com.ecyrd.jspwiki.auth
Class UserManager

java.lang.Object
  extended by com.ecyrd.jspwiki.auth.UserManager

public class UserManager
extends Object

Provides a facade for user and group information.

Since:
2.3
Version:
$Revision: 1.45 $ $Date: 2006/05/20 23:56:17 $
Author:
Janne Jalkanen

Nested Class Summary
 class UserManager.DummyGroupManager
          Implements a simple GroupManager which does not simply manage any groups.
 class UserManager.DummyUserDatabase
          This is a database that gets used if nothing else is available.
 
Constructor Summary
UserManager()
          Constructs a new UserManager instance.
 
Method Summary
 GroupManager getGroupManager()
          Returns the GroupManager employed by this WikiEngine.
 UserDatabase getUserDatabase()
          Returns the UserDatabase employed by this WikiEngine.
 UserProfile getUserProfile(WikiSession session)
          Retrieves the UserProfilefor the user in a wiki session.
 void initialize(WikiEngine engine, Properties props)
          Initializes the engine for its nefarious purposes.
 UserProfile parseProfile(WikiContext context)
           Extracts user profile parameters from the HTTP request and populates a UserProfile with them.
 void setUserProfile(WikiSession session, UserProfile profile)
          Saves the UserProfilefor the user in a wiki session.
 void validateProfile(WikiContext context, UserProfile profile)
          Validates a user profile, and appends any errors to the session errors list.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UserManager

public UserManager()
Constructs a new UserManager instance.

Method Detail

initialize

public void initialize(WikiEngine engine,
                       Properties props)
Initializes the engine for its nefarious purposes.

Parameters:
engine - the current wiki engine
props - the wiki engine initialization properties

getGroupManager

public GroupManager getGroupManager()
Returns the GroupManager employed by this WikiEngine. The GroupManager is lazily initialized.

Since:
2.3

getUserDatabase

public UserDatabase getUserDatabase()
Returns the UserDatabase employed by this WikiEngine. The UserDatabase is lazily initialized by this method, if it does not exist yet. If the initialization fails, this method will use the inner class DummyUserDatabase as a default (which is enough to get JSPWiki running).

Since:
2.3

getUserProfile

public UserProfile getUserProfile(WikiSession session)
Retrieves the UserProfilefor the user in a wiki session. If the user is authenticated, the UserProfile returned will be the one stored in the user database; if one does not exist, a new one will be initialized and returned. If the user is anonymous or asserted, the UserProfile will always be newly initialized to prevent spoofing of identities. If a UserProfile needs to be initialized, its UserProfile.isNew() method will return true, and its login name will will be set automatically if the user is authenticated. Note that this method does not modify the retrieved (or newly created) profile otherwise; other fields in the user profile may be null.

Parameters:
session - the wiki session, which may not be null
Returns:
the user's profile, which will be newly initialized if the user is anonymous or asserted, or if the user cannot be found in the user database
Throws:
WikiSecurityException - if the database returns an exception
IllegalStateException - if a new UserProfile was created, but its UserProfile.isNew() method returns false. This is meant as a quality check for UserDatabase providers; it should only be thrown if the implementation is faulty.

setUserProfile

public void setUserProfile(WikiSession session,
                           UserProfile profile)
                    throws WikiSecurityException,
                           DuplicateUserException
Saves the UserProfilefor the user in a wiki session. This method verifies that a user profile to be saved doesn't collide with existing profiles; that is, the login name, wiki name or full name is already used by another profile. If the profile collides, a DuplicateUserException is thrown. After saving the profile, the user database changes are committed, and the user's credential set is refreshed; if custom authentication is used, this means the user will be automatically be logged in.

Parameters:
session - the wiki session, which may not be null
profile - the user profile, which may not be null
Throws:
WikiSecurityException
DuplicateUserException

parseProfile

public UserProfile parseProfile(WikiContext context)

Extracts user profile parameters from the HTTP request and populates a UserProfile with them. The UserProfile will either be a copy of the user's existing profile (if one can be found), or a new profile (if not). The rules for populating the profile as as follows:

Parameters:
context - the current wiki context
Returns:
a new, populated user profile

validateProfile

public void validateProfile(WikiContext context,
                            UserProfile profile)
Validates a user profile, and appends any errors to the session errors list. If the profile is new, the password will be checked to make sure it isn't null. Otherwise, the password is checked for length and that it matches the value of the 'password2' HTTP parameter. Note that we have a special case when container-managed authentication is used and the user is not authenticated; this will always cause validation to fail. Any validation errors are added to the wiki session's messages collection (see WikiSession.getMessages().

Parameters:
context - the current wiki context
profile - the supplied UserProfile