Package org.wso2.carbon.user.api

Interface UserStoreManager

  • public interface UserStoreManager
    The interface to read data from a user store.

    Implement this interface in your UserStoreManager class and add the class to the class path. Provide the class name in the configuration file and the framework will pick the new code that reads user information from the store.

    • Method Detail

      • authenticate

        boolean authenticate​(String userName,
                     Object credential)
              throws UserStoreException
        Given the user name and a credential object, the implementation code must validate whether the user is authenticated.
        Parameters:
        userName - The user name
        credential - The credential of a user
        Returns:
        If the value is true the provided credential match with the user name. False is returned for invalid credential, invalid user name and mismatching credential with user name.
        Throws:
        UserStoreException - An unexpected exception has occurred

      • listUsers

        String[] listUsers​(String filter,
                   int maxItemLimit)
            throws UserStoreException
        Retrieves a list of user names upto a maximum limit
        Parameters:
        filter - The string to filter out user
        maxItemLimit - The max item limit. If -1 then system maximum limit will be used. If the given value is greater than the system configured max limit it will be reseted to the system configured max limit.
        Returns:
        An array of user names
        Throws:
        UserStoreException

      • isExistingUser

        boolean isExistingUser​(String userName)
                throws UserStoreException
        Checks whether the user is in the user store
        Parameters:
        userName - The user name
        Returns:
        Returns true if user name is found else returns false.
        Throws:
        UserStoreException

      • isExistingRole

        boolean isExistingRole​(String roleName,
                       boolean isShared)
                throws UserStoreException
        Checks whether the role name is in the user store
        Parameters:
        roleName -
        Returns:
        Throws:
        UserStoreException

      • getUserClaimValue

        String getUserClaimValue​(String userName,
                         String claim,
                         String profileName)
                  throws UserStoreException
        Get user claim value in the profile.
        Parameters:
        userName - The user name
        claim - The claim URI
        profileName - The profile name, can be null. If null the default profile is considered.
        Returns:
        The value
        Throws:
        UserStoreException

      • getUserClaimValues

        Map<String,​String> getUserClaimValues​(String userName,
                                            String[] claims,
                                            String profileName)
                                     throws UserStoreException
        Get user claim values in the profile.
        Parameters:
        userName - The user name
        claims - The claim URI
        profileName - The profile name, can be null. If null the default profile is considered.
        Returns:
        A map containing name value pairs
        Throws:
        UserStoreException

      • getUserClaimValues

        Claim[] getUserClaimValues​(String userName,
                           String profileName)
                    throws UserStoreException
        Get all claim values of the user in the profile.
        Parameters:
        userName - The user name
        profileName - The profile name, can be null. If null the default profile is considered.
        Returns:
        An array of claims
        Throws:
        UserStoreException

      • isReadOnly

        boolean isReadOnly()
            throws UserStoreException
        Checks whether this realm connects to a read only user store
        Returns:
        Returns true of the user store is read only. Returns false if the user store allows modifications.
        Throws:
        UserStoreException

      • addUser

        void addUser​(String userName,
             Object credential,
             String[] roleList,
             Map<String,​String> claims,
             String profileName)
      throws UserStoreException
        Add a user to the user store
        Parameters:
        userName - User name of the user
        credential - The credential/password of the user
        roleList - The roles that user belongs
        claims - Properties of the user
        profileName - The name of the profile where claims should be added
        Throws:
        UserStoreException

      • addUser

        void addUser​(String userName,
             Object credential,
             String[] roleList,
             Map<String,​String> claims,
             String profileName,
             boolean requirePasswordChange)
      throws UserStoreException
        Add a user to the user store
        Parameters:
        userName - User name of the user
        credential - The credential/password of the user
        roleList - The roles that user belongs
        claims - Properties of the user
        profileName - The name of the profile where claims should be added
        requirePasswordChange - Require the password change within next 24 hours
        Throws:
        UserStoreException

      • updateCredential

        void updateCredential​(String userName,
                      Object newCredential,
                      Object oldCredential)
               throws UserStoreException
        Update the credential/password of the user
        Parameters:
        userName - The user name
        newCredential - The new credential/password
        oldCredential - The old credential/password
        Throws:
        UserStoreException

      • updateCredentialByAdmin

        void updateCredentialByAdmin​(String userName,
                             Object newCredential)
                      throws UserStoreException
        Update credential/password by the admin of another user
        Parameters:
        userName - The user name
        newCredential - The new credential
        Throws:
        UserStoreException

      • addRole

        void addRole​(String roleName,
             String[] userList,
             Permission[] permissions,
             boolean isSharedRole)
      throws UserStoreException
        Adds a role to the system.
        Parameters:
        roleName - The role name.
        userList - the list of the users.
        permissions - The permissions of the role.
        isSharedRole - Whether the added role is a shared role or not
        Throws:
        UserStoreException

      • addRole

        void addRole​(String roleName,
             String[] userList,
             Permission[] permissions)
      throws UserStoreException
        Adds a role to the system.
        Parameters:
        roleName - The role name.
        userList - the list of the users.
        permissions - The permissions of the role.
        isSharedRole - Whether the added role is a shared role or not
        Throws:
        UserStoreException

      • updateUserListOfRole

        void updateUserListOfRole​(String roleName,
                          String[] deletedUsers,
                          String[] newUsers)
                   throws UserStoreException
        Updates users in a Role
        Parameters:
        roleName - The role name to be updated
        deletedUsers - The array of user names to be deleted
        newUsers - The array of of user names to be added
        Throws:
        UserStoreException

      • updateRoleListOfUser

        void updateRoleListOfUser​(String userName,
                          String[] deletedRoles,
                          String[] newRoles)
                   throws UserStoreException
        Updates roles of a user
        Parameters:
        userName - The user name of the user where role list is updated
        deletedRoles - The array of role names to be added
        newRoles - The array of role names to be added
        Throws:
        UserStoreException

      • setUserClaimValue

        void setUserClaimValue​(String userName,
                       String claimURI,
                       String claimValue,
                       String profileName)
                throws UserStoreException
        Set a single user claim value
        Parameters:
        userName - The user name
        claimURI - The claim URI
        claimValue - The value
        profileName - The profile name, can be null. If null the default profile is considered.
        Throws:
        UserStoreException

      • setUserClaimValues

        void setUserClaimValues​(String userName,
                        Map<String,​String> claims,
                        String profileName)
                 throws UserStoreException
        Set many user claim values
        Parameters:
        userName - The user name
        claims - Map of claim URIs against values
        profileName - The profile name, can be null. If null the default profile is considered.
        Throws:
        UserStoreException

      • deleteUserClaimValue

        void deleteUserClaimValue​(String userName,
                          String claimURI,
                          String profileName)
                   throws UserStoreException
        Delete a single user claim value
        Parameters:
        userName - The user name
        claimURI - Name of the claim
        profileName - The profile name, can be null. If null the default profile is considered.
        Throws:
        UserStoreException

      • deleteUserClaimValues

        void deleteUserClaimValues​(String userName,
                           String[] claims,
                           String profileName)
                    throws UserStoreException
        Delete many user claim values.
        Parameters:
        userName - The user name
        claims - URIs of the claims to be deleted.
        profileName - The profile name, can be null. If null the default profile is considered.
        Throws:
        UserStoreException

      • getPasswordExpirationTime

        Date getPasswordExpirationTime​(String username)
                        throws UserStoreException
        Gets the password expiration time of a given user
        Parameters:
        username - The user name
        Returns:
        The password expiration time
        Throws:
        UserStoreException

      • getTenantId

        int getTenantId​(String username)
         throws UserStoreException
        This method works only if the tenant is super tenant. If the realm is not super tenant's this method should throw exception
        Parameters:
        username - The user name
        Returns:
        Throws:
        UserStoreException

      • getTenantId

        int getTenantId()
         throws UserStoreException
        This will get the tenant id associated with the user store manager
        Returns:
        the tenant id of the authorization manager
        Throws:
        UserStoreException - if the operation failed

      • isMultipleProfilesAllowed

        boolean isMultipleProfilesAllowed()
        This method is to check whether multiple profiles are allowed with a particular user-store. For an example, currently, JDBC user store supports multiple profiles and where as ApacheDS does not allow.
        Returns:
        boolean

      • isValidRememberMeToken

        boolean isValidRememberMeToken​(String userName,
                               String token)
                        throws UserStoreException
        Checking the validity of the remember me token
        Parameters:
        userName - TODO
        token - TODO
        Returns:
        Throws:
        UserStoreException

      • getDefaultUserStoreProperties

        Properties getDefaultUserStoreProperties()
        Get the list of properties required by the User Store Manager, with default values
        Returns:

      • isLocalUserStore

        default boolean isLocalUserStore()
        Get whether the userstore is a local userstore. By default, returns true.
        Returns:
        true if the userstore is a local userstore.