oracle.igf.ids

Class UserManager

java.lang.Object

oracle.igf.ids.AbstractEntityManager

oracle.igf.ids.UserManager

Direct Known Subclasses:

CustomUserManager

public class UserManager
extends AbstractEntityManager

Class for handling operations like read, create and search of user entity

Method Summary

Modifier and Type	Method and Description
boolean	authenticateUser(java.security.Principal principal, char[] password) Authenticates user for given User principal and password
boolean	authenticateUser(java.security.Principal principal, char[] password, boolean checkPwdPolicyWarning) Authenticates user for given User principal and password
User	authenticateUser(java.lang.String id, char[] password, ReadOptions opts) Authenticates user for given id and password
User	authenticateUser(java.lang.String id, char[] password, ReadOptions opts, boolean checkPwdPolicyWarning) Authenticates user for given id and password
User	authenticateUser(java.lang.String attrName, java.lang.String attrVal, char[] password, ReadOptions opts) Authenticates user for given unique attrname, attrvalue and password
User	authenticateUser(java.lang.String attrName, java.lang.String attrVal, char[] password, ReadOptions opts, boolean checkPwdPolicyWarning) Authenticates user for given unique attrname, attrvalue and password
void	changePassword(java.security.Principal principal, char[] oldPassword, char[] newPassword, ModifyOptions opts) Changes user password given the old and new password
void	changePassword(java.lang.String id, char[] oldPassword, char[] newPassword, ModifyOptions opts) Changes user password given the old and new password
void	changePassword(java.lang.String attrName, java.lang.String attrVal, char[] oldPassword, char[] newPassword, ModifyOptions opts) Changes user password given the old and new password
java.security.Principal	createUser(java.util.List<Attribute> attrVals, CreateOptions opts) Creates user in the repository with given list of attribute values
void	deleteUser(java.security.Principal principal, DeleteOptions opts) Deletes the user from repository for given user principal
void	deleteUser(java.lang.String id, DeleteOptions opts) Deletes the user from repository for given user id attribute value
void	deleteUser(java.lang.String attrName, java.lang.String attrVal, DeleteOptions opts) Deletes the user from repository for given unique attrname and value
UserCapabilities	getCapabilities()
User	getUser(java.security.Principal principal, ReadOptions opts) Get user for the given principal identifier
void	resetPassword(java.security.Principal principal, char[] password, ModifyOptions opts) Resets user password
void	resetPassword(java.lang.String id, char[] password, ModifyOptions opts) Resets user password
void	resetPassword(java.lang.String attrName, java.lang.String attrVal, char[] password, ModifyOptions opts) Resets user password
User	searchUser(java.lang.String id, ReadOptions opts) Search for user matching given id attribute value that uniquely identifies the user
User	searchUser(java.lang.String attrName, java.lang.String attrVal, ReadOptions opts) Finds user matching given attribute name and value
User	searchUserByGuid(java.lang.String guid, ReadOptions opts) Search for user matching given GUID value that uniquely identifies the user
ResultSet<User>	searchUsers(SearchFilter filter, SearchOptions opts) Searches the repository and returns list of users matching the given filter condition.
boolean	validatePassword(java.security.Principal principal, char[] password) Validates user password for given principal without bind in LDAP repository.
boolean	validatePassword(java.security.Principal principal, char[] password, boolean checkPwdPolicyWarning) Validates user password for given principal without bind in LDAP repository.
User	validatePassword(java.lang.String id, char[] password, ReadOptions opts) Validates user password for given id without bind in LDAP repository.
User	validatePassword(java.lang.String id, char[] password, ReadOptions opts, boolean checkPwdPolicyWarning) Validates user password for given id without bind in LDAP repository.
User	validatePassword(java.lang.String attrName, java.lang.String attrVal, char[] password, ReadOptions opts) Validates user password for given attrname and value without bind in LDAP repository.
User	validatePassword(java.lang.String attrName, java.lang.String attrVal, char[] password, ReadOptions opts, boolean checkPwdPolicyWarning) Validates user password for given attrname and value without bind in LDAP repository.

Methods inherited from class oracle.igf.ids.AbstractEntityManager

compareEntityAttr, compareEntityAttr, getAttributeDef, getAttributeRef, getEntityAttributes, getEntityDef, getEntityRelationships, getGlobalCommonIdAttribute, getIdAttribute, modify, modify, modify, rename

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

createUser

public java.security.Principal createUser(java.util.List<Attribute> attrVals,
                                          CreateOptions opts)
                                   throws IDSException,
                                          EntityAlreadyExistsException,
                                          OperationNotSupportedException,
                                          AuthorizationException,
                                          InvalidAttributesException

Creates user in the repository with given list of attribute values

Parameters:

attrVals - List of attribute values

opts - Create operation options

Returns:

Principal identifier of the user created

Throws:

IDSException - Generic Identity Directory Service exception

EntityAlreadyExistsException - When the user to be created already exists

OperationNotSupportedException - If the user create operation is not supported

InvalidAttributesException - When the add attributes list is invalid

AuthorizationException - If user does not have sufficient privileges

getUser

public User getUser(java.security.Principal principal,
                    ReadOptions opts)
             throws EntityNotFoundException,
                    IDSException,
                    AuthorizationException,
                    InvalidAttributesException

Get user for the given principal identifier

Parameters:

principal - Principal identifier of the user

opts - Read operation options

Returns:

User for the requested principal identifier

Throws:

EntityNotFoundException - When there is no user in the repository for given user principal

IDSException - Generic Identity Directory Service exception

InvalidAttributesException - If the requested attributes is invalid

AuthorizationException - If user does not have sufficient privileges

searchUser

public User searchUser(java.lang.String id,
                       ReadOptions opts)
                throws IDSException,
                       EntityNotFoundException,
                       EntityNotUniqueException,
                       AuthorizationException,
                       InvalidAttributesException

Search for user matching given id attribute value that uniquely identifies the user

Parameters:

id - Value of the user's id attribute

opts - Read operation options

Returns:

User matching given ID value

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When there is no user found for given ID value

EntityNotUniqueException - When the given filter condition does not uniquely identify the user

InvalidAttributesException - If the requested attributes is invalid

AuthorizationException - If user does not have sufficient privileges

searchUser

public User searchUser(java.lang.String attrName,
                       java.lang.String attrVal,
                       ReadOptions opts)
                throws IDSException,
                       EntityNotFoundException,
                       EntityNotUniqueException,
                       InvalidFilterException,
                       AuthorizationException,
                       InvalidAttributesException

Finds user matching given attribute name and value

Parameters:

attrName - Name of the attribute

attrVal - Attribute value

opts - Read operation options

Returns:

User matching given search filter

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given search filter

EntityNotUniqueException - When the given filter condition does not uniquely identify the user

InvalidFilterException - If the attribute is invalid filter attribute

InvalidAttributesException - If the requested attributes is invalid

AuthorizationException - If user does not have sufficient privileges

searchUserByGuid

public User searchUserByGuid(java.lang.String guid,
                             ReadOptions opts)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             AuthorizationException,
                             InvalidAttributesException

Search for user matching given GUID value that uniquely identifies the user

Parameters:

guid - GUID value of user

opts - Read operation options

Returns:

User matching given GUID value

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When there is no user found for given GUID value

EntityNotUniqueException - When the given GUID values does not uniquely identify the user

InvalidAttributesException - If the requested attributes is invalid

AuthorizationException - If user does not have sufficient privileges

searchUsers

public ResultSet<User> searchUsers(SearchFilter filter,
                                   SearchOptions opts)
                            throws IDSException,
                                   InvalidFilterException,
                                   OperationNotSupportedException,
                                   AuthorizationException,
                                   InvalidAttributesException

Searches the repository and returns list of users matching the given filter condition. Pagesize, Sorting and other options can be specified in the search options.

Parameters:

filter - Search filter

opts - Search operation options

Returns:

Search results matching given filter

Throws:

IDSException - Generic Identity Directory Service exception

InvalidFilterException - When the input search filter is not valid

OperationNotSupportedException - When this user search operation is not supported

InvalidAttributesException - When the requested attributes or the attributes in the search filter are invalid

AuthorizationException - If user does not have sufficient privileges

deleteUser

public void deleteUser(java.security.Principal principal,
                       DeleteOptions opts)
                throws EntityNotFoundException,
                       IDSException,
                       AuthorizationException,
                       OperationNotSupportedException

Deletes the user from repository for given user principal

Parameters:

principal - User principal

opts - Delete operation options

Throws:

EntityNotFoundException - When there is no user in the repository for given user principal

IDSException - Generic Identity Directory Service exception

OperationNotSupportedException - If the user delete operation is not supported

AuthorizationException - If user does not have sufficient privileges

deleteUser

public void deleteUser(java.lang.String id,
                       DeleteOptions opts)
                throws EntityNotFoundException,
                       IDSException,
                       AuthorizationException,
                       OperationNotSupportedException

Deletes the user from repository for given user id attribute value

Parameters:

id - User id value

opts - Delete operation options

Throws:

EntityNotFoundException - When there is no user in the repository for given user principal

IDSException - Generic Identity Directory Service exception

OperationNotSupportedException - If the user delete operation is not supported

AuthorizationException - If user does not have sufficient privileges

deleteUser

public void deleteUser(java.lang.String attrName,
                       java.lang.String attrVal,
                       DeleteOptions opts)
                throws EntityNotFoundException,
                       IDSException,
                       AuthorizationException,
                       OperationNotSupportedException

Deletes the user from repository for given unique attrname and value

Parameters:

attrName - Name of the attribute

attrVal - Attribute value

opts - Delete operation options

Throws:

EntityNotFoundException - When there is no user in the repository for given user principal

IDSException - Generic Identity Directory Service exception

OperationNotSupportedException - If the user delete operation is not supported

AuthorizationException - If user does not have sufficient privileges

authenticateUser

public User authenticateUser(java.lang.String id,
                             char[] password,
                             ReadOptions opts)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationException

Authenticates user for given id and password

Parameters:

id - Id attribute value. ID attribute is defined in the entity configuration that uniquely identifies the user entity

password - User password to be verified

opts - Read operation options

Returns:

user matching the given ID value and authenticated successfully

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationException - If user authentication failed

authenticateUser

public User authenticateUser(java.lang.String id,
                             char[] password,
                             ReadOptions opts,
                             boolean checkPwdPolicyWarning)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationWarningException,
                             AuthenticationException

Authenticates user for given id and password

Parameters:

id - Id attribute value. ID attribute is defined in the entity configuration that uniquely identifies the user entity

password - User password to be verified

opts - Read operation options

checkPwdPolicyWarning - If true and there are any password policy related warnings throws AuthenticationWarningException

Returns:

user matching the given ID value and authenticated successfully

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationWarningException - If there are any password policy related warnings like Password must change, Grace Login, Password expire, etc

AuthenticationException - If user authentication failed

authenticateUser

public User authenticateUser(java.lang.String attrName,
                             java.lang.String attrVal,
                             char[] password,
                             ReadOptions opts)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationException

Authenticates user for given unique attrname, attrvalue and password

Parameters:

attrName - Name of the attribute that uniquely identifies the user

attrVal - Attribute value

password - User password to be verified

opts - Read operation options

Returns:

user matching the given attrname, value and authenticated successfully

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationException - If user authentication failed

authenticateUser

public User authenticateUser(java.lang.String attrName,
                             java.lang.String attrVal,
                             char[] password,
                             ReadOptions opts,
                             boolean checkPwdPolicyWarning)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationWarningException,
                             AuthenticationException

Authenticates user for given unique attrname, attrvalue and password

Parameters:

attrName - Name of the attribute that uniquely identifies the user

attrVal - Attribute value

password - User password to be verified

opts - Read operation options

checkPwdPolicyWarning - If true and there are any password policy related warnings throws AuthenticationWarningException

Returns:

user matching the given attrname, attrvalue and authenticated successfully

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationWarningException - If there are any password policy related warnings like Password must change, Grace Login, Password expire, etc

AuthenticationException - If user authentication failed

authenticateUser

public boolean authenticateUser(java.security.Principal principal,
                                char[] password)
                         throws IDSException,
                                EntityNotFoundException,
                                OperationNotSupportedException,
                                AuthenticationException

Authenticates user for given User principal and password

Parameters:

principal - Principal identifier of the user

password - User password

Returns:

true if authenticated successfully ; false otherwise

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationException - If user authentication failed

authenticateUser

public boolean authenticateUser(java.security.Principal principal,
                                char[] password,
                                boolean checkPwdPolicyWarning)
                         throws IDSException,
                                EntityNotFoundException,
                                OperationNotSupportedException,
                                AuthenticationWarningException,
                                AuthenticationException

Authenticates user for given User principal and password

Parameters:

principal - Principal identifier of the user

password - User password

checkPwdPolicyWarning - If true and there are any password policy related warnings throws AuthenticationWarningException

Returns:

true if authenticated successfully ; false otherwise

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationWarningException - If there are any password policy related warnings like Password must change, Grace Login, Password expire, etc

AuthenticationException - If user authentication failed

validatePassword

public User validatePassword(java.lang.String id,
                             char[] password,
                             ReadOptions opts)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationException

Validates user password for given id without bind in LDAP repository.

Parameters:

id - Id attribute value. ID attribute is defined in the entity configuration that uniquely identifies the user entity

password - User password to be validated

opts - Read operation options

Returns:

user matching the given ID value and password

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationException - If user authentication failed

validatePassword

public User validatePassword(java.lang.String id,
                             char[] password,
                             ReadOptions opts,
                             boolean checkPwdPolicyWarning)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationWarningException,
                             AuthenticationException

Validates user password for given id without bind in LDAP repository.

Parameters:

id - Id attribute value. ID attribute is defined in the entity configuration that uniquely identifies the user entity

password - User password to be validated

opts - Read operation options

checkPwdPolicyWarning - If true and there are any password policy related warnings throws AuthenticationWarningException

Returns:

user matching the given ID value and password

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationWarningException - If there are any password policy related warnings like Password must change, Grace Login, Password expire, etc

AuthenticationException - If user authentication failed

validatePassword

public User validatePassword(java.lang.String attrName,
                             java.lang.String attrVal,
                             char[] password,
                             ReadOptions opts)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationException

Validates user password for given attrname and value without bind in LDAP repository.

Parameters:

attrName - Name of the attribute that uniquely identifies the user

attrVal - Attribute value

password - User password to be validated

opts - Read operation options

Returns:

user matching the given attrname, value and authenticated successfully

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationException - If user authentication failed

validatePassword

public User validatePassword(java.lang.String attrName,
                             java.lang.String attrVal,
                             char[] password,
                             ReadOptions opts,
                             boolean checkPwdPolicyWarning)
                      throws IDSException,
                             EntityNotFoundException,
                             EntityNotUniqueException,
                             OperationNotSupportedException,
                             AuthenticationWarningException,
                             AuthenticationException

Validates user password for given attrname and value without bind in LDAP repository.

Parameters:

attrName - Name of the attribute that uniquely identifies the user

attrVal - Attribute value

password - User password to be validated

opts - Read operation options

checkPwdPolicyWarning - If true and there are any password policy related warnings throws AuthenticationWarningException

Returns:

user matching the given attrname, value and authenticated successfully

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

EntityNotUniqueException - If the given ID value does not uniquely identify the user

OperationNotSupportedException - If the user authentication operation is not supported

AuthenticationWarningException - If there are any password policy related warnings like Password must change, Grace Login, Password expire, etc

AuthenticationException - If user authentication failed

validatePassword

public boolean validatePassword(java.security.Principal principal,
                                char[] password)
                         throws IDSException,
                                EntityNotFoundException,
                                OperationNotSupportedException,
                                AuthenticationException

Validates user password for given principal without bind in LDAP repository.

Parameters:

principal - Principal identifier of the user

password - User password

Returns:

true if authenticated successfully ; false otherwise

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationException - If user authentication failed

validatePassword

public boolean validatePassword(java.security.Principal principal,
                                char[] password,
                                boolean checkPwdPolicyWarning)
                         throws IDSException,
                                EntityNotFoundException,
                                OperationNotSupportedException,
                                AuthenticationWarningException,
                                AuthenticationException

Validates user password for given principal without bind in LDAP repository.

Parameters:

principal - Principal identifier of the user

password - User password

checkPwdPolicyWarning - If true and there are any password policy related warnings throws AuthenticationWarningException

Returns:

true if authenticated successfully ; false otherwise

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When no user found for given ID value

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationWarningException - If there are any password policy related warnings like Password must change, Grace Login, Password expire, etc

AuthenticationException - If user authentication failed

changePassword

public void changePassword(java.security.Principal principal,
                           char[] oldPassword,
                           char[] newPassword,
                           ModifyOptions opts)
                    throws AuthenticationException,
                           OperationNotSupportedException,
                           EntityNotFoundException,
                           AuthorizationException,
                           PasswordPolicyException,
                           IDSException

Changes user password given the old and new password

Parameters:

principal - Principal identifier of the user

oldPassword - Old password of the user

newPassword - New password of the user

opts - Modify options

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When this user is not found

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationException - If user authentication failed

PasswordPolicyException - If there are any password policy errors

AuthorizationException - If user does not have sufficient privileges

changePassword

public void changePassword(java.lang.String id,
                           char[] oldPassword,
                           char[] newPassword,
                           ModifyOptions opts)
                    throws AuthenticationException,
                           OperationNotSupportedException,
                           EntityNotFoundException,
                           AuthorizationException,
                           PasswordPolicyException,
                           IDSException

Changes user password given the old and new password

Parameters:

id - Id attribute value. ID attribute is defined in the entity configuration that uniquely identifies the user entity

oldPassword - Old password of the user

newPassword - New password of the user

opts - Modify options

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When this user is not found

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationException - If user authentication failed

PasswordPolicyException - If there are any password policy errors

AuthorizationException - If user does not have sufficient privileges

changePassword

public void changePassword(java.lang.String attrName,
                           java.lang.String attrVal,
                           char[] oldPassword,
                           char[] newPassword,
                           ModifyOptions opts)
                    throws AuthenticationException,
                           OperationNotSupportedException,
                           EntityNotFoundException,
                           AuthorizationException,
                           PasswordPolicyException,
                           IDSException

Changes user password given the old and new password

Parameters:

attrName - Name of the attribute that uniquely identifies the user

attrVal - Attribute value

oldPassword - Old password of the user

newPassword - New password of the user

opts - Modify options

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When this user is not found

OperationNotSupportedException - If the user authenticate operation is not supported

AuthenticationException - If user authentication failed

PasswordPolicyException - If there are any password policy errors

AuthorizationException - If user does not have sufficient privileges

resetPassword

public void resetPassword(java.security.Principal principal,
                          char[] password,
                          ModifyOptions opts)
                   throws OperationNotSupportedException,
                          EntityNotFoundException,
                          AuthorizationException,
                          PasswordPolicyException,
                          IDSException

Resets user password

Parameters:

principal - Principal identifier of the user

password - User's new password

opts - Modify options

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When this user is not found

OperationNotSupportedException - If the user authenticate operation is not supported

PasswordPolicyException - If there are any password policy errors

AuthorizationException - If user does not have sufficient privileges

resetPassword

public void resetPassword(java.lang.String id,
                          char[] password,
                          ModifyOptions opts)
                   throws OperationNotSupportedException,
                          EntityNotFoundException,
                          AuthorizationException,
                          PasswordPolicyException,
                          IDSException

Resets user password

Parameters:

id - Id attribute value. ID attribute is defined in the entity configuration that uniquely identifies the user entity

password - User's new password

opts - Modify options

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When this user is not found

OperationNotSupportedException - If the user authenticate operation is not supported

PasswordPolicyException - If there are any password policy errors

AuthorizationException - If user does not have sufficient privileges

resetPassword

public void resetPassword(java.lang.String attrName,
                          java.lang.String attrVal,
                          char[] password,
                          ModifyOptions opts)
                   throws OperationNotSupportedException,
                          EntityNotFoundException,
                          AuthorizationException,
                          PasswordPolicyException,
                          IDSException

Resets user password

Parameters:

attrName - Name of the attribute that uniquely identifies the user

attrVal - Attribute value

password - User's new password

opts - Modify options

Throws:

IDSException - Generic Identity Directory Service exception

EntityNotFoundException - When this user is not found

OperationNotSupportedException - If the user authenticate operation is not supported

PasswordPolicyException - If there are any password policy errors

AuthorizationException - If user does not have sufficient privileges

getCapabilities

public UserCapabilities getCapabilities()