CredentialsManagement (Jetspeed 1 Enterprise Portal 1.6 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.jetspeed.services.security
Interface CredentialsManagement

All Superinterfaces:: org.apache.turbine.services.Initable, org.apache.turbine.services.Service

All Known Subinterfaces:: UserManagement

All Known Implementing Classes:: LDAPUserManagement, NoUserManagement, TurbineUserManagement

public interface CredentialsManagement
extends org.apache.turbine.services.Service

The UserManagement interface describes a contract between the portal and security provider required for Jetspeed Credentials Management. This interface enables an application to be independent of the underlying user management technology.

Version:: $Id: CredentialsManagement.java,v 1.3 2004/02/23 03:58:11 jford Exp $
Author:: David Sean Taylor

Field Summary
`static java.lang.String`	`SERVICE_NAME`

Method Summary
`void`	`changePassword(JetspeedUser user, java.lang.String oldPassword, java.lang.String newPassword)` Allows for a user to change their own password.
`java.lang.String`	`encryptPassword(java.lang.String password)` This method provides client-side encryption of passwords.
`void`	`forcePassword(JetspeedUser user, java.lang.String password)` Forcibly sets new password for a User.

Methods inherited from interface org.apache.turbine.services.Service

getConfiguration, getName, getProperties, setName, setServiceBroker

Methods inherited from interface org.apache.turbine.services.Initable

getInit, init, init, setInitableBroker, shutdown

Field Detail

SERVICE_NAME

public static final java.lang.String SERVICE_NAME

See Also:: Constant Field Values

Method Detail

changePassword

public void changePassword(JetspeedUser user,
                           java.lang.String oldPassword,
                           java.lang.String newPassword)
                    throws JetspeedSecurityException

Allows for a user to change their own password.

Parameters:: user - the user to change the password for.; oldPassword - the current password supplied by the user.; newPassword - the current password requested by the user.
Throws:: UserException - when the security provider has a general failure retrieving a user.; UnknownUserException - when the security provider cannot match the principal identity to a user.; InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege; JetspeedSecurityException

forcePassword

public void forcePassword(JetspeedUser user,
                          java.lang.String password)
                   throws JetspeedSecurityException

Forcibly sets new password for a User. Provides an administrator the ability to change the forgotten or compromised passwords. Certain implementatations of this feature would require administrative level access to the authenticating server / program.

Parameters:: user - the user to change the password for.; password - the new password.
Throws:: UserException - when the security provider has a general failure retrieving a user.; UnknownUserException - when the security provider cannot match the principal identity to a user.; InsufficientPrivilegeException - when the requestor is denied due to insufficient privilege; JetspeedSecurityException

encryptPassword

public java.lang.String encryptPassword(java.lang.String password)
                                 throws JetspeedSecurityException

This method provides client-side encryption of passwords. If secure.passwords are enabled in JetspeedSecurity properties, the password will be encrypted, if not, it will be returned unchanged. The secure.passwords.algorithm property can be used to chose which digest algorithm should be used for performing the encryption. SHA is used by default.

Parameters:: password - the password to process
Returns:: processed password
Throws:: JetspeedSecurityException