Class DefaultSyncConfig.User
- java.lang.Object
-
- org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig.Authorizable
-
- org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig.User
-
- Enclosing class:
- DefaultSyncConfig
public static class DefaultSyncConfig.User extends DefaultSyncConfig.Authorizable
User specific config.
-
-
Constructor Summary
Constructors Constructor Description User()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
getDisableMissing()
Controls the behavior for users that no longer exist on the external provider.boolean
getDynamicMembership()
Returnstrue
if a dynamic group membership is enabled.boolean
getEnforceDynamicMembership()
Returnstrue
if a dynamic group membership must be enforced for users that have been synchronized previously.long
getMembershipExpirationTime()
Returns the duration in milliseconds until the group membership of a user is expired.long
getMembershipNestingDepth()
Returns the maximum depth of group nesting when membership relations are synced.DefaultSyncConfig.User
setDisableMissing(boolean disableMissing)
@NotNull DefaultSyncConfig.User
setDynamicMembership(boolean dynamicMembership)
Enable or disable the dynamic group membership.DefaultSyncConfig.User
setEnforceDynamicMembership(boolean enforceDynamicMembership)
Enable or disable the enforcement of dynamic group membership.@NotNull DefaultSyncConfig.User
setMembershipExpirationTime(long membershipExpirationTime)
Sets the membership expiration time@NotNull DefaultSyncConfig.User
setMembershipNestingDepth(long membershipNestingDepth)
Sets the group nesting depth.-
Methods inherited from class org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig.Authorizable
getAutoMembership, getAutoMembership, getAutoMembershipConfig, getExpirationTime, getPathPrefix, getPropertyMapping, isApplyRFC7613UsernameCaseMapped, setApplyRFC7613UsernameCaseMapped, setAutoMembership, setAutoMembershipConfig, setExpirationTime, setPathPrefix, setPropertyMapping
-
-
-
-
Method Detail
-
getMembershipExpirationTime
public long getMembershipExpirationTime()
Returns the duration in milliseconds until the group membership of a user is expired. If the membership information is expired it is re-synced according to the maximum nesting depth. Note that the membership is the groups an authorizable is member of, not the list of members of a group. Also note, that the group membership expiration time can be higher than the user expiration time itself and that value has no effect when syncing individual groups only when syncing a users membership ancestry.- Returns:
- the expiration time in milliseconds.
-
setMembershipExpirationTime
@NotNull public @NotNull DefaultSyncConfig.User setMembershipExpirationTime(long membershipExpirationTime)
Sets the membership expiration time- Parameters:
membershipExpirationTime
- the time in milliseconds.- Returns:
this
- See Also:
getMembershipExpirationTime()
-
getMembershipNestingDepth
public long getMembershipNestingDepth()
Returns the maximum depth of group nesting when membership relations are synced. A value of 0 effectively disables group membership lookup. A value of 1 only adds the direct groups of a user. This value has no effect when syncing individual groups only when syncing a users membership ancestry.- Returns:
- the group nesting depth
-
setMembershipNestingDepth
@NotNull public @NotNull DefaultSyncConfig.User setMembershipNestingDepth(long membershipNestingDepth)
Sets the group nesting depth.- Parameters:
membershipNestingDepth
- the depth.- Returns:
this
- See Also:
getMembershipNestingDepth()
-
getDynamicMembership
public boolean getDynamicMembership()
Returnstrue
if a dynamic group membership is enabled. Turning this option on may alter the behavior of other configuration options dealing with synchronization of group accounts and group membership. In particular it's an implementation detail if external groups may no longer be synchronized into the repository.- Returns:
true
if dynamic group membership for external user identities is turn on;false
otherwise.
-
setDynamicMembership
@NotNull public @NotNull DefaultSyncConfig.User setDynamicMembership(boolean dynamicMembership)
Enable or disable the dynamic group membership. If turned on external identities and their group membership will be synchronized such that the membership information is generated dynamically. External groups may or may not be synchronized into the repository if this option is turned on.- Parameters:
dynamicMembership
- Boolean flag to enable or disable a dedicated dynamic group management.- Returns:
this
- See Also:
for details.
-
getEnforceDynamicMembership
public boolean getEnforceDynamicMembership()
Returnstrue
if a dynamic group membership must be enforced for users that have been synchronized previously. Note that this option has no effect ifgetDynamicMembership()
returnsfalse
.- Returns:
true
if dynamic group membership for external user identities must be enforced for previously synced users;false
otherwise. This option only takes effect ifgetDynamicMembership()
is enabled.
-
setEnforceDynamicMembership
public DefaultSyncConfig.User setEnforceDynamicMembership(boolean enforceDynamicMembership)
Enable or disable the enforcement of dynamic group membership.- Parameters:
enforceDynamicMembership
- Boolean flag to define if dynamic group management is enforced for previously synced users.- Returns:
this
- See Also:
() for details.
-
getDisableMissing
public boolean getDisableMissing()
Controls the behavior for users that no longer exist on the external provider. The default is to delete the repository users if they no longer exist on the external provider. If set to true, they will be disabled instead, and re-enabled once they appear again.
-
setDisableMissing
public DefaultSyncConfig.User setDisableMissing(boolean disableMissing)
- See Also:
getDisableMissing()
-
-