info.magnolia.cms.security
Class MgnlUserManager

java.lang.Object
  extended by info.magnolia.cms.security.RepositoryBackedSecurityManager
      extended by info.magnolia.cms.security.MgnlUserManager
All Implemented Interfaces:
UserManager
Direct Known Subclasses:
HierarchicalUserManager, SystemUserManager

public class MgnlUserManager
extends RepositoryBackedSecurityManager
implements UserManager

Manages the users stored in Magnolia itself.


Field Summary
static String NODE_ACLUSERS
           
static String PROPERTY_EMAIL
           
static String PROPERTY_ENABLED
           
static String PROPERTY_LANGUAGE
           
static String PROPERTY_LASTACCESS
           
static String PROPERTY_PASSWORD
           
static String PROPERTY_TITLE
           
 
Fields inherited from interface info.magnolia.cms.security.UserManager
ANONYMOUS_USER, SYSTEM_PSWD, SYSTEM_USER
 
Constructor Summary
MgnlUserManager()
          There should be no need to instantiate this class except maybe for testing.
 
Method Summary
 User addGroup(User user, String groupName)
          Adds user to a group.
 User addRole(User user, String roleName)
          Grants user role.
 User changePassword(User user, String newPassword)
          Sets a new password.
 User createUser(String name, String pw)
          Creates a user without security restrictions.
 User createUser(String path, String name, String pw)
          Creates a user on given path.
protected  Content createUserNode(String name)
           
protected  String encodePassword(String clearPassword)
           
 void findAllUsersInFolder(javax.jcr.Node node, Collection<User> users)
          Finds all users located in the provided node or in sub-folders within it.
protected  javax.jcr.Node findPrincipalNode(String name, javax.jcr.Session session)
          Helper method to find a user in a certain realm.
protected  Content findUserNode(String realm, String name)
          Deprecated. since 4.5 use findPrincipalNode(java.lang.String, javax.jcr.Session) instead
 Map<String,ACL> getACLs(User user)
          Sets access control list from a list of roles under the provided content object.
 Collection<User> getAllUsers()
          Get all users managed by this user manager.
 User getAnonymousUser()
          SystemUserManager does this.
protected  User getFromRepository(String name)
           
protected  HierarchyManager getHierarchyManager()
          Return the HierarchyManager for the user workspace (through the system context).
 int getLockTimePeriod()
          Gets a time period for account lock.
 int getMaxFailedLoginAttempts()
          Gets a number of failed attempts before locking account.
 String getName()
          Deprecated. since 4.5 use realmName instead
 String getRealmName()
           
protected  String getRepositoryName()
           
 User getSystemUser()
          SystemUserManager does this.
 User getUser(String name)
          Get the user object.
 User getUser(Subject subject)
          Initialize new user using JAAS authenticated/authorized subject.
 User getUserById(String id)
          Get the user object.
 boolean isAllowCrossRealmDuplicateNames()
           
protected  User newUserInstance(Content node)
          Deprecated. since 4.5 use newUSerInstance(javax.jcr.Node) instead
protected  User newUserInstance(javax.jcr.Node privilegedUserNode)
           
 User removeGroup(User user, String groupName)
          Removes user from a group.
 User removeRole(User user, String roleName)
          Removes role from a user.
 void setAllowCrossRealmDuplicateNames(boolean allowCrossRealmDuplicateNames)
           
 void setLockTimePeriod(int lockTimePeriod)
          Sets a time period for account lock.
 void setMaxFailedLoginAttempts(int maxFailedLoginAttempts)
          Sets a number of failed attempts before locking account.
 void setName(String name)
          Deprecated. since 4.5 use realmName instead
protected  void setPasswordProperty(Content userNode, String clearPassword)
          Deprecated. since 4.5 use setPasswordProperty(Node, String) instead
protected  void setPasswordProperty(javax.jcr.Node userNode, String clearPassword)
           
 User setProperty(User user, String propertyName, String propertyValue)
          Sets given property for the user and returns updated user object with new value of the property.
 User setProperty(User user, String propertyName, javax.jcr.Value propertyValue)
          Sets given property for the user.
 void setRealmName(String name)
           
 void updateLastAccessTimestamp(User user)
          Updates last access timestamp for the user.
 void updateUserListWithAllChildren(javax.jcr.Node node, Collection<User> users)
          Deprecated. since 5.2 use findAllUsersInFolder instead
protected  void validateUsername(String name)
           
 
Methods inherited from class info.magnolia.cms.security.RepositoryBackedSecurityManager
add, findPrincipalNode, findPrincipalNode, getACLs, getACLs, getResourceName, hasAny, remove
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface info.magnolia.cms.security.UserManager
hasAny
 

Field Detail

PROPERTY_EMAIL

public static final String PROPERTY_EMAIL
See Also:
Constant Field Values

PROPERTY_LANGUAGE

public static final String PROPERTY_LANGUAGE
See Also:
Constant Field Values

PROPERTY_LASTACCESS

public static final String PROPERTY_LASTACCESS
See Also:
Constant Field Values

PROPERTY_PASSWORD

public static final String PROPERTY_PASSWORD
See Also:
Constant Field Values

PROPERTY_TITLE

public static final String PROPERTY_TITLE
See Also:
Constant Field Values

PROPERTY_ENABLED

public static final String PROPERTY_ENABLED
See Also:
Constant Field Values

NODE_ACLUSERS

public static final String NODE_ACLUSERS
See Also:
Constant Field Values
Constructor Detail

MgnlUserManager

public MgnlUserManager()
There should be no need to instantiate this class except maybe for testing. Manual instantiation might cause manager not to be initialized properly.

Method Detail

setMaxFailedLoginAttempts

public void setMaxFailedLoginAttempts(int maxFailedLoginAttempts)
Description copied from interface: UserManager
Sets a number of failed attempts before locking account.

Specified by:
setMaxFailedLoginAttempts in interface UserManager

getMaxFailedLoginAttempts

public int getMaxFailedLoginAttempts()
Description copied from interface: UserManager
Gets a number of failed attempts before locking account.

Specified by:
getMaxFailedLoginAttempts in interface UserManager

getLockTimePeriod

public int getLockTimePeriod()
Description copied from interface: UserManager
Gets a time period for account lock.

Specified by:
getLockTimePeriod in interface UserManager

setLockTimePeriod

public void setLockTimePeriod(int lockTimePeriod)
Description copied from interface: UserManager
Sets a time period for account lock.

Specified by:
setLockTimePeriod in interface UserManager

setProperty

public User setProperty(User user,
                        String propertyName,
                        javax.jcr.Value propertyValue)
Description copied from interface: UserManager
Sets given property for the user.

Specified by:
setProperty in interface UserManager
Parameters:
user - User to be updated. If property doesn't exist yet, it will be created. If the value is null, property will be removed if existing.
propertyName - Name of the property.
propertyValue - Value of the property. Use org.apache.jackrabbit.value.ValueFactoryImpl to convert type to Value.
Returns:
updated user object with new value of the property.

setProperty

public User setProperty(User user,
                        String propertyName,
                        String propertyValue)
Description copied from interface: UserManager
Sets given property for the user and returns updated user object with new value of the property.

Specified by:
setProperty in interface UserManager

getName

@Deprecated
public String getName()
Deprecated. since 4.5 use realmName instead

TODO : rename to getRealmName and setRealmName (and make sure Content2Bean still sets realmName using the parent's node name).


setName

@Deprecated
public void setName(String name)
Deprecated. since 4.5 use realmName instead


setRealmName

public void setRealmName(String name)

getRealmName

public String getRealmName()

setAllowCrossRealmDuplicateNames

public void setAllowCrossRealmDuplicateNames(boolean allowCrossRealmDuplicateNames)

isAllowCrossRealmDuplicateNames

public boolean isAllowCrossRealmDuplicateNames()

getUser

public User getUser(String name)
Get the user object. Uses a search

Specified by:
getUser in interface UserManager
Parameters:
name - name of the user to retrieve
Returns:
the user object

getUserById

public User getUserById(String id)
Get the user object. Uses a search

Specified by:
getUserById in interface UserManager
Parameters:
id - user identifier
Returns:
the user object

getUser

public User getUser(Subject subject)
             throws UnsupportedOperationException
Description copied from interface: UserManager
Initialize new user using JAAS authenticated/authorized subject.

Specified by:
getUser in interface UserManager
Throws:
UnsupportedOperationException - if the current implementation doesn't support this operation

findUserNode

@Deprecated
protected Content findUserNode(String realm,
                                          String name)
                        throws javax.jcr.RepositoryException
Deprecated. since 4.5 use findPrincipalNode(java.lang.String, javax.jcr.Session) instead

Helper method to find a user in a certain realm. Uses JCR Query.

Throws:
javax.jcr.RepositoryException

findPrincipalNode

protected javax.jcr.Node findPrincipalNode(String name,
                                           javax.jcr.Session session)
                                    throws javax.jcr.RepositoryException
Helper method to find a user in a certain realm. Uses JCR Query. This will return null if user doesn't exist in realm.

Specified by:
findPrincipalNode in class RepositoryBackedSecurityManager
Throws:
javax.jcr.RepositoryException

getFromRepository

protected User getFromRepository(String name)
                          throws javax.jcr.RepositoryException
Throws:
javax.jcr.RepositoryException

getSystemUser

public User getSystemUser()
                   throws UnsupportedOperationException
SystemUserManager does this.

Specified by:
getSystemUser in interface UserManager
Throws:
UnsupportedOperationException - if the current implementation doesn't support this operation

getAnonymousUser

public User getAnonymousUser()
                      throws UnsupportedOperationException
SystemUserManager does this.

Specified by:
getAnonymousUser in interface UserManager
Throws:
UnsupportedOperationException - if the current implementation doesn't support this operation

getAllUsers

public Collection<User> getAllUsers()
Get all users managed by this user manager.

Specified by:
getAllUsers in interface UserManager
Returns:
collection of User objects

updateUserListWithAllChildren

@Deprecated
public void updateUserListWithAllChildren(javax.jcr.Node node,
                                                     Collection<User> users)
                                   throws javax.jcr.RepositoryException
Deprecated. since 5.2 use findAllUsersInFolder instead

Throws:
javax.jcr.RepositoryException

findAllUsersInFolder

public void findAllUsersInFolder(javax.jcr.Node node,
                                 Collection<User> users)
                          throws javax.jcr.RepositoryException
Finds all users located in the provided node or in sub-folders within it.

Throws:
javax.jcr.RepositoryException

createUser

public User createUser(String name,
                       String pw)
Description copied from interface: UserManager
Creates a user without security restrictions.

Specified by:
createUser in interface UserManager

createUser

public User createUser(String path,
                       String name,
                       String pw)
                throws UnsupportedOperationException
Description copied from interface: UserManager
Creates a user on given path.

Specified by:
createUser in interface UserManager
Throws:
UnsupportedOperationException - if the current implementation doesn't support this operation

changePassword

public User changePassword(User user,
                           String newPassword)
Description copied from interface: UserManager
Sets a new password.

Specified by:
changePassword in interface UserManager
Returns:
user object with updated password.

setPasswordProperty

@Deprecated
protected void setPasswordProperty(Content userNode,
                                              String clearPassword)
                            throws javax.jcr.RepositoryException
Deprecated. since 4.5 use setPasswordProperty(Node, String) instead

Throws:
javax.jcr.RepositoryException

setPasswordProperty

protected void setPasswordProperty(javax.jcr.Node userNode,
                                   String clearPassword)
                            throws javax.jcr.RepositoryException
Throws:
javax.jcr.RepositoryException

encodePassword

protected String encodePassword(String clearPassword)

validateUsername

protected void validateUsername(String name)

createUserNode

protected Content createUserNode(String name)
                          throws javax.jcr.RepositoryException
Throws:
javax.jcr.RepositoryException

getHierarchyManager

protected HierarchyManager getHierarchyManager()
Return the HierarchyManager for the user workspace (through the system context).


newUserInstance

@Deprecated
protected User newUserInstance(Content node)
Deprecated. since 4.5 use newUSerInstance(javax.jcr.Node) instead

Creates a MgnlUser out of a jcr node. Can be overridden in order to provide a different implementation.

Since:
4.3.1

updateLastAccessTimestamp

public void updateLastAccessTimestamp(User user)
                               throws UnsupportedOperationException
Description copied from interface: UserManager
Updates last access timestamp for the user.

Specified by:
updateLastAccessTimestamp in interface UserManager
Throws:
UnsupportedOperationException - if the current implementation doesn't support this operation

newUserInstance

protected User newUserInstance(javax.jcr.Node privilegedUserNode)
                        throws javax.jcr.ValueFormatException,
                               javax.jcr.PathNotFoundException,
                               javax.jcr.RepositoryException
Throws:
javax.jcr.ValueFormatException
javax.jcr.PathNotFoundException
javax.jcr.RepositoryException

getRepositoryName

protected String getRepositoryName()
Specified by:
getRepositoryName in class RepositoryBackedSecurityManager

getACLs

public Map<String,ACL> getACLs(User user)
Sets access control list from a list of roles under the provided content object.

Specified by:
getACLs in interface UserManager
Returns:
all ACLs assigned to the given user.

addRole

public User addRole(User user,
                    String roleName)
Description copied from interface: UserManager
Grants user role.

Specified by:
addRole in interface UserManager
Returns:
user object with the role already granted.

addGroup

public User addGroup(User user,
                     String groupName)
Description copied from interface: UserManager
Adds user to a group.

Specified by:
addGroup in interface UserManager
Returns:
user object with the group already assigned.

removeGroup

public User removeGroup(User user,
                        String groupName)
Description copied from interface: UserManager
Removes user from a group.

Specified by:
removeGroup in interface UserManager
Returns:
user object with the group assignment removed.

removeRole

public User removeRole(User user,
                       String roleName)
Description copied from interface: UserManager
Removes role from a user.

Specified by:
removeRole in interface UserManager
Returns:
user object without removed role.


Copyright © 2003-2014 Magnolia International Ltd.. All Rights Reserved.