Package org.apache.jackrabbit.oak.spi.security.authentication.external.basic

Class DefaultSyncConfig.User

java.lang.Object
org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig.Authorizable
org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig.User
Enclosing class:
DefaultSyncConfig
public static class DefaultSyncConfig.User extends DefaultSyncConfig.Authorizable
User specific config.

  • Constructor Details

    • User

      public User()

  • Method Details

    • getMembershipExpirationTime

      public long getMembershipExpirationTime()
      Returns the duration in milliseconds until the group membership of a user is expired. If the membership information is expired it is re-synced according to the maximum nesting depth. Note that the membership is the groups an authorizable is member of, not the list of members of a group. Also note, that the group membership expiration time can be higher than the user expiration time itself and that value has no effect when syncing individual groups only when syncing a users membership ancestry.
      Returns:
      the expiration time in milliseconds.

    • setMembershipExpirationTime

      @NotNull public @NotNull DefaultSyncConfig.User setMembershipExpirationTime(long membershipExpirationTime)
      Sets the membership expiration time
      Parameters:
      membershipExpirationTime - the time in milliseconds.
      Returns:
      this
      See Also:

    • getMembershipNestingDepth

      public long getMembershipNestingDepth()
      Returns the maximum depth of group nesting when membership relations are synced. A value of 0 effectively disables group membership lookup. A value of 1 only adds the direct groups of a user. This value has no effect when syncing individual groups only when syncing a users membership ancestry.
      Returns:
      the group nesting depth

    • setMembershipNestingDepth

      @NotNull public @NotNull DefaultSyncConfig.User setMembershipNestingDepth(long membershipNestingDepth)
      Sets the group nesting depth.
      Parameters:
      membershipNestingDepth - the depth.
      Returns:
      this
      See Also:

    • getDynamicMembership

      public boolean getDynamicMembership()
      Returns true if a dynamic group membership is enabled. Turning this option on may alter the behavior of other configuration options dealing with synchronization of group accounts and group membership. In particular it's an implementation detail if external groups may no longer be synchronized into the repository.
      Returns:
      true if dynamic group membership for external user identities is turn on; false otherwise.

    • setDynamicMembership

      @NotNull public @NotNull DefaultSyncConfig.User setDynamicMembership(boolean dynamicMembership)
      Enable or disable the dynamic group membership. If turned on external identities and their group membership will be synchronized such that the membership information is generated dynamically. External groups may or may not be synchronized into the repository if this option is turned on.
      Parameters:
      dynamicMembership - Boolean flag to enable or disable a dedicated dynamic group management.
      Returns:
      this
      See Also:

    • getEnforceDynamicMembership

      public boolean getEnforceDynamicMembership()
      Returns true if a dynamic group membership must be enforced for users that have been synchronized previously. Note that this option has no effect if getDynamicMembership() returns false.
      Returns:
      true if dynamic group membership for external user identities must be enforced for previously synced users; false otherwise. This option only takes effect if getDynamicMembership() is enabled.

    • setEnforceDynamicMembership

      public DefaultSyncConfig.User setEnforceDynamicMembership(boolean enforceDynamicMembership)
      Enable or disable the enforcement of dynamic group membership.
      Parameters:
      enforceDynamicMembership - Boolean flag to define if dynamic group management is enforced for previously synced users.
      Returns:
      this
      See Also:

    • getDisableMissing

      public boolean getDisableMissing()
      Controls the behavior for users that no longer exist on the external provider. The default is to delete the repository users if they no longer exist on the external provider. If set to true, they will be disabled instead, and re-enabled once they appear again.

    • setDisableMissing

      public DefaultSyncConfig.User setDisableMissing(boolean disableMissing)
      See Also: