Package com.inductiveautomation.ignition.gateway.authentication.impl

Class InternalUserSource

java.lang.Object

com.inductiveautomation.ignition.gateway.user.UserSourceProfileKernelWrapper

com.inductiveautomation.ignition.gateway.user.AbstractUserSourceProfile

com.inductiveautomation.ignition.gateway.authentication.impl.InternalUserSource

All Implemented Interfaces:

UserSourceProfile, UserSourceProfileKernel

Direct Known Subclasses:

ADInternalHybridUserSource

public class InternalUserSource
extends AbstractUserSourceProfile

This user source stores users, groups, extended properties, and contact info inside the internal database. It is fully compliant with the user-source editing capabilities of Ignition.

Relevant persistent records:

• InternalUserRecord
• InternalRoleRecord
• InternalUserRoleMapping
• InternalUserExtraPropsRecord
• InternalContactInfoRecord

Field Summary

Fields inherited from interface com.inductiveautomation.ignition.gateway.user.UserSourceProfile

PWD_EXPIRATION_BYPASS

Constructor Summary

Constructors

Constructor	Description
InternalUserSource(UserSourceProfileKernel delegate)
InternalUserSource(UserSourceProfileKernel kernel, int pwdHistory, int pwdMinLength, int pwdComplexity, int pwdMaxAge)

Method Summary

Modifier and Type	Method	Description
void	addRole(String newName, UICallback ui)
void	addUser(User user, UICallback ui)
protected InternalUserRecord	addUserInternal(User user, UICallback ui, PersistenceSession session)
void	alterPassword(User user, String oldPassword, String newPassword)
void	alterUser(User user, UICallback ui)
AuthenticatedUser	authenticate(AuthChallenge challenge)	Called to both verify authentication for a given username/password pair, and to find the security roles for that user.
static long	createDefaultUserSource(GatewayContext context, String userSourceProfileName, String userSourceProfileDescription)	Creates an internal user source called "default" with user "admin"/"password" and role "Administrator".
static long	createFirstUser(GatewayContext context, String userSourceProfileName, String userSourceProfileDescription, String username, String password, boolean preHashed)	Creates an internal user source called "default" with the supplied username and password and role "Administrator".
protected Optional<InternalUserRecord>	findInternalUser(PersistenceSession session, String uname)	Looks up the internal user record keyed on username, NOT case sensitive
protected Long	findUserInternalId(PersistenceSession session, User user)
Set<UserSourceEditCapability>	getEditFlags()	Which of the editing functions are supported?
Collection<String>	getRoles()
Optional<User>	getUser(String userName)	Fetch a User with the given user name.
Collection<User>	getUsers()	Retrieve all users from this profile.
void	removeRole(String group, UICallback ui)
void	removeUser(User user, UICallback ui)
void	renameRole(String oldName, String newName, UICallback ui)
String	toString()
String	validatePassword(User user, String password)	Validate the given password.

Methods inherited from class com.inductiveautomation.ignition.gateway.user.AbstractUserSourceProfile

getName, getRoles, getUser, getUsers

Methods inherited from class com.inductiveautomation.ignition.gateway.user.UserSourceProfileKernelWrapper

getCacheValidationTimeout, getContext, getManager, getProfileId, getProfileName, isLockedOut, notifyFailedAttempt, shutdown, startup

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.inductiveautomation.ignition.gateway.user.UserSourceProfile

getCacheValidationTimeout, getProfileId, shutdown, startup

Constructor Details

InternalUserSource

public InternalUserSource(UserSourceProfileKernel delegate)

InternalUserSource

public InternalUserSource(UserSourceProfileKernel kernel,
 int pwdHistory,
 int pwdMinLength,
 int pwdComplexity,
 int pwdMaxAge)

Method Details

createDefaultUserSource

public static long createDefaultUserSource(GatewayContext context,
 String userSourceProfileName,
 String userSourceProfileDescription)
                                    throws Exception

Creates an internal user source called "default" with user "admin"/"password" and role "Administrator". Returns the long id of the new profile.

Throws:

Exception

createFirstUser

public static long createFirstUser(GatewayContext context,
 String userSourceProfileName,
 String userSourceProfileDescription,
 String username,
 String password,
 boolean preHashed)
                            throws Exception

Creates an internal user source called "default" with the supplied username and password and role "Administrator". Returns the long id of the new profile.

Parameters:

context - The GatewayContext instance

userSourceProfileName - The name of the internal user source profile to be created

userSourceProfileDescription - The description of the internal user source profile to be created

username - The username, Must not be null

password - The password either pre-encrypted or not. Must not be null

preHashed - true if the password is already hashed, false if it is not yet hashed

Returns:

The profile id.

Throws:

Exception

authenticate

public AuthenticatedUser authenticate(AuthChallenge challenge)
                               throws Exception

Description copied from interface: UserSourceProfile

Called to both verify authentication for a given username/password pair, and to find the security roles for that user.

Returns:

An AuthenticatedUser that contains the user's roles if authentication succeeded, or null if it did not.

Throws:

PasswordExpiredException - if the user's password has expired and must be reset

Exception - if there was an unexpected problem encountered during authentication

getUsers

@Nonnull
public Collection<User> getUsers()
                          throws Exception

Description copied from interface: UserSourceProfile

Retrieve all users from this profile. This can execute slowly (block) if need be. It will be called periodically by the manager and the results will be cached. Users from failover sources will be returned if hard failover is configured and triggered.

Specified by:

getUsers in interface UserSourceProfile

Specified by:

getUsers in class AbstractUserSourceProfile

Throws:

Exception

findInternalUser

@Nonnull
protected Optional<InternalUserRecord> findInternalUser(PersistenceSession session,
 String uname)

Looks up the internal user record keyed on username, NOT case sensitive

getUser

@Nonnull
public Optional<User> getUser(String userName)
                       throws Exception

Description copied from interface: UserSourceProfile

Fetch a User with the given user name. If more than one user exists with the given user name, the first user returned from the underlying data source is returned. Failover sources will be queried if hard failover is configured and the primary sources are unable to fetch the user due to an error. Failover sources will also be queried if soft failover is configured and the user is not found in the primary sources.

Specified by:

getUser in interface UserSourceProfile

Overrides:

getUser in class AbstractUserSourceProfile

Parameters:

userName - the user name of the User to fetch

Returns:

an Optional User with the given user name. the user may be from a failover user source (check User.getProfileName() to confirm)

Throws:

Exception - if there is an unexpected problem fetching the user with the given user name

See Also:

• UserSourceProfile.getUser(String, String)

getRoles

@Nonnull
public Collection<String> getRoles()
                            throws Exception

Specified by:

getRoles in interface UserSourceProfile

Specified by:

getRoles in class AbstractUserSourceProfile

Returns:

a collection of all possible role names for this profile. May be empty. Roles from failover sources will be returned if hard failover is configured and triggered.

Throws:

Exception

toString

public String toString()

Overrides:

toString in class Object

getEditFlags

public Set<UserSourceEditCapability> getEditFlags()

Description copied from interface: UserSourceProfile

Which of the editing functions are supported?

Specified by:

getEditFlags in interface UserSourceProfile

Overrides:

getEditFlags in class AbstractUserSourceProfile

validatePassword

public String validatePassword(@Nonnull
 User user,
 String password)

Description copied from interface: UserSourceProfile

Validate the given password. Note that this doesn't mean it checks to see if this password matches the user's current password. Rather, it means that this password would be an acceptable new password for the user.

Returns:

A i18n key for the error message describing why the password is invalid, or null if the password is valid.

addUserInternal

protected InternalUserRecord addUserInternal(User user,
 @Nullable
 UICallback ui,
 PersistenceSession session)
                                      throws Exception

Throws:

Exception

addUser

public void addUser(@Nonnull
 User user,
 UICallback ui)
             throws Exception

Specified by:

addUser in interface UserSourceProfile

Overrides:

addUser in class AbstractUserSourceProfile

Throws:

Exception

findUserInternalId

protected Long findUserInternalId(PersistenceSession session,
 User user)

alterPassword

public void alterPassword(User user,
 String oldPassword,
 String newPassword)

Specified by:

alterPassword in interface UserSourceProfile

Overrides:

alterPassword in class AbstractUserSourceProfile

alterUser

public void alterUser(User user,
 UICallback ui)
               throws Exception

Specified by:

alterUser in interface UserSourceProfile

Overrides:

alterUser in class AbstractUserSourceProfile

Throws:

Exception

removeUser

public void removeUser(User user,
 UICallback ui)
                throws Exception

Specified by:

removeUser in interface UserSourceProfile

Overrides:

removeUser in class AbstractUserSourceProfile

Throws:

Exception

addRole

public void addRole(String newName,
 UICallback ui)

Specified by:

addRole in interface UserSourceProfile

Overrides:

addRole in class AbstractUserSourceProfile

renameRole

public void renameRole(String oldName,
 String newName,
 UICallback ui)

Specified by:

renameRole in interface UserSourceProfile

Overrides:

renameRole in class AbstractUserSourceProfile

removeRole

public void removeRole(String group,
 UICallback ui)
                throws Exception

Specified by:

removeRole in interface UserSourceProfile

Overrides:

removeRole in class AbstractUserSourceProfile

Throws:

Exception