Ceptor Docs

Page tree
Skip to end of metadata
Go to start of metadata

Please also check out our UserAdmin REST API which makes these methods available in a REST interface


The UserAdmin API can be accessed on any server. It requires a standard Ceptor Agent setup to be present. The UserAdmin API is access just like the Ceptor Agent interface. 

import dk.itp.portalprotect.useradmin.data.User;
import dk.itp.pp.useradmin.IUserAdmin;
import dk.itp.pp.useradmin.UserAdminAgent;

{
IUseradmin im = UserAdminAgent.getInstance();
	User user = im.getUser( <userid> );
	String firstname = user.getFirstName();	
}

Note: The access for this API will change over time as new features are added. Consult the javadoc in useradminjavadoc.zip in the distribution directory documentation

This is a listing of all the methods available through the identity management API:

public interface IUserAdmin {
/**
 * Login to the user administration - depending on the userid and credentials, the server might elect not to
 * support specific commands
 * 
 * @param userid The user ID to login with.
 * @param credentials The credentials (usually password) to present to the server
 */
public void login(String userid, Object credentials) throws UserAdminException;

/**
 * Provides direct access to the useradministration if already logged in through another
 * channel
 * 
 * @param sessionid The PP session ID 
 */
public void login(String sessionid) throws UserAdminException;

/**
 * Tries to get a user record from the server
 * 
 * @param userid The userid to retrieve
 * @return The user record
 */
public User getUser(int userid) throws UserAdminException;

/**
 * Tries to fetch a user based on a row value from the user database
 * 
 * @param row The ID of a row in the user database (fetched from <code>IUserAttributes</code>)
 * @param rowValue The value of the row to look for
 * @return The user record
 */
public User getUser(String row, String rowValue) throws UserAdminException;

/**
 * Tries to get a user record from the server
 * 
 * @param logonID The logon ID (the user ID the user entered)
 * @param method The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @return The user record
 */
public User getUser(String logonID, int method) throws UserAdminException;

/**
 * Retrieves all user groups
 * 
 * @return A list of the retrieved groups
 */
public Group[] getAllGroups() throws UserAdminException;

/**
 * Retrieves all user profiles
 * 
 * @return A list of the retrieved profiles
 */
public Profile[] getAllProfiles() throws UserAdminException;

/**
 * Retrieves the groups a specific user is member of
 * 
 * @param userid The userid of the user to fetch member groups for
 * @return A list of the retrieved groups
 */
public Group[] getGroups(int userid) throws UserAdminException;

/**
 * Retrieves the groups attached to a specific list of profiles
 * 
 * @param profiles The list of profiles to fetch groups for
 * @return A list of the retrieved groups
 */
public Group[] getGroupsByProfiles(int profiles[]) throws UserAdminException;

/**
 * Retrieves the profiles a specific user is member of
 * 
 * @param userid The userid of the user to fetch member profiles for
 * @return A list of the retrieved profiles
 */
public Profile[] getProfiles(int userid) throws UserAdminException;

/**
 * Retrieves the profiles attached to a specific group
 * 
 * @param groupid The group id of the group to fetch attached profiles for
 * @return A list of the retrieved profiles
 */
public Profile[] getProfilesByGroup(int groupid) throws UserAdminException;

/**
 * Called to indicate that a users login failed, so invalid login counter is increased by 1
 * 
 * @param logonID The logon ID (the user ID the user entered)
 * @param method The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 */
public void loginFailed(String logonID, int method) throws UserAdminException;

/**
 * Called to indicate that the logon succeeded for the user, so the number of invalid password
 * attempts is reset, the last login timestamp is updated etc.
 * 
 * @param loginID The logon ID (the user ID the user entered)
 * @param method The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 */
public void loginSucceeded(String loginID, int method) throws UserAdminException;

/**	
 * Called to indicate that the user has lost his credentials - this will trigger the generation of
 * a new password, or of a new PIN-letter that is sent to the user, depending on the type of credentials,
 * and on the plugin running on the UserAdmin server.
 * 
 * @param loginID The logon ID (the user ID the user entered)
 * @param method The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param data This object is sent along to the server, to allow you to specify extra information such as which action to take.
 * @return An object describing the result.
 */
public Object credentialsLost(String loginID, int method, Object data) throws UserAdminException;

/**
 * This method locks a user account by setting the the lock reason
 * on the user object
 * 
 * @param userid The id of the user to update
 * @param status The new status for this user
 * @param statusinfo The status info for this user - if the status is e.g. locked, the info field describes why.
 */
public void updateUserStatus(int userid, int status, int statusinfo) throws UserAdminException;
	
/**
 * This method overwrites the authentication level given by the authentication
 * method attached to a challenge. 
 * 
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param authlvl The new overwriting lock level for this challenge
 */
public void updateChallengeAuthLevel(String logonid, int methodid, int authlvl) throws UserAdminException;

/**
 * This method changes the status of a challenge (usually locks it) the status code
 * on the challenge object
 * 
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param status The new status for this challenge
 */
public void updateChallengeStatus(String logonid, int methodid, int status) throws UserAdminException;

/**
 * This method deletes an entire challenge entry from the challenge
 * database
 * 
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 */
public void deleteChallenge(String logonid, int methodid) throws UserAdminException;

/**
 * This method create a new challenge entry in the challenge
 * database
 * 
 * @param userid The id of the user to update
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param credentials The credentials (usually password) to present to the server
 */
public void createChallenge(int userid, String logonid, int methodid, byte[] credentials ) throws UserAdminException;

/**
 * This method create a new challenge entry in the challenge
 * database. This method will result in a non delivery of the
 * challenge.
 * 
 * @param userid The id of the user to update
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param credentials The credentials (usually password) to present to the server
 * @param status The status code for the new challenge
 * @param authlvl The "real" authentication level to use
 */
public void createChallenge(int userid, String logonid, int methodid, int status, byte[] credentials, int authlvl ) throws UserAdminException;

/**
 * This method create a new challenge entry in the challenge
 * database
 * 
 * @param userid The id of the user to update
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param credentials The credentials (usually password) to present to the server
 * @param status The status code for the new challenge
 * @param authlvl The "real" authentication level to use
 * @param deliverymethod The delivery method of the challenge
 */
public void createChallenge(int userid, String logonid, int methodid, int status, byte[] credentials, int authlvl, int deliverymethod ) throws UserAdminException;

/**
 * This method updates a challenge entry in the challenge
 * database
 * 
 * @param logonid The logon ID (the user ID the user entered)
 * @param methodid The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 * @param credentials The credentials (usually password) to present to the server
 */
public void updateChallenge(String logonid, int methodid, byte[] credentials ) throws UserAdminException;

/**
 * This method updates a users attributes. The content should
 * be given as String objects (both key and values alike)
 * 
 * @param userid The userid of the user to update
 * @param attributes A hashtable containing the attributes to create/update (if a value is empty, it will be deleted)
 */
public void updateUserAttributes(int userid, Hashtable attributes) throws UserAdminException;

/**
 * This method can be used to create a user within the user database. 
 * The user will get a challenged attached to him.
 * 
 * @param logonid The logon id for the challenge attached to the user
 * @param methodid The authentication method for the challenge attached to the user
 * @param level Authentication level, or 0 for default for this method
 * @param credentials The credentials for the attached challenge
 * @return The user id of the newly created user
 * @throws UserAdminException If an error occurs. If a challenge entry exists, the exception is thrown with errorcode ERROR_ENTRYALREADYEXIST
 */
public int createUser( String logonid, int methodid, int level, byte[] credentials ) throws UserAdminException;

/**
 * This method can be used to create a user within the user database. 
 * The user will get a challenged attached to him. Also the parsed
 * attribute table will be added to the user database. If the attributes
 * parsen is <code>null</code> they will be ignored.
 * 
 * @param logonid The logon id for the challenge attached to the user
 * @param methodid The authentication method for the challenge attached to the user
 * @param level Authentication level, or 0 for default for this method
 * @param credentials The credentials for the attached challenge
 * @param attributes The attributes for the new user
 * @return The user id of the newly created user
 * @throws UserAdminException If an error occurs. If a challenge entry exists, the exception is thrown with errorcode ERROR_ENTRYALREADYEXIST
 */
public int createUser( String logonid, int methodid, int level, byte[] credentials, Hashtable attributes ) throws UserAdminException;

/**
 * This method can be used to create a user within the user database.
 * 
 * @return The user id of the newly created user
 */
public int createUser() throws UserAdminException;

/**
 * This method can be used to retreive a specific challenge for
 * a user. Very usefull for business logic depending on 
 * challenge information not requirering other user information
 * 
 * @param id The ID of the user with that specific challenge
 * @param method The ID of the authentication method to fetch
 * @return The challenge object retrieved from the database
 */
public Challenge getUserChallenge( int id, int method ) throws UserAdminException;

/**
 * This method can be used to retreive a specific challenge for
 * a user. Very usefull for business logic depending on 
 * challenge information not requirering other user information
 * 
 * @param logonid The logon id of the user with that specific challenge
 * @param method The ID of the authentication method to fetch
 * @return The challenge object retrieved from the database
 */
public Challenge getUserChallenge( String logonid, int method ) throws UserAdminException;

/**
 * This method can be used to search for challenges with a specific
 * authentication level which was created and never used
 * 
 * @param authlvl The authentication level
 * @param date The date to match up against
 * @param before A boolean stating whether to search before or after this date
 * @return A list of challenges matching the search
 * @throws UserAdminException If an error occurs during search. If no rows where found, error id <code>UserAdminException.ERROR_NOROWSFOUND</code> will be set 
 */
public Challenge[] searchInitialChallenges( int authlvl, Date date, boolean before )  throws UserAdminException;

/**
 * This method can be used to search for challenges with a specific
 * authentication level which have not logged on since a specific date
 * 
 * @param authlvl The authentication level
 * @param date The date to match up against
 * @param before A boolean stating whether to search before or after this date
 * @return A list of challenges matching the search
 * @throws UserAdminException If an error occurs during search. If no rows where found, error id <code>UserAdminException.ERROR_NOROWSFOUND</code> will be set 
 */
public Challenge[] searchInactiveChallenges( int authlvl, Date date, boolean before ) throws UserAdminException;

/**
 * This method can be called to activate a search that goes through
 * all the challenges in the challenge table and calls a handler 
 * for each challenge
 * 
 * @param handler The handler that is called for each challenge
 * @param continueOnError Specifies whether the server should continue when an exception is thrown from the handler
 */
public void batchChallenges( IChallengeHandler handler, boolean continueOnError ) throws UserAdminException;

/**
 * This method can be called to activate a search that goes through
 * all the challenges in the challenge table and calls a handler 
 * for each userid in the challenge table with the challenges for that 
 * user
 * 
 * @param handler The handler that is called for each user in the challenge table
 * @param continueOnError Specifies whether the server should continue when an exception is thrown from the handler
 */
public void batchChallenges( IUserChallengeHandler handler, boolean continueOnError ) throws UserAdminException;

/**
 * Attaches the given profiles to a user
 * 
 * @param userid The user to modify
 * @param profiles The list of profiles to add to the user
 */
public void attachProfiles(int userid, int[] profiles) throws UserAdminException;

/**
 * Detaches (removes) the given profiles from a user, so he is no longer member of the listed profiles.
 * 
 * @param userid The user to modify
 * @param profiles The list of profiles to remove from the user
 */
public void detachProfiles(int userid, int[] profiles) throws UserAdminException;

/**
 * Sends a custom command to the server
 * 
 * @param command The command object to execute
 * @return The command reply object
 */
public AbstractUserAdminCommand executeCustomCommand(AbstractUserAdminCommand command) throws UserAdminException;

/**
 * Sends a custom command to the server that will be interpreted and executed by it - this allows
 * for any commands to be executed by the useradmin server, and it is a great place for extending it
 * so it can support custom functionality.
 * 
 * @param command The name of the command to execute
 * @param data The request data object to send to the server
 * @return The reply data object
 */
public Object executeCustomCommand(String command, Object data) throws UserAdminException;

/**
 * Called to reset the number of invalid password attempts
 * 
 * @param loginID The logon ID (the user ID the user entered)
 * @param method The authentication method (userid/password, userid/keyfile, userid/certificate etc.)
 */
public void resetInvalidPasswordAttempts(String loginID, int method) throws UserAdminException;

/**
 * Sets the number of milliseconds to wait for a reply, this will affect all commands executed.
 * The default timeout is 30000 ms or 30 seconds.
 * 
 * @param timeout The timeout in milliseconds
 */
public void setTimeout(int timeout) throws UserAdminException;

/**
 * The specified string is logged in the revisionlog
 * 
 * @param str The string to add, could typically be signtext=xxxxx;certificate=yyyyy
 */
public void logInRevisionLog(String str) throws UserAdminException;

/**
 * Lists the acls defined in the useradmin database
 * @return The list of acls
 * @throws UserAdminException If an error occures during list
 */
public Acl[] listAcls() throws UserAdminException; 

/**
 * Searches for challenges with the specified logon ID, and who is member of the given group (if group is not null)
 */
public Challenge[] searchChallenges(String logonIdPattern, String groupName, int maxResults) throws UserAdminException;

	
/**
 * Attaches the given profiles to a series of users. Invalid combinations of 
 * logon_id and method_id will be ignored. If a user already has one of the profiles
 * attached that attachment will be skipped.
 * 
 * @param profiles The list of profiles to add to the user
 * @param logon_ids The users to modify
 * @param method_ids The methods deciding the logon_ids (must be same length)
 * @return The number of user that had one or more profiles attached
 */
public int attachProfiles(int profiles[], String logon_ids[], int method_ids[] ) throws UserAdminException;

/**
 * Allows the application using the API to set the name. Used for
 * identifying the application at the useradministration server.
 * @param appname The name of the application 
 */	
public void setApplicationName( String appname );
}


User Administration Access Service

The Access Server service is an extended API that allows full access to the user administration features within PortalProtect. The API is an direct extension of the “normal” identity management API that allows for typical, more secure and non-harmful user administration features. This API should only be used by applications that require full access to the user administration features (like an internal user administration application)

Setting it up the Useradmin Access Service

Each instance of an identity management access service requires a configuration instance on the configuration server. The same configuration can be reused if wanted. This will require the access services to be started on separate machines since the address/port it listens on is part of the configuration.

Configuration Needed

Below is a list of a sample configuration entry in the portalprotect-configuration.xml file required for a access service.

<server name="useradminaccess1" type="useradminaccess" description="User Administration Access Server">
  <group name="general" description="General Configuration">
    <property name="server.port" value="16000" 
              description="The port number to use when listening for connections" valid="null"/>
    <property name="config.servers" value="localhost:21233,configserver2:21233"
              description="list of config server to broadcast" valid="null"/>
  </group>
  <group name="useradmin" description="Useradmin Configuration">
    <property name="useradmin.server" value="localhost:15000" 
              description="The useradministration server to connect to" valid="null"/>
    <property name="ptsserver" value="localhost:21343" 
              description="list of PTS servers" valid="null"/>
  </group>
  <group name="cache" description="Cache Configuration">
    <property name="cache.maxusers" value="1000" 
              description="The maximum number og users cached in the access server" valid="null"/>
    <property name="cache.forcetimeout" value="600000" 
              description="The maximum timeout for a cached user" valid="null"/>
    <property name="cache.timeout" value="600000" 
              description="The normal timeout of a cached user" valid
  </group>
</server>

Starting it up useradmin access service

Starting up and using an access service is as simple as adding a servlet entry to your web.xml where you need to run or simply just call the start service method with a property object.

Web application requirements

If running on a custom web application container and not through the build in launcher delivered with PortalProtect, the is the entry that should be put into the web.xml to make the access service available.

<servlet>
        <servlet-name>useradminaccess</servlet-name>
        <servlet-class>dk.itp.pp.useradmin.access.UserAdminAccessServlet</servlet-class>
        <init-param>
            <param-name>server.name</param-name>
            <param-value>useradminaccess1</param-value>
        </init-param>
        <init-param>
            <param-name>config.server</param-name>
            <param-value>localhost:21233</param-value>
        </init-param>
	    <load-on-startup>10</load-on-startup>
</servlet>

Both the server.name and the config.server init parameters are required (if no server.name is given, a warning will be logged and the name “useradminaccess1” will be attempted).

Using the useradmin access service

When the access service has been correctly started it is simply a matter of using it through the factory instance.

import dk.itp.portalprotect.useradmin.data.User;
import dk.itp.pp.useradmin.access.IUserAdminAccess;

{
IUseradminAccess admin = UserAdminAccessServer.getInstance( sessionid );
	User user = access.getUser( <userid> );
	String firstname = user.getFirstName();	
}

The session id is a PortalProtect session ID. This is usually aquired through a dispatcher in front of the web application or it can be aquired by logging on to the session controller.

String sessionid = PTServer.getInstance().newSession( "<client ip>");
PTServer.getInstance().logon( sessionid, "<userid>", "<password>");

Note: The jar files will change in a soon to be released version of PortalProtect where the Identity Management API will “merge” with the PortalProtect agent API. 

Access API Methods

The Access API is as mentioned earlier an extension to the basic identity management API. This section lists all methods in the Access API with documentation. On information how to access this interface, please refer to the latter section.

public interface IUseradminAccess extends IUserAdmin {
/**
 * This method is used to search for users from their logon ID
 * 
 * @param logonid The logon ID to search for
 * @return A list of users with that logon ID
 * @throws UserAdminException If an error occurs during search. If no rows where found, error id <code>UserAdminException.ERROR_NOROWSFOUND</code> will be set 
 */
public QuickUser[] searchUsers( String logonid ) throws UserAdminException;

/**
 * This method is used to search for users from their logon ID, but restricts results to a single organisation
 * 
 * @param logonid The logon ID to search for
 * @param organisation_id The organisation to look in
 * @return A list of users with that logon ID
 * @throws UserAdminException If an error occurs during search. If no rows where found, error id <code>UserAdminException.ERROR_NOROWSFOUND</code> will be set 
 */
public QuickUser[] searchUsers( String logonid, int organisation_id ) throws UserAdminException;

/**
 * This method is used to search for a user through the user attributes. 
 * Allowed attributes can be fetched from @see dk.itp.pp.useradmin.client.IUserAttributes
 * 
 * @param attributes The attributes to search for
 * @param sortRow The row to sort after (null in this value will mean no sorting)
 * @return A list of users matching the given attrbutes
 * @throws UserAdminException If an error occurs during search. If no rows where found, error id <code>UserAdminException.ERROR_NOROWSFOUND</code> will be set 
 */
public QuickUser[] searchUsers( Hashtable attributes, String sortRow ) throws UserAdminException;

/**
 * This method can be used to retreive all the delivery methods defined in the
 * useradministration system
 * @return A list of Delivery methods defined in the system
 * @throws UserAdminException If an error occurs fetching data
 */
public DeliveryMethod[] getAllDeliveryMethods() throws UserAdminException;

/**
 * 
 * @return The list of valid user attributes (including those defined through server plugin)
 * @throws UserAdminException If an error occurs fetching data
 */	
public String[] getAllUserAttributes() throws UserAdminException;

/**
 * This method can be used to retreive all the authentication methods defined in the
 * useradministration system
 * @return A list of the authentication methods defined in the system
 * @throws UserAdminException If an error occurs fetching data
 */
public AuthenticationMethod[] getAllAuthenticationMethods() throws UserAdminException;

/**
 * This method can be used to retreive all the status's defined in the
 * useradministration system
 * @return A list of Status messages defined in the system
 * @throws UserAdminException If an error occurs fetching data
 */
public Status[] getAllStatus() throws UserAdminException;

/**
 * This method can be used to retreive all the status info's defined in the
 * useradministration system
 * @return A list of Status info messages defined in the system
 * @throws UserAdminException If an error occurs fetching data
 */
public StatusInfo[] getAllStatusInfo() throws UserAdminException;

/**
 * Returns a specific status. 
 * @param statusid The ID of the status
 * @return The status with the id given. <code>null</code> if the status does not exist
 * @throws UserAdminException If an error occurs fetching data
 */
public Status getStatus( int statusid )  throws UserAdminException;	

/**
 * Returns a specific status info 
 * @param statusinfoid The ID of the status info
 * @return The status info with the id given. <code>null</code> if the status info does not exist
 * @throws UserAdminException If an error occurs fetching data
 */
public StatusInfo getStatusInfo( int statusinfoid ) throws UserAdminException;

/**
 * Creates a new organisation
 * 
 * @param name The name of the organisation
 * @param description Description of the organisation
 * @param parent Parent ID of the organisation (-1 if no parent) 
 * @param status Status of this organisation
 * @param statusinfo Status info message for this organisation
 * @return The ID of the newly created organisation
 * @throws UserAdminException If an error occurs during creation of the organisation
 */
public int createOrganisation( String name, String description, int parent, int status, int statusinfo)  throws UserAdminException;

/**
 * Creates a new organisation with attach of profiles
 * 
 * @param name The name of the organisation
 * @param description Description of the organisation
 * @param parent Parent ID of the organisation (-1 if no parent) 
 * @param status Status of this organisation
 * @param statusinfo Status info message for this organisation
 * @param profiles Attach the profiles 
 * @return The ID of the newly created organisation
 * @throws UserAdminException If an error occurs during creation of the organisation
 */
public int createOrganisation( String name, String description, int parent, int status, int statusinfo, int profiles[] )  throws UserAdminException;

/**
 * This method returns a list of all organisations defined in the user
 * administration system. The organisations returned will <b>not</b> contain
 * attribute data.
 *  
 * @return All organisations. An empty list if no organisations exists.
 * @throws UserAdminException If an error occurs fetching data
 */
public Organisation[] getAllOrganisations() throws UserAdminException;

/**
 * Returns a list of organisations with the given parent ID. The organisations
 * returned will <b>not</b> contain attribute data.
 * 
 * @param parentId The parent ID of the organisations to search for
 * @return The organisation list with the given parent. An empty list if no organisations exist
 */
public Organisation[] getOrganisations( int parentId ) throws UserAdminException;

/**
 * This method returns specific organisation based on the ID. This organisation
 * will include attribute data.
 * 
 * @param organisationid The ID of the organisation to retreive
 * @return The organisation with the given ID. <code>null</code> if it does not exist.
 * @throws UserAdminException If an error occurs fetching data
 */
public Organisation getOrganisation( int organisationid ) throws UserAdminException;
	
/**
 * Returns the profiles attached to an organisation
 * 
 * @param organisationid The ID of the organisation to retreive profiles from
 * @return A list of profiles attached to the given organisation
 * @throws UserAdminException If an error occurs fetching data
 */
public Profile[] getOrganisationProfiles( int organisationid ) throws UserAdminException;
	
/**
 * This method allows the update of a single organisation
 * 
 * @param organisationid The ID of the organisation to update
 * @param name The name of the organisation.
 * @param description The description of the organisation
 * @param parentid The ID of the parent organisation (-1 if no parent)
 * @param status The new status of the organisation 
 * @param statusinfo The new statusinfo of the organisation 
 * @throws UserAdminException If an error occurs updating data
 */
public void updateOrganisation( int organisationid, String name, String description, int parentid, int status, int statusinfo ) throws UserAdminException;
	
/**
 * This method updates an organisations attributes
 * 
 * @param organisationid The ID of the organisation to update
 * @param attributes A hashtable containing the attributes to create/update (if a value is empty, it will be deleted)
 * @throws UserAdminException If an error occurs updating data
 */
public void updateOrganisationAttributes(int organisationid, Hashtable attributes) throws UserAdminException;

/**
 * Used for creating a new group 
 * @param name Group name
 * @param description Group description
 * @param authlvl Authentication level for this new group
 * @return The ID of the group created   
 * @throws UserAdminException If an error occurs creating data
 */
public int createGroup( String name, String description, int authlvl ) throws UserAdminException;

/**
 * Used for creating a new profile 
 * @param name Profile name
 * @param description Profile description
 * @return The ID of the profile created   
 * @throws UserAdminException If an error occurs fetching data
 */
public int createProfile( String name, String description ) throws UserAdminException;

/**
 * Used for updating an existing group
 * @param id Group ID 
 * @param name Group name
 * @param description Group description
 * @param authlvl Authentication level for the group
 * @throws UserAdminException If an error occurs updating data
 */
public void updateGroup( int id, String name, String description, int authlvl ) throws UserAdminException;

/**
 * Used for updating a profile
 * @param id Profile ID 
 * @param name Profile name
 * @param description Profile description
 * @throws UserAdminException If an error occurs updating data
 */
public void updateProfile( int id, String name, String description ) throws UserAdminException;

/**
 * Used for attaching a group to a profile
 * @param id Profile ID 
 * @param groupid ID of the group to attach to the profile
 * @throws UserAdminException If an error occurs updating data
 */
public void attachGroupToProfile( int id, int group ) throws UserAdminException;

/**
 * Used for detaching a group from a profile
 * @param id Profile ID 
 * @param groupid ID of the group to detach from the profile
 * @throws UserAdminException If an error occurs updating data
 */
public void detachGroupFromProfile( int id, int group ) throws UserAdminException;

/**
 * Used for deleting a group
 * @param id Group ID 
 * @throws UserAdminException If an error occurs deleting data
 */
public void deleteGroup( int id ) throws UserAdminException;

/**
 * Used for deleting a profile
 * @param id Profile ID 
 * @throws UserAdminException If an error occurs deleting data
 */
public void deleteProfile( int id ) throws UserAdminException;

/**
 * Used for deleting an organisation
 * @param id Organisation ID
 * @throws UserAdminException If an error occurs deleting data
 */
public void deleteOrganisation( int id ) throws UserAdminException; 

/**
 * Used for attaching a profile to an organisation
 * @param id Organisation ID 
 * @param profileid ID of the profile
 * @throws UserAdminException If an error occurs updating data
 */
public void attachProfileToOrganisation( int id, int profile ) throws UserAdminException;

/**
 * Used for detaching a profile from an organisation
 * @param id Organisation ID 
 * @param profileid ID of the profile
 * @throws UserAdminException If an error occurs updating data
 */
public void detachProfileFromOrganisation( int id, int profile ) throws UserAdminException;

/**
 * This method can be used to create a user within the user database. 
 * The user will get a challenged attached to him. Also the parsed
 * attribute table will be added to the user database and the list of 
 * profiles that the user is to be attached to. If the attributes or 
 * profiles parsen is <code>null</code> they will be ignored.
 * 
 * @param logonid The logon id for the challenge attached to the user
 * @param methodid The authentication method for the challenge attached to the user
 * @param level Authentication level, or 0 for default for this method
 * @param credentials The credentials for the attached challenge
 * @param profiles The profiles to attach the new user to
 * @param attributes The attributes for the new user
 * @return The user id of the newly created user
 * @throws UserAdminException If an error occurs creating the user. If a challenge entry exists, the exception is thrown with errorcode ERROR_ENTRYALREADYEXIST
 */
public int createUser( String logonid, int methodid, int level, byte[] credentials, int[] profiles, Hashtable attributes ) throws UserAdminException;

/**
 * Returns a list of profiles that the user is allowed to assign to users
 * @return The list of profiles
 * @throws UserAdminException If an error occurs fetching the profiles
 */
public Profile[] getAssignableProfiles() throws UserAdminException;

/**
 * Searches for an organisation using the parameters given. The organisations
 * returned will <b>not</b> include profile and attribute information, those
 * must be retreived through the <code>getOrganisation</code> method.
 * 
 * @param attributes A list of the attributes to search for. Attributes in the main table can be searched for using the constants in the <code>Organisation</code> interface.
 * @param sortrow The row to sort by
 * @throws UserAdminException If an error occurs during search. If no rows where found, error id <code>UserAdminException.ERROR_NOROWSFOUND</code> will be set 
 */
public Organisation[] searchOrganisations( Hashtable attributes, String sortRow )  throws UserAdminException;	

/**
 * Customer specific search method for searching users in the database.
 * 
 * @param parameter The parameter object for the search
 * @param maxCount The maximum number of rows to return (if <= 0 it will be set to 100)
 * @return The result of the search. If users where searched for the result will be QuickUser[]String[] with the strings containing the challenge logon IDs. If en email or PBS sent search is done the result will be a Date[]QuickUser[]..  
 * @throws UserAdminException If an error occurs during search
 */
public Object[][] listSearchNKUser( NKUserSearchParameter parameter, int maxCount ) throws UserAdminException;	

/**
 * This method is used for a wide user list search. The search is fairly
 * slow (un-indexed on some fields) so it should be used lightly. At least one search
 * parameter in the parameter object <b>must</b> be set. If not an exception is thrown!
 * 
 * @param parameter The user search parameter object defining the search parameters
 * @param maxCount The maximum number of rows to return (if <= 0 it will be set to 100)
 * @param starttime The time to start searching for list entries. A value of -1 equals ignoring this value
 * @param endtime The time to stop searching for list entries. A value of -1 equals ignoring this value
 * @return The result of the search
 * @throws UserAdminException If an error occurs during search
 */
public QuickUser[] listSearchUser( UserSearchParameter parameter, int maxCount, long starttime, long endtime ) throws UserAdminException;

/**
 * This method can be used to list search in the transaction log. The result is
 * an array of result arrays with the following columns Time, user, business info,
 * sign info, log text, organisation ID and logonid. 7 columns total.
 * 
 * @param parameters The parameters for the search. The parameters are [User, Component, Text, organisation, logon ID]. 
 *                   At least one of the parameters must be given. If no organisation id is given, only the organisations
 *                   the user can search in will be searched! 
 * @param maxCount The maximum number of rows to return (if <= 0 it will be set to 100)
 * @param starttime The time to start searching for list entries. A value of -1 equals ignoring this value
 * @param endtime The time to stop searching for list entries. A value of -1 equals ignoring this value
 * @return The result of the search
 * @throws UserAdminException If an error occurs during search
 */	
public String[][] listSearchTransactionLog( String []parameters, int maxCount, long starttime, long endtime ) throws UserAdminException;

/**
 * Executes a search in the revision log with the given parameters.
 * 
 * @param logonid Logon ID to search for
 * @param component Component to search for
 * @param text The generated text to search for
 * @param maxCount The maximum number of rows to return (if <= 0 it will be set to 100)
 * @param starttime The time to start searching for list entries. A value of -1 equals ignoring this value
 * @param endtime The time to stop searching for list entries. A value of -1 equals ignoring this value
 * @return The result with the following columns; logtime, loguser, logcomponent, logdetails(text)
 * @throws UserAdminException If an error occurs during search
 */
public String[][] listSearchRevisionLog( String logonid, String component, String text, int maxCount, long starttime, long endtime ) throws UserAdminException;

/**
 * Executes a search in the non-rep log with the given parameters.
 * 
 * @param logonid Logon ID to search for
 * @param status Status text to search for
 * @param tag Tag to search for
 * @param message Message text to search for
 * @param ipaddress IP address to search for
 * @param maxCount The maximum number of rows to return (if <= 0 it will be set to 100)
 * @param starttime The time to start searching for list entries. A value of -1 equals ignoring this value
 * @param endtime The time to stop searching for list entries. A value of -1 equals ignoring this value
 * @return The result with the f.ollowing columns; logtime, loguser, logstatus, logtag, logmessage, clientip
 * @throws UserAdminException If an error occurs during search
 */
public String[][] listSearchNonRepLog( String logonid, String status, String tag, String message, String ipaddress, int maxCount, long starttime, long endtime ) throws UserAdminException;

/**
 * Updates the organisation ID on a user. This method simply calls the 
 * <code>updateUserAttributes</code> method since the organisation ID is
 * a user attribute. It is recommended to use that method to update several 
 * user attributes at the same time.
 * 
 * @param userid The user to update
 * @param organisationid The organisation to update with. (-1 to clear)
 * @throws UserAdminException If an error occurs during update
 */
public void updateUserOrganisation( int userid, int organisationid ) throws UserAdminException;	

/**
 * Updates all users attached to an organisation to be attached
 * to the given profile.
 * The user must be granted the <b>multiprofile.attach</b> ACL in order for
 * this method to be executed. 
 * 
 * @param organisationid The organisation to update 
 * @param profileid The profile to attach to all users in the organisation
 * @return The number of profiles actually attached to users 
 * @throws UserAdminException If some exception occurs during processing
 */
public int attachProfileToOrganisationUsers( int organisationid, int profileid ) throws UserAdminException;	
	
/**
 * Updates all users attached to an organisation to be attached
 * to the given profile.
 * The user must be granted the <b>multiprofile.attach</b> ACL in order for
 * this method to be executed. 
 * 
 * @param organisationid The organisation to update 
 * @param profileid The profile to attach to all users in the organisation
 * @param existingprofile The profile that the users must be assigned to in order to get the new profile
 * @return The number of profiles actually attached to users 
 * @throws UserAdminException If some exception occurs during processing
 */
public int attachProfileToOrganisationUsers( int organisationid, int profileid, int existingprofile ) throws UserAdminException;	
	
/**
 * Updates all users attached to an organisation to be detached
 * from the given profile if the timestamp is later than given. If the
 * timestamp is empty (null) the profil will be detached from all users.
 * The user must be granted the <b>multiprofile.detach</b> ACL in order for
 * this method to be executed. 
 * 
 * @param organisationid The organisation to update 
 * @param profileid The profile to detach from all users in the organisation
 * @param timestamp The timestamp to check for
 * @return The number of profiles actually detached from users 
 * @throws UserAdminException If some exception occurs during processing
 */
public int detachProfileFromOrganisationUsers( int organisationid, int profileid, Date timestamp ) throws UserAdminException;	

/**
 * Used for attaching an additional group to the ACL
 * @param aclname ACL name 
 * @param groups ID of the group to attach to the acl
 * @throws UserAdminException If an error occurs updating data
 */
public void attachGroupToACL( String aclname, int groupId ) throws UserAdminException;

/**
 * Used for detaching a group from an ACL
 * @param aclname ACL name 
 * @param groups ID of the group to detach from the acl
 * @throws UserAdminException If an error occurs updating data
 */
public void detachGroupFromACL( String aclname, int groupId ) throws UserAdminException;



  • No labels