| 
 | ||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface SecurityService
The Security Service manages Users, Groups Roles and Permissions in the system. The task performed by the security service include creation and removal of accounts, groups, roles, and permissions; assigning users roles in groups; assigning roles specific permissions and construction of objects representing these logical entities.
 Because of pluggable nature of the Services, it is possible to create
 multiple implementations of SecurityService, for example employing database
 and directory server as the data backend.
| Field Summary | |
|---|---|
| static java.lang.String | ACL_CLASS_DEFAULTThe default implementation of the Acl Interface (org.apache.turbine.util.security.TurbineAccessControlList) | 
| static java.lang.String | ACL_CLASS_KEYThe key within services' properties for the ACL implementation classname (acl.class) | 
| static java.lang.String | GROUP_CLASS_DEFAULTThe default implementation of the Group interface (org.apache.turbine.om.security.TurbineGroup) | 
| static java.lang.String | GROUP_CLASS_KEYThe key within services' properties for the GROUP implementation classname (group.class) | 
| static java.lang.String | PERMISSION_CLASS_DEFAULTThe default implementation of the Permissions interface (org.apache.turbine.om.security.TurbinePermission) | 
| static java.lang.String | PERMISSION_CLASS_KEYThe key within services' properties for the PERMISSION implementation classname (permission.class) | 
| static java.lang.String | ROLE_CLASS_DEFAULTThe default implementation of the Role Interface (org.apache.turbine.om.security.TurbineRole) | 
| static java.lang.String | ROLE_CLASS_KEYThe key within services' properties for the ROLE implementation classname (role.class) | 
| static java.lang.String | SECURE_PASSWORDS_ALGORITHM_DEFAULTthe default algorithm for password encryption (SHA) | 
| static java.lang.String | SECURE_PASSWORDS_ALGORITHM_KEYthe key within services's properties for secure passwords algorithm (secure.passwords.algorithm) | 
| static java.lang.String | SECURE_PASSWORDS_DEFAULTthe value of secure passwords flag (false) | 
| static java.lang.String | SECURE_PASSWORDS_KEYthe key within services's properties for secure passwords flag (secure.passwords) | 
| static java.lang.String | SERVICE_NAMEThe name of the service | 
| static java.lang.String | USER_CLASS_DEFAULTthe default implementation of User interface (org.apache.turbine.om.security.TurbineUser) | 
| static java.lang.String | USER_CLASS_KEYthe key within services's properties for user implementation classname (user.class) | 
| static java.lang.String | USER_MANAGER_DEFAULTthe default implementation of UserManager interface (org.apache.turbine.services.security.passive.PassiveUserManager) | 
| static java.lang.String | USER_MANAGER_KEYthe key within services's properties for user implementation classname (user.manager) | 
| Method Summary | |
|---|---|
|  boolean | accountExists(java.lang.String userName)Check whether a specified user's account exists. | 
|  boolean | accountExists(User user)Check whether a specified user's account exists. | 
|  Group | addGroup(Group group)Creates a new group with specified attributes. | 
|  Permission | addPermission(Permission permission)Creates a new permission with specified attributes. | 
|  Role | addRole(Role role)Creates a new role with specified attributes. | 
|  void | addUser(User user,
               java.lang.String password)Creates new user account with specified attributes. | 
|  void | changePassword(User user,
                             java.lang.String oldPassword,
                             java.lang.String newPassword)Change the password for an User. | 
|  boolean | checkPassword(java.lang.String checkpw,
                           java.lang.String encpw)Checks if a supplied password matches the encrypted password when using the current encryption algorithm | 
|  java.lang.String | encryptPassword(java.lang.String password)This method provides client-side encryption mechanism for passwords. | 
|  java.lang.String | encryptPassword(java.lang.String password,
                               java.lang.String salt)This method provides client-side encryption mechanism for passwords. | 
|  void | forcePassword(User user,
                           java.lang.String password)Forcibly sets new password for an User. | 
|  AccessControlList | getACL(User user)Constructs an AccessControlList for a specific user. | 
|  java.lang.Class | getAclClass()Returns the Class object for the implementation of AccessControlList interface used by the system. | 
|  AccessControlList | getAclInstance(java.util.Map roles,
                             java.util.Map permissions)Construct a new ACL object. | 
|  GroupSet | getAllGroups()Retrieves all groups defined in the system. | 
|  PermissionSet | getAllPermissions()Retrieves all permissions defined in the system. | 
|  RoleSet | getAllRoles()Retrieves all roles defined in the system. | 
|  User | getAnonymousUser()Constructs an User object to represent an anonymous user of the application. | 
|  User | getAuthenticatedUser(java.lang.String username,
                                         java.lang.String password)Authenticates an user, and constructs an User object to represent him/her. | 
|  Group | getGlobalGroup()Provides a reference to the Group object that represents the global group. | 
|  Group | getGroupById(int id)Retrieve a Group object with specified Id. | 
|  Group | getGroupByName(java.lang.String name)Retrieve a Group object with specified name. | 
|  java.lang.Class | getGroupClass()Returns the Class object for the implementation of Group interface used by the system. | 
|  Group | getGroupInstance()Construct a blank Group object. | 
|  Group | getGroupInstance(java.lang.String groupName)Construct a blank Group object. | 
|  GroupSet | getGroups(java.lang.Object criteria)Retrieve a set of Groups that meet the specified Criteria. | 
|  Permission | getPermissionById(int id)Retrieve a Permission object with specified Id. | 
|  Permission | getPermissionByName(java.lang.String name)Retrieve a Permission object with specified name. | 
|  java.lang.Class | getPermissionClass()Returns the Class object for the implementation of Permission interface used by the system. | 
|  Permission | getPermissionInstance()Construct a blank Permission object. | 
|  Permission | getPermissionInstance(java.lang.String permName)Construct a blank Permission object. | 
|  PermissionSet | getPermissions(java.lang.Object criteria)Retrieve a set of Permissions that meet the specified Criteria. | 
|  PermissionSet | getPermissions(Role role)Retrieves all permissions associated with a role. | 
|  Role | getRoleById(int id)Retrieve a Role object with specified Id. | 
|  Role | getRoleByName(java.lang.String name)Retrieve a Role object with specified name. | 
|  java.lang.Class | getRoleClass()Returns the Class object for the implementation of Role interface used by the system. | 
|  Role | getRoleInstance()Construct a blank Role object. | 
|  Role | getRoleInstance(java.lang.String roleName)Construct a blank Role object. | 
|  RoleSet | getRoles(java.lang.Object criteria)Retrieve a set of Roles that meet the specified Criteria. | 
|  User | getUser(java.lang.String username)Constructs an User object to represent a registered user of the application. | 
|  java.lang.Class | getUserClass()Returns the Class object for the implementation of User interface used by the system. | 
|  User | getUserInstance()Construct a blank User object. | 
|  User | getUserInstance(java.lang.String userName)Construct a blank User object. | 
|  java.util.List | getUserList(java.lang.Object criteria)Retrieve a set of users that meet the specified criteria. | 
|  UserManager | getUserManager()Returns the configured UserManager. | 
|  void | grant(Role role,
           Permission permission)Grants a Role a Permission | 
|  void | grant(User user,
           Group group,
           Role role)Grant an User a Role in a Group. | 
|  boolean | isAnonymousUser(User u)Checks whether a passed user object matches the anonymous user pattern according to the configured user manager | 
|  void | removeGroup(Group group)Removes a Group from the system. | 
|  void | removePermission(Permission permission)Removes a Permission from the system. | 
|  void | removeRole(Role role)Removes a Role from the system. | 
|  void | removeUser(User user)Removes an user account from the system. | 
|  void | renameGroup(Group group,
                       java.lang.String name)Renames an existing Group. | 
|  void | renamePermission(Permission permission,
                                 java.lang.String name)Renames an existing Permission. | 
|  void | renameRole(Role role,
                     java.lang.String name)Renames an existing Role. | 
|  void | revoke(Role role,
             Permission permission)Revokes a Permission from a Role. | 
|  void | revoke(User user,
             Group group,
             Role role)Revoke a Role in a Group from an User. | 
|  void | revokeAll(Role role)Revokes all permissions from a Role. | 
|  void | revokeAll(User user)Revokes all roles from an User. | 
|  void | saveGroup(Group group)Stores Group's attributes. | 
|  void | saveOnSessionUnbind(User user)Saves User data when the session is unbound. | 
|  void | savePermission(Permission permission)Stores Permission's attributes. | 
|  void | saveRole(Role role)Stores Role's attributes. | 
|  void | saveUser(User user)Saves User's data in the permanent storage. | 
|  void | setUserManager(UserManager userManager)Configure a new user Manager. | 
| Methods inherited from interface org.apache.turbine.services.Service | 
|---|
| getConfiguration, getName, getProperties, setName, setServiceBroker | 
| Methods inherited from interface org.apache.turbine.services.Initable | 
|---|
| getInit, init, init, setInitableBroker, shutdown | 
| Field Detail | 
|---|
static final java.lang.String SERVICE_NAME
static final java.lang.String USER_CLASS_KEY
static final java.lang.String USER_CLASS_DEFAULT
static final java.lang.String GROUP_CLASS_KEY
static final java.lang.String GROUP_CLASS_DEFAULT
static final java.lang.String PERMISSION_CLASS_KEY
static final java.lang.String PERMISSION_CLASS_DEFAULT
static final java.lang.String ROLE_CLASS_KEY
static final java.lang.String ROLE_CLASS_DEFAULT
static final java.lang.String ACL_CLASS_KEY
static final java.lang.String ACL_CLASS_DEFAULT
static final java.lang.String USER_MANAGER_KEY
static final java.lang.String USER_MANAGER_DEFAULT
static final java.lang.String SECURE_PASSWORDS_KEY
static final java.lang.String SECURE_PASSWORDS_DEFAULT
static final java.lang.String SECURE_PASSWORDS_ALGORITHM_KEY
static final java.lang.String SECURE_PASSWORDS_ALGORITHM_DEFAULT
| Method Detail | 
|---|
java.lang.Class getUserClass()
                             throws UnknownEntityException
UnknownEntityException - if the system's implementation of User
         interface could not be determined.
User getUserInstance()
                     throws UnknownEntityException
UnknownEntityException - if the object could not be instantiated.
User getUserInstance(java.lang.String userName)
                     throws UnknownEntityException
userName - The name of the user.
UnknownEntityException - if the object could not be instantiated.
java.lang.Class getGroupClass()
                              throws UnknownEntityException
UnknownEntityException - if the system's implementation of Group
         interface could not be determined.
Group getGroupInstance()
                       throws UnknownEntityException
UnknownEntityException - if the object could not be instantiated.
Group getGroupInstance(java.lang.String groupName)
                       throws UnknownEntityException
groupName - The name of the Group
UnknownEntityException - if the object could not be instantiated.
java.lang.Class getPermissionClass()
                                   throws UnknownEntityException
UnknownEntityException - if the system's implementation of Permission
         interface could not be determined.
Permission getPermissionInstance()
                                 throws UnknownEntityException
UnknownEntityException - if the object could not be instantiated.
Permission getPermissionInstance(java.lang.String permName)
                                 throws UnknownEntityException
permName - The name of the Permission
UnknownEntityException - if the object could not be instantiated.
java.lang.Class getRoleClass()
                             throws UnknownEntityException
UnknownEntityException - if the system's implementation of Role
         interface could not be determined.
Role getRoleInstance()
                     throws UnknownEntityException
UnknownEntityException - if the object could not be instantiated.
Role getRoleInstance(java.lang.String roleName)
                     throws UnknownEntityException
roleName - The name of the Role
UnknownEntityException - if the object could not be instantiated.
java.lang.Class getAclClass()
                            throws UnknownEntityException
UnknownEntityException - if the system's implementation of AccessControlList
         interface could not be determined.
AccessControlList getAclInstance(java.util.Map roles,
                                 java.util.Map permissions)
                                 throws UnknownEntityException
roles - The roles that this ACL should containpermissions - The permissions for this ACL
UnknownEntityException - if the object could not be instantiated.UserManager getUserManager()
void setUserManager(UserManager userManager)
userManager - An UserManager object
boolean accountExists(java.lang.String userName)
                      throws DataBackendException
userName - The user to be checked.
DataBackendException - if there was an error accessing the data
         backend.
boolean accountExists(User user)
                      throws DataBackendException
user - The user object to be checked.
DataBackendException - if there was an error accessing the data
         backend.
User getAuthenticatedUser(java.lang.String username,
                          java.lang.String password)
                          throws DataBackendException,
                                 UnknownEntityException,
                                 PasswordMismatchException
username - The user name.password - The user password.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if user account is not present.
PasswordMismatchException - if the supplied password was incorrect.
User getUser(java.lang.String username)
             throws DataBackendException,
                    UnknownEntityException
username - The user name.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if user account is not present.
java.util.List getUserList(java.lang.Object criteria)
                           throws DataBackendException
User interface, plus the names
 of the custom attributes you added to your user representation
 in the data storage. Use verbatim names of the attributes -
 without table name prefix in case of Torque implementation.
criteria - The criteria of selection.
DataBackendException - if there is a problem accessing the
         storage.
User getAnonymousUser()
                      throws UnknownEntityException
UnknownEntityException - if the anonymous User object couldn't be
         constructed.boolean isAnonymousUser(User u)
An - user object
void saveUser(User user)
              throws UnknownEntityException,
                     DataBackendException
user - the user object to save
UnknownEntityException - if the user's account does not
         exist in the database.
DataBackendException - if there is a problem accessing the storage.
void saveOnSessionUnbind(User user)
                         throws UnknownEntityException,
                                DataBackendException
UnknownEntityException - if the user's account does not
            exist in the database.
DataBackendException - if there is a problem accessing the
            storage.
void addUser(User user,
             java.lang.String password)
             throws DataBackendException,
                    EntityExistsException
user - the object describing account to be created.password - The password to use.
DataBackendException - if there was an error accessing the data
         backend.
EntityExistsException - if the user account already exists.
void removeUser(User user)
                throws DataBackendException,
                       UnknownEntityException
user - the object describing the account to be removed.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the user account is not present.java.lang.String encryptPassword(java.lang.String password)
password - the password to process
java.lang.String encryptPassword(java.lang.String password,
                                 java.lang.String salt)
password - the password to processsalt - Salt parameter for some crypto algorithms
boolean checkPassword(java.lang.String checkpw,
                      java.lang.String encpw)
checkpw - The clear text password supplied by the userencpw - The current, encrypted password
void changePassword(User user,
                    java.lang.String oldPassword,
                    java.lang.String newPassword)
                    throws PasswordMismatchException,
                           UnknownEntityException,
                           DataBackendException
user - an User to change password for.oldPassword - the current password supplied by the user.newPassword - the current password requested by the user.
PasswordMismatchException - if the supplied password was
            incorrect.
UnknownEntityException - if the user's record does not
            exist in the database.
DataBackendException - if there is a problem accessing the
            storage.
void forcePassword(User user,
                   java.lang.String password)
                   throws UnknownEntityException,
                          DataBackendException
user - an User to change password for.password - the new password.
UnknownEntityException - if the user's record does not
            exist in the database.
DataBackendException - if there is a problem accessing the
            storage.
AccessControlList getACL(User user)
                         throws DataBackendException,
                                UnknownEntityException
user - the user for whom the AccessControlList are to be retrieved
DataBackendException - if there was an error accessing the data backend.
UnknownEntityException - if user account is not present.
PermissionSet getPermissions(Role role)
                             throws DataBackendException,
                                    UnknownEntityException
role - the role name, for which the permissions are to be retrieved.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the role is not present.
void grant(User user,
           Group group,
           Role role)
           throws DataBackendException,
                  UnknownEntityException
user - the user.group - the group.role - the role.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if user account, group or role is not
         present.
void revoke(User user,
            Group group,
            Role role)
            throws DataBackendException,
                   UnknownEntityException
user - the user.group - the group.role - the role.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if user account, group or role is not
         present.
void revokeAll(User user)
               throws DataBackendException,
                      UnknownEntityException
user - the User.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the account is not present.
void grant(Role role,
           Permission permission)
           throws DataBackendException,
                  UnknownEntityException
role - the Role.permission - the Permission.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if role or permission is not present.
void revoke(Role role,
            Permission permission)
            throws DataBackendException,
                   UnknownEntityException
role - the Role.permission - the Permission.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if role or permission is not present.
void revokeAll(Role role)
               throws DataBackendException,
                      UnknownEntityException
role - the Role
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the Role is not present.Group getGlobalGroup()
Group getGroupByName(java.lang.String name)
                     throws DataBackendException,
                            UnknownEntityException
name - the name of the Group.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the group does not exist.
Group getGroupById(int id)
                   throws DataBackendException,
                          UnknownEntityException
name - the name of the Group.
UnknownEntityException - if the permission does not
            exist in the database.
DataBackendException - if there is a problem accessing the
            storage.
Role getRoleByName(java.lang.String name)
                   throws DataBackendException,
                          UnknownEntityException
name - the name of the Role.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the role does not exist.
Role getRoleById(int id)
                 throws DataBackendException,
                        UnknownEntityException
name - the name of the Role.
UnknownEntityException - if the permission does not
            exist in the database.
DataBackendException - if there is a problem accessing the
            storage.
Permission getPermissionByName(java.lang.String name)
                               throws DataBackendException,
                                      UnknownEntityException
name - the name of the Permission.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the permission does not exist.
Permission getPermissionById(int id)
                             throws DataBackendException,
                                    UnknownEntityException
name - the name of the Permission.
UnknownEntityException - if the permission does not
            exist in the database.
DataBackendException - if there is a problem accessing the
            storage.
GroupSet getGroups(java.lang.Object criteria)
                   throws DataBackendException
criteria - a Criteria of Group selection.
DataBackendException - if there was an error accessing the data
         backend.
RoleSet getRoles(java.lang.Object criteria)
                 throws DataBackendException
criteria - a Criteria of Roles selection.
DataBackendException - if there was an error accessing the data
         backend.
PermissionSet getPermissions(java.lang.Object criteria)
                             throws DataBackendException
criteria - a Criteria of Permissions selection.
DataBackendException - if there was an error accessing the data
         backend.
GroupSet getAllGroups()
                      throws DataBackendException
DataBackendException - if there was an error accessing the data
         backend.
RoleSet getAllRoles()
                    throws DataBackendException
DataBackendException - if there was an error accessing the data
         backend.
PermissionSet getAllPermissions()
                                throws DataBackendException
DataBackendException - if there was an error accessing the data
         backend.
void saveGroup(Group group)
               throws DataBackendException,
                      UnknownEntityException
group - The Group to be stored.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the group does not exist.
void saveRole(Role role)
              throws DataBackendException,
                     UnknownEntityException
role - The Role to be stored.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the role does not exist.
void savePermission(Permission permission)
                    throws DataBackendException,
                           UnknownEntityException
permission - The Permission to be stored.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the permission does not exist.
Group addGroup(Group group)
               throws DataBackendException,
                      EntityExistsException
group - the object describing the group to be created.
DataBackendException - if there was an error accessing the data
         backend.
EntityExistsException - if the group already exists.
Role addRole(Role role)
             throws DataBackendException,
                    EntityExistsException
role - The object describing the role to be created.
DataBackendException - if there was an error accessing the data
         backend.
EntityExistsException - if the role already exists.
Permission addPermission(Permission permission)
                         throws DataBackendException,
                                EntityExistsException
permission - The object describing the permission to be created.
DataBackendException - if there was an error accessing the data
         backend.
EntityExistsException - if the permission already exists.
void removeGroup(Group group)
                 throws DataBackendException,
                        UnknownEntityException
group - The object describing the group to be removed.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the group does not exist.
void removeRole(Role role)
                throws DataBackendException,
                       UnknownEntityException
role - The object describing the role to be removed.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the role does not exist.
void removePermission(Permission permission)
                      throws DataBackendException,
                             UnknownEntityException
permission - The object describing the permission to be removed.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the permission does not exist.
void renameGroup(Group group,
                 java.lang.String name)
                 throws DataBackendException,
                        UnknownEntityException
group - The object describing the group to be renamed.name - the new name for the group.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the group does not exist.
void renameRole(Role role,
                java.lang.String name)
                throws DataBackendException,
                       UnknownEntityException
role - The object describing the role to be renamed.name - the new name for the role.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the role does not exist.
void renamePermission(Permission permission,
                      java.lang.String name)
                      throws DataBackendException,
                             UnknownEntityException
permission - The object describing the permission to be renamed.name - the new name for the permission.
DataBackendException - if there was an error accessing the data
         backend.
UnknownEntityException - if the permission does not exist.| 
 | ||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||