. This error will come from the profile repository directly, and not from this method


public void updateUser(java.lang.String pProfileAsXML)
                throws javax.servlet.ServletException
Updates a persistent user using the profile values given in pProfileAsXML. It's intended that this service be used by users to update their own profile, and certain session actions will take place based on that assumption i.e. cookie handling, locale changing, etc. Admins that want to update other users' profiles should use adminUpdateUser, and not this method.

This method calls preUpdateUser, doUpdateUser , and postUpdateUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameter is set in this method XML_ITEM_PARAM - the current Repo2Xml item that is being updated

pProfileAsXML - the profile with updated values, as a Repo2Xml item
javax.servlet.ServletException - if any of the following occurs:
  • The pProfileAsXML argument is null or empty
  • This method is not executed in the context of an HTTP request
  • A ServletException is thrown by preUpdateUser, doUpdateUser, or postUpdateUser


public void updateUser(java.lang.String pProfileAsXML,
                       java.lang.String[] pMatchProperties)
                throws javax.servlet.ServletException
Updates a persistent user using the profile values given in pProfileAsXML. It's intended that this service be used by users to update their own profile, and certain session actions will take place based on that assumption i.e. cookie handling, locale changing, etc. Admins that want to update other users' profiles should use adminUpdateUser, and not this method.

This method calls preUpdateUser, doUpdateUser , and postUpdateUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameter is set in this method XML_ITEM_PARAM - the current Repo2Xml item that is being updated

pProfileAsXML - the profile with updated values, as a Repo2Xml item
pMatchProperties - an array of properties present in the given xml items whose values will be used to find their persistent counterparts in the repository. The Repo2Xml values for all the given property names must exactly match the values or a corresponding repository item in order for the item to be properly updated
javax.servlet.ServletException - if any of the following occurs:
  • The pProfileAsXML argument is null or empty
  • This method is not executed in the context of an HTTP request
  • A ServletException is thrown by preUpdateUser, doUpdateUser, or postUpdateUser


protected void doUpdateUser(DynamoHttpServletRequest pRequest,
                            DynamoHttpServletResponse pResponse)
                     throws javax.servlet.ServletException
Updates the user that is present as the request parameter, XML_ITEM_PARAM.

pRequest - the current request, expected to have the following parameter:

XML_ITEM_PARAM - the xml item that is to be updated

And can optionally have the following parameter:

UPDATE_EVENT_PARAM - a map of property names to values, which represents a snapshot of the item-to-update before the update occurs

pResponse - the current response
javax.servlet.ServletException - if any of the following errors occur:
  • The XML_ITEM_PARAM request parameter is not present in pRequest
  • A RepositoryException occurs updating the RepositoryItem


protected void postUpdateUser(DynamoHttpServletRequest pRequest,
                              DynamoHttpServletResponse pResponse)
                       throws javax.servlet.ServletException
Called after a user is updated. This implementations sends an update event, if configured to do so. It uses the current profile (retrieved by resolving the configure Profile component using the current request) to expire or send cookies based on changes in the autoLogin property (if one exists), and also changes the locale for the current session if the user's locale property has changed (if one exists).

pRequest - the current request, expected to have the following parameter:

XML_ITEM_PARAM - the xml item that is to be updated

And can optionally have the following parameter:

UPDATE_EVENT_PARAM - a map of property names to values, which represents a snapshot of the item-to-update before the update occurs

pRequest - the current response
pResponse - the current response
javax.servlet.ServletException - if any of the following occur:
  • XML_ITEM_PARAM does not resolve to a valid RepositoryItem
  • A RepositoryException occurs when trying to create an update event


public void setContactInfo(java.lang.String pProfileId,
                           java.lang.String pContactInfoAsXML)
                    throws RepositoryException
Changes the contact info property for a user. This service requires the existence of a profileTools.propertyManager.contactInfoPropertyName value that resolves to an actual profile property. This property must also be of type atg.repository.RepositoryItem

A transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

pProfileId - the profile id of the user whose contactInfo property is to be changed. This argument must not be null.
pContactInfoAsXML - a Repo2Xml item of the contact info that the user's contactInfo property should be set to. This argument can be null.
RepositoryException - if any of the following occurs:
  • pProfileId is null
  • No profile is found whose id equals pProfileId
  • A RepositoryException occurs when setting the contact info property


public void setLocale(java.lang.String pProfileId,
                      java.lang.String pLocaleName)
               throws RepositoryException
Changes the locale property for a user. This service requires the existence of a profileTools.propertyManager.localePropertyName value that resolves to an actual profile property. This property must also be of type java.lang.String

A transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

pProfileId - the profile id of the user whose contactInfo property is to be changed. This argument must not be null.
pLocaleName - The locale string that represents the locale that the user's locale property should be set to e.g. en_EN. This argument can be null.
RepositoryException - if any of the following occurs:
  • pProfileId is null
  • No profile is found whose id equals pProfileId
  • A RepositoryException occurs when setting the contact info property


public java.lang.String loginTrustedUser(java.lang.String pLogin)
                                  throws javax.servlet.ServletException
Attempts to login a user using the given login.

This method calls preLogin, doLoginUser , and postLoginUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameters are set in this method:

pLogin - the login of the user to login. This argument cannot be null
the profile id of the logged in user, or null if no profile could be found for the given login
javax.servlet.ServletException - if any of the following errors occur:
  • pLogin is null
  • This method is not called in the context of a request
  • A ServletException is thrown by preLoginUser, doLoginUser, or postLoginUser


public java.lang.String loginUser(java.lang.String pLogin,
                                  java.lang.String pPassword)
                           throws javax.servlet.ServletException
Attempts to login a user using the given login and password. The password passed in is expected to be cleartext. As such, it is strongly advised that all clients using this service method, do so using https

This method calls preLogin, doLoginUser , and postLoginUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameters are set in this method:

pLogin - the login of the user to login. This argument cannot be null
pPassword - the cleartext password of the user to login. This argument can be null
the profile id of the logged in user, or null if no profile could be found for the given login/password combination
javax.servlet.ServletException - if any of the following errors occur:
  • pLogin is null
  • This method is not called in the context of a request
  • A ServletException is thrown by preLoginUser, doLoginUser, or postLoginUser


public java.lang.String loginUser(java.lang.String pLogin,
                                  java.lang.String pPassword,
                                  boolean pIsPasswordEncrypted)
                           throws javax.servlet.ServletException
Attempts to login a user using the given login and password. An extra flag indicates whether the password was encrypted before being passed here. If the password is encrypted, it is expected that the getPasswordHashKey() method was called prior to this method in order to get a temporary hashkey used to encrypt the password on the method caller's end. Password encryption on the client side is an option when using this service with a non-secure protocol, such as http. It should be stressed in triplicate that this mechanism for encryption is not meant to be un-hackable. If you really want password security, then use https when calling this service. Just for completeness, here is the required conversation for logging in a user with client-side password encryption (this conversation must be handled in a timely fasion, since there is a timer starting when getPasswordHashKey is called, and ending when this method is called. The time between these method calls cannot exceed the value of maxAuthenticationWait in milliseconds): 1) Client calls canClientEncryptPasswords 2) If canClientEncryptPasswords returns false, client should use https and send the password as cleartext. Currently, only the MD5PasswordHasher is a supported for encrypted passwords. Client should call loginUser(login, cleartext_password, false) 3) If canClientEncryptPasswords returns true, client calls getPasswordHashAlgorithm 4) Client encrypts the user's password using the rules required by the returned algorithm. These rules vary depending on the password hasher being used for a given application. Consult the documentation for specifics. 5) Client calls getPasswordHashKey - note that the conversation timer is started here. Clients have maxAuthenticationWait milliseconds to call loginUser. If loginUser is not called quickly enough, an error is thrown when it is eventually called 6) Client further encrypts the user's password using the returned hash key. The order and manner in which this encryption occurs is based on the rules of the password hasher being used. Consult the documentation for specifics. 7) Client calls loginUser(login, encrypted_password_from_step_6, true) As you can see, encrypting passwords on the client side is tricky, and not 100% safe. It is strongly recommended that you call this service using https and cleartext passwords

This method calls preLogin, doLoginUser , and postLoginUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameters are set in this method:

If this method is called by a user that is already logged in, then that user's login is returned (assuming the credentials match)

pLogin - the login of the user. This argument cannot be null
pPassword - the password of the user to login. This argument can be null
pIsPasswordEncrypted - true if the given password is encrypted according to the rules above, false if the password is cleartext
the profile id of the logged in user, or null if no profile could be found for the given login/password combination
javax.servlet.ServletException - if any of the following errors occur:
  • pLogin is null
  • This method is not called in the context of a request
  • A ServletException is thrown by preLoginUser, doLoginUser, or postLoginUser


protected void preLoginUser(DynamoHttpServletRequest pRequest,
                            DynamoHttpServletResponse pResponse)
                     throws javax.servlet.ServletException
Called before a login actually takes place. This implementation checks to see if the current session's profile is not transient and acts according to the following behavioral rules:
  1. If the current profile's login does not match the login that was passed to the web service, then the current profile is logged out and its session is expired. We then attempt to login using the login/password given to the web service
  2. If the login/password given to the web service matches that of the current profile, then it's assumed that the same user is logging in twice (for whatever reason). In this case, we throw an exception caught by loginUser(String, String) so that we do not resend login events, profile cookies, etc. In this case, we also reset the securityStatus of the profile to the login securityStatus (if securityStatus is enabled)
  3. If the password passed to the web service does not match for the given login, then a ServletException is thrown

pRequest - the current request, expected to have the following parameters:
  • LOGIN_PARAM - the login of the user
  • PASSWORD_PARAM - the password of the user
Also, this request could optionally have the following parameter:
  • HASHKEY_PARAM - the hashkey that was given to the client if they called getPasswordHashKey. Note that this only applies in the case that the client signaled that this authentication attempt used an encrypted password
pResponse - the current response
javax.servlet.ServletException - if any of the following occur:
  • This method is not executed in the context of a request
  • There is no profile found in the current session


protected void preLoginUser(DynamoHttpServletRequest pRequest,
                            DynamoHttpServletResponse pResponse,
                            boolean pTrusted)
                     throws javax.servlet.ServletException
Called before a login actually takes place. This implementation checks to see if the current session's profile is not transient and acts according to the following behavioral rules:
  1. If the current profile's login does not match the login that was passed to the web service, then the current profile is logged out and its session is expired. We then attempt to login using the login given to the web service
  2. If the login given to the web service matches that of the current profile, then it's assumed that the same user is logging in twice (for whatever reason). In this case, we throw an exception caught by loginTrustedUser(String) so that we do not resend login events, profile cookies, etc. In this case, we also reset the securityStatus of the profile to the login securityStatus (if securityStatus is enabled)

pRequest - the current request, expected to have the following parameters:
  • LOGIN_PARAM - the login of the user
pResponse - the current response
pTrusted - True is the user is trusted, false if the user is not trusted
javax.servlet.ServletException - if any of the following occur:
  • This method is not executed in the context of a request
  • There is no profile found in the current session


protected void doLoginUser(DynamoHttpServletRequest pRequest,
                           DynamoHttpServletResponse pResponse)
                    throws javax.servlet.ServletException
Logs in a user. The user is defined by a login/password pair set as parameters in the given request. If either propertiesToCopyOnLogin or propertiesToAddOnLogin are set, then those properties will be copied/added from the un-logged in profile to the logged-in profile

pRequest - the current request, expected to have the following parameters:
  • LOGIN_PARAM - the login of the user
  • PASSWORD_PARAM - the password of the user
Also, this request could optionally have the following parameter:
  • HASHKEY_PARAM - the hashkey that was given to the client if they called getPasswordHashKey. Note that this only applies in the case that the client signaled that this authentication attempt used an encrypted password
pResponse - the current response
javax.servlet.ServletException - if the password used to login is incorrect, or an error occurs doing repository operations associated with logging in


protected void doLoginUser(DynamoHttpServletRequest pRequest,
                           DynamoHttpServletResponse pResponse,
                           boolean pTrusted)
                    throws javax.servlet.ServletException
Logs in a user. The user is defined by a login parameter in the given request. If either propertiesToCopyOnLogin or propertiesToAddOnLogin are set, then those properties will be copied/added from the un-logged in profile to the logged-in profile

pRequest - the current request, expected to have the following parameters:
  • LOGIN_PARAM - the login of the user
pResponse - the current response
pTrusted - True is the user is trusted, false if the user is not trusted


protected void postLoginUser(DynamoHttpServletRequest pRequest,
                             DynamoHttpServletResponse pResponse)
                      throws javax.servlet.ServletException
Called after a user is successfully logged in. This implementation is responsible for sending profile cookies, if the system is set up to do so, sending a login event, setting the persona of the current session-scoped User, setting the security status on the logged in profile, and potentially changing the request locale to reflect the logged in person's locale.

pRequest - the current request, expected to have the following parameters:
  • LOGIN_PARAM - the login of the user
  • PASSWORD_PARAM - the password of the user
Also, this request could optionally have the following parameter:
  • HASHKEY_PARAM - the hashkey that was given to the client if they called getPasswordHashKey. Note that this only applies in the case that the client signaled that this authentication attempt used an encrypted password
pResponse - the current response
javax.servlet.ServletException - if there is a problem sending cookies, or changing the security status


protected void postLoginUser(DynamoHttpServletRequest pRequest,
                             DynamoHttpServletResponse pResponse,
                             boolean pTrusted)
                      throws javax.servlet.ServletException
Called after a user is successfully logged in. This implementation is responsible for sending profile cookies, if the system is set up to do so, sending a login event, setting the persona of the current session-scoped User, setting the security status on the logged in profile, and potentially changing the request locale to reflect the logged in person's locale.

pRequest - the current request, expected to have the following parameters:
  • LOGIN_PARAM - the login of the user
pResponse - the current response
pTrusted - True is the user is trusted, false if the user is not trusted
javax.servlet.ServletException - if there is a problem sending cookies, or changing the security status


public void logoutUser()
                throws javax.servlet.ServletException
Logs out the current user.

This method calls preLogoutUser, doLogoutUser , and postLogoutUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

javax.servlet.ServletException - if this method is not called within the context of a request, or is propagated up from preLogoutUser, doLogoutUser, or postLogoutUser


protected void preLogoutUser(DynamoHttpServletRequest pRequest,
                             DynamoHttpServletResponse pResponse)
                      throws javax.servlet.ServletException
Called before a user is logged out. In this implementation, we save the id of the current profile in a request parameter so that we can generate a logout event with that id in postLogoutUser. Even though the profile is still valid in postLogoutUser, subclasses of this class may change that by the time postLogoutUser is reached, so we do this here to ensure that the logout event is safe. We also remove the persona associated with the current profile from the current session-scoped user

If logout events are to be fired (generateLogoutEvents is true), the following request parameter is set in this method LOGOUT_ID_PARAM - the id of the person that is being logged out. This needs to be saved so we can fire the event after the person is sucessfully logged out

pRequest - the current request
pResponse - the current response
javax.servlet.ServletException - if we're setting up a logout event and there is no current profile to get the id from


protected void doLogoutUser(DynamoHttpServletRequest pRequest,
                            DynamoHttpServletResponse pResponse)
                     throws javax.servlet.ServletException
Called to logout a user. This implementation is empty, and most of the actually logging out is done in postLogoutUser. This is to make sure the code flow of our ProfileFormHandler is left intact. Customers who might currently subclass handleLogout and who have extra logic in between preLogout and postLogout can use this method to handle that logic.

pRequest - the current request, which could have the following parameter:

LOGOUT_ID_PARAM - the id of the person that is being logged out

pRequest - the current request
pResponse - the current response
javax.servlet.ServletException - if a user-defined error occurs


protected void postLogoutUser(DynamoHttpServletRequest pRequest,
                              DynamoHttpServletResponse pResponse)
                       throws javax.servlet.ServletException
Called after a user is logged out. This implementation sends out a logout event, and either expires the current session or replaces the current profile data source with either a new repository item or null, depending on whether logoutProfileType is set.

pRequest - the current request, which could have the following parameter:

LOGOUT_ID_PARAM - the id of the person that is being logged out

pResponse - the current response
javax.servlet.ServletException - in the case where we do not expire the current session, and get an error trying to create a new RepositoryItem for the profile's data source


public java.lang.String createUser(java.lang.String pProfileAsXML)
                            throws javax.servlet.ServletException
Creates a persistent user using the profile values given in pProfileAsXML. It's intended that this service be used by users to create their own profile, and certain session actions will take place based on that assumption i.e. cookie handling, locale changing, etc. Admins that want to create other users' profiles should use adminCreateUserService, and not this method.

This method calls preCreateUser, doCreateUser , and postCreateUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameter is set in this method XML_ITEM_PARAM - the current Repo2Xml item that is being created

pProfileAsXML - the profile of the new persistent user. NOTE: Any password present in this XML should not have been pre-encrypted by the client. It will be encrypted in this operation. This argument may not be null
the id of the newly created user
javax.servlet.ServletException - if any of the following occurs:
  • The pProfileAsXML argument is null or empty
  • This method is not executed in the context of an HTTP request
  • A ServletException is thrown by preCreateUser, doCreateUser, or postCreateUser


protected void preCreateUser(DynamoHttpServletRequest pRequest,
                             DynamoHttpServletResponse pResponse)
                      throws javax.servlet.ServletException
Called before a user is created. This implementation checks to see the given XML_ITEM_PARAM refers to an existing user's id, and throws an error if so.

pRequest - the current request, expected to have the following parameter:

XML_ITEM_PARAM - the current item that is to be created

pResponse - the current response
javax.servlet.ServletException - if an error occurs.


protected void doCreateUser(DynamoHttpServletRequest pRequest,
                            DynamoHttpServletResponse pResponse)
                     throws javax.servlet.ServletException
Creates a user that is present as the request parameter, XML_ITEM_PARAM

pRequest - the current request, expected to have the following parameter:

XML_ITEM_PARAM - the current item that is to be created

pResponse - the current response
javax.servlet.ServletException - if any of the following errors occur:
  • The XML_ITEM_PARAM request parameter is not present in pRequest
  • The XML_ITEM_PARAM parameter does not resolve to a valid RepositoryItem
  • A RepositoryException occurs creating the RepositoryItem


protected void postCreateUser(DynamoHttpServletRequest pRequest,
                              DynamoHttpServletResponse pResponse)
                       throws javax.servlet.ServletException
Called after a new user is created. This implementation sends an admin register event, if configured to do so

pRequest - the current request, expected to have the following parameter:

XML_ITEM_PARAM - the current item that is to be created

pResponse - the current response
javax.servlet.ServletException - if an error occurs


public boolean deleteUser(java.lang.String pProfileId)
                   throws javax.servlet.ServletException
Deletes a persistent user whose id matches pProfileId. It's intended that this service be used by users to delete their own profile.

This method calls preDeleteUser, doDeleteUser , and postDeleteUser in turn

This method is expected to be called in the context of an HTTP request. Also, a transaction is required when executing this method. If no transaction is in place, a new one is started and committed before this method returns.

The following request parameter is set in this method UPDATE_ID_PARAM - the id of the profile that is to be deleted

pProfileId - the profile of the user to delete. This argument may not be null
true if the user was successfully deleted, false otherwise
javax.servlet.ServletException - if any of the following occurs:
  • The pProfileId argument is null or empty
  • This method is not executed in the context of an HTTP request
  • A ServletException is thrown by preDeleteUser, doDeleteUser, or postDeleteUser


protected void preDeleteUser(DynamoHttpServletRequest pRequest,
                             DynamoHttpServletResponse pResponse)
                      throws javax.servlet.ServletException
Called before a user is deleted. This implementation is a stub and does not do any work

pRequest - the current request, expected to have the following parameter:

UPDATE_ID_PARAM - the id of the user to be deleted

pResponse - the current response
javax.servlet.ServletException - if an error occurs.


protected void postDeleteUser(DynamoHttpServletRequest pRequest,
                              DynamoHttpServletResponse pResponse)
                       throws javax.servlet.ServletException
Called after a user is succesfully deleted. This implementation is a stub and does not do any work

pRequest - the current request, expected to have the following parameter:

UPDATE_ID_PARAM - the id of the user to be deleted

pResponse - the current response
javax.servlet.ServletException - if an error occurs.


protected void doDeleteUser(DynamoHttpServletRequest pRequest,
                            DynamoHttpServletResponse pResponse)
                     throws javax.servlet.ServletException
Deletes a user that matches the id present as the request parameter, UPDATE_ID_PARAM. The type of the item that is to be deleted will be of the value specified in the createProfileType property

pRequest - the current request, expected to have the following parameter:

UPDATE_ID_PARAM - the id of the user to be deleted

pResponse - the current response
javax.servlet.ServletException - if any of the following errors occur:
  • The UPDATE_ID_PARAM request parameter is not present in pRequest
  • A RepositoryException occurs deleting the RepositoryItem


public java.lang.String getPasswordHashKey()
                                    throws javax.servlet.ServletException
Gets a hashkey for a password. This uses the PasswordHasher set for on profileTools property. If this PasswordHasher does not support adding hashkeys for extra encryption, this method will return null and any web service clients using this call during a login conversation should not encrypt their passwords i.e. use https. In the case where a non-null hashkey is generated, this method starts the login conversation for a login attempt with an encrypted password.

a temporary hash key used to further encrypt a password before attempting to login, or null if the configured PasswordHasher does not support extra encryption.
javax.servlet.ServletException - if we're already in the middle of a login conversation and we've exceeded the conversation time limit, as specified by maxAuthenticationWait


public java.lang.String getPasswordHashAlgorithm()
                                          throws javax.servlet.ServletException
Gets the algorithm for the password hasher used by the profile property manager



public boolean canClientEncryptPasswords()
Tests to see whether we can allow clients to encrypt their passwords. This is based on what password hasher DPS is using. At this point we can only handle non-salted hashers, and hashers whose getPasswordHashKey() method returns a non-null value

true if the client can encrypt their passwords, false otherwise


public void updateXMLItem(java.lang.String pItemAsXML,
                          java.lang.String[] pMatchedProperties)
                   throws RepositoryException
Updates a Repo2Xml item

pItemAsXML - the item to update in XML format. The name of the repository and the item's type are present in the XML format, so those do not need to be supplied as arguments. This method will determine which known RepositoryItem to update based on the values of the properties listed in pMatchedProperties present in the pItemAsXML, or if that argument is null, the repositoryId will be used to match items. If there is no existing item which matches those property values, then the item will be added to the repository if the xmlUpdateService component has its addWhenNoMatchedItems flag set to true.
pMatchedProperties - an array of property names that will be used to match up values between the given pItemAsXML and an existing RepositoryItem object (note: use "repositoryId" to specify the matching of ids)
RepositoryException - if an error occurs updating the item in the repository


public java.lang.String getXMLItem(RepositoryItem pItem,
                                   Repository pRepository,
                                   java.lang.String pItemDescriptorName,
                                   java.lang.String pMappingFile)
                            throws RepositoryException
Transforms the given repository item into XML, possibly using a mapping file to cull properties

pItem - the item to transform
pRepository - the repository that holds the item, used to determine a mapping file
pItemDescriptorName - the name of the item descriptor that describes the given item, used to determine a mapping file
pMappingFile - the mapping file to use when turning the item into an XML document
the RepositoryItem in XML form
RepositoryException - if an error occurs transforming the item


public RepositoryItem addXMLItem(java.lang.String pItemAsXML,
                                 boolean pPersist)
                          throws RepositoryException
Adds or creates the given pItemAsXML, depending on the value of pPersist. This method uses the configured xmlAddService to add or create the item.

pItemAsXML - the item to add or create
pPersist - if true, the given item will be added, otherwise it will just be created
the added or newly created item
RepositoryException - if an error occurs adding or creating the item


public java.lang.String getMappingFile(Repository pRepository,
                                       java.lang.String pItemDescriptorName)
Gets a mapping file for a particular repository:itemDescriptorName combination

pRepository - the repository that contains the given item descriptor
pItemDescriptorName - the name of the item descriptor to get the mapping file for
the pathname of the mapping file for the given item descriptor, or null if none exists


public RepositoryItem getRepositoryItemFromXML(java.lang.String pItemAsXML)
                                        throws RepositoryException
Gets a RepositoryItem object from the given XML representation The item is matched based on the id property in the XML file

pItemAsXML - the repository item in XML form
the RepositoryItem object that is represented by pItemAsXML, or null if no such object is found


public RepositoryItem getRepositoryItemFromXML(java.lang.String pItemAsXML,
                                               java.lang.String[] pMatchedProperties)
                                        throws RepositoryException
Gets a RepositoryItem object from the given XML representation The item is matched based on the id property in the XML file

pItemAsXML - the repository item in XML form
pMatchedProperties - an array of property names whose values are used to find the pItemAsXML objects match in the repository
the RepositoryItem object that is represented by pItemAsXML, or null if no such object is found


protected javax.transaction.Transaction ensureTransaction()
This method ensures that a transaction exists before returning. If there is an existing transaction, it returns a reference to it. This is a performance thing so it is not very intuitive, but you should use this returned transaction both as a signal that we did NOT create the transaction, and you can use that to avoid having to get the current transaction again (thus saving a hashtable lookup which may add up for methods like getPropertyValue).


protected void commitTransaction()
Commits the current transaction


public void doStartService()
                    throws ServiceException
Called when this service starts, after its properties have been set. In this override, we make sure there's a valid profile tools instance available

doStartService in class GenericService
ServiceException - if there is no ProfileTools component to be found


public PasswordHasher getLoginPasswordHasher()
Gets a password hasher for logging in

a password hasher used to compare login values


public java.lang.String getCurrentProfileId()
Gets the profileId of the current thread's user

the profileId of the current thread's user, or null if there is none


public Profile getCurrentProfile()
Gets the profile of the current thread's user

the profile of the current thread's user, or null if there is none


public void updateLDAPProfileAttributes(MutableRepositoryItem pItem)
                                 throws RepositoryException
Updates profile attributes pertaining to LDAP. Specifically, this sets the "fullName" property out of the first and last name of the given item. This is so that forms that create LDAP items don't have to have a fullName field in addition to firstName and lastName (fullName is a required property in LDAP). The other way to do this would be to ask for just the users full name and then split that up in this method to set the first name and last name property for the user as well

pItem - the item to change values on


public void copyProperties(RepositoryItem pGuestUser,
                           RepositoryItem pAuthenticatedUser,
                           java.lang.String[] pPropertiesToCopy)
                    throws RepositoryException
Copies the properties named in pPropertiesToCopy from the pGuestUser to the pAuthenticatedUser

pGuestUser - the user to get values from
pAuthenticatedUser - the user to copy values to
pPropertiesToCopy - the properties that should be copied
RepositoryException - if an error occurs updating the authenticated user


public void addProperties(RepositoryItem pGuestUser,
                          RepositoryItem pAuthenticatedUser,
                          java.lang.String[] pPropertiesToAdd)
                   throws RepositoryException
Adds values from multi-valued properties from the guest user to the authenticated user

pGuestUser - the user to copy values from
pAuthenticatedUser - the user to copy values to
pPropertiesToAdd - names of multi-valued properties whose values should be added from the guest to the authenticated user
RepositoryException - if an error occurs updating the authenticated user with the added properties


public void addProperty(java.lang.String pPropertyName,
                        RepositoryItem pGuestUser,
                        RepositoryItem pAuthenticatedUser)
                 throws RepositoryException
Adds a specific multi-valued property's values from the given guest user to the given authenticated user

pGuestUser - the user to copy values from
pAuthenticatedUser - the user to copy values to
pPropertyName - the name of a multi-valued property whose values will be copied from the guest user and added to the authenticated user


public void addUpdateListener(atg.userprofiling.ProfileUpdateListener pListener)
Adds the given update listener to the list of listeners we already know about

pListener - the listener to add


public void removeUpdateListener(atg.userprofiling.ProfileUpdateListener pListener)
Removes the given update listener from the list of listeners we already know about

pListener - the listener to remove


public void sendUpdateEvent(atg.userprofiling.ProfileUpdateEvent pEvent)
Sends the given update event to all of the registered update listeners

pEvent - the event to send


public void encryptPassword(MutableRepositoryItem pProfile)
                     throws RepositoryException
Takes the cleartext password of the given profile, encrypts it, and resets it to the encrypted version

pProfile - the profile to encrypt the password of


public boolean endOperation(DynamoHttpServletRequest pRequest)
Checks the given request to see if the OPERATION_END_PARAM is present and set to true

pRequest - the request to examine
true if the OPERATION_END_PARAM is present


public java.lang.Object endOperationValue(DynamoHttpServletRequest pRequest)
Gets the value of the OPERATION_END_PARAM_NAME from the given request. This value is what should be returned by an operation that is to be ended, if that operation returns anything.

pRequest - the request to be examined
the value that should be returned by the ended operation. If the operation does not return anything, then this value is ignored


public void sendProfileSwapEvent(int pEventType,
                                 RepositoryItem pPreSwapItem,
                                 RepositoryItem pPostSwapItem)
Sends a ProfileSwapEvent using the given arguments

pEventType - the type of operation that was performed when the profiles were swapped
pPreSwapItem - the data source of the profile before the swap was performed
pPostSwapItem - the data source of the profile after the swap was performed