com.caplin.permissioning

Class User

java.lang.Object

com.caplin.permissioning.Permissionable

com.caplin.permissioning.User

public class User
extends Permissionable

Represents a permissioned user that is able to log on to Caplin Trader.

Note: The default password associated with a user is the reserved value Constants.KEYMASTER. The reserved value is not actually a password - it is an indicator that the password is not needed here as it is verified by the Caplin Keymaster. In this case verification of the SSO keymaster token is sufficient to determine that this user is authenticated. See the Caplin Trader Architecture document for more information.

Field Summary

Fields

Modifier and Type	Field and Description
protected java.util.Map<java.lang.String,java.lang.String>	attributes
protected java.lang.String	password
protected SubjectMapper	subjectMapper
protected com.caplin.permissioning.SubjectMappingInfo	subjectMappingInfo

Fields inherited from class com.caplin.permissioning.Permissionable

name, parents, productPermissionSets

Method Summary

Methods

Modifier and Type	Method and Description
void	addSubjectMapping(java.lang.String key, java.util.Map<java.lang.String,java.lang.String> map) Adds subject mappping data for use by a User's SubjectMapper instance.
protected void	createSubjectMapper()
java.lang.String	getAttribute(java.lang.String name) Get an attribute that has been set by an earlier call to setAttribute(String, String).
java.util.Set<java.lang.String>	getAttributeNames() Get the name of every attribute that has been set on this user
java.lang.String	getPassword() Get this User's password.
java.lang.String	getSubjectMapper() Gets the class that implements the SubjectMapper interface for this User.
Authorization	isPermitted(java.lang.String action, java.lang.String requestedProduct, java.lang.String permissionNameSpace) Check if the User is authorised to perform action in that permissionNameSpace on the specified product.
void	removeAllSubjectMappings() Removes all subject mappings for this User, regardless of the method was used to add them.
java.lang.String	removeAttribute(java.lang.String name) Removes the named attribute from this user.
SubjectMapping	removeSubjectMappingForKey(java.lang.String key) Removes the subject mappings identified by the passed in key.
java.lang.String	setAttribute(java.lang.String name, java.lang.String value) Sets an attribute on this user.
void	setPassword(java.lang.String password) Set this User's password.
void	setPasswordKeymaster() Sets this User's password field to indicate that a KeyMaster token (as opposed to a text password) should be used to authenticate this user.
void	setSubjectMapper(java.lang.String subjectMapperClassName) Sets the class that implements the SubjectMapper interface for this User.
java.lang.String	toString() Returns a string representation of User.

Methods inherited from class com.caplin.permissioning.Permissionable

applyPermission, copyPermissions, deny, equals, getName, hashCode, permit, removeAllPermissions, removePermission

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

attributes

protected java.util.Map<java.lang.String,java.lang.String> attributes

password

protected java.lang.String password

subjectMapper

protected SubjectMapper subjectMapper

subjectMappingInfo

protected final com.caplin.permissioning.SubjectMappingInfo subjectMappingInfo

Method Detail

getPassword

public java.lang.String getPassword()

Get this User's password. If the value Constants.KEYMASTER is returned this indicates that this User is authenticated using a KeyMaster token. If any other value is returned it is the actual password text that this User authenticates with the Liberator.

Returns:

The password string.

Throws:

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

setPassword

public void setPassword(java.lang.String password)
                 throws NoTransactionInProgressException

Set this User's password. If the value Constants.KEYMASTER is passed as a parameter it indicates that this User is authenticated using a KeyMaster token. If any other value is passed in it is the actual password text that this User authenticates with in the Liberator. It is recommended that if a KeyMaster token is used then the setPasswordKeymaster() method is used as it is coded to provide the special (reserved) string keymaster to this method.

Note: Only a master PermissioningDataSource can set the User's password.

Parameters:

password - The password string.

Throws:

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction.

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

setPasswordKeymaster

public void setPasswordKeymaster()
                          throws NoTransactionInProgressException

Sets this User's password field to indicate that a KeyMaster token (as opposed to a text password) should be used to authenticate this user.

Throws:

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction.

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

Note: Only a master PermissioningDataSource can set the User's password.

getAttribute

public java.lang.String getAttribute(java.lang.String name)

Get an attribute that has been set by an earlier call to setAttribute(String, String).

Parameters:

name - The name of the attribute to set on this user.

Returns:

The attribute value stored against this name or null if such an named attribute has not been set.

Throws:

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

See Also:

setAttribute(String, String)

setAttribute

public java.lang.String setAttribute(java.lang.String name,
                            java.lang.String value)
                              throws NoTransactionInProgressException,
                                     java.lang.IllegalArgumentException

Sets an attribute on this user. This can be useful, for example, for setting user-level preferences that the GUI can act upon. The internal implementation of attributes is a Map, therefore if you call this method with the same name parameter twice, the second value overwrites the first set call.

Parameters:

name - The name of the attribute to set on this user.

value - The value of the attribute to set on this user.

Returns:

The previous value of this attribute, or null if this is the first time this attribute has been set.

Throws:

java.lang.IllegalArgumentException - if either or both of the parameters passed to this method are null.

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction.

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

isPermitted

public Authorization isPermitted(java.lang.String action,
                        java.lang.String requestedProduct,
                        java.lang.String permissionNameSpace)

Check if the User is authorised to perform action in that permissionNameSpace on the specified product. This method checks the Users own permissions and also any inherited permissions from recursively checked parent groups.

Parameters:

action - The action the user is attempting to perform on the specified product.

requestedProduct - The item to check for action on.

permissionNameSpace - The permissionNameSpace to check for the attempted action.

Returns:

the authorisation code representing if this User is permitted to perform the operation described by the parameters to this method.

Throws:

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

addSubjectMapping

public void addSubjectMapping(java.lang.String key,
                     java.util.Map<java.lang.String,java.lang.String> map)

Adds subject mappping data for use by a User's SubjectMapper instance. The data is stored in the User and sent to the Auth Module where it will be applied to the SubjectMapper instance using its updateMappings method.

Parameters:

key - The key associated with the subject mappings.

map - The subject mappings.

Throws:

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction.

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

getAttributeNames

public java.util.Set<java.lang.String> getAttributeNames()

Get the name of every attribute that has been set on this user

Returns:

The set of attribute names for this user.

Throws:

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

removeAttribute

public java.lang.String removeAttribute(java.lang.String name)
                                 throws NoTransactionInProgressException,
                                        java.lang.IllegalArgumentException

Removes the named attribute from this user. Calling getAttribute(java.lang.String) after this method has been called using the same attributeName will return null. The attributeName will no longer be present in the set of attribute names return by getAttributeNames().

This method cannot be used to unset a password attribute. The setPassword(String) or setPasswordKeymaster() methods must be used to change this User's password.

Parameters:

name - The name of the attribute to to be removed from this User's set of attrbutes.

Returns:

The previous value of this attribute, or null if this attribute has not been set.

Throws:

java.lang.IllegalArgumentException - if the parameter passed to this method is null or identifies the password attribute.

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

removeSubjectMappingForKey

public SubjectMapping removeSubjectMappingForKey(java.lang.String key)

Removes the subject mappings identified by the passed in key. This method only removes the subject mappings if they were added using addSubjectMapping(String, Map).

Returns:

The removed subject mappings, or null if no mappings were removed.

Throws:

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

removeAllSubjectMappings

public void removeAllSubjectMappings()

Removes all subject mappings for this User, regardless of the method was used to add them.

Throws:

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

setSubjectMapper

public void setSubjectMapper(java.lang.String subjectMapperClassName)

Sets the class that implements the SubjectMapper interface for this User. The implementation of this interface must be available to the Auth Module at the Libertor but does not need to be available to the PermissioningDataSource. If you do not set a class, then the Auth Module will use the default SubjectMapper to determine the subject mappings for this User.

Parameters:

subjectMapperClassName - The fully qualified name of the class that implements theSubjectMapper interface.

Throws:

NoTransactionInProgressException - if this method is called outside the scope of a PermissioningDataSource transaction.

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

getSubjectMapper

public java.lang.String getSubjectMapper()

Gets the class that implements the SubjectMapper interface for this User.

Returns:

The fully qualified name of the class that implements the SubjectMapper interface. If a class was not set using setSubjectMapper(String), then the returned name will be for the default SubjectMapper.

Throws:

java.lang.IllegalStateException - if this User was removed from the PermissioningDatasource.

createSubjectMapper

protected void createSubjectMapper()

toString

public java.lang.String toString()

Returns a string representation of User.

Overrides:

toString in class java.lang.Object

Returns:

A string of the form "User[name,password, permissions, subjectMapping, attributes, parents]".