1 /** 2 * This file Copyright (c) 2003-2011 Magnolia International 3 * Ltd. (http://www.magnolia-cms.com). All rights reserved. 4 * 5 * 6 * This file is dual-licensed under both the Magnolia 7 * Network Agreement and the GNU General Public License. 8 * You may elect to use one or the other of these licenses. 9 * 10 * This file is distributed in the hope that it will be 11 * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the 12 * implied warranty of MERCHANTABILITY or FITNESS FOR A 13 * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT. 14 * Redistribution, except as permitted by whichever of the GPL 15 * or MNA you select, is prohibited. 16 * 17 * 1. For the GPL license (GPL), you can redistribute and/or 18 * modify this file under the terms of the GNU General 19 * Public License, Version 3, as published by the Free Software 20 * Foundation. You should have received a copy of the GNU 21 * General Public License, Version 3 along with this program; 22 * if not, write to the Free Software Foundation, Inc., 51 23 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 24 * 25 * 2. For the Magnolia Network Agreement (MNA), this file 26 * and the accompanying materials are made available under the 27 * terms of the MNA which accompanies this distribution, and 28 * is available at http://www.magnolia-cms.com/mna.html 29 * 30 * Any modifications to this file must keep this entire header 31 * intact. 32 * 33 */ 34 package info.magnolia.cms.security; 35 36 import java.util.Collection; 37 38 import javax.security.auth.Subject; 39 40 41 /** 42 * Manages users. 43 * @version $Revision: 48805 $ ($Author: ochytil $) 44 */ 45 public interface UserManager { 46 47 /** 48 * Magnolia system user name. 49 */ 50 public static final String SYSTEM_USER = "superuser"; 51 52 /** 53 * Magnolia system default password. 54 */ 55 public static final String SYSTEM_PSWD = "superuser"; 56 57 /** 58 * Anonymous user name. 59 */ 60 public static final String ANONYMOUS_USER = "anonymous"; 61 62 /** 63 * Find a specific user. Not all implementations will support this method. 64 * @param name the name of the user 65 * @return the user object 66 */ 67 public User getUser(String name) throws UnsupportedOperationException; 68 69 /** 70 * Initialize new user using JAAS authenticated/authorized subject. 71 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 72 */ 73 public User getUser(Subject subject) throws UnsupportedOperationException; 74 75 /** 76 * Get system user, this user must always exist in magnolia repository. 77 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 78 */ 79 public User getSystemUser() throws UnsupportedOperationException; 80 81 /** 82 * Get Anonymous user, this user must always exist in magnolia repository. 83 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 84 */ 85 public User getAnonymousUser() throws UnsupportedOperationException; 86 87 /** 88 * Get all users. 89 * @return collection of User objects 90 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 91 */ 92 public Collection<User> getAllUsers() throws UnsupportedOperationException; 93 94 /** 95 * Creates a user without security restrictions. 96 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 97 */ 98 public User createUser(String name, String pw) throws UnsupportedOperationException; 99 100 /** 101 * Sets a new password. 102 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 103 */ 104 public void changePassword(User user, String newPassword) throws UnsupportedOperationException; 105 106 /** 107 * Sets a time in minutes for which account will be locked out in case of reaching maximum count of failed login attempts. 108 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 109 */ 110 public void setLockTimePeriod(long lockTimePeriod) throws UnsupportedOperationException; 111 112 /** 113 * Gets a time in minutes for which account will be locked out in case of reaching maximum count of failed login attempts. 114 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 115 */ 116 public long getLockTimePeriod() throws UnsupportedOperationException; 117 118 /** 119 * Sets a number of failed attempts before locking account. 120 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 121 */ 122 public void setMaxFailedLoginAttempts(int maxFailedLoginAttempts) throws UnsupportedOperationException; 123 124 /** 125 * Gets a number of failed attempts before locking account. 126 * @throws UnsupportedOperationException if the current implementation doesn't support this operation 127 */ 128 public int getMaxFailedLoginAttempts() throws UnsupportedOperationException; 129 130 }