|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.jackrabbit.core.ProtectedItemModifier
org.apache.jackrabbit.core.security.user.UserManagerImpl
public class UserManagerImpl
Default implementation of the UserManager
interface with the
following characteristics:
UserConstants.USERS_PATH
,UserConstants.GROUPS_PATH
(unless otherwise configured).getUsersPath()
or getGroupsPath()
.escaped
.+ rep:security [nt:unstructured] + rep:authorizables [rep:AuthorizableFolder] + rep:users [rep:AuthorizableFolder] + a [rep:AuthorizableFolder] + aS [rep:AuthorizableFolder] + aSmith [rep:User]Creating a non-existing user with ID 'aSmith' specifying an intermediate path 'some/tree' would result in the following structure:
+ rep:security [nt:unstructured] + rep:authorizables [rep:AuthorizableFolder] + rep:users [rep:AuthorizableFolder] + some [rep:AuthorizableFolder] + tree [rep:AuthorizableFolder] + aSmith [rep:User]This
UserManager
is able to handle the following configuration
options:
PARAM_USERS_PATH
: Defines where user nodes are created.
If missing set to USERS_PATH
.PARAM_GROUPS_PATH
. Defines where group nodes are created.
If missing set to GROUPS_PATH
.PARAM_COMPATIBILE_JR16
: If the param is present and its
value is true
looking up authorizables by ID will use the
NodeResolver
if not found otherwise.PARAM_DEFAULT_DEPTH
: Parameter used to change the number of
levels that are used by default to store authorizable nodes.PARAM_AUTO_EXPAND_TREE
: If this parameter is present and its
value is true
, the trees containing user and group nodes will
automatically created additional hierarchy levels if the number of nodes
on a given level exceeds the maximal allowed size
.
PARAM_AUTO_EXPAND_SIZE
: This parameter only takes effect
if PARAM_AUTO_EXPAND_TREE
is enabled.
Field Summary | |
---|---|
static String |
AUTHORIZABLES_PATH
|
static String |
GROUP_ADMIN_GROUP_NAME
Configuration key and default value for the the name of the 'GroupAdmin' group-principal |
static String |
GROUPS_PATH
|
static Name |
MIX_REP_IMPERSONATABLE
|
static NameFactory |
NF
|
static Name |
NT_REP_AUTHORIZABLE
|
static Name |
NT_REP_AUTHORIZABLE_FOLDER
|
static Name |
NT_REP_GROUP
|
static Name |
NT_REP_USER
|
static Name |
P_GROUPS
Deprecated. As of 2.0 group membership is stored with the group node. |
static Name |
P_IMPERSONATORS
Name of the user property containing the principal names of those allowed to impersonate. |
static Name |
P_MEMBERS
|
static Name |
P_PASSWORD
|
static Name |
P_PRINCIPAL_NAME
|
static Name |
P_USERID
Deprecated. As of 2.0 the id-hash is stored with the jcr:uuid making the rep:userId property redundant. It has been removed from the node type definition. |
static String |
PARAM_AUTO_EXPAND_SIZE
This parameter only takes effect if PARAM_AUTO_EXPAND_TREE is
enabled.The default value is 1000. |
static String |
PARAM_AUTO_EXPAND_TREE
If this parameter is present and its value is true , the trees
containing user and group nodes will automatically created additional
hierarchy levels if the number of nodes on a given level exceeds the
maximal allowed size . |
static String |
PARAM_COMPATIBILE_JR16
Flag to enable a minimal backwards compatibility with Jackrabbit < v2.0 If the param is present and its value is true looking up
authorizables by ID will use the NodeResolver if not found
otherwise.If the parameter is missing (or false) users and groups created with a Jackrabbit repository < v2.0 will not be found any more. By default this option is disabled. |
static String |
PARAM_DEFAULT_DEPTH
Parameter used to change the number of levels that are used by default store authorizable nodes. The default number of levels is 2. |
static String |
PARAM_GROUPS_PATH
Configuration option to change the default path for creating groups. |
static String |
PARAM_USERS_PATH
Configuration option to change the default path for creating users. |
static String |
SECURITY_ROOT_PATH
root-path to security related content e.g. |
static String |
USER_ADMIN_GROUP_NAME
Configuration key and default value for the the name of the 'UserAdmin' group-principal. |
static String |
USERS_PATH
|
Fields inherited from interface org.apache.jackrabbit.api.security.user.UserManager |
---|
SEARCH_TYPE_AUTHORIZABLE, SEARCH_TYPE_GROUP, SEARCH_TYPE_USER |
Constructor Summary | |
---|---|
UserManagerImpl(SessionImpl session,
String adminId)
Create a new UserManager with the default configuration. |
|
UserManagerImpl(SessionImpl session,
String adminId,
Properties config)
Create a new UserManager for the given session . |
Method Summary | |
---|---|
void |
autoSave(boolean enable)
Always throws unsupportedRepositoryOperationException as
modification of the autosave behavior is not supported. |
Group |
createGroup(Principal principal)
Same as createGroup(java.security.Principal, String ) where the
intermediate path is null . |
Group |
createGroup(Principal principal,
String intermediatePath)
Create a new Group from the given principal . |
User |
createUser(String userID,
String password)
Creates an User for the given userID / password pair; neither of the specified parameters can be null .Same as UserManager.createUser(String,String,Principal,String) where
the specified userID is equal to the principal name and the intermediate
path is null . |
User |
createUser(String userID,
String password,
Principal principal,
String intermediatePath)
Creates an User for the given parameters. |
protected Group |
doCreateGroup(NodeImpl node)
Build the group object from the given group node. |
protected User |
doCreateUser(NodeImpl node)
Build the user object from the given user node. |
Iterator<Authorizable> |
findAuthorizables(String propertyName,
String value)
Returns all Authorizable s that have
property with the given name and
that Property equals the given value. |
Iterator<Authorizable> |
findAuthorizables(String propertyName,
String value,
int searchType)
Returns all Authorizable s that have
property with the given name and
that Property equals the given value. |
Authorizable |
getAuthorizable(Principal principal)
Get the Authorizable by its main Principal. |
Authorizable |
getAuthorizable(String id)
Get the Authorizable by its id. |
String |
getGroupsPath()
Implementation specific methods releaving where groups are created within the content. |
String |
getUsersPath()
Implementation specific methods releaving where users are created within the content. |
boolean |
isAutoSave()
Always returns true as by default the autoSave behavior
cannot be altered (see also autoSave(boolean) . |
void |
loggedOut(SessionImpl session)
Called when a Session has been 'closed' by
calling
|
void |
loggingOut(SessionImpl session)
Called when a Session is about to be 'closed' by
calling
|
Methods inherited from class org.apache.jackrabbit.core.ProtectedItemModifier |
---|
addNode, addNode, markModified, removeItem, setProperty, setProperty, setProperty, setProperty |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String PARAM_USERS_PATH
default path
for creating users.
public static final String PARAM_GROUPS_PATH
default path
for creating groups.
public static final String PARAM_COMPATIBILE_JR16
true
looking up
authorizables by ID will use the NodeResolver
if not found
otherwise.
public static final String PARAM_DEFAULT_DEPTH
PARAM_AUTO_EXPAND_TREE
flag is set to true
.
public static final String PARAM_AUTO_EXPAND_TREE
true
, the trees
containing user and group nodes will automatically created additional
hierarchy levels if the number of nodes on a given level exceeds the
maximal allowed size
.
public static final String PARAM_AUTO_EXPAND_SIZE
PARAM_AUTO_EXPAND_TREE
is
enabled.
public static final NameFactory NF
public static final String SECURITY_ROOT_PATH
public static final String AUTHORIZABLES_PATH
public static final String USERS_PATH
public static final String GROUPS_PATH
public static final String USER_ADMIN_GROUP_NAME
public static final String GROUP_ADMIN_GROUP_NAME
public static final Name P_PRINCIPAL_NAME
public static final Name P_USERID
public static final Name P_PASSWORD
public static final Name P_GROUPS
P_MEMBERS
public static final Name P_MEMBERS
public static final Name P_IMPERSONATORS
public static final Name NT_REP_AUTHORIZABLE
public static final Name NT_REP_AUTHORIZABLE_FOLDER
public static final Name NT_REP_USER
public static final Name NT_REP_GROUP
public static final Name MIX_REP_IMPERSONATABLE
Constructor Detail |
---|
public UserManagerImpl(SessionImpl session, String adminId) throws RepositoryException
UserManager
with the default configuration.
session
- The editing/reading session.adminId
- The user ID of the administrator.
RepositoryException
- If an error occurs.public UserManagerImpl(SessionImpl session, String adminId, Properties config) throws RepositoryException
UserManager
for the given session
.
Currently the following configuration options are respected:
PARAM_USERS_PATH
. If missing set to UserConstants.USERS_PATH
.PARAM_GROUPS_PATH
. If missing set to UserConstants.GROUPS_PATH
.PARAM_DEFAULT_DEPTH
. The default number of levels is 2.PARAM_AUTO_EXPAND_TREE
. By default this option is disabled.PARAM_AUTO_EXPAND_SIZE
. The default value is 1000.introduction
for details.
session
- The editing/reading session.adminId
- The user ID of the administrator.config
- The configuration parameters.
RepositoryException
- If an error occurs.Method Detail |
---|
public String getUsersPath()
For the corresponding configuration parameter.
public String getGroupsPath()
For the corresponding configuration parameter.
public Authorizable getAuthorizable(String id) throws RepositoryException
UserManager
getAuthorizable
in interface UserManager
id
- The user or group id.
null
, if not present.
RepositoryException
- If an error occurs.UserManager.getAuthorizable(String)
public Authorizable getAuthorizable(Principal principal) throws RepositoryException
UserManager
getAuthorizable
in interface UserManager
null
, if not present.
RepositoryException
- If an error occurs.UserManager.getAuthorizable(Principal)
public Iterator<Authorizable> findAuthorizables(String propertyName, String value) throws RepositoryException
UserManager
Authorizable
s that have
property
with the given name and
that Property equals the given value.
findAuthorizables
in interface UserManager
Authorizable
s that have a property with the given
name exactly matching the given value.
RepositoryException
- If an error occurs.UserManager.findAuthorizables(String,String)
public Iterator<Authorizable> findAuthorizables(String propertyName, String value, int searchType) throws RepositoryException
UserManager
Authorizable
s that have
property
with the given name and
that Property equals the given value. In contrast to
UserManager.findAuthorizables(String, String)
the type of authorizable is
respected while executing the search.
findAuthorizables
in interface UserManager
searchType
- Any of the following constants:
Authorizable
.
RepositoryException
- If an error occurs.UserManager.findAuthorizables(String,String, int)
public User createUser(String userID, String password) throws RepositoryException
UserManager
null
.UserManager.createUser(String,String,Principal,String)
where
the specified userID is equal to the principal name and the intermediate
path is null
.
createUser
in interface UserManager
userID
- The id of the new user.password
- The initial password of this user.
User
.
AuthorizableExistsException
- in case the given userID is already
in use or another Authorizable with the same principal name exists.
RepositoryException
- If another error occurs.UserManager.createUser(String,String)
public User createUser(String userID, String password, Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException
UserManager
intermediatePath
that parameter should
be ignored.
Except for the intermediatePath
, neither of the specified
parameters can be null
.
createUser
in interface UserManager
User
.
AuthorizableExistsException
- in case the given userID is already
in use or another Authorizable with the same principal name exists.
RepositoryException
- If the current Session is
not allowed to create users or some another error occurs.UserManager.createUser(String, String, java.security.Principal, String)
public Group createGroup(Principal principal) throws RepositoryException
createGroup(java.security.Principal, String )
where the
intermediate path is null
.
createGroup
in interface UserManager
principal
- A non-null Principal
Group
.
AuthorizableExistsException
- in case the given principal is already
in use with another Authorizable.
RepositoryException
- If another error occurs.UserManager.createGroup(Principal)
public Group createGroup(Principal principal, String intermediatePath) throws AuthorizableExistsException, RepositoryException
Group
from the given principal
.
It will be created below the defined group path
.rep:AuthorizableFolder
.
The group ID will be generated from the principal name. If the name
conflicts with an existing authorizable ID (may happen in cases where
principal name != ID) the principal name is expanded by a suffix;
otherwise the resulting group ID equals the principal name.
createGroup
in interface UserManager
principal
- A principal that doesn't yet represent an existing user
or group.intermediatePath
- Is always ignored.
AuthorizableExistsException
RepositoryException
UserManager.createGroup(java.security.Principal, String)
public boolean isAutoSave()
true
as by default the autoSave behavior
cannot be altered (see also autoSave(boolean)
.
isAutoSave
in interface UserManager
true
.UserManager.isAutoSave()
public void autoSave(boolean enable) throws UnsupportedRepositoryOperationException, RepositoryException
unsupportedRepositoryOperationException
as
modification of the autosave behavior is not supported.
autoSave
in interface UserManager
enable
- If true
changes made through this API will
be automatically saved; otherwise an explict call to
Session.save()
is required in order to persist changes.
UnsupportedRepositoryOperationException
- If the implementation
does not allow to change the auto save behavior.
RepositoryException
- If some other error occurs.UserManager.autoSave(boolean)
protected User doCreateUser(NodeImpl node) throws RepositoryException
node
- user node
RepositoryException
- if an error occursprotected Group doCreateGroup(NodeImpl node) throws RepositoryException
node
- group node
RepositoryException
- if an error occurspublic void loggingOut(SessionImpl session)
SessionListener
Session
is about to be 'closed' by
calling Session.logout()
- Specified by:
loggingOut
in interface SessionListener
- Parameters:
session
- the Session
that is about to be 'closed'- See Also:
SessionListener.loggingOut(org.apache.jackrabbit.core.SessionImpl)
public void loggedOut(SessionImpl session)
SessionListener
Session
has been 'closed' by
calling Session.logout()
- Specified by:
loggedOut
in interface SessionListener
- Parameters:
session
- the Session
that has been 'closed'- See Also:
SessionListener.loggedOut(org.apache.jackrabbit.core.SessionImpl)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |