|
OSGi™ Service Platform Release 2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
This interface is used to manage a database of named Role objects, which can be used for authentication and authorization purposes.
This version of the User Admin service defines two types of Role objects: "User" and "Group". Each type of role is represented by an int constant and an interface. The range of positive integers is reserved for new types of roles that may be added in the future. When defining proprietary role types, negative constant values must be used.
Every role has a name and a type.
A User
object can be configured with credentials (e.g., a password)
and properties (e.g., a street address, phone number, etc.).
A Group
object represents an aggregation of User
and
Group
objects. In other words, the members of a Group object are roles themselves.
Every User Admin service manages and maintains its own namespace of Role objects, in which each Role object has a unique name.
Method Summary | |
Role |
createRole(java.lang.String name,
int type)
Creates a Role object with the given name and of the given type. |
Authorization |
getAuthorization(User user)
Creates an Authorization object that encapsulates the specified User object and the Role objects it possesses. |
Role |
getRole(java.lang.String name)
Gets the Role object with the given name from this User Admin service. |
Role[] |
getRoles(java.lang.String filter)
Gets the Role objects managed by this User Admin service that have properties matching the specified LDAP filter criteria. |
User |
getUser(java.lang.String key,
java.lang.String value)
Gets the user with the given property key-value pair from the User Admin service database. |
boolean |
removeRole(java.lang.String name)
Removes the Role object with the given name from this User Admin service. |
Method Detail |
public Role createRole(java.lang.String name, int type)
If a Role object was created, a UserAdminEvent object of type
UserAdminEvent.ROLE_CREATED
is broadcast to any
UserAdminListener object.
name
- The name of the Role object to create.type
- The type of the Role object to create. Must be either
a Role.USER
type or Role.GROUP
type.
java.lang.IllegalArgumentException
- if type is invalid.
java.lang.SecurityException
- If a security manager exists and the caller
does not have the UserAdminPermission with name admin.public boolean removeRole(java.lang.String name)
If the Role object was removed, a UserAdminEvent object of type
UserAdminEvent.ROLE_REMOVED
is broadcast to any
UserAdminListener object.
name
- The name of the Role object to remove.
java.lang.SecurityException
- If a security manager exists and the caller
does not have the UserAdminPermission with name admin.public Role getRole(java.lang.String name)
name
- The name of the Role object to get.
public Role[] getRoles(java.lang.String filter) throws InvalidSyntaxException
filter
- The filter criteria to match.
InvalidSyntaxException
public User getUser(java.lang.String key, java.lang.String value)
key
- The property key to look for.value
- The property value to compare with.
public Authorization getAuthorization(User user)
user
- The User object to create an Authorization object for, or
null for the anonymous user.
|
OSGi™ Service Platform Release 2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |