|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object atg.nucleus.logging.VariableArgumentApplicationLoggingImpl atg.nucleus.GenericService atg.nucleus.RegisteredService atg.security.GenericUserAuthority atg.security.RepositoryAccountManager
public class RepositoryAccountManager
An account manager and user authority that works against a Dynamo repository.
The repository must provide at least one view, the login view, and optionally a second, the group view, for account storage. This allows you to split user (login) accounts from auxiliary accounts (groups and privileges) if you'd prefer to keep the login account tables clean (a good idea in the profile repository, for instance). The group view must have a "type" property that allows the following integer values:
If no group view is specified the login view must have this property. If a group view is specified the type property of all account sin the login view is assumed to be 1, and no type property is necessary nor will one be utilized if specified.
The user interface desires certain attributes for different account types.
Accounts in the "login" view must have the following properties:
Accounts in the "group" view should have a "description" property, which is a human-readable description of the account.
Any repository item property that should be exposed via this interface
must be specified in the propertyNames property
(setPropertyNames(String[])
).
Field Summary | |
---|---|
static java.lang.String |
CLASS_VERSION
|
Fields inherited from class atg.nucleus.GenericService |
---|
SERVICE_INFO_KEY |
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging |
---|
DEFAULT_LOG_TRACE_STATUS |
Fields inherited from interface atg.nucleus.logging.ApplicationLogging |
---|
DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS |
Constructor Summary | |
---|---|
|
RepositoryAccountManager()
|
protected |
RepositoryAccountManager(java.lang.String pName)
|
Method Summary | |
---|---|
Account |
createAccount(java.lang.String pAccountName,
int pType,
java.util.Map pAttributes)
Creates a new account with a given set of attributes. |
void |
doStartService()
This is called after a Service has been created, placed into the naming hierarchy, and initialized with its configured property values. |
Account |
getAccount(java.lang.String pAccountName)
Retrieves the account object for the account with the given name. |
AccountInitializer |
getAccountInitializer()
Returns the account initializer that will set up our standard accounts, if any. |
RepositoryItem |
getAccountItem(java.lang.String pAccountName,
java.lang.String pDescriptorName)
Returns the repository item corresponding to the specified account name, or null if it doesn't exist. |
java.lang.String |
getAccountNameProperty()
Returns the name of the repository item property used to store the name of the account. |
int |
getAccountQueryLimit()
Returns the maximum number of accounts that will be returned by listAccounts() or listMatchingAccounts() before throwing TooManyAccountsException. |
java.lang.String |
getAccountTypeProperty()
Returns the repository item property used for storing the account type information. |
java.lang.String |
getAttributeResourceBundle()
Returns the name of the resource bundle used for translating attribute names to resource names. |
java.lang.String[] |
getDefaultGroupAttributes()
Returns the default attributes that are assigned to login accounts when they are created. |
java.lang.String[] |
getDefaultLoginAttributes()
Returns the default attributes that are assigned to login accounts when they are created. |
java.lang.String[] |
getDefaultLoginGroups()
Returns the set of groups that are assigned to a new login account. |
java.lang.String[] |
getDefaultPrivilegeAttributes()
Returns the default attributes that are assigned to login accounts when they are created. |
java.lang.String |
getDescriptionAttribute()
Returns the name of the group or privilege account attribute that describes the account in human-readable terms. |
java.lang.String |
getDescriptionProperty()
Returns the repository item property used for storing the description of a group or privilege. |
java.lang.String |
getFirstNameAttribute()
Returns the name of the attribute that contains the first name of the owner of a login account. |
java.lang.String |
getFirstNameProperty()
Returns the repository item property used for storing the first name of a login account holder. |
java.lang.String |
getGroupDescriptorName()
Returns the name of the repository item descriptor used for managing group and privilege accounts. |
java.lang.String[] |
getGroupPropertyNames()
Returns a list of all of the property names allowed to login accounts by the account manager. |
java.lang.String |
getGroupsProperty()
Returns the repository item property used for storing the set of groups that an account is a member of. |
boolean |
getItemNameIsAccountName()
Returns true if the account name can be used to retrieve items from the repository directly, or false if a query must be used. |
java.lang.String |
getLastNameAttribute()
Returns the name of the attribute that contains the last name of the owner of a login account. |
java.lang.String |
getLastNameProperty()
Returns the repository item property used for storing the last name of a login account holder. |
java.lang.String |
getLastPasswordUpdatePropertyName()
Returns the name of the repository item property name used for storing the last password update date. |
java.lang.String |
getLoginDescriptorName()
Returns the name of the repository item descriptor used for managing login accounts. |
java.lang.String[] |
getLoginPropertyNames()
Returns a list of all of the property names allowed to login accounts by the account manager. |
java.lang.String |
getPasswordAttribute()
Returns the name of the attribute that contains the password for a login account. |
PasswordHasher |
getPasswordHasher()
Returns the password hasher that this account manager will use to obfuscate passwords in the repository. |
java.lang.String |
getPasswordProperty()
Returns the repository item property used for storing the password for a login account. |
Persona |
getPersona(java.lang.Object id)
Returns a persona for the given ID object. |
java.lang.String |
getPreviousNPasswordArrayPropertyName()
Returns the name of the repository item property name used for storing the previous N password array |
MutableRepository |
getRepository()
Returns the repository that this account manager is using for persistance. |
javax.transaction.TransactionManager |
getTransactionManager()
Returns the transaction manager that should be used for managing repository transactions. |
java.util.Iterator |
listAccounts(int pType)
Returns an iterator of accounts with a particular set of types. |
java.util.Iterator |
listGroupsFor(java.lang.String pAccountName)
Lists accounts that match a given expression. |
java.util.Iterator |
listMatchingAccounts(java.lang.String pExpression,
int pType)
Lists accounts that match a given expression. |
boolean |
login(User pUser,
java.lang.String pLoginName,
java.lang.String pPassword,
java.lang.Object pHashKey)
Authenticates a user, populating the User object with appropriate personae. |
void |
removeAccount(java.lang.String pAccountName)
Removes an account with the indicated name, if possible. |
void |
setAccountInitializer(AccountInitializer pInitializer)
Changes the account initializer that will set up our standard accounts, if any. |
void |
setAccountNameProperty(java.lang.String pAccountNameProperty)
Changes the name of the repository item property used to store the name of the account. |
void |
setAccountQueryLimit(int pNewLimit)
Changes the maximum number of accounts that will be returned by listAccounts() or listMatchingAccounts() before throwing TooManyAccountsException. |
void |
setAccountTypeProperty(java.lang.String pAccountTypeProperty)
Changes the repository item property used for storing the account type information. |
void |
setAttributeResourceBundle(java.lang.String pBundleName)
Changes the resource bundle used for translating attribute names to resource names. |
void |
setDefaultGroupAttributes(java.lang.String[] pNewAttributes)
Changes the default attributes that are assigned to login accounts when they are created. |
void |
setDefaultLoginAttributes(java.lang.String[] pNewAttributes)
Changes the default attributes that are assigned to login accounts when they are created. |
void |
setDefaultLoginGroups(java.lang.String[] pGroups)
Changes the set of groups that are assigned to a new login account. |
void |
setDefaultPrivilegeAttributes(java.lang.String[] pNewAttributes)
Changes the default attributes that are assigned to privilege accounts when they are created. |
void |
setDescriptionProperty(java.lang.String pDescriptionProperty)
Changes the repository item property used for storing the description of a group or privilege. |
void |
setFirstNameProperty(java.lang.String pFirstNameProperty)
Changes the repository item property used for storing the first name of a login account holder. |
void |
setGroupDescriptorName(java.lang.String pGroupDescriptorName)
Changes the name of the repository item descriptor used for managing group and privilege accounts. |
void |
setGroupPropertyNames(java.lang.String[] pPropertyNames)
Changes the list of all of the property names allowed to group/privilege accounts by the account manager. |
void |
setGroupsProperty(java.lang.String pGroupsProperty)
Changes the repository item property used for storing the set of groups that an account is a member of. |
void |
setItemNameIsAccountName(boolean b)
If set to true the account name can be used to retrieve items from the repository directly. |
void |
setLastNameProperty(java.lang.String pLastNameProperty)
Changes the repository item property used for storing the last name of a login account holder. |
void |
setLastPasswordUpdatePropertyName(java.lang.String pLastPasswordUpdatePropertyName)
Sets the name of the repository item property name used for storing the last password update date. |
void |
setLoginDescriptorName(java.lang.String pLoginDescriptorName)
Changes the name of the repository item descriptor used for managing login accounts. |
void |
setLoginPropertyNames(java.lang.String[] pPropertyNames)
Changes the list of all of the property names allowed to login accounts by the account manager. |
void |
setPasswordHasher(PasswordHasher pPasswordHasher)
Changes the password hasher used to encrypt passwords. |
void |
setPasswordProperty(java.lang.String pPasswordProperty)
Changes the repository item property used for storing the password for a login account. |
void |
setPreviousNPasswordArrayPropertyName(java.lang.String pPreviousNPasswordArrayPropertyName)
Sets the name of the repository item property name used for storing the previous N password array |
void |
setRepository(MutableRepository pRepository)
Changes the repository that this account manager is to use for persistance. |
void |
setTransactionManager(javax.transaction.TransactionManager pTransactionManager)
Changes the transaction manager that should be used for managing repository transactions. |
void |
userDestroyed(User user)
Called by a User object when it is destroyed. |
Methods inherited from class atg.nucleus.RegisteredService |
---|
addToRegistry, getRegistry, getRegistryName, getServiceName, removeFromRegistry, setRegistryName, setServiceName, startService, stopService |
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl |
---|
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface atg.security.UserAuthority |
---|
addAuthenticationFailedListener, addAuthenticationSucceededListener, getUserAuthorityName, removeAuthenticationFailedListener, removeAuthenticationSucceededListener |
Field Detail |
---|
public static java.lang.String CLASS_VERSION
Constructor Detail |
---|
public RepositoryAccountManager()
protected RepositoryAccountManager(java.lang.String pName)
Method Detail |
---|
public AccountInitializer getAccountInitializer()
public void setAccountInitializer(AccountInitializer pInitializer)
public java.lang.String getLastPasswordUpdatePropertyName()
public void setLastPasswordUpdatePropertyName(java.lang.String pLastPasswordUpdatePropertyName)
public java.lang.String getPreviousNPasswordArrayPropertyName()
public void setPreviousNPasswordArrayPropertyName(java.lang.String pPreviousNPasswordArrayPropertyName)
public java.lang.String getLoginDescriptorName()
public void setLoginDescriptorName(java.lang.String pLoginDescriptorName)
public java.lang.String getGroupDescriptorName()
public void setGroupDescriptorName(java.lang.String pGroupDescriptorName)
public java.lang.String getAccountNameProperty()
public void setAccountNameProperty(java.lang.String pAccountNameProperty)
public int getAccountQueryLimit()
public void setAccountQueryLimit(int pNewLimit)
public java.lang.String getAccountTypeProperty()
public void setAccountTypeProperty(java.lang.String pAccountTypeProperty)
public java.lang.String getAttributeResourceBundle()
public void setAttributeResourceBundle(java.lang.String pBundleName)
public java.lang.String getDescriptionProperty()
public void setDescriptionProperty(java.lang.String pDescriptionProperty)
public java.lang.String getFirstNameProperty()
public void setFirstNameProperty(java.lang.String pFirstNameProperty)
public java.lang.String getGroupsProperty()
public void setGroupsProperty(java.lang.String pGroupsProperty)
public java.lang.String getLastNameProperty()
public void setLastNameProperty(java.lang.String pLastNameProperty)
public java.lang.String getPasswordProperty()
public void setPasswordProperty(java.lang.String pPasswordProperty)
public java.lang.String[] getLoginPropertyNames()
public void setLoginPropertyNames(java.lang.String[] pPropertyNames)
public java.lang.String[] getGroupPropertyNames()
public void setGroupPropertyNames(java.lang.String[] pPropertyNames)
public java.lang.String[] getDefaultGroupAttributes()
public void setDefaultGroupAttributes(java.lang.String[] pNewAttributes)
public java.lang.String[] getDefaultLoginAttributes()
public void setDefaultLoginAttributes(java.lang.String[] pNewAttributes)
public java.lang.String[] getDefaultPrivilegeAttributes()
public void setDefaultPrivilegeAttributes(java.lang.String[] pNewAttributes)
public java.lang.String[] getDefaultLoginGroups()
public void setDefaultLoginGroups(java.lang.String[] pGroups)
public boolean getItemNameIsAccountName()
public void setItemNameIsAccountName(boolean b)
public javax.transaction.TransactionManager getTransactionManager()
public void setTransactionManager(javax.transaction.TransactionManager pTransactionManager)
If null, no transaction management is performed (which may cause failures in some repositories).
public MutableRepository getRepository()
public void setRepository(MutableRepository pRepository)
public void setPasswordHasher(PasswordHasher pPasswordHasher)
public java.util.Iterator listGroupsFor(java.lang.String pAccountName)
expression
- The expression to use to determine which accounts
to list. Currently the language used for the
expression is undefined.
Defined for LDAPRepositoryAccountManager subclassLDAPRepositoryAccountManager
public void doStartService()
GenericService
doStartService
in class GenericService
public Persona getPersona(java.lang.Object id)
getPersona
in interface UserAuthority
getPersona
in class GenericUserAuthority
public void userDestroyed(User user)
userDestroyed
in interface UserAuthority
userDestroyed
in class GenericUserAuthority
public java.util.Iterator listAccounts(int pType) throws TooManyAccountsException
listAccounts
in interface AccountManager
type
- The account type(s) to list. You may logical-or
the types togeter to select a union.
TooManyAccountsException
AccountTypes
public java.util.Iterator listMatchingAccounts(java.lang.String pExpression, int pType) throws TooManyAccountsException
listMatchingAccounts
in interface AccountManager
expression
- The expression to use to determine which accounts
to list. Currently the language used for the
expression is undefined.type
- The account type(s) to match against.
TooManyAccountsException
AccountTypes
public RepositoryItem getAccountItem(java.lang.String pAccountName, java.lang.String pDescriptorName)
This method must always be called from within a transaction.
public Account getAccount(java.lang.String pAccountName)
getAccount
in interface AccountManager
accountName
- The name of the account to retrieve.public Account createAccount(java.lang.String pAccountName, int pType, java.util.Map pAttributes) throws AccountExistsException, InvalidAttributeException, PermissionDeniedException
createAccount
in interface AccountManager
accountName
- The name of the account to create.type
- The type of the account to create.attributes
- Set of attributes that should be set in the new
account. Usually at least "password" is required.
All attribute values must be strings.
AccountExistsException
InvalidAttributeException
PermissionDeniedException
AccountTypes
public void removeAccount(java.lang.String pAccountName) throws NoSuchAccountException, PermissionDeniedException
removeAccount
in interface AccountManager
NoSuchAccountException
PermissionDeniedException
public java.lang.String getDescriptionAttribute()
getDescriptionAttribute
in interface AccountManager
public java.lang.String getFirstNameAttribute()
getFirstNameAttribute
in interface AccountManager
public java.lang.String getLastNameAttribute()
getLastNameAttribute
in interface AccountManager
public java.lang.String getPasswordAttribute()
getPasswordAttribute
in interface AccountManager
public PasswordHasher getPasswordHasher()
getPasswordHasher
in interface AccountManager
getPasswordHasher
in interface LoginUserAuthority
public boolean login(User pUser, java.lang.String pLoginName, java.lang.String pPassword, java.lang.Object pHashKey)
LoginUserAuthority
login
in interface LoginUserAuthority
PasswordHasher
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |