info.magnolia.cms.security
Class MgnlUserManager

java.lang.Object
  info.magnolia.cms.security.RepositoryBackedSecurityManager
      info.magnolia.cms.security.MgnlUserManager

All Implemented Interfaces:

UserManager

Direct Known Subclasses:

HierarchicalUserManager, SystemUserManager

public class MgnlUserManager
extends RepositoryBackedSecurityManager
implements UserManager

Manages the users stored in Magnolia itself.

Version:

$Revision: 55876 $ ($Author: mdivilek $)

Field Summary

static String	NODE_ACLUSERS
static String	PROPERTY_EMAIL
static String	PROPERTY_ENABLED
static String	PROPERTY_LANGUAGE
static String	PROPERTY_LASTACCESS
static String	PROPERTY_PASSWORD
static String	PROPERTY_TITLE

Fields inherited from interface info.magnolia.cms.security.UserManager

ANONYMOUS_USER, SYSTEM_PSWD, SYSTEM_USER

Constructor Summary

MgnlUserManager()
There should be no need to instantiate this class except maybe for testing.

Method Summary

User	addGroup(User user, String groupName) Adds user to a group.
User	addRole(User user, String roleName) Grants user role.
User	changePassword(User user, String newPassword) Sets a new password.
User	createUser(String name, String pw) Creates a user without security restrictions.
protected Content	createUserNode(String name)
protected String	encodePassword(String clearPassword)
protected javax.jcr.Node	findPrincipalNode(String name, javax.jcr.Session session) Helper method to find a user in a certain realm.
protected Content	findUserNode(String realm, String name) Deprecated. since 4.5 use findPrincipalNode(java.lang.String, javax.jcr.Session) instead
Map<String,ACL>	getACLs(User user) Sets access control list from a list of roles under the provided content object.
Collection<User>	getAllUsers() Get all users managed by this user manager.
User	getAnonymousUser() SystemUserManager does this.
protected User	getFromRepository(String name)
protected HierarchyManager	getHierarchyManager() Return the HierarchyManager for the user workspace (through the system context).
int	getLockTimePeriod() Gets a time period for account lock.
int	getMaxFailedLoginAttempts() Gets a number of failed attempts before locking account.
String	getName() Deprecated. since 4.5 use realmName instead
String	getRealmName()
protected String	getRepositoryName()
User	getSystemUser() SystemUserManager does this.
User	getUser(String name) Get the user object.
User	getUser(Subject subject) Initialize new user using JAAS authenticated/authorized subject.
User	getUserById(String id) Get the user object.
protected User	newUserInstance(Content node) Deprecated. since 4.5 use newUSerInstance(javax.jcr.Node) instead
protected User	newUserInstance(javax.jcr.Node privilegedUserNode)
User	removeGroup(User user, String groupName) Removes user from a group.
User	removeRole(User user, String roleName) Removes role from a user.
void	setLockTimePeriod(int lockTimePeriod) Sets a time period for account lock.
void	setMaxFailedLoginAttempts(int maxFailedLoginAttempts) Sets a number of failed attempts before locking account.
void	setName(String name) Deprecated. since 4.5 use realmName instead
protected void	setPasswordProperty(Content userNode, String clearPassword) Deprecated. since 4.5 use setPasswordProperty(Node, String) instead
protected void	setPasswordProperty(javax.jcr.Node userNode, String clearPassword)
User	setProperty(User user, String propertyName, javax.jcr.Value propertyValue) Sets given property for the user and returns updated user object with new value of the property.
void	setRealmName(String name)
void	updateLastAccessTimestamp(User user) Updates last access timestamp for the user.
void	updateUserListWithAllChildren(javax.jcr.Node node, Collection<User> users) Updates collection with all users located under provided node.
protected MgnlUser	userInstance(Content node) Deprecated. since 4.3.1 - use newUserInstance(javax.jcr.Node)
protected void	validateUsername(String name)

Methods inherited from class info.magnolia.cms.security.RepositoryBackedSecurityManager

add, getACLs, getACLs, getResourceName, hasAny, remove

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface info.magnolia.cms.security.UserManager

hasAny

Field Detail

PROPERTY_EMAIL

public static final String PROPERTY_EMAIL

See Also:

Constant Field Values

PROPERTY_LANGUAGE

public static final String PROPERTY_LANGUAGE

See Also:

Constant Field Values

PROPERTY_LASTACCESS

public static final String PROPERTY_LASTACCESS

See Also:

Constant Field Values

PROPERTY_PASSWORD

public static final String PROPERTY_PASSWORD

See Also:

Constant Field Values

PROPERTY_TITLE

public static final String PROPERTY_TITLE

See Also:

Constant Field Values

PROPERTY_ENABLED

public static final String PROPERTY_ENABLED

See Also:

Constant Field Values

NODE_ACLUSERS

public static final String NODE_ACLUSERS

See Also:

Constant Field Values

Constructor Detail

MgnlUserManager

public MgnlUserManager()

There should be no need to instantiate this class except maybe for testing. Manual instantiation might cause manager not to be initialized properly.

Method Detail

setMaxFailedLoginAttempts

public void setMaxFailedLoginAttempts(int maxFailedLoginAttempts)

Description copied from interface: UserManager

Sets a number of failed attempts before locking account.

Specified by:

setMaxFailedLoginAttempts in interface UserManager

getMaxFailedLoginAttempts

public int getMaxFailedLoginAttempts()

Description copied from interface: UserManager

Gets a number of failed attempts before locking account.

Specified by:

getMaxFailedLoginAttempts in interface UserManager

getLockTimePeriod

public int getLockTimePeriod()

Description copied from interface: UserManager

Gets a time period for account lock.

Specified by:

getLockTimePeriod in interface UserManager

setLockTimePeriod

public void setLockTimePeriod(int lockTimePeriod)

Description copied from interface: UserManager

Sets a time period for account lock.

Specified by:

setLockTimePeriod in interface UserManager

setProperty

public User setProperty(User user,
                        String propertyName,
                        javax.jcr.Value propertyValue)

Description copied from interface: UserManager

Sets given property for the user and returns updated user object with new value of the property.

Specified by:

setProperty in interface UserManager

Parameters:

user - User to be updated. If property doesn't exist yet, it will be created. If the value is null, property will be removed if existing.

propertyName - Name of the property.

propertyValue - Value of the property. Use org.apache.jackrabbit.value.ValueFactoryImpl to convert type to Value.

Returns:

getName

@Deprecated
public String getName()

Deprecated. since 4.5 use realmName instead

TODO : rename to getRealmName and setRealmName (and make sure Content2Bean still sets realmName using the parent's node name).

setName

@Deprecated
public void setName(String name)

Deprecated. since 4.5 use realmName instead

setRealmName

public void setRealmName(String name)

getRealmName

public String getRealmName()

getUser

public User getUser(String name)

Get the user object. Uses a search

Specified by:

getUser in interface UserManager

Parameters:

name -

Returns:

the user object

getUserById

public User getUserById(String id)

Get the user object. Uses a search

Specified by:

getUserById in interface UserManager

Parameters:

id - user identifier

Returns:

the user object

getUser

public User getUser(Subject subject)
             throws UnsupportedOperationException

Description copied from interface: UserManager

Initialize new user using JAAS authenticated/authorized subject.

Specified by:

getUser in interface UserManager

Throws:

UnsupportedOperationException - if the current implementation doesn't support this operation

findUserNode

@Deprecated
protected Content findUserNode(String realm,
                                          String name)
                        throws javax.jcr.RepositoryException

Deprecated. since 4.5 use findPrincipalNode(java.lang.String, javax.jcr.Session) instead

Helper method to find a user in a certain realm. Uses JCR Query.

Throws:

javax.jcr.RepositoryException

findPrincipalNode

protected javax.jcr.Node findPrincipalNode(String name,
                                           javax.jcr.Session session)
                                    throws javax.jcr.RepositoryException

Helper method to find a user in a certain realm. Uses JCR Query.

Specified by:

findPrincipalNode in class RepositoryBackedSecurityManager

Throws:

javax.jcr.RepositoryException

getFromRepository

protected User getFromRepository(String name)
                          throws javax.jcr.RepositoryException

Throws:

javax.jcr.RepositoryException

getSystemUser

public User getSystemUser()
                   throws UnsupportedOperationException

SystemUserManager does this.

Specified by:

getSystemUser in interface UserManager

Throws:

UnsupportedOperationException - if the current implementation doesn't support this operation

getAnonymousUser

public User getAnonymousUser()
                      throws UnsupportedOperationException

SystemUserManager does this.

Specified by:

getAnonymousUser in interface UserManager

Throws:

UnsupportedOperationException - if the current implementation doesn't support this operation

getAllUsers

public Collection<User> getAllUsers()

Get all users managed by this user manager.

Specified by:

getAllUsers in interface UserManager

Returns:

collection of User objects

updateUserListWithAllChildren

public void updateUserListWithAllChildren(javax.jcr.Node node,
                                          Collection<User> users)
                                   throws javax.jcr.RepositoryException

Updates collection with all users located under provided node.

Throws:

javax.jcr.RepositoryException

createUser

public User createUser(String name,
                       String pw)

Description copied from interface: UserManager

Creates a user without security restrictions.

Specified by:

createUser in interface UserManager

changePassword

public User changePassword(User user,
                           String newPassword)

Description copied from interface: UserManager

Sets a new password.

Specified by:

changePassword in interface UserManager

Returns:

user object with updated password.

setPasswordProperty

@Deprecated
protected void setPasswordProperty(Content userNode,
                                              String clearPassword)
                            throws javax.jcr.RepositoryException

Deprecated. since 4.5 use setPasswordProperty(Node, String) instead

Throws:

javax.jcr.RepositoryException

setPasswordProperty

protected void setPasswordProperty(javax.jcr.Node userNode,
                                   String clearPassword)
                            throws javax.jcr.RepositoryException

Throws:

javax.jcr.RepositoryException

encodePassword

protected String encodePassword(String clearPassword)

validateUsername

protected void validateUsername(String name)

createUserNode

protected Content createUserNode(String name)
                          throws javax.jcr.RepositoryException

Throws:

javax.jcr.RepositoryException

getHierarchyManager

protected HierarchyManager getHierarchyManager()

Return the HierarchyManager for the user workspace (through the system context).

userInstance

@Deprecated
protected MgnlUser userInstance(Content node)

Deprecated. since 4.3.1 - use newUserInstance(javax.jcr.Node)

newUserInstance

@Deprecated
protected User newUserInstance(Content node)

Deprecated. since 4.5 use newUSerInstance(javax.jcr.Node) instead

Creates a MgnlUser out of a jcr node. Can be overridden in order to provide a different implementation.

Since:

4.3.1

updateLastAccessTimestamp

public void updateLastAccessTimestamp(User user)
                               throws UnsupportedOperationException

Description copied from interface: UserManager

Updates last access timestamp for the user.

Specified by:

updateLastAccessTimestamp in interface UserManager

Throws:

UnsupportedOperationException - if the current implementation doesn't support this operation

newUserInstance

protected User newUserInstance(javax.jcr.Node privilegedUserNode)
                        throws javax.jcr.ValueFormatException,
                               javax.jcr.PathNotFoundException,
                               javax.jcr.RepositoryException

Throws:

javax.jcr.ValueFormatException

javax.jcr.PathNotFoundException

javax.jcr.RepositoryException

getRepositoryName

protected String getRepositoryName()

Specified by:

getRepositoryName in class RepositoryBackedSecurityManager

getACLs

public Map<String,ACL> getACLs(User user)

Sets access control list from a list of roles under the provided content object.

Specified by:

getACLs in interface UserManager

Returns:

addRole

public User addRole(User user,
                    String roleName)

Description copied from interface: UserManager

Grants user role.

Specified by:

addRole in interface UserManager

Returns:

user object with the role already granted.

addGroup

public User addGroup(User user,
                     String groupName)

Description copied from interface: UserManager

Adds user to a group.

Specified by:

addGroup in interface UserManager

Returns:

user object with the group already assigned.

removeGroup

public User removeGroup(User user,
                        String groupName)

Description copied from interface: UserManager

Removes user from a group.

Specified by:

removeGroup in interface UserManager

Returns:

user object with the group assignment removed.

removeRole

public User removeRole(User user,
                       String roleName)

Description copied from interface: UserManager

Removes role from a user.

Specified by:

removeRole in interface UserManager

Returns:

user object without removed role.