Interface UserStoreProvider
-
public interface UserStoreProvider
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static interface
UserStoreProvider.GroupEntry
static interface
UserStoreProvider.ResultSet<T>
static interface
UserStoreProvider.UserEntry
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addAttributeValues(String uid, Attributes attributes, boolean replace)
Add the given attribute values to the user entry.void
addUsersToGroup(Set<String> uids, String group)
Add the set of users to the specified group.void
addUserToGroups(String uid, Set<String> groups)
Add the specified user to the set of groups.UserStoreProvider.UserEntry
authenticate(CallbackHandler cbh, boolean isGetGroups, Set<String> attributeNames)
Authenticate using credentials supplied in the given CallbackHandler.void
changePassword(String uid, char[] oldPwd, char[] newPwd)
Change the password for the specified user.String
createGroup(String groupName)
Create a new group.String
createUser(String name, char[] pwd, Attributes attributes)
Create a new user and return the unique ID assigned.void
deleteGroup(String uid)
Delete a group.void
deleteUser(String uid)
Remove the specified user.String
getStoreId()
Get the unique store ID for this user store.boolean
isAuthenticationEnabled()
Determine if authentication is supported and enabled by this USP.boolean
isUserLookupEnabled()
Determine if user lookup is supported and enabled by this USP.boolean
isUserUpdateEnabled()
Determine if user update (CRUD operations) is supported and enabled by this USP.UserStoreProvider.GroupEntry
lookupGroupByUid(String uid)
Get the GroupEntry for the specified group.UserStoreProvider.ResultSet<UserStoreProvider.GroupEntry>
lookupGroupsByName(String name)
Get the GroupEntry(s) for the specified group name.UserStoreProvider.UserEntry
lookupUserByUid(String uid, boolean isGetGroups, Set<String> attributeNames)
Lookup a user by unique ID.UserStoreProvider.ResultSet<UserStoreProvider.UserEntry>
lookupUsersByName(String name, boolean isGetGroups, Set<String> attributeNames)
Lookup users by name.void
removeAttributes(String uid, Set<String> attributeNames)
Remove the given attributes from the user entry.void
removeAttributeValues(String uid, Attributes attributes)
Remove the given attribute values from the user entry.void
removeUserFromGroups(String uid, Set<String> groups)
Remove the specified user from the set of groups.void
removeUsersFromGroup(Set<String> uids, String group)
Remove the set of users from the specified group.
-
-
-
Method Detail
-
getStoreId
String getStoreId()
Get the unique store ID for this user store. This value must be unique across all stores configured into the system or which might be propogated into the system via SSO, etc. If this USP aggregates multiple underlying stores, the user IDs returned by the provider must be sufficient to uniquely identify users across all of the underlying stores.- Returns:
- The store ID for this USP.
-
isAuthenticationEnabled
boolean isAuthenticationEnabled()
Determine if authentication is supported and enabled by this USP.- Returns:
- True or false.
-
isUserLookupEnabled
boolean isUserLookupEnabled()
Determine if user lookup is supported and enabled by this USP.- Returns:
- True or false.
-
isUserUpdateEnabled
boolean isUserUpdateEnabled()
Determine if user update (CRUD operations) is supported and enabled by this USP.- Returns:
- True or false.
-
authenticate
UserStoreProvider.UserEntry authenticate(CallbackHandler cbh, boolean isGetGroups, Set<String> attributeNames) throws LoginException
Authenticate using credentials supplied in the given CallbackHandler. All USPs must support at least NameCallback and PasswordCallback. The only other callback type expected to be commonly used is X509Certificate, but it's possible to imagine, e.g., KerberosToken or PasswordDigest.- Parameters:
cbh
-isGetGroups
- Whether or not to return the user's groups.attributeNames
- Names of attributes to return, or null for no attributes.- Returns:
- If successful, a UserEntry representing the authenticated user, otherwise throws an exception.
- Throws:
LoginException
-
lookupUsersByName
UserStoreProvider.ResultSet<UserStoreProvider.UserEntry> lookupUsersByName(String name, boolean isGetGroups, Set<String> attributeNames) throws UserStoreException
Lookup users by name. Since name is not necessarily unique, more than one entry may be returned. Group membership and selected attributes can also be requested, but requesting these may be inefficient if more than one user is matched.- Parameters:
name
- The user name to searech for.isGetGroups
- Whether or not to return users' groups.attributeNames
- Names of attributes to return, or null for no attributes.- Returns:
- The Set of UserEntrys found.
- Throws:
UserStoreException
-
lookupUserByUid
UserStoreProvider.UserEntry lookupUserByUid(String uid, boolean isGetGroups, Set<String> attributeNames) throws UserStoreException
Lookup a user by unique ID. Returns the corresponding UserEntry if found. Group membership and selected attributes can also be requested.- Parameters:
uid
-isGetGroups
- Whether or not to return users' groups.attributeNames
- Names of attributes to return, or null for no attributes.- Returns:
- The UserEntry (if found).
- Throws:
UserStoreException
-
lookupGroupsByName
UserStoreProvider.ResultSet<UserStoreProvider.GroupEntry> lookupGroupsByName(String name) throws UserStoreException
Get the GroupEntry(s) for the specified group name.- Parameters:
name
- The name to search on, may include wildcards (e.g., a*, *b, etc.)- Returns:
- ResultSet of the GroupEntries matching the specified name.
- Throws:
UserStoreException
-
lookupGroupByUid
UserStoreProvider.GroupEntry lookupGroupByUid(String uid) throws UserStoreException
Get the GroupEntry for the specified group.- Parameters:
uid
- The UID of the group to return.- Returns:
- GroupEntry corresponding to the group UID.
- Throws:
UserStoreException
-
createUser
String createUser(String name, char[] pwd, Attributes attributes) throws UserStoreException
Create a new user and return the unique ID assigned.- Parameters:
name
- Name of the new user entry.pwd
- Password to set on the new entry.attributes
- Attributes to set on the entry (or null if none).- Returns:
- Returns the UID assigned to the new entry (can be used for subsequent operations)
- Throws:
UserStoreException
-
deleteUser
void deleteUser(String uid) throws UserStoreException
Remove the specified user.- Parameters:
uid
- UID of the user to remove.- Throws:
UserStoreException
-
changePassword
void changePassword(String uid, char[] oldPwd, char[] newPwd) throws UserStoreException
Change the password for the specified user. If old password is provided, verify before changing.- Parameters:
uid
- UID of user whose password should be changed.oldPwd
- Old password, if verification desired, or null. If provided, must be valid.newPwd
- New password to set.- Throws:
UserStoreException
-
addAttributeValues
void addAttributeValues(String uid, Attributes attributes, boolean replace) throws UserStoreException
Add the given attribute values to the user entry.- Parameters:
uid
-attributes
-replace
-- Throws:
UserStoreException
-
removeAttributeValues
void removeAttributeValues(String uid, Attributes attributes) throws UserStoreException
Remove the given attribute values from the user entry.- Parameters:
uid
-attributes
-- Throws:
UserStoreException
-
removeAttributes
void removeAttributes(String uid, Set<String> attributeNames) throws UserStoreException
Remove the given attributes from the user entry.- Parameters:
uid
-attributeNames
-- Throws:
UserStoreException
-
createGroup
String createGroup(String groupName) throws UserStoreException
Create a new group.- Parameters:
groupName
-- Returns:
- The UID for the newly created group
- Throws:
UserStoreException
-
deleteGroup
void deleteGroup(String uid) throws UserStoreException
Delete a group.- Parameters:
uid
- UID of group to delete.- Throws:
UserStoreException
-
addUserToGroups
void addUserToGroups(String uid, Set<String> groups) throws UserStoreException
Add the specified user to the set of groups.- Parameters:
uid
-groups
-- Throws:
UserStoreException
-
removeUserFromGroups
void removeUserFromGroups(String uid, Set<String> groups) throws UserStoreException
Remove the specified user from the set of groups.- Parameters:
uid
-groups
-- Throws:
UserStoreException
-
addUsersToGroup
void addUsersToGroup(Set<String> uids, String group) throws UserStoreException
Add the set of users to the specified group.- Parameters:
uids
-group
-- Throws:
UserStoreException
-
removeUsersFromGroup
void removeUsersFromGroup(Set<String> uids, String group) throws UserStoreException
Remove the set of users from the specified group.- Parameters:
uids
-group
-- Throws:
UserStoreException
-
-