*** This interface provides Binary Compatibility only, not Source Compatibility ***

com.sas.services.user
Interface UserContextInterface

All Superinterfaces:

com.sas.metadata.remote.CredentialResolver, java.rmi.Remote

All Known Implementing Classes:

UserContext

@SASScope(value="ALL")
@BinaryCompatibilityOnly
public interface UserContextInterface
extends com.sas.metadata.remote.CredentialResolver

The UserContextInterface provides a mechanism for maintaining information about a user entity. The user authentication identities, and access to the user profile are provided from here, as well as a list of repositories that the user is connected to.

Since:

1.0

Field Summary

static java.lang.String	IDPROPAGATION_SSPI Name of SSPI ID propagation mechanism.
static java.lang.String	IDPROPAGATION_TRUSTED_PEER Name of Trusted Peer ID propagation mechanism.
static java.lang.String	INTERNAL_AUTH_DOMAIN The internal authentication domain that will be set on an identity if the resolved domain matches the internal authenticator domain from the server.
static java.lang.String	SHAREDRESOURCEKEY_ENVIRONMENT Key for an environment object in the shared resource map.
static java.lang.String	SHAREDRESOURCEKEY_SERVICEID

Method Summary

abstract void	addException(java.lang.Exception exception) Add an exception to the list.
abstract void	addIdentity(UserIdentityInterface identity) Add an identity to the context.
abstract void	addRepository(java.lang.Object repository) Add a repository to this user context.
abstract void	addRepositoryGroup(RepositoryGroup group) Add a repository group to this UserContext.
abstract void	addServer(ServerInterface server) Add a server to the list that this user is connected to.
abstract void	addUserIdentityListener(UserIdentityListener listener)
abstract boolean	authenticate() Authenticate a user based on their current OS identity.
abstract boolean	authenticate(UserIdentityInterface ident, java.util.Map options) Authenticates a user identity.
abstract void	clearExceptions() Clear the exception list.
abstract void	destroy() Destroy the user context.
abstract void	enableLocalAdminMode(java.lang.String authDomain) This sets up a special case where an administrative user with an internal account is used to authenticate a user.
abstract java.util.List	getActions(java.lang.String appName) Get a List of actions associated with an application that this user can perform.
abstract java.util.List	getActions(java.lang.String appName, boolean onlyGrantedActions) Get a List of actions associated with an application.
abstract java.lang.String	getAppSource() Get the name of the application that initiated the login request for this UserContext.
abstract RepositoryInterface	getAuthRepository() Deprecated. Use getAuthServer instead.
abstract java.lang.String	getAuthRepositoryName() Deprecated. Use getAuthServerName instead.
abstract ServerInterface	getAuthServer() Get a handle to the metadata server the user authenticated against.
abstract java.lang.String	getAuthServerName() Get the definition name of the server the user authenticated against.
abstract RemoteCallbackHandler	getChallengeCallbackHandler() Get the object that will handle credential challenge callbacks.
abstract java.lang.String	getClientSource() Get the client location idetifier where the login request originated.
abstract java.lang.String	getDescription() Get the common description for this user.
abstract java.lang.Exception[]	getExceptions() Get an array of exceptions that have occurred since the last time they were cleared.
abstract java.util.Map<java.lang.String,com.sas.services.security.ApplicationAuthorization>	getGrantedApplicationActions(java.lang.String... applicationName) Returns a map of actions granted to the user for the specified application(s).
abstract java.util.List	getGroups() Get a List of the groups this user is a member of.
abstract java.util.List	getIdentities() Get an iterator of UserIdentityInterface objects that represent the currently available authentication identities for the user.
abstract java.util.List	getIdentitiesByDomain(java.lang.String domain, boolean issueChallenge, java.lang.String challengePrompt) This method returns a list of all the credential sets that are available for the requested domain.
abstract UserIdentityInterface	getIdentityByDomain(java.lang.String domain) Get an authentication identity for the given domain.
abstract UserIdentityInterface	getIdentityByDomain(java.lang.String domain, boolean issueChallenge) Get an identity by domain.
abstract UserIdentityInterface	getIdentityByDomain(java.lang.String domain, boolean issueChallenge, java.lang.String challengePrompt) Get an identity by domain.
abstract java.lang.String	getIDPropagation() If the UserContext was authenticated using an ID propagation mechanism such as SSPI, the name of the ID propagation mechanism is returned.
abstract java.lang.String	getKey() Get the user key.
abstract java.util.Locale	getLocale() Get the locale for this user.
abstract LoginCallbackHandler	getLoginCallback() Get the callback handler.
abstract long	getLoginTime() Get the timestamp when the user was authenticated.
abstract java.lang.String	getName() Get the name of this user.
abstract IdentityInterface	getPerson() Return the IdentityInterface object that represents this user.
abstract java.lang.String	getPersonFQID() Get the FQID of the authenticated Identity.
abstract java.util.Set	getPrincipals() Gets the set of principals.
abstract java.util.Set	getPrivateCredentials() Gets the set of private credentials.
abstract ProfileInterface	getProfile() Get the user's profile set.
abstract java.util.Set	getPublicCredentials() Gets the set of public credentials.
abstract java.util.List	getRepositories() Get a List of the repositories this user is connected to.
abstract RepositoryInterface	getRepository(java.lang.String name) Get a repository based on the name.
abstract RepositoryGroup	getRepositoryGroup(java.lang.String name) Get a repository group from this UserContext.
abstract java.lang.String	getResolvedUserId() Return the metadata server resolved user id.
abstract java.util.List	getRoles() Get a List of the roles this user is a member of.
abstract ServerInterface	getServer(java.lang.String name) Get a specific named Information Service server from this user.
abstract java.util.List	getServers() Get a List of the servers this user is connected to.
abstract SessionContextInterface	getSessionContext() Get the session context for this user.
abstract java.lang.Object	getSharedResource(java.lang.String key) Get an object from the shared resource map.
abstract java.lang.String	getUniqueId() Returns a unique identifier for this object.
abstract boolean	hasCapability(java.lang.String appName, java.lang.String action) Check whether this user has the capability to perform a specific action for a particular application.
abstract boolean	isDestroyed() Return true if this User Context has been destroyed, or is in the process of being destroyed.
abstract boolean	isInAnyGroup(java.util.List groupList) Check whether the user is a member of any of the groups in the list.
abstract boolean	isInAnyRole(java.util.List roleList) Check whether the user is a member of any of the roles in the list.
abstract boolean	isInGroup(java.lang.String group) Check whether the user is a member of a given group.
abstract boolean	isInRole(java.lang.String role) Check whether the user is a member of a given role.
abstract boolean	isInternalUser() Return a boolean indicating if this user was created using an internal userid.
abstract java.lang.Object	putSharedResource(java.lang.String key, java.lang.Object value) Put an object into the shared resource map.
abstract void	refreshRepositoryData() Refresh all of the data that's been retrieved using the Information Service during the life of this UserContext.
abstract void	removeIdentity(UserIdentityInterface identity) Remove an identity from the context.
abstract void	removeRepository(java.lang.Object repository) Remove a repository from this context.
abstract void	removeRepositoryGroup(RepositoryGroup group) Remove a repository group from this UserContext.
abstract void	removeServer(ServerInterface server) Remove a server from the list that this user is currently connected to.
abstract void	setAppSource(java.lang.String source) Set the application source identifier that initiated the logon request for this UserContext.
abstract void	setChallengeCallbackHandler(RemoteCallbackHandler handler) Set the object that will be used to handle credential challenge callbacks.
abstract void	setClientSource(java.lang.String source) Set the source location identifier for this UserContext.
abstract void	setKey(java.lang.String key) Set the user key.
abstract void	setLocale(java.util.Locale locale) Set the locale to use for this user session.
abstract void	setName(java.lang.String name) Set the name of the user.
abstract void	setPerson(IdentityInterface identity) This method gets called by UserService as part of the UserContext initialization.
abstract void	setSessionContext(SessionContextInterface session) Set the session context that this user context will use for logging, etc.
abstract byte[]	toByteArray()

Field Detail

SHAREDRESOURCEKEY_ENVIRONMENT

static final java.lang.String SHAREDRESOURCEKEY_ENVIRONMENT

Key for an environment object in the shared resource map. An environment object encapsulates resources provided by the container.

See Also:

getSharedResource(String), putSharedResource(String, Object), Constant Field Values

SHAREDRESOURCEKEY_SERVICEID

static final java.lang.String SHAREDRESOURCEKEY_SERVICEID

See Also:

Constant Field Values

IDPROPAGATION_SSPI

static final java.lang.String IDPROPAGATION_SSPI

Name of SSPI ID propagation mechanism.

See Also:

getIDPropagation(), Constant Field Values

IDPROPAGATION_TRUSTED_PEER

static final java.lang.String IDPROPAGATION_TRUSTED_PEER

Name of Trusted Peer ID propagation mechanism.

See Also:

getIDPropagation(), Constant Field Values

INTERNAL_AUTH_DOMAIN

static final java.lang.String INTERNAL_AUTH_DOMAIN

The internal authentication domain that will be set on an identity if the resolved domain matches the internal authenticator domain from the server.

See Also:

Constant Field Values

Method Detail

setSessionContext

void setSessionContext(SessionContextInterface session)
                       throws java.rmi.RemoteException

Set the session context that this user context will use for logging, etc.

Parameters:

session - The session context.

Throws:

java.rmi.RemoteException - in the event of network failure.

getSessionContext

SessionContextInterface getSessionContext()
                                          throws java.rmi.RemoteException

Get the session context for this user.

Returns:

The session context.

Throws:

java.rmi.RemoteException - in the event of network failure.

getPersonFQID

java.lang.String getPersonFQID()
                               throws java.rmi.RemoteException

Get the FQID of the authenticated Identity. This may actually be a Person or an IdentityGroup, if group logins are enabled.

Returns:

The FQID of the authenticated user.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

getName

java.lang.String getName()
                         throws java.rmi.RemoteException

Get the name of this user. The name can be any String which represents the entity. This may be set by the application, or by a login module, if it can determine the name during the authentication process.

Returns:

The user name;

Throws:

java.rmi.RemoteException - in the event of network problems.

setName

void setName(java.lang.String name)
             throws java.rmi.RemoteException

Set the name of the user. The name can be any String which represents the user. It should be the name by which the user is commonly known.

Parameters:

name - The user name.

Throws:

java.rmi.RemoteException - in the event of network problems.

getDescription

java.lang.String getDescription()
                                throws java.rmi.RemoteException

Get the common description for this user. This should come from the repository that the user's global profile is defined in. As a fallback, it will get the description from the primary authentication repository (in case they're different).

Returns:

A String with a description of the user.

Throws:

java.rmi.RemoteException - in the event of remote object failure.

getKey

java.lang.String getKey()
                        throws java.rmi.RemoteException

Get the user key. This is probably a user ID, a UUID, or some other unique identitfier for this user. Since names aren't always unique, this is necessary to uniquely locate a user context from the user service.

Returns:

A unique identifier for this user.

Throws:

java.rmi.RemoteException - in the event of network problems.

setKey

void setKey(java.lang.String key)
            throws java.rmi.RemoteException

Set the user key. This should be unique within the context of the user service. If this isn't set, the name is used to store this user with the UserServices, which may cause conflicts. Setting this before adding to the UserService is strongly recommended.

Parameters:

key - The key that identifies this user.

Throws:

java.rmi.RemoteException - in the event of network problems.

getClientSource

java.lang.String getClientSource()
                                 throws java.rmi.RemoteException

Get the client location idetifier where the login request originated.

Returns:

The client identifier (usually a TCP/IP address) where the login request originated for this UserContext.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

setClientSource

void setClientSource(java.lang.String source)
                     throws java.rmi.RemoteException

Set the source location identifier for this UserContext.

Parameters:

source - The source location identifier (usually a TCP/IP address).

Throws:

java.rmi.RemoteException - In the event of remote object failure.

getAppSource

java.lang.String getAppSource()
                              throws java.rmi.RemoteException

Get the name of the application that initiated the login request for this UserContext.

Returns:

The application source identifier.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

setAppSource

void setAppSource(java.lang.String source)
                  throws java.rmi.RemoteException

Set the application source identifier that initiated the logon request for this UserContext.

Parameters:

source - The application source that requested the creation of the UserContext. This is usualy either the main Java class name, or an identifiable application name.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

getIDPropagation

java.lang.String getIDPropagation()
                                  throws ServiceException,
                                         java.rmi.RemoteException

If the UserContext was authenticated using an ID propagation mechanism such as SSPI, the name of the ID propagation mechanism is returned. Otherwise, null is returned

Returns:

the name of the ID propagation mechanism used to authenticate this UserContext, if any.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

See Also:

IDPROPAGATION_SSPI, IDPROPAGATION_TRUSTED_PEER

addIdentity

void addIdentity(UserIdentityInterface identity)
                 throws java.rmi.RemoteException

Add an identity to the context. Identities are credential sets used to authenticate a user to a specific security domain. The UserService can be used to create a new identity, or to look up indentities that may be stored in a repository.

Parameters:

identity - The new identity for this user.

Throws:

java.rmi.RemoteException - in the event of network problems.

removeIdentity

void removeIdentity(UserIdentityInterface identity)
                    throws java.rmi.RemoteException

Remove an identity from the context.

Parameters:

identity - The identity to remove.

Throws:

java.rmi.RemoteException - In the event of network object failure.

getIdentities

java.util.List getIdentities()
                             throws java.rmi.RemoteException

Get an iterator of UserIdentityInterface objects that represent the currently available authentication identities for the user. If the current user (as set by a call to Subject.doAs() ) is different from the Subject in the local LoginContext, the user must have the CredentialPermission "readCredential" granted to perform this operation.

Returns:

An Iterator of UserIdentityInterface objects.

Throws:

java.rmi.RemoteException - in the event of network problems.

getIdentityByDomain

UserIdentityInterface getIdentityByDomain(java.lang.String domain)
                                          throws java.rmi.RemoteException

Get an authentication identity for the given domain. If the current user (as set by a call to Subject.doAs() ) is different from the Subject in the local LoginContext, the user must have the CredentialPermission "readCredential" granted to perform this operation.

Parameters:

domain - The domain for which to retrieve an identity.

Returns:

The user identity, or null if none is found.

Throws:

java.rmi.RemoteException - in the event of network problems.

getIdentityByDomain

UserIdentityInterface getIdentityByDomain(java.lang.String domain,
                                          boolean issueChallenge)
                                          throws java.rmi.RemoteException,
                                                 ServiceException

Get an identity by domain.

Parameters:

domain - The domain to search for in the identities.

issueChallenge - If true, the callback handler set in the User Service will be used to challenge the user to provide the requested credentials.

Returns:

An identity matching the domain requested.

Throws:

java.rmi.RemoteException - in the event of network problems.

ServiceException - if unable to obtain the identity by domain.

getIdentityByDomain

UserIdentityInterface getIdentityByDomain(java.lang.String domain,
                                          boolean issueChallenge,
                                          java.lang.String challengePrompt)
                                          throws java.rmi.RemoteException,
                                                 ServiceException

Get an identity by domain.

Parameters:

domain - The domain to search for in the identities.

issueChallenge - If true, the callback handler set in the User Service will be used to challenge the user to provide the requested credentials.

challengePrompt - A string to present to the user to get the desired credentials.

Returns:

An identity matching the domain requested.

Throws:

java.rmi.RemoteException - in the event of network problems.

ServiceException - if unable to obtain the identity by domain.

getIdentitiesByDomain

java.util.List getIdentitiesByDomain(java.lang.String domain,
                                     boolean issueChallenge,
                                     java.lang.String challengePrompt)
                                     throws java.rmi.RemoteException,
                                            ServiceException

This method returns a list of all the credential sets that are available for the requested domain.

Parameters:

domain - The Authentication Domain to get credentials for.

issueChallenge - If true, if the user currently doesn't have credentials for the requested authentication domain, a challenge is issued back to the user for them.

challengePrompt - A string to present to the user with the challenge.

Returns:

A List of UserIdentityInterface objects with the credential sets for the requested domain.

Throws:

java.rmi.RemoteException - if the event of remote object failure.

ServiceException - if a service error occurs.

addRepositoryGroup

void addRepositoryGroup(RepositoryGroup group)
                        throws ServiceException,
                               java.rmi.RemoteException

Add a repository group to this UserContext. A repository group is a list of names of repositories to use for a search. They need not all be the same type of repository. That is, you may have OMR repositories and DAV repositories in the same group, if it makes sense to search both for some types of data. The group must have a name (non-null, and one or more characters), and must be unique for the groups managed by this UserContext. To perform a search using a group, call InformationServiceInterface.searchGroupName(UserContextInterface, String, com.sas.services.information.FilterInterface), or InformationServiceInterface.searchGroupNameWithFilterArray(UserContextInterface, String, com.sas.services.information.FilterInterface[]).

Parameters:

group - The repository group to add.

Throws:

ServiceException - If the group name is null, or if a group with the same name already exists in the UserContext.

java.rmi.RemoteException - In the event of remote object failure.

removeRepositoryGroup

void removeRepositoryGroup(RepositoryGroup group)
                           throws ServiceException,
                                  java.rmi.RemoteException

Remove a repository group from this UserContext.

Parameters:

group - The Group to remove.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getRepositoryGroup

RepositoryGroup getRepositoryGroup(java.lang.String name)
                                   throws ServiceException,
                                          java.rmi.RemoteException

Get a repository group from this UserContext. To perform a search using the returned group, call InformationServiceInterface.searchGroup(UserContextInterface, com.sas.services.information.RepositoryGroup, com.sas.services.information.FilterInterface), or InformationServiceInterface.searchGroupWithFilterArray(UserContextInterface, com.sas.services.information.RepositoryGroup, com.sas.services.information.FilterInterface[]).

Parameters:

name - The name of the group to return.

Returns:

The repository group specfied by name, or null if one by that name doesn't exist.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getProfile

ProfileInterface getProfile()
                            throws java.rmi.RemoteException

Get the user's profile set.

Returns:

a ProfileInterface for the user's profile instance.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

addRepository

void addRepository(java.lang.Object repository)
                   throws java.rmi.RemoteException

Add a repository to this user context.

Parameters:

repository - A connected repository that uses an identity for this user

Throws:

java.rmi.RemoteException - In the event of a remote failure.

removeRepository

void removeRepository(java.lang.Object repository)
                      throws java.rmi.RemoteException

Remove a repository from this context.

Parameters:

repository - The repository to remove from this context.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getRepository

RepositoryInterface getRepository(java.lang.String name)
                                  throws ServiceException,
                                         java.rmi.RemoteException

Get a repository based on the name. In order for this to work, the name has to be defined in the Information Service as a ReposDef. If it's not, or if the user isn't connected to the requested repository, this will return null.

Parameters:

name - The name of the repository to return the handle to.

Returns:

The repository handle for the named repository, or null.

Throws:

ServiceException - in the event of a service failure.

java.rmi.RemoteException - in the event of a network failure.

getAuthRepository

RepositoryInterface getAuthRepository()
                                      throws ServiceException,
                                             java.rmi.RemoteException

Deprecated. Use getAuthServer instead.

Get a handle to the repository the user authenticated against. It's possible for a configuration to authenticate against multiple services. This will return the first server that was used to authenticate the user.

Returns:

The RepositoryInterface used for authentication.

Throws:

ServiceException - in the event of a service failure.

java.rmi.RemoteException - in the event of a network failure.

getAuthRepositoryName

java.lang.String getAuthRepositoryName()
                                       throws ServiceException,
                                              java.rmi.RemoteException

Deprecated. Use getAuthServerName instead.

Get the Information Service configured name of the repository that was used for authentication. It's possible for a configuration to authenticate against multiple services. This will return the first server that was used to authenticate the user.

Returns:

The name of the repository that was used for authentication.

Throws:

ServiceException - in the event of a service failure.

java.rmi.RemoteException - in the event of a network failure.

getAuthServer

ServerInterface getAuthServer()
                              throws ServiceException,
                                     java.rmi.RemoteException

Get a handle to the metadata server the user authenticated against.

Returns:

The ServerInterface that the user authenticated against.

Throws:

ServiceException - If a server error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getAuthServerName

java.lang.String getAuthServerName()
                                   throws ServiceException,
                                          java.rmi.RemoteException

Get the definition name of the server the user authenticated against.

Returns:

The Information Service configured Server definition name of the server that the user authenticated against.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getRepositories

java.util.List getRepositories()
                               throws java.rmi.RemoteException

Get a List of the repositories this user is connected to.

Returns:

The connected repositories

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getServers

java.util.List getServers()
                          throws java.rmi.RemoteException

Get a List of the servers this user is connected to.

Returns:

A List of ServerInterface objects this user has connections to.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

addServer

void addServer(ServerInterface server)
               throws ServiceException,
                      java.rmi.RemoteException

Add a server to the list that this user is connected to.

Parameters:

server - A server to which this user has an active connection.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

removeServer

void removeServer(ServerInterface server)
                  throws ServiceException,
                         java.rmi.RemoteException

Remove a server from the list that this user is currently connected to.

Parameters:

server - The server to remove from the active list.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getServer

ServerInterface getServer(java.lang.String name)
                          throws ServiceException,
                                 java.rmi.RemoteException

Get a specific named Information Service server from this user.

Parameters:

name - The configured name of the server to get from the connected list.

Returns:

The ServerInterface with the requested name, or null if it's not connected.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getPrincipals

java.util.Set getPrincipals()
                            throws java.rmi.RemoteException

Gets the set of principals.

Returns:

Set containing principals.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getPublicCredentials

java.util.Set getPublicCredentials()
                                   throws java.rmi.RemoteException

Gets the set of public credentials.

Returns:

Set containing public credentials.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getPrivateCredentials

java.util.Set getPrivateCredentials()
                                    throws java.rmi.RemoteException

Gets the set of private credentials.

Returns:

Set containing private credentials.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getLoginCallback

LoginCallbackHandler getLoginCallback()
                                      throws java.rmi.RemoteException

Get the callback handler. This is used by the Authenticator class to set information needed by the login modules to perform the authenticaton.

Returns:

Login callback handler.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

authenticate

boolean authenticate()
                     throws java.rmi.RemoteException

Authenticate a user based on their current OS identity.

Returns:

true if the authentication was successful, false otherwise.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

authenticate

boolean authenticate(UserIdentityInterface ident,
                     java.util.Map options)
                     throws java.rmi.RemoteException

Authenticates a user identity.

Parameters:

ident - The identity to authenticate.

options - Additional options for the authentication process (this may include a host and port for an authentication server and other information).

Returns:

true if the authentication was successful, false otherwise.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

destroy

void destroy()
             throws java.rmi.RemoteException

Destroy the user context. Release all resources in use.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

addException

void addException(java.lang.Exception exception)
                  throws java.rmi.RemoteException

Add an exception to the list.

Parameters:

exception - Exception to be added to the list.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

clearExceptions

void clearExceptions()
                     throws java.rmi.RemoteException

Clear the exception list.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getExceptions

java.lang.Exception[] getExceptions()
                                    throws java.rmi.RemoteException

Get an array of exceptions that have occurred since the last time they were cleared.

Returns:

an array of Exceptions, or null if there have been none.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

setChallengeCallbackHandler

void setChallengeCallbackHandler(RemoteCallbackHandler handler)
                                 throws java.rmi.RemoteException

Set the object that will be used to handle credential challenge callbacks.

Parameters:

handler - The credential callback handler. This object will have to be an implementation of the javax.security.auth.callback.CallbackHandler interface.

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getChallengeCallbackHandler

RemoteCallbackHandler getChallengeCallbackHandler()
                                                  throws java.rmi.RemoteException

Get the object that will handle credential challenge callbacks.

Returns:

The callback handler

Throws:

java.rmi.RemoteException - In the event of a remote failure.

getPerson

IdentityInterface getPerson()
                            throws java.rmi.RemoteException

Return the IdentityInterface object that represents this user. This is the metadata object that the metadata server has determined represents the authenticated user. It may a PersonInterface or an IdentityGroupInterface object, if group logins are enabled in the UserService.

Returns:

An IdentityInterface representing this user, or null if the authenticated user has no metadata presence (a public user).

Throws:

java.rmi.RemoteException - in the event of remote object failure.

setPerson

void setPerson(IdentityInterface identity)
               throws java.rmi.RemoteException,
                      java.lang.IllegalStateException

This method gets called by UserService as part of the UserContext initialization. Client code should not call this method.

Parameters:

identity - The Person object that represents the user.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

java.lang.IllegalStateException - If the identity object has already been set.

getUniqueId

java.lang.String getUniqueId()
                             throws java.rmi.RemoteException

Returns a unique identifier for this object.

Returns:

A String with a unique identifier. This is a per-instance identifier.

Throws:

java.rmi.RemoteException - in the event of remote object failure.

isDestroyed

boolean isDestroyed()
                    throws java.rmi.RemoteException

Return true if this User Context has been destroyed, or is in the process of being destroyed.

Returns:

true if this context has been destroyed.

Throws:

java.rmi.RemoteException - in the event of remote object failure.

getLoginTime

long getLoginTime()
                  throws java.rmi.RemoteException

Get the timestamp when the user was authenticated.

Returns:

A long representing the login date/time.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

getSharedResource

java.lang.Object getSharedResource(java.lang.String key)
                                   throws java.rmi.RemoteException

Get an object from the shared resource map. Shared resources are generally used between repository instances, but can be shared among other objects as well.

Parameters:

key - The key to the object in the resource map.

Returns:

The resource object, or null if nothing was found for the given key.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

putSharedResource

java.lang.Object putSharedResource(java.lang.String key,
                                   java.lang.Object value)
                                   throws java.rmi.RemoteException

Put an object into the shared resource map. This will make the object potentially available to other objects managed by the UserContext for sharing.

Parameters:

key - The lookup key for the resource.

value - The resource object to store.

Returns:

The old value at the resource key, or null if it's a new key.

Throws:

java.rmi.RemoteException - In the event of remote object failure.

toByteArray

byte[] toByteArray()
                   throws java.rmi.RemoteException

Throws:

java.rmi.RemoteException

addUserIdentityListener

void addUserIdentityListener(UserIdentityListener listener)
                             throws java.rmi.RemoteException

Throws:

java.rmi.RemoteException

isInRole

boolean isInRole(java.lang.String role)
                 throws ServiceException,
                        java.rmi.RemoteException

Check whether the user is a member of a given role.

Parameters:

role - The role name to check for.

Returns:

True if the user is a member of the role. False otherwise.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

isInAnyRole

boolean isInAnyRole(java.util.List roleList)
                    throws ServiceException,
                           java.rmi.RemoteException

Check whether the user is a member of any of the roles in the list.

Parameters:

roleList - A List of Strings representing role names.

Returns:

True if the user is a member of any roles in the list. False otherwise.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getRoles

java.util.List getRoles()
                        throws ServiceException,
                               java.rmi.RemoteException

Get a List of the roles this user is a member of.

Returns:

A List of Strings representing the role names this user is a member of.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

hasCapability

boolean hasCapability(java.lang.String appName,
                      java.lang.String action)
                      throws ServiceException,
                             java.rmi.RemoteException

Check whether this user has the capability to perform a specific action for a particular application.

Parameters:

appName - The SoftwareComponent name associated with the application.

action - The action to perform.

Returns:

True if the user has permission to perform the action; otherwise, false.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getActions

java.util.List getActions(java.lang.String appName)
                          throws ServiceException,
                                 java.rmi.RemoteException

Get a List of actions associated with an application that this user can perform.

Note: getGrantedApplicationActions(String...) is recommended instead of this method.

Parameters:

appName - The SoftwareComponent name associated with the application.

Returns:

A List of ApplicationAuthorizations representing the actions.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

See Also:

com.sas.services.security.ApplicationAuthorization()

getActions

java.util.List getActions(java.lang.String appName,
                          boolean onlyGrantedActions)
                          throws ServiceException,
                                 java.rmi.RemoteException

Get a List of actions associated with an application.

Note: Use getGrantedApplicationActions(String...) (for granted actions) or com.sas.services.information.metadata.ApplicationInterface#getActions(com.sas.services.information.metadata.ApplicationInterface...) (for all actions) instead of this method.

Parameters:

appName - The SoftwareComponent name associated with the application.

onlyGrantedActions - If true then return only the actions that are granted to this user; otherwise, return all actions.

Returns:

A List of ApplicationAuthorizations representing the actions.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

See Also:

com.sas.services.security.ApplicationAuthorization()

getGrantedApplicationActions

java.util.Map<java.lang.String,com.sas.services.security.ApplicationAuthorization> getGrantedApplicationActions(java.lang.String... applicationName)
                                                                                                                throws ServiceException,
                                                                                                                       java.rmi.RemoteException

Returns a map of actions granted to the user for the specified application(s). The map is keyed by application action identifier. If multiple applications are specified all applications are scanned for granted actions. If the same action identifier is defined for multiple application, only the first granted action will be returned.

Parameters:

applicationName - one or more application names

Returns:

a map of actions granted to the user for the specified application(s)

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

See Also:

com.sas.services.security.ApplicationAuthorization()

isInGroup

boolean isInGroup(java.lang.String group)
                  throws ServiceException,
                         java.rmi.RemoteException

Check whether the user is a member of a given group.

Parameters:

group - The group name to check for.

Returns:

True if the user is a member of the group. False otherwise.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

isInAnyGroup

boolean isInAnyGroup(java.util.List groupList)
                     throws ServiceException,
                            java.rmi.RemoteException

Check whether the user is a member of any of the groups in the list.

Parameters:

groupList - A List of Strings representing group names.

Returns:

True if the user is a member of any groups in the list. False otherwise.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getGroups

java.util.List getGroups()
                         throws ServiceException,
                                java.rmi.RemoteException

Get a List of the groups this user is a member of.

Returns:

A List of Strings representing the group names this user is a member of.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

refreshRepositoryData

void refreshRepositoryData()
                           throws ServiceException,
                                  java.rmi.RemoteException

Refresh all of the data that's been retrieved using the Information Service during the life of this UserContext. This is potentially a very expensive operation, so use it with care.

Throws:

ServiceException - If an exception occurs during the refresh operation.

java.rmi.RemoteException - In the event of remote object failure.

getResolvedUserId

java.lang.String getResolvedUserId()
                                   throws ServiceException,
                                          java.rmi.RemoteException

Return the metadata server resolved user id.

Returns:

the user id as resolved by the metadata server. This is a domain-qualified user id (e.g., user@DefaultAuth).

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

isInternalUser

boolean isInternalUser()
                       throws ServiceException,
                              java.rmi.RemoteException

Return a boolean indicating if this user was created using an internal userid.

Returns:

true if the user was created using an internal userid, false otherwise.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

getLocale

java.util.Locale getLocale()
                           throws ServiceException,
                                  java.rmi.RemoteException

Get the locale for this user. If it has been set explicitly, return that value. If the user has a profile, return the profile setting. If there's no other locale available, return the JVM default.

Returns:

The user's current locale setting.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

setLocale

void setLocale(java.util.Locale locale)
               throws ServiceException,
                      java.rmi.RemoteException

Set the locale to use for this user session.

Parameters:

locale - The preferred locale for this user for the live of this session.

Throws:

ServiceException - If a service level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

enableLocalAdminMode

void enableLocalAdminMode(java.lang.String authDomain)
                          throws ServiceException,
                                 java.rmi.RemoteException

This sets up a special case where an administrative user with an internal account is used to authenticate a user. Since the internal account cannot be used to authenticate against other resources like a workspace server, this creates a problem because the UserContext won't go get other credentials in the primary authentication domain. This overrides that behavior and makes the primary credential "sticky", so it won't really be removed if requested.

Parameters:

authDomain - The domain to retrieve all credentials for. This overrides my default behavior of not getting any more credentials for the primary authentication domain.

Throws:

ServiceException - If a metadata or service-level error occurs.

java.rmi.RemoteException - In the event of remote object failure.

*** This interface provides Binary Compatibility only, not Source Compatibility ***