Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.sap.security.api
Interface IUserAccount

All Superinterfaces:
IPrincipal, IPrincipalMaint, java.io.Serializable
public interface IUserAccount
extends IPrincipalMaint

Title: Interface to get and set user account data Description: Copyright: Copyright (c) 2001 Company: SAPMarkets, Inc Note : get methods returning an object may return null if a valid value is not available unless specified otherwise in the respective method description.

Version:
1.1

Field Summary
static int LOCKED_AUTO
           
static int LOCKED_BY_ADMIN
           
static int LOCKED_NO
           
 
Fields inherited from interface com.sap.security.api.IPrincipal
BYTE_TYPE, DEFAULT_NAMESPACE, DEFAULT_RELATION_NAMESPACE, DESCRIPTION, DISPLAYNAME, PRINCIPAL_CREATION_DATE, PRINCIPAL_MODIFY_DATE, PRINCIPAL_RELATION_MEMBER_ATTRIBUTE, PRINCIPAL_RELATION_PARENT_ATTRIBUTE, STRING_TYPE, TRANSIENT_NAMESPACE, UNIQUE_NAME, VERSIONSTRING
 
Method Summary
 void addToGroup(java.lang.String uniqueIdOfGroup)
          Deprecated. use IUserMaint.addToGroup(String) instead
 void addToRole(java.lang.String uniqueIdOfRole)
          Deprecated. use IUserMaint.addToRole(String) instead
 boolean checkPassword(java.lang.String pass)
          compares the stored password with the input password
 java.util.Date created()
          returns the creation date of this user account
 void deleteCertificates(java.security.cert.X509Certificate[] certificate)
          Deletes the user's certificate
 IUser getAssignedUser()
          get the user that belongs to this account
 java.lang.String getAssignedUserID()
          Gets the unique id of the user which is assigned to this account.
 java.security.cert.X509Certificate[] getCertificates()
          Returns the user's certificates
 int getFailedLogonAttempts()
          get number of failed logon attempts.
 java.lang.String getHashedPassword()
           
 java.util.Date getLastFailedLogonDate()
          get last failed logon time
 java.util.Date getLastPasswordChangedDate()
          Gets the LastPasswordChangedDate attribute of the IUserAccount object
 java.util.Date getLastSuccessfulLogonDate()
          get last sucessful logon date
 int getLockReason()
          Returns the reason code for account lock.
 java.lang.String getLogonUid()
          get logon uid (long uid)
 java.util.Iterator getParentGroups(boolean recursive)
          Gets the list of all parent principals including parents, grandparents, ...
 java.util.Date getPreviousSuccessfulLogonDate()
          get previous sucessful logon date
 java.util.Iterator getRoles(boolean recursive)
          Gets the list of all assigned roles of this principal including parent groups, grandparent groups,...
 int getSuccessfulLogonCounts()
          get number of successful logon attempts
 java.util.Date getValidFromDate()
          get valid from date
 java.util.Date getValidToDate()
          get valid to date
 void incrementFailedLogonAttempts()
          set the number of failed logon attemps by a parameter
 void incrementSuccessfulLogonCounts()
          increase the number of logon counts by 1
 boolean isLocked()
          Gets the Locked attribute of the IUserAccount object
 boolean isMemberOfGroup(java.lang.String uniqueIdOfGroup, boolean recursive)
          Checks if the principal belongs to the passed groupId
 boolean isMemberOfRole(java.lang.String roleId, boolean recursive)
          Checks if the principal belongs to the passed roleId This method does a recursive search, so if this principal belongs to a collection which is a member of this collection, true is returned.
 boolean isPasswordChangeRequired()
          indicator the need of force change password on next logon default: false if true, user need to change logon password on next logon
 java.util.Date lastModified()
          returns the last modification date of this user account
 java.util.Date lockDate()
          returns lock date
 void removeFromGroup(java.lang.String uniqueIdOfGroup)
          Deprecated. use IUserMaint.removeFromGroup(String) instead
 void removeFromRole(java.lang.String uniqueIdOfRole)
          Deprecated. use IUserMaint.removeFromRole(String) instead
 void resetFailedLogonAttempts()
          Description of the Method
 void setCertificates(java.security.cert.X509Certificate[] certificate)
          Stores the user's certificate and creates a mapping
 void setFailedLogonAttempts(int i)
          increase the number of failed logon attempts by 1
 void setLastFailedLogonDate(java.util.Date timeStamp)
          set last logon time
 void setLastLogoutDate(java.util.Date timeStamp)
          set last logout date
 void setLastSuccessfulLogonDate(java.util.Date timeStamp)
          set last successful logon date
 void setLocked(boolean lock, int reason)
          Sets the locked attribute of the IUserAccount object
 void setPassword(java.lang.String pass)
          Changes user password to newpass.
 void setPassword(java.lang.String oldpass, java.lang.String newpass)
          Changes user password from oldpass to newpass.
 void setPasswordChangeRequired(boolean chng)
          Sets the PasswordChangeRequired attribute of the IUserAccount object.
 void setSuccessfulLogonCounts(int i)
          Sets the SuccessfulLogonCounts attribute of the IUserAccount object
 void setValidFromDate(java.util.Date date)
          Sets the ValidFromDate attribute of the IUserAccount object
 void setValidToDate(java.util.Date date)
          Sets the ValidToDate attribute of the IUserAccount object
 
Methods inherited from interface com.sap.security.api.IPrincipalMaint
commit, isModified, rollback, save, setAttribute, setBinaryAttribute, setDisplayName
 
Methods inherited from interface com.sap.security.api.IPrincipal
equals, getAttribute, getAttributeNames, getAttributeNamespaces, getAttributeType, getBinaryAttribute, getDisplayName, getParents, getUniqueID, hashCode, isExistenceChecked, isMutable, refresh
 

Field Detail

LOCKED_NO

public static final int LOCKED_NO

LOCKED_AUTO

public static final int LOCKED_AUTO

LOCKED_BY_ADMIN

public static final int LOCKED_BY_ADMIN
Method Detail

getLogonUid

public java.lang.String getLogonUid()
get logon uid (long uid)
Returns:
The LogonUid value

getValidFromDate

public java.util.Date getValidFromDate()
get valid from date
Returns:
The ValidFromDate value

setValidFromDate

public void setValidFromDate(java.util.Date date)
Sets the ValidFromDate attribute of the IUserAccount object
Parameters:
date - The new ValidFromDate value

getValidToDate

public java.util.Date getValidToDate()
get valid to date
Returns:
The ValidToDate value

getAssignedUser

public IUser getAssignedUser()
                      throws UMException
get the user that belongs to this account
Returns:
The user

setValidToDate

public void setValidToDate(java.util.Date date)
Sets the ValidToDate attribute of the IUserAccount object
Parameters:
date - The new ValidToDate value

isLocked

public boolean isLocked()
Gets the Locked attribute of the IUserAccount object
Returns:
true if the user account is locked

setLocked

public void setLocked(boolean lock,
                      int reason)
Sets the locked attribute of the IUserAccount object
Parameters:
lock - the lock value
reason - specifies the lock reason

getLockReason

public int getLockReason()
Returns the reason code for account lock.
Returns:
IUserAccount.LOCKED_NO - not locked, IUserAccount.LOCKED_BY_ADMIN - locked by admin, IUserAccount.LOCKED_AUTO - locked due to number of failed attempts.

getLastFailedLogonDate

public java.util.Date getLastFailedLogonDate()
get last failed logon time
Returns:
The LastFailedLogonDate value

setLastFailedLogonDate

public void setLastFailedLogonDate(java.util.Date timeStamp)
set last logon time
Parameters:
timeStamp - The new LastFailedLogonDate value

getFailedLogonAttempts

public int getFailedLogonAttempts()
get number of failed logon attempts.
Returns:
The FailedLogonAttempts value

setFailedLogonAttempts

public void setFailedLogonAttempts(int i)
increase the number of failed logon attempts by 1
Parameters:
i - The new FailedLogonAttempts value

incrementFailedLogonAttempts

public void incrementFailedLogonAttempts()
set the number of failed logon attemps by a parameter

resetFailedLogonAttempts

public void resetFailedLogonAttempts()
Description of the Method

getLastSuccessfulLogonDate

public java.util.Date getLastSuccessfulLogonDate()
get last sucessful logon date
Returns:
The LastSuccessfulLogonDate value

setLastSuccessfulLogonDate

public void setLastSuccessfulLogonDate(java.util.Date timeStamp)
set last successful logon date
Parameters:
timeStamp - The new LastSuccessfulLogonDate value

getSuccessfulLogonCounts

public int getSuccessfulLogonCounts()
get number of successful logon attempts
Returns:
The SuccessfulLogonCounts value

incrementSuccessfulLogonCounts

public void incrementSuccessfulLogonCounts()
increase the number of logon counts by 1

setSuccessfulLogonCounts

public void setSuccessfulLogonCounts(int i)
Sets the SuccessfulLogonCounts attribute of the IUserAccount object
Parameters:
i - The new SuccessfulLogonCounts value

isPasswordChangeRequired

public boolean isPasswordChangeRequired()
indicator the need of force change password on next logon default: false if true, user need to change logon password on next logon
Returns:
The PasswordChangeRequired value

getLastPasswordChangedDate

public java.util.Date getLastPasswordChangedDate()
Gets the LastPasswordChangedDate attribute of the IUserAccount object
Returns:
The LastPasswordChangedDate value

setPasswordChangeRequired

public void setPasswordChangeRequired(boolean chng)
Sets the PasswordChangeRequired attribute of the IUserAccount object.

Note: IUserAccount.commit() may raise UMException for SAP System user with following exception text:

Attribute com.sap.security.core.usermanagement|->passwordchangerequired can only be modified by changing or resetting the password if any datasource of class com.sap.security.core.persistence.datasource.imp.R3Persistence is responsible for writing it.

The exception may be raised in following cases

  1. if it is used without using setPassword(String, String) or setPassword(String) in the same IPrincipalMaint.commit() transaction.
  2. if following combination of setPasswordChangeRequired and setPassword(...) is used:
Parameters:
chng - The new PasswordChangeRequired value

setPassword

public void setPassword(java.lang.String pass)
                 throws InvalidPasswordException
Changes user password to newpass. There is no need to know the old password. This change of password will force the user to change the password on a subsequent logon. This is used mainly by the administrator during resetting a password or adding an user, as opposed to the user changing the password him/herself.
Parameters:
pass - The new Password value

setPassword

public void setPassword(java.lang.String oldpass,
                        java.lang.String newpass)
                 throws InvalidPasswordException
Changes user password from oldpass to newpass. The oldpass is validated first, then the newpass is set for the user account. This change of password will not force user to change the password again on a subsequent logon. This is used mainly when the user changes the password him/herself, as opposed to the administrator changing or resetting the password for the user. Other situation when this is used is when the password expired and the user is forced to change the password.
Parameters:
oldpass - The new Password value
newpass - The new Password value

getCertificates

public java.security.cert.X509Certificate[] getCertificates()
                                                     throws java.security.cert.CertificateException,
                                                            UMException
Returns the user's certificates
Returns:
certificate array of allowed certificates or null if the user doesn't have certificates
Throws:
java.security.cert.CertificateException - Description of Exception
UMException - UMException is thrown is getCertificates operation is failed for some reason

setCertificates

public void setCertificates(java.security.cert.X509Certificate[] certificate)
                     throws java.security.cert.CertificateException,
                            UMException
Stores the user's certificate and creates a mapping
Parameters:
certificate - array of allowed certifiates, pass null to remove existing mapping
Throws:
java.security.cert.CertificateException - Description of Exception
UMException - UMException is thrown is setCertificates operation is failed for some reason

deleteCertificates

public void deleteCertificates(java.security.cert.X509Certificate[] certificate)
                        throws java.security.cert.CertificateException,
                               UMException
Deletes the user's certificate
Parameters:
certificate - array of allowed certifiates, pass null to remove existing mapping
Throws:
java.security.cert.CertificateException - Description of Exception
UMException - UMException is thrown is setCertificates operation is failed for some reason

checkPassword

public boolean checkPassword(java.lang.String pass)
compares the stored password with the input password
Parameters:
pass - Password string
Returns:
true if match , false otherwise

created

public java.util.Date created()
returns the creation date of this user account
Specified by:
created in interface IPrincipal
Following copied from interface: com.sap.security.api.IPrincipal
Returns:
a Date object or null if creation date is not available

lastModified

public java.util.Date lastModified()
returns the last modification date of this user account
Specified by:
lastModified in interface IPrincipal
Following copied from interface: com.sap.security.api.IPrincipal
Returns:
a Date object or null if last modification date is not available

lockDate

public java.util.Date lockDate()
returns lock date

getHashedPassword

public java.lang.String getHashedPassword()
                                   throws UMException
Returns:
hashedPassword as string or null
Throws:
FeatureNotAvailableException - if feature is not implemented

setLastLogoutDate

public void setLastLogoutDate(java.util.Date timeStamp)
set last logout date
Parameters:
timeStamp - The new LastSuccessfulLogonDate value if timeStamp is null a new Date object will be allocated and measured to the nearest millisecond.

getPreviousSuccessfulLogonDate

public java.util.Date getPreviousSuccessfulLogonDate()
get previous sucessful logon date
Returns:
The PreviousSuccessfulLogonDate value

getRoles

public java.util.Iterator getRoles(boolean recursive)
Gets the list of all assigned roles of this principal including parent groups, grandparent groups,...
Parameters:
recursive - if true returns all parent roles
Returns:
all roles for this principal

getParentGroups

public java.util.Iterator getParentGroups(boolean recursive)
Gets the list of all parent principals including parents, grandparents, ...
Returns:
all parent principals of this collection

isMemberOfRole

public boolean isMemberOfRole(java.lang.String roleId,
                              boolean recursive)
Checks if the principal belongs to the passed roleId This method does a recursive search, so if this principal belongs to a collection which is a member of this collection, true is returned. returns true if the principal is directly or indirectly (via role membership) assigned.
Parameters:
parentId - the ID of the collection

isMemberOfGroup

public boolean isMemberOfGroup(java.lang.String uniqueIdOfGroup,
                               boolean recursive)
Checks if the principal belongs to the passed groupId
Parameters:
uniqueIdOfGroup - the ID of the group
recursive. - This method does a recursive search, so if this principal belongs to a collection which is a member of this collection, true is returned. returns true if the principal is directly or indirectly (via role membership) assigned.
Returns:
true if this account is member of the specified group

addToGroup

public void addToGroup(java.lang.String uniqueIdOfGroup)
                throws UMException
Deprecated. use IUserMaint.addToGroup(String) instead

Assign this principal to the parent-group with id
Parameters:
uniqueIdOfGroup - id of the group
Throws:
UMException -  

removeFromGroup

public void removeFromGroup(java.lang.String uniqueIdOfGroup)
                     throws UMException
Deprecated. use IUserMaint.removeFromGroup(String) instead

Unassign this principal from the parent-group with id
Parameters:
uniqueIdOfGroup - id of the parent group
Throws:
UMException -  

addToRole

public void addToRole(java.lang.String uniqueIdOfRole)
               throws UMException
Deprecated. use IUserMaint.addToRole(String) instead

Assign this principal to the role with uniqueIdOfRole
Parameters:
uniqueIdOfRole - id of the role
Throws:
UMException -  

removeFromRole

public void removeFromRole(java.lang.String uniqueIdOfRole)
                    throws UMException
Deprecated. use IUserMaint.removeFromRole(String) instead

Unassign this principal from role with id
Parameters:
uniqueIdOfRole - id of the role
Throws:
UMException -  

getAssignedUserID

public java.lang.String getAssignedUserID()
Gets the unique id of the user which is assigned to this account. If no user is assigned to this account, null is returned.
Returns:
The unique id of the user or null
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright © 2002 SAP AG All Rights Reserved.