@ProviderType
public interface AccountManagementService
AccountManagementService
provides a way for a visitor (a non logged-in user) to request a new account
or to request a password reset.
For any other account management task (e.g. modifying a user property) please use the
org.apache.jackrabbit.api.security.user.UserManager
, based on the logged-in user session.
The default implementation works as follows:
- when a new account is requested, the account is created in the repository and the account is disabled. An email
is sent to the user together with a link to confirm the operation. When the link is clicked, the request
is validated and if valid the account is enabled.
- when a password reset is requested, an email is sent to the user together with a link to confirm the operation.
When the link is clicked, , the request is validated and if valid the password is reset and an email is sent to
the user with the new password.
Other implementations could look as follows:
- when a new account is requested, an email is sent to the user together with a link to confirm the operation. The
link contains an encrypted token with all the information about the account. When the link is clicked, the account
is created.
- when a new account is requested, a workflow is triggered. The workflow takes care of validating and creating
the new account.Modifier and Type | Method and Description |
---|---|
boolean |
requestAccount(String userId,
String pwd,
Map<String,RequestParameter[]> properties,
String requestUrl,
String configPath)
Requests the creation of a new account.
|
boolean |
requestPasswordReset(String userId,
String requestUrl,
String configPath)
Requests a password reset for the given user.
|
boolean requestAccount(String userId, String pwd, Map<String,RequestParameter[]> properties, String requestUrl, String configPath) throws RepositoryException
userId
- the user id for the new accountpwd
- the user passwordproperties
- the user propertiesrequestUrl
- the URL used to request a new account (used to validate the requester)configPath
- the path where the configuration is defined (e.g. the url used to confirm the operation,
the group of the user, the intermediate path where the user is created)RepositoryException
- in case of error when requesting a new accountboolean requestPasswordReset(String userId, String requestUrl, String configPath) throws RepositoryException
userId
- the user idrequestUrl
- the URL used to request the password reset (used to validate the requester)configPath
- the path where the configuration is defined (e.g. the url to confirm the operation)RepositoryException
- in case of error when requesting the password resetCopyright © 2010 - 2020 Adobe. All Rights Reserved