Package org.glassfish.security.services.spi.authentication

Interface UserStoreProvider

public interface UserStoreProvider

  • Method Details

    • getStoreId

      String getStoreId()
      Get the unique store ID for this user store. This value must be unique across all stores configured into the system or which might be propogated into the system via SSO, etc. If this USP aggregates multiple underlying stores, the user IDs returned by the provider must be sufficient to uniquely identify users across all of the underlying stores.
      Returns:
      The store ID for this USP.

    • isAuthenticationEnabled

      boolean isAuthenticationEnabled()
      Determine if authentication is supported and enabled by this USP.
      Returns:
      True or false.

    • isUserLookupEnabled

      boolean isUserLookupEnabled()
      Determine if user lookup is supported and enabled by this USP.
      Returns:
      True or false.

    • isUserUpdateEnabled

      boolean isUserUpdateEnabled()
      Determine if user update (CRUD operations) is supported and enabled by this USP.
      Returns:
      True or false.

    • authenticate

      UserStoreProvider.UserEntry authenticate(CallbackHandler cbh, boolean isGetGroups, Set<String> attributeNames) throws LoginException
      Authenticate using credentials supplied in the given CallbackHandler. All USPs must support at least NameCallback and PasswordCallback. The only other callback type expected to be commonly used is X509Certificate, but it's possible to imagine, e.g., KerberosToken or PasswordDigest.
      Parameters:
      cbh -
      isGetGroups - Whether or not to return the user's groups.
      attributeNames - Names of attributes to return, or null for no attributes.
      Returns:
      If successful, a UserEntry representing the authenticated user, otherwise throws an exception.
      Throws:
      LoginException

    • lookupUsersByName

      UserStoreProvider.ResultSet<UserStoreProvider.UserEntry> lookupUsersByName(String name, boolean isGetGroups, Set<String> attributeNames) throws UserStoreException
      Lookup users by name. Since name is not necessarily unique, more than one entry may be returned. Group membership and selected attributes can also be requested, but requesting these may be inefficient if more than one user is matched.
      Parameters:
      name - The user name to searech for.
      isGetGroups - Whether or not to return users' groups.
      attributeNames - Names of attributes to return, or null for no attributes.
      Returns:
      The Set of UserEntrys found.
      Throws:
      UserStoreException

    • lookupUserByUid

      UserStoreProvider.UserEntry lookupUserByUid(String uid, boolean isGetGroups, Set<String> attributeNames) throws UserStoreException
      Lookup a user by unique ID. Returns the corresponding UserEntry if found. Group membership and selected attributes can also be requested.
      Parameters:
      uid -
      isGetGroups - Whether or not to return users' groups.
      attributeNames - Names of attributes to return, or null for no attributes.
      Returns:
      The UserEntry (if found).
      Throws:
      UserStoreException

    • lookupGroupsByName

      UserStoreProvider.ResultSet<UserStoreProvider.GroupEntry> lookupGroupsByName(String name) throws UserStoreException
      Get the GroupEntry(s) for the specified group name.
      Parameters:
      name - The name to search on, may include wildcards (e.g., a*, *b, etc.)
      Returns:
      ResultSet of the GroupEntries matching the specified name.
      Throws:
      UserStoreException

    • lookupGroupByUid

      UserStoreProvider.GroupEntry lookupGroupByUid(String uid) throws UserStoreException
      Get the GroupEntry for the specified group.
      Parameters:
      uid - The UID of the group to return.
      Returns:
      GroupEntry corresponding to the group UID.
      Throws:
      UserStoreException

    • createUser

      String createUser(String name, char[] pwd, Attributes attributes) throws UserStoreException
      Create a new user and return the unique ID assigned.
      Parameters:
      name - Name of the new user entry.
      pwd - Password to set on the new entry.
      attributes - Attributes to set on the entry (or null if none).
      Returns:
      Returns the UID assigned to the new entry (can be used for subsequent operations)
      Throws:
      UserStoreException

    • deleteUser

      void deleteUser(String uid) throws UserStoreException
      Remove the specified user.
      Parameters:
      uid - UID of the user to remove.
      Throws:
      UserStoreException

    • changePassword

      void changePassword(String uid, char[] oldPwd, char[] newPwd) throws UserStoreException
      Change the password for the specified user. If old password is provided, verify before changing.
      Parameters:
      uid - UID of user whose password should be changed.
      oldPwd - Old password, if verification desired, or null. If provided, must be valid.
      newPwd - New password to set.
      Throws:
      UserStoreException

    • addAttributeValues

      void addAttributeValues(String uid, Attributes attributes, boolean replace) throws UserStoreException
      Add the given attribute values to the user entry.
      Parameters:
      uid -
      attributes -
      replace -
      Throws:
      UserStoreException

    • removeAttributeValues

      void removeAttributeValues(String uid, Attributes attributes) throws UserStoreException
      Remove the given attribute values from the user entry.
      Parameters:
      uid -
      attributes -
      Throws:
      UserStoreException

    • removeAttributes

      void removeAttributes(String uid, Set<String> attributeNames) throws UserStoreException
      Remove the given attributes from the user entry.
      Parameters:
      uid -
      attributeNames -
      Throws:
      UserStoreException

    • createGroup

      String createGroup(String groupName) throws UserStoreException
      Create a new group.
      Parameters:
      groupName -
      Returns:
      The UID for the newly created group
      Throws:
      UserStoreException

    • deleteGroup

      void deleteGroup(String uid) throws UserStoreException
      Delete a group.
      Parameters:
      uid - UID of group to delete.
      Throws:
      UserStoreException

    • addUserToGroups

      void addUserToGroups(String uid, Set<String> groups) throws UserStoreException
      Add the specified user to the set of groups.
      Parameters:
      uid -
      groups -
      Throws:
      UserStoreException

    • removeUserFromGroups

      void removeUserFromGroups(String uid, Set<String> groups) throws UserStoreException
      Remove the specified user from the set of groups.
      Parameters:
      uid -
      groups -
      Throws:
      UserStoreException

    • addUsersToGroup

      void addUsersToGroup(Set<String> uids, String group) throws UserStoreException
      Add the set of users to the specified group.
      Parameters:
      uids -
      group -
      Throws:
      UserStoreException

    • removeUsersFromGroup

      void removeUsersFromGroup(Set<String> uids, String group) throws UserStoreException
      Remove the set of users from the specified group.
      Parameters:
      uids -
      group -
      Throws:
      UserStoreException