*** This interface provides Binary Compatibility only, not Source Compatibility ***

Package com.sas.services.user

Interface UserContextInterface

All Superinterfaces:
com.sas.metadata.remote.CredentialResolver, Remote
All Known Implementing Classes:
UserContext
@SASScope("ALL") @BinaryCompatibilityOnly public interface UserContextInterface extends com.sas.metadata.remote.CredentialResolver
The UserContextInterface provides a mechanism for maintaining information about a user entity. The user authentication identities, and access to the user profile are provided from here, as well as a list of repositories that the user is connected to.

Since:
1.0

  • Field Details

  • Method Details

    • setSessionContext

      void setSessionContext(SessionContextInterface session) throws RemoteException
      Set the session context that this user context will use for logging, etc.

      Parameters:
      session - The session context.
      Throws:
      RemoteException - in the event of network failure.

    • getSessionContext

      SessionContextInterface getSessionContext() throws RemoteException
      Get the session context for this user.

      Returns:
      The session context.
      Throws:
      RemoteException - in the event of network failure.

    • getPersonFQID

      String getPersonFQID() throws RemoteException
      Get the FQID of the authenticated Identity. This may actually be a Person or an IdentityGroup, if group logins are enabled.
      Returns:
      The FQID of the authenticated user.
      Throws:
      RemoteException - In the event of remote object failure.

    • getName

      String getName() throws RemoteException
      Get the name of this user. The name can be any String which represents the entity. This may be set by the application, or by a login module, if it can determine the name during the authentication process.

      Returns:
      The user name;
      Throws:
      RemoteException - in the event of network problems.

    • setName

      void setName(String name) throws RemoteException
      Set the name of the user. The name can be any String which represents the user. It should be the name by which the user is commonly known.

      Parameters:
      name - The user name.
      Throws:
      RemoteException - in the event of network problems.

    • getDescription

      String getDescription() throws RemoteException
      Get the common description for this user. This should come from the repository that the user's global profile is defined in. As a fallback, it will get the description from the primary authentication repository (in case they're different).
      Returns:
      A String with a description of the user.
      Throws:
      RemoteException - in the event of remote object failure.

    • getKey

      String getKey() throws RemoteException
      Get the user key. This is probably a user ID, a UUID, or some other unique identitfier for this user. Since names aren't always unique, this is necessary to uniquely locate a user context from the user service.

      Returns:
      A unique identifier for this user.
      Throws:
      RemoteException - in the event of network problems.

    • setKey

      void setKey(String key) throws RemoteException
      Set the user key. This should be unique within the context of the user service. If this isn't set, the name is used to store this user with the UserServices, which may cause conflicts. Setting this before adding to the UserService is strongly recommended.

      Parameters:
      key - The key that identifies this user.
      Throws:
      RemoteException - in the event of network problems.

    • getClientSource

      String getClientSource() throws RemoteException
      Get the client location idetifier where the login request originated.
      Returns:
      The client identifier (usually a TCP/IP address) where the login request originated for this UserContext.
      Throws:
      RemoteException - In the event of remote object failure.

    • setClientSource

      void setClientSource(String source) throws RemoteException
      Set the source location identifier for this UserContext.
      Parameters:
      source - The source location identifier (usually a TCP/IP address).
      Throws:
      RemoteException - In the event of remote object failure.

    • getAppSource

      String getAppSource() throws RemoteException
      Get the name of the application that initiated the login request for this UserContext.
      Returns:
      The application source identifier.
      Throws:
      RemoteException - In the event of remote object failure.

    • setAppSource

      void setAppSource(String source) throws RemoteException
      Set the application source identifier that initiated the logon request for this UserContext.
      Parameters:
      source - The application source that requested the creation of the UserContext. This is usualy either the main Java class name, or an identifiable application name.
      Throws:
      RemoteException - In the event of remote object failure.

    • getIDPropagation

      String getIDPropagation() throws ServiceException, RemoteException
      If the UserContext was authenticated using an ID propagation mechanism such as SSPI, the name of the ID propagation mechanism is returned. Otherwise, null is returned
      Returns:
      the name of the ID propagation mechanism used to authenticate this UserContext, if any.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.
      See Also:

    • addIdentity

      void addIdentity(UserIdentityInterface identity) throws RemoteException
      Add an identity to the context. Identities are credential sets used to authenticate a user to a specific security domain. The UserService can be used to create a new identity, or to look up indentities that may be stored in a repository.

      Parameters:
      identity - The new identity for this user.
      Throws:
      RemoteException - in the event of network problems.

    • removeIdentity

      void removeIdentity(UserIdentityInterface identity) throws RemoteException
      Remove an identity from the context.
      Parameters:
      identity - The identity to remove.
      Throws:
      RemoteException - In the event of network object failure.

    • getIdentities

      List getIdentities() throws RemoteException
      Get an iterator of UserIdentityInterface objects that represent the currently available authentication identities for the user. If the current user (as set by a call to Subject.doAs() ) is different from the Subject in the local LoginContext, the user must have the CredentialPermission "readCredential" granted to perform this operation.

      Returns:
      An Iterator of UserIdentityInterface objects.
      Throws:
      RemoteException - in the event of network problems.

    • getIdentityByDomain

      UserIdentityInterface getIdentityByDomain(String domain) throws RemoteException
      Get an authentication identity for the given domain. If the current user (as set by a call to Subject.doAs() ) is different from the Subject in the local LoginContext, the user must have the CredentialPermission "readCredential" granted to perform this operation.

      Parameters:
      domain - The domain for which to retrieve an identity.
      Returns:
      The user identity, or null if none is found.
      Throws:
      RemoteException - in the event of network problems.

    • getIdentityByDomain

      UserIdentityInterface getIdentityByDomain(String domain, boolean issueChallenge) throws RemoteException, ServiceException
      Get an identity by domain.

      Parameters:
      domain - The domain to search for in the identities.
      issueChallenge - If true, the callback handler set in the User Service will be used to challenge the user to provide the requested credentials.
      Returns:
      An identity matching the domain requested.
      Throws:
      RemoteException - in the event of network problems.
      ServiceException - if unable to obtain the identity by domain.

    • getIdentityByDomain

      UserIdentityInterface getIdentityByDomain(String domain, boolean issueChallenge, String challengePrompt) throws RemoteException, ServiceException
      Get an identity by domain.

      Parameters:
      domain - The domain to search for in the identities.
      issueChallenge - If true, the callback handler set in the User Service will be used to challenge the user to provide the requested credentials.
      challengePrompt - A string to present to the user to get the desired credentials.
      Returns:
      An identity matching the domain requested.
      Throws:
      RemoteException - in the event of network problems.
      ServiceException - if unable to obtain the identity by domain.

    • getIdentitiesByDomain

      List getIdentitiesByDomain(String domain, boolean issueChallenge, String challengePrompt) throws RemoteException, ServiceException
      This method returns a list of all the credential sets that are available for the requested domain.
      Parameters:
      domain - The Authentication Domain to get credentials for.
      issueChallenge - If true, if the user currently doesn't have credentials for the requested authentication domain, a challenge is issued back to the user for them.
      challengePrompt - A string to present to the user with the challenge.
      Returns:
      A List of UserIdentityInterface objects with the credential sets for the requested domain.
      Throws:
      RemoteException - if the event of remote object failure.
      ServiceException - if a service error occurs.

    • addRepositoryGroup

      void addRepositoryGroup(RepositoryGroup group) throws ServiceException, RemoteException
      Add a repository group to this UserContext. A repository group is a list of names of repositories to use for a search. They need not all be the same type of repository. That is, you may have OMR repositories and DAV repositories in the same group, if it makes sense to search both for some types of data. The group must have a name (non-null, and one or more characters), and must be unique for the groups managed by this UserContext. To perform a search using a group, call InformationServiceInterface.searchGroupName(UserContextInterface, String, com.sas.services.information.FilterInterface), or InformationServiceInterface.searchGroupNameWithFilterArray(UserContextInterface, String, com.sas.services.information.FilterInterface[]).
      Parameters:
      group - The repository group to add.
      Throws:
      ServiceException - If the group name is null, or if a group with the same name already exists in the UserContext.
      RemoteException - In the event of remote object failure.

    • removeRepositoryGroup

      void removeRepositoryGroup(RepositoryGroup group) throws ServiceException, RemoteException
      Remove a repository group from this UserContext.
      Parameters:
      group - The Group to remove.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getRepositoryGroup

      RepositoryGroup getRepositoryGroup(String name) throws ServiceException, RemoteException
      Get a repository group from this UserContext. To perform a search using the returned group, call InformationServiceInterface.searchGroup(UserContextInterface, com.sas.services.information.RepositoryGroup, com.sas.services.information.FilterInterface), or InformationServiceInterface.searchGroupWithFilterArray(UserContextInterface, com.sas.services.information.RepositoryGroup, com.sas.services.information.FilterInterface[]).
      Parameters:
      name - The name of the group to return.
      Returns:
      The repository group specfied by name, or null if one by that name doesn't exist.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getProfile

      ProfileInterface getProfile() throws RemoteException
      Get the user's profile set.

      Returns:
      a ProfileInterface for the user's profile instance.
      Throws:
      RemoteException - In the event of a remote failure.

    • addRepository

      void addRepository(Object repository) throws RemoteException
      Add a repository to this user context.

      Parameters:
      repository - A connected repository that uses an identity for this user
      Throws:
      RemoteException - In the event of a remote failure.

    • removeRepository

      void removeRepository(Object repository) throws RemoteException
      Remove a repository from this context.

      Parameters:
      repository - The repository to remove from this context.
      Throws:
      RemoteException - In the event of a remote failure.

    • getRepository

      RepositoryInterface getRepository(String name) throws ServiceException, RemoteException
      Get a repository based on the name. In order for this to work, the name has to be defined in the Information Service as a ReposDef. If it's not, or if the user isn't connected to the requested repository, this will return null.

      Parameters:
      name - The name of the repository to return the handle to.
      Returns:
      The repository handle for the named repository, or null.
      Throws:
      ServiceException - in the event of a service failure.
      RemoteException - in the event of a network failure.

    • getAuthRepository

      RepositoryInterface getAuthRepository() throws ServiceException, RemoteException
      Deprecated.
      Use getAuthServer instead.
      Get a handle to the repository the user authenticated against. It's possible for a configuration to authenticate against multiple services. This will return the first server that was used to authenticate the user.
      Returns:
      The RepositoryInterface used for authentication.
      Throws:
      ServiceException - in the event of a service failure.
      RemoteException - in the event of a network failure.

    • getAuthRepositoryName

      String getAuthRepositoryName() throws ServiceException, RemoteException
      Deprecated.
      Use getAuthServerName instead.
      Get the Information Service configured name of the repository that was used for authentication. It's possible for a configuration to authenticate against multiple services. This will return the first server that was used to authenticate the user.
      Returns:
      The name of the repository that was used for authentication.
      Throws:
      ServiceException - in the event of a service failure.
      RemoteException - in the event of a network failure.

    • getAuthServer

      ServerInterface getAuthServer() throws ServiceException, RemoteException
      Get a handle to the metadata server the user authenticated against.
      Returns:
      The ServerInterface that the user authenticated against.
      Throws:
      ServiceException - If a server error occurs.
      RemoteException - In the event of remote object failure.

    • getAuthServerName

      String getAuthServerName() throws ServiceException, RemoteException
      Get the definition name of the server the user authenticated against.
      Returns:
      The Information Service configured Server definition name of the server that the user authenticated against.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getRepositories

      List getRepositories() throws RemoteException
      Get a List of the repositories this user is connected to.

      Returns:
      The connected repositories
      Throws:
      RemoteException - In the event of a remote failure.

    • getServers

      List getServers() throws RemoteException
      Get a List of the servers this user is connected to.
      Returns:
      A List of ServerInterface objects this user has connections to.
      Throws:
      RemoteException - In the event of remote object failure.

    • addServer

      void addServer(ServerInterface server) throws ServiceException, RemoteException
      Add a server to the list that this user is connected to.
      Parameters:
      server - A server to which this user has an active connection.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • removeServer

      void removeServer(ServerInterface server) throws ServiceException, RemoteException
      Remove a server from the list that this user is currently connected to.
      Parameters:
      server - The server to remove from the active list.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getServer

      ServerInterface getServer(String name) throws ServiceException, RemoteException
      Get a specific named Information Service server from this user.
      Parameters:
      name - The configured name of the server to get from the connected list.
      Returns:
      The ServerInterface with the requested name, or null if it's not connected.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getPrincipals

      Set getPrincipals() throws RemoteException
      Gets the set of principals.
      Returns:
      Set containing principals.
      Throws:
      RemoteException - In the event of a remote failure.

    • getPublicCredentials

      Set getPublicCredentials() throws RemoteException
      Gets the set of public credentials.
      Returns:
      Set containing public credentials.
      Throws:
      RemoteException - In the event of a remote failure.

    • getPrivateCredentials

      Set getPrivateCredentials() throws RemoteException
      Gets the set of private credentials.
      Returns:
      Set containing private credentials.
      Throws:
      RemoteException - In the event of a remote failure.

    • getLoginCallback

      LoginCallbackHandler getLoginCallback() throws RemoteException
      Get the callback handler. This is used by the Authenticator class to set information needed by the login modules to perform the authenticaton.
      Returns:
      Login callback handler.
      Throws:
      RemoteException - In the event of a remote failure.

    • authenticate

      boolean authenticate() throws RemoteException
      Authenticate a user based on their current OS identity.
      Returns:
      true if the authentication was successful, false otherwise.
      Throws:
      RemoteException - In the event of remote object failure.

    • authenticate

      boolean authenticate(UserIdentityInterface ident, Map options) throws RemoteException
      Authenticates a user identity.

      Parameters:
      ident - The identity to authenticate.
      options - Additional options for the authentication process (this may include a host and port for an authentication server and other information).
      Returns:
      true if the authentication was successful, false otherwise.
      Throws:
      RemoteException - In the event of a remote failure.

    • destroy

      void destroy() throws RemoteException
      Destroy the user context. Release all resources in use.
      Throws:
      RemoteException - In the event of a remote failure.

    • addException

      void addException(Exception exception) throws RemoteException
      Add an exception to the list.
      Parameters:
      exception - Exception to be added to the list.
      Throws:
      RemoteException - In the event of a remote failure.

    • clearExceptions

      void clearExceptions() throws RemoteException
      Clear the exception list.
      Throws:
      RemoteException - In the event of a remote failure.

    • getExceptions

      Exception[] getExceptions() throws RemoteException
      Get an array of exceptions that have occurred since the last time they were cleared.

      Returns:
      an array of Exceptions, or null if there have been none.
      Throws:
      RemoteException - In the event of a remote failure.

    • setChallengeCallbackHandler

      void setChallengeCallbackHandler(RemoteCallbackHandler handler) throws RemoteException
      Set the object that will be used to handle credential challenge callbacks.

      Parameters:
      handler - The credential callback handler. This object will have to be an implementation of the javax.security.auth.callback.CallbackHandler interface.
      Throws:
      RemoteException - In the event of a remote failure.

    • getChallengeCallbackHandler

      RemoteCallbackHandler getChallengeCallbackHandler() throws RemoteException
      Get the object that will handle credential challenge callbacks.

      Returns:
      The callback handler
      Throws:
      RemoteException - In the event of a remote failure.

    • getPerson

      IdentityInterface getPerson() throws RemoteException
      Return the IdentityInterface object that represents this user. This is the metadata object that the metadata server has determined represents the authenticated user. It may a PersonInterface or an IdentityGroupInterface object, if group logins are enabled in the UserService.
      Returns:
      An IdentityInterface representing this user, or null if the authenticated user has no metadata presence (a public user).
      Throws:
      RemoteException - in the event of remote object failure.

    • setPerson

      void setPerson(IdentityInterface identity) throws RemoteException, IllegalStateException
      This method gets called by UserService as part of the UserContext initialization. Client code should not call this method.
      Parameters:
      identity - The Person object that represents the user.
      Throws:
      RemoteException - In the event of remote object failure.
      IllegalStateException - If the identity object has already been set.

    • getUniqueId

      String getUniqueId() throws RemoteException
      Returns a unique identifier for this object.
      Returns:
      A String with a unique identifier. This is a per-instance identifier.
      Throws:
      RemoteException - in the event of remote object failure.

    • isDestroyed

      boolean isDestroyed() throws RemoteException
      Return true if this User Context has been destroyed, or is in the process of being destroyed.
      Returns:
      true if this context has been destroyed.
      Throws:
      RemoteException - in the event of remote object failure.

    • getLoginTime

      long getLoginTime() throws RemoteException
      Get the timestamp when the user was authenticated.
      Returns:
      A long representing the login date/time.
      Throws:
      RemoteException - In the event of remote object failure.

    • getSharedResource

      Object getSharedResource(String key) throws RemoteException
      Get an object from the shared resource map. Shared resources are generally used between repository instances, but can be shared among other objects as well.
      Parameters:
      key - The key to the object in the resource map.
      Returns:
      The resource object, or null if nothing was found for the given key.
      Throws:
      RemoteException - In the event of remote object failure.

    • putSharedResource

      Object putSharedResource(String key, Object value) throws RemoteException
      Put an object into the shared resource map. This will make the object potentially available to other objects managed by the UserContext for sharing.
      Parameters:
      key - The lookup key for the resource.
      value - The resource object to store.
      Returns:
      The old value at the resource key, or null if it's a new key.
      Throws:
      RemoteException - In the event of remote object failure.

    • toByteArray

      byte[] toByteArray() throws RemoteException
      Throws:
      RemoteException

    • addUserIdentityListener

      void addUserIdentityListener(UserIdentityListener listener) throws RemoteException
      Throws:
      RemoteException

    • isInRole

      boolean isInRole(String role) throws ServiceException, RemoteException
      Check whether the user is a member of a given role.
      Parameters:
      role - The role name to check for.
      Returns:
      True if the user is a member of the role. False otherwise.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • isInAnyRole

      boolean isInAnyRole(List roleList) throws ServiceException, RemoteException
      Check whether the user is a member of any of the roles in the list.
      Parameters:
      roleList - A List of Strings representing role names.
      Returns:
      True if the user is a member of any roles in the list. False otherwise.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getRoles

      List getRoles() throws ServiceException, RemoteException
      Get a List of the roles this user is a member of.
      Returns:
      A List of Strings representing the role names this user is a member of.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • hasCapability

      boolean hasCapability(String appName, String action) throws ServiceException, RemoteException
      Check whether this user has the capability to perform a specific action for a particular application.
      Parameters:
      appName - The SoftwareComponent name associated with the application.
      action - The action to perform.
      Returns:
      True if the user has permission to perform the action; otherwise, false.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getActions

      List getActions(String appName) throws ServiceException, RemoteException
      Get a List of actions associated with an application that this user can perform.

      Note: getGrantedApplicationActions(String...) is recommended instead of this method.

      Parameters:
      appName - The SoftwareComponent name associated with the application.
      Returns:
      A List of ApplicationAuthorizations representing the actions.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getActions

      List getActions(String appName, boolean onlyGrantedActions) throws ServiceException, RemoteException
      Get a List of actions associated with an application.

      Note: Use getGrantedApplicationActions(String...) (for granted actions) or ApplicationInterface.getActions() (for all actions) instead of this method.

      Parameters:
      appName - The SoftwareComponent name associated with the application.
      onlyGrantedActions - If true then return only the actions that are granted to this user; otherwise, return all actions.
      Returns:
      A List of ApplicationAuthorizations representing the actions.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getGrantedApplicationActions

      Map<String,ApplicationAuthorization> getGrantedApplicationActions(String... applicationName) throws ServiceException, RemoteException
      Returns a map of actions granted to the user for the specified application(s). The map is keyed by application action identifier. If multiple applications are specified all applications are scanned for granted actions. If the same action identifier is defined for multiple application, only the first granted action will be returned.
      Parameters:
      applicationName - one or more application names
      Returns:
      a map of actions granted to the user for the specified application(s)
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • isInGroup

      boolean isInGroup(String group) throws ServiceException, RemoteException
      Check whether the user is a member of a given group.
      Parameters:
      group - The group name to check for.
      Returns:
      True if the user is a member of the group. False otherwise.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • isInAnyGroup

      boolean isInAnyGroup(List groupList) throws ServiceException, RemoteException
      Check whether the user is a member of any of the groups in the list.
      Parameters:
      groupList - A List of Strings representing group names.
      Returns:
      True if the user is a member of any groups in the list. False otherwise.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getGroups

      List getGroups() throws ServiceException, RemoteException
      Get a List of the groups this user is a member of.
      Returns:
      A List of Strings representing the group names this user is a member of.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • refreshRepositoryData

      void refreshRepositoryData() throws ServiceException, RemoteException
      Refresh all of the data that's been retrieved using the Information Service during the life of this UserContext. This is potentially a very expensive operation, so use it with care.
      Throws:
      ServiceException - If an exception occurs during the refresh operation.
      RemoteException - In the event of remote object failure.

    • getResolvedUserId

      String getResolvedUserId() throws ServiceException, RemoteException
      Return the metadata server resolved user id.
      Returns:
      the user id as resolved by the metadata server. This is a domain-qualified user id (e.g., user@DefaultAuth).
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • isInternalUser

      boolean isInternalUser() throws ServiceException, RemoteException
      Return a boolean indicating if this user was created using an internal userid.
      Returns:
      true if the user was created using an internal userid, false otherwise.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • getLocale

      Locale getLocale() throws ServiceException, RemoteException
      Get the locale for this user. If it has been set explicitly, return that value. If the user has a profile, return the profile setting. If there's no other locale available, return the JVM default.
      Returns:
      The user's current locale setting.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • setLocale

      void setLocale(Locale locale) throws ServiceException, RemoteException
      Set the locale to use for this user session.
      Parameters:
      locale - The preferred locale for this user for the live of this session.
      Throws:
      ServiceException - If a service level error occurs.
      RemoteException - In the event of remote object failure.

    • enableLocalAdminMode

      void enableLocalAdminMode(String authDomain) throws ServiceException, RemoteException
      This sets up a special case where an administrative user with an internal account is used to authenticate a user. Since the internal account cannot be used to authenticate against other resources like a workspace server, this creates a problem because the UserContext won't go get other credentials in the primary authentication domain. This overrides that behavior and makes the primary credential "sticky", so it won't really be removed if requested.
      Parameters:
      authDomain - The domain to retrieve all credentials for. This overrides my default behavior of not getting any more credentials for the primary authentication domain.
      Throws:
      ServiceException - If a metadata or service-level error occurs.
      RemoteException - In the event of remote object failure.