SubjectManagerLocal (RHQ Enterprise Server JAR 1.4.0.B01 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.rhq.enterprise.server.auth
Interface SubjectManagerLocal

All Known Implementing Classes:: SubjectManagerBean

public interface SubjectManagerLocal

The local EJB interface to the Authentication Boss.

Author:: John Mazzitelli

Method Summary
`boolean`	`authenticateTemporarySessionPassword(java.lang.String password)` Tests the validity of the given session password.
`void`	`changePassword(Subject subject, java.lang.String username, java.lang.String password)` #see {@link SubjectManagerRemote#changePassword(Subject, String, String)
`void`	`createPrincipal(Subject subject, Principal principal)` Creates a new principal (username and password) in the internal database.
`void`	`createPrincipal(Subject subject, java.lang.String username, java.lang.String password)` #see {@link SubjectManagerRemote#createPrincipal(Subject, String, String)
`Subject`	`createSubject(Subject subject, Subject subjectToCreate)` #see {@link SubjectManagerRemote#createSubject(Subject, Subject)
`void`	`deleteSubjects(Subject subject, int[] subjectIds)` #see {@link SubjectManagerRemote#deleteSubjects(Subject, int[])
`void`	`deleteUsers(Subject subject, int[] subjectIds)` Deletes the given set of users, including both the `Subject` and `Principal` objects associated with those users.
`PageList<Subject>`	`findAllSubjects(PageControl pageControl)`
`java.util.Collection<java.lang.String>`	`findAllUsersWithPrincipals()` Get a collection of all user names, where the collection contains the names of all users that have principals only.
`PageList<Subject>`	`findAvailableSubjectsForAlertDefinition(Subject whoami, java.lang.Integer alertDefinitionId, java.lang.Integer[] pendingSubjectIds, PageControl pc)` This returns a list of subjects that are available to be assigned to a given alert definition but not yet assigned to that alert definition.
`PageList<Subject>`	`findAvailableSubjectsForRole(Subject whoami, java.lang.Integer roleId, java.lang.Integer[] pendingSubjectIds, PageControl pc)` This returns a list of subjects that are available to be assigned to a given role but not yet assigned to that role.
`PageList<Subject>`	`findSubjectsByCriteria(Subject subject, SubjectCriteria criteria)`
`PageList<Subject>`	`findSubjectsById(java.lang.Integer[] subjectIds, PageControl pageControl)` Given a set of subject Ids, this returns a list of all the subjects.
`java.lang.String`	`generateTemporarySessionPassword(int sessionId)` Generates a one-time temporary session password for the given session.
`Subject`	`getOverlord()` This returns the system super user subject that can be used to authorize the caller for any other system call.
`Subject`	`getSessionSubject(int sessionId)` Returns the actual `Subject` for the given session.
`Subject`	`getSubjectById(int id)` #see `SubjectManagerRemote#getSubjectById(Subject, int)`
`Subject`	`getSubjectByName(java.lang.String username)`
`boolean`	`isLoggedIn(java.lang.String username)`
`boolean`	`isUserWithPrincipal(java.lang.String username)` Checks that the user exists and has a `Principal` associated with it.
`boolean`	`isValidSessionId(int session, java.lang.String username)` Determines if the given session ID is valid and it is associated with the given user.
`Subject`	`loadUserConfiguration(java.lang.Integer subjectId)` Loads in the given subject's `configuration`.
`Subject`	`login(java.lang.String username, java.lang.String password)`
`Subject`	`loginUnauthenticated(java.lang.String user, boolean reattach)` Logs in a user without performing any authentication.
`void`	`logout(int sessionId)`
`void`	`logout(Subject subject)`
`Subject`	`updateSubject(Subject subject, Subject subjectToModify)`

Method Detail

loadUserConfiguration

Subject loadUserConfiguration(java.lang.Integer subjectId)

Loads in the given subject's configuration.

Parameters:: subjectId - identifies the subject whose user configuration is to be loaded
Returns:: the subject, with its user configuration loaded

findSubjectsById

PageList<Subject> findSubjectsById(java.lang.Integer[] subjectIds,
                                   PageControl pageControl)

Given a set of subject Ids, this returns a list of all the subjects.

Parameters:: subjectIds -; pageControl -
Returns:: all the subjects with the given ID

getOverlord

Subject getOverlord()

This returns the system super user subject that can be used to authorize the caller for any other system call. This must not be exposed to remote clients.

Returns:: a subject that is authorized to do anything

findAllSubjects

PageList<Subject> findAllSubjects(PageControl pageControl)

See Also:: SubjectManagerRemote#findAllSubjects(PageControl)

generateTemporarySessionPassword

java.lang.String generateTemporarySessionPassword(int sessionId)

Generates a one-time temporary session password for the given session. This can be used to authenticate the user of that session for one time and one time only (i.e. to login as the user this temporary password can be used as opposed to the user's real password).

Note that this method should only be available on this EJB's local interface.

Parameters:: sessionId - the session to assign a temporary password to
Returns:: a temporary password that can be used once to login as the user

authenticateTemporarySessionPassword

boolean authenticateTemporarySessionPassword(java.lang.String password)
                                             throws java.lang.Exception

Tests the validity of the given session password. Returns true if the password is valid and the session is still valid.

Parameters:: password - a temporary session password that was created by generateTemporarySessionPassword(int).
Returns:: true if the given password is valid and its associated session is still valid
Throws:: java.lang.Exception - if the password was valid but its associated session has either timed out or was invalidated

loginUnauthenticated

Subject loginUnauthenticated(java.lang.String user,
                             boolean reattach)
                             throws LoginException

Logs in a user without performing any authentication. This method should be used with care and not available to remote clients. Because of the unauthenticated nature of this login, the new login session will have a session timeout of only a few seconds. However, if you pass in true for the "reattach", this method will re-attach to an existing session for the user, if one is active already. If one does not exist, this method will login and create a new session just as if that parameter was false.

Parameters:: user - The user to authenticate and login; reattach - If true, will re-attach to an existing login session, if one exists
Returns:: the user's Subject
Throws:: LoginException - if failed to create a new session for the given user

createPrincipal

void createPrincipal(Subject subject,
                     Principal principal)
                     throws SubjectException

Creates a new principal (username and password) in the internal database.

Parameters:: subject - The subject of the currently logged in user; principal - The principal to add
Throws:: java.lang.Exception - if the principal could not be added; SubjectException

isUserWithPrincipal

boolean isUserWithPrincipal(java.lang.String username)

Checks that the user exists and has a Principal associated with it. This means that the user both exists and is authenticated via JDBC. An LDAP user will not have a Principal because it is authenticated via the LDAP server, not from the database.

Parameters:: username - the user whose existence is to be checked
Returns:: true if the user exists and has a Principal, false otherwise

findAllUsersWithPrincipals

java.util.Collection<java.lang.String> findAllUsersWithPrincipals()

Get a collection of all user names, where the collection contains the names of all users that have principals only. You will not get a list of usernames for those users authenticated by LDAP.

Returns:: collection of all user names that have principals

deleteUsers

void deleteUsers(Subject subject,
                 int[] subjectIds)

Deletes the given set of users, including both the Subject and Principal objects associated with those users.

Parameters:: subject - the person requesting the deletion; subjectIds - identifies the subject IDs for all the users that are to be deleted
Throws:: java.lang.Exception - if failed to delete one or more users

getSessionSubject

Subject getSessionSubject(int sessionId)
                          throws java.lang.Exception

Returns the actual Subject for the given session.

Parameters:: sessionId -
Returns:: the Subject representation of the user that is logged in with that session ID
Throws:: java.lang.Exception - if the subject could not be retreived for some reason

isValidSessionId

boolean isValidSessionId(int session,
                         java.lang.String username)

Determines if the given session ID is valid and it is associated with the given user.

Parameters:: session -; username -
Returns:: true if the session ID indentifies a valid session; false if it is invalid or has timed out

findAvailableSubjectsForRole

PageList<Subject> findAvailableSubjectsForRole(Subject whoami,
                                               java.lang.Integer roleId,
                                               java.lang.Integer[] pendingSubjectIds,
                                               PageControl pc)

This returns a list of subjects that are available to be assigned to a given role but not yet assigned to that role. This excludes subjects already assigned to the role. The returned list will not include the subjects identified by pendingSubjectIds since it is assumed the pending subjects will be assigned to the role.

Parameters:: whoami - user attempting to make this call; roleId - the role whose list of available subjects are to be returned; pendingSubjectIds - the list of subjects that are planned to be given to the role; pc -
Returns:: the list of subjects that can be assigned to the given role, not including the pending subjects

findAvailableSubjectsForAlertDefinition

PageList<Subject> findAvailableSubjectsForAlertDefinition(Subject whoami,
                                                          java.lang.Integer alertDefinitionId,
                                                          java.lang.Integer[] pendingSubjectIds,
                                                          PageControl pc)

This returns a list of subjects that are available to be assigned to a given alert definition but not yet assigned to that alert definition. This excludes subjects already assigned to the alert definition. The returned list will not include the subjects identified by pendingSubjectIds since it is assumed the pending subjects will be assigned to the alert definition.

Parameters:: whoami - user attempting to make this call; alertDefinitionId - the alert definition whose list of available subjects are to be returned; pendingSubjectIds - the list of subjects that are planned to be given to the alert definition; pc -
Returns:: the list of subjects that can be assigned to the given alert definition, not including the pending subjects

logout

void logout(int sessionId)

changePassword

void changePassword(Subject subject,
                    java.lang.String username,
                    java.lang.String password)

#see {@link SubjectManagerRemote#changePassword(Subject, String, String)

createPrincipal

void createPrincipal(Subject subject,
                     java.lang.String username,
                     java.lang.String password)
                     throws SubjectException

#see {@link SubjectManagerRemote#createPrincipal(Subject, String, String)

Throws:: SubjectException

createSubject

Subject createSubject(Subject subject,
                      Subject subjectToCreate)
                      throws SubjectException

#see {@link SubjectManagerRemote#createSubject(Subject, Subject)

Throws:: SubjectException

deleteSubjects

void deleteSubjects(Subject subject,
                    int[] subjectIds)

#see {@link SubjectManagerRemote#deleteSubjects(Subject, int[])

getSubjectById

Subject getSubjectById(int id)

#see SubjectManagerRemote#getSubjectById(Subject, int)

getSubjectByName

Subject getSubjectByName(java.lang.String username)

See Also:: SubjectManagerRemote#getSubjectByName(String)}

isLoggedIn

boolean isLoggedIn(java.lang.String username)

See Also:: SubjectManagerRemote#isLoggedIn(String)

login

Subject login(java.lang.String username,
              java.lang.String password)
              throws LoginException

Throws:: LoginException
See Also:: SubjectManagerRemote.login(String, String)

logout

void logout(Subject subject)

updateSubject

Subject updateSubject(Subject subject,
                      Subject subjectToModify)

See Also:

findSubjectsByCriteria

PageList<Subject> findSubjectsByCriteria(Subject subject,
                                         SubjectCriteria criteria)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.rhq.enterprise.server.auth Interface SubjectManagerLocal

loadUserConfiguration

findSubjectsById

getOverlord

findAllSubjects

generateTemporarySessionPassword

authenticateTemporarySessionPassword

loginUnauthenticated

createPrincipal

isUserWithPrincipal

findAllUsersWithPrincipals

deleteUsers

getSessionSubject

isValidSessionId

findAvailableSubjectsForRole

findAvailableSubjectsForAlertDefinition

logout

changePassword

createPrincipal

createSubject

deleteSubjects

getSubjectById

getSubjectByName

isLoggedIn

login

logout

updateSubject

findSubjectsByCriteria

org.rhq.enterprise.server.auth
Interface SubjectManagerLocal