Interface UserStoreProvider
public interface UserStoreProvider
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic interface
static interface
static interface
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addAttributeValues
(String uid, Attributes attributes, boolean replace) Add the given attribute values to the user entry.void
addUsersToGroup
(Set<String> uids, String group) Add the set of users to the specified group.void
addUserToGroups
(String uid, Set<String> groups) Add the specified user to the set of groups.authenticate
(CallbackHandler cbh, boolean isGetGroups, Set<String> attributeNames) Authenticate using credentials supplied in the given CallbackHandler.void
changePassword
(String uid, char[] oldPwd, char[] newPwd) Change the password for the specified user.createGroup
(String groupName) Create a new group.createUser
(String name, char[] pwd, Attributes attributes) Create a new user and return the unique ID assigned.void
deleteGroup
(String uid) Delete a group.void
deleteUser
(String uid) Remove the specified user.Get the unique store ID for this user store.boolean
Determine if authentication is supported and enabled by this USP.boolean
Determine if user lookup is supported and enabled by this USP.boolean
Determine if user update (CRUD operations) is supported and enabled by this USP.lookupGroupByUid
(String uid) Get the GroupEntry for the specified group.lookupGroupsByName
(String name) Get the GroupEntry(s) for the specified group name.lookupUserByUid
(String uid, boolean isGetGroups, Set<String> attributeNames) Lookup a user by unique ID.lookupUsersByName
(String name, boolean isGetGroups, Set<String> attributeNames) Lookup users by name.void
removeAttributes
(String uid, Set<String> attributeNames) Remove the given attributes from the user entry.void
removeAttributeValues
(String uid, Attributes attributes) Remove the given attribute values from the user entry.void
removeUserFromGroups
(String uid, Set<String> groups) Remove the specified user from the set of groups.void
removeUsersFromGroup
(Set<String> uids, String group) Remove the set of users from the specified group.
-
Method Details
-
getStoreId
String getStoreId()Get the unique store ID for this user store. This value must be unique across all stores configured into the system or which might be propogated into the system via SSO, etc. If this USP aggregates multiple underlying stores, the user IDs returned by the provider must be sufficient to uniquely identify users across all of the underlying stores.- Returns:
- The store ID for this USP.
-
isAuthenticationEnabled
boolean isAuthenticationEnabled()Determine if authentication is supported and enabled by this USP.- Returns:
- True or false.
-
isUserLookupEnabled
boolean isUserLookupEnabled()Determine if user lookup is supported and enabled by this USP.- Returns:
- True or false.
-
isUserUpdateEnabled
boolean isUserUpdateEnabled()Determine if user update (CRUD operations) is supported and enabled by this USP.- Returns:
- True or false.
-
authenticate
UserStoreProvider.UserEntry authenticate(CallbackHandler cbh, boolean isGetGroups, Set<String> attributeNames) throws LoginException Authenticate using credentials supplied in the given CallbackHandler. All USPs must support at least NameCallback and PasswordCallback. The only other callback type expected to be commonly used is X509Certificate, but it's possible to imagine, e.g., KerberosToken or PasswordDigest.- Parameters:
cbh
-isGetGroups
- Whether or not to return the user's groups.attributeNames
- Names of attributes to return, or null for no attributes.- Returns:
- If successful, a UserEntry representing the authenticated user, otherwise throws an exception.
- Throws:
LoginException
-
lookupUsersByName
UserStoreProvider.ResultSet<UserStoreProvider.UserEntry> lookupUsersByName(String name, boolean isGetGroups, Set<String> attributeNames) throws UserStoreException Lookup users by name. Since name is not necessarily unique, more than one entry may be returned. Group membership and selected attributes can also be requested, but requesting these may be inefficient if more than one user is matched.- Parameters:
name
- The user name to searech for.isGetGroups
- Whether or not to return users' groups.attributeNames
- Names of attributes to return, or null for no attributes.- Returns:
- The Set of UserEntrys found.
- Throws:
UserStoreException
-
lookupUserByUid
UserStoreProvider.UserEntry lookupUserByUid(String uid, boolean isGetGroups, Set<String> attributeNames) throws UserStoreException Lookup a user by unique ID. Returns the corresponding UserEntry if found. Group membership and selected attributes can also be requested.- Parameters:
uid
-isGetGroups
- Whether or not to return users' groups.attributeNames
- Names of attributes to return, or null for no attributes.- Returns:
- The UserEntry (if found).
- Throws:
UserStoreException
-
lookupGroupsByName
UserStoreProvider.ResultSet<UserStoreProvider.GroupEntry> lookupGroupsByName(String name) throws UserStoreException Get the GroupEntry(s) for the specified group name.- Parameters:
name
- The name to search on, may include wildcards (e.g., a*, *b, etc.)- Returns:
- ResultSet of the GroupEntries matching the specified name.
- Throws:
UserStoreException
-
lookupGroupByUid
Get the GroupEntry for the specified group.- Parameters:
uid
- The UID of the group to return.- Returns:
- GroupEntry corresponding to the group UID.
- Throws:
UserStoreException
-
createUser
Create a new user and return the unique ID assigned.- Parameters:
name
- Name of the new user entry.pwd
- Password to set on the new entry.attributes
- Attributes to set on the entry (or null if none).- Returns:
- Returns the UID assigned to the new entry (can be used for subsequent operations)
- Throws:
UserStoreException
-
deleteUser
Remove the specified user.- Parameters:
uid
- UID of the user to remove.- Throws:
UserStoreException
-
changePassword
Change the password for the specified user. If old password is provided, verify before changing.- Parameters:
uid
- UID of user whose password should be changed.oldPwd
- Old password, if verification desired, or null. If provided, must be valid.newPwd
- New password to set.- Throws:
UserStoreException
-
addAttributeValues
void addAttributeValues(String uid, Attributes attributes, boolean replace) throws UserStoreException Add the given attribute values to the user entry.- Parameters:
uid
-attributes
-replace
-- Throws:
UserStoreException
-
removeAttributeValues
Remove the given attribute values from the user entry.- Parameters:
uid
-attributes
-- Throws:
UserStoreException
-
removeAttributes
Remove the given attributes from the user entry.- Parameters:
uid
-attributeNames
-- Throws:
UserStoreException
-
createGroup
Create a new group.- Parameters:
groupName
-- Returns:
- The UID for the newly created group
- Throws:
UserStoreException
-
deleteGroup
Delete a group.- Parameters:
uid
- UID of group to delete.- Throws:
UserStoreException
-
addUserToGroups
Add the specified user to the set of groups.- Parameters:
uid
-groups
-- Throws:
UserStoreException
-
removeUserFromGroups
Remove the specified user from the set of groups.- Parameters:
uid
-groups
-- Throws:
UserStoreException
-
addUsersToGroup
Add the set of users to the specified group.- Parameters:
uids
-group
-- Throws:
UserStoreException
-
removeUsersFromGroup
Remove the set of users from the specified group.- Parameters:
uids
-group
-- Throws:
UserStoreException
-