Package com.inductiveautomation.ignition.gateway.user

Interface UserSourceProfile

All Known Implementing Classes:
AbstractUserSourceProfile, ActiveDirectoryUserSource, ADInternalHybridUserSource, ADtoDBHybridAuthenticator, DatabaseAutomaticUserSource, DatabaseExpertUserSource, InternalUserSource
public interface UserSourceProfile
A user management profile provides access to users, groups, and provides authentication verification for users. It may support editing of users and groups.

  • Field Details

    • PWD_EXPIRATION_BYPASS

      static final Property<String> PWD_EXPIRATION_BYPASS
      Bypass flag for auth requests that should not respect the password expiration setting of a user source. Used to verify a user's existing password during the reset phase.

  • Method Details

    • getProfileId

      long getProfileId()
      The ID of this user profile

    • getName

      String getName()
      The name of this user profile.

    • getCacheValidationTimeout

      long getCacheValidationTimeout()
      The cache update time-out option.

    • authenticate

      @Nullable AuthenticatedUser authenticate(AuthChallenge challenge) throws Exception
      Called to both verify authentication for a given username/password pair, and to find the security roles for that user.
      Returns:
      An AuthenticatedUser that contains the user's roles if authentication succeeded, or null if it did not.
      Throws:
      PasswordExpiredException - if the user's password has expired and must be reset
      Exception - if there was an unexpected problem encountered during authentication

    • startup

      void startup(UserSourceManager manager)
      Called when the user source is created before it is used.

    • shutdown

      void shutdown()
      Called either when the user source has been edited and so it is being restarted, or when the gateway is shutting down.

    • getUsers

      @Nonnull default Collection<User> getUsers() throws Exception
      Retrieve all users from this profile. This can execute slowly (block) if need be. It will be called periodically by the manager and the results will be cached. Users from failover sources will be returned if hard failover is configured and triggered.
      Throws:
      Exception

    • getUsers

      @Nonnull Collection<User> getUsers(boolean useFailover) throws Exception
      Retrieve all users from this profile. This can execute slowly (block) if need be. It will be called periodically by the manager and the results will be cached. Users from failover sources will be returned if hard failover is configured and triggered when useFailover argument is true.
      Throws:
      Exception

    • getUser

      Optional<User> getUser(String userName) throws Exception
      Fetch a User with the given user name. If more than one user exists with the given user name, the first user returned from the underlying data source is returned. Failover sources will be queried if hard failover is configured and the primary sources are unable to fetch the user due to an error. Failover sources will also be queried if soft failover is configured and the user is not found in the primary sources.
      Parameters:
      userName - the user name of the User to fetch
      Returns:
      an Optional User with the given user name. the user may be from a failover user source (check User.getProfileName() to confirm)
      Throws:
      Exception - if there is an unexpected problem fetching the user with the given user name
      See Also:

    • getUser

      @Nonnull Optional<User> getUser(String userName, String userSourceProfileName) throws Exception
      Fetch a User with the given user name and user source profile name. If more than one user exists with the given user name, the first user returned from the underlying data source is returned. Tries to target the user source with the given userSourceProfileName argument in the chain of failover sources (if configured), following the rules of the failover mode that is currently set at each user source in the chain. While visiting each user source in the chain, the failover source will be queried if hard failover is configured and the primary source is unable to fetch the user due to an error, as long as the given userSourceProfileName argument does not match the primary user source name currently being queried, otherwise an empty result is returned. The failover source will also be queried if soft failover is configured and the given userSourceProfileName argument does not match the primary user source name currently being queried.
      Parameters:
      userName - the user name of the User to fetch
      userSourceProfileName - the name of the user source profile for the target user
      Returns:
      an Optional User with the given user name
      Throws:
      Exception - if there is an unexpected problem fetching the user with the given user name
      See Also:

    • getRoles

      @Nonnull default Collection<String> getRoles() throws Exception
      Returns:
      a collection of all possible role names for this profile. May be empty. Roles from failover sources will be returned if hard failover is configured and triggered.
      Throws:
      Exception

    • getRoles

      @Nonnull Collection<String> getRoles(boolean useFailover) throws Exception
      Returns:
      a collection of all possible role names for this profile. May be empty. Roles from failover sources will be returned if hard failover is configured and triggered when useFailover argument is true.
      Throws:
      Exception

    • getEditFlags

      Set<UserSourceEditCapability> getEditFlags()
      Which of the editing functions are supported?

    • validatePassword

      default String validatePassword(User user, String password)
      Validate the given password. Note that this doesn't mean it checks to see if this password matches the user's current password. Rather, it means that this password would be an acceptable new password for the user.
      Returns:
      A i18n key for the error message describing why the password is invalid, or null if the password is valid.

    • addRole

      void addRole(String roleName, UICallback ui) throws Exception
      Throws:
      Exception

    • removeRole

      void removeRole(String roleName, UICallback ui) throws Exception
      Throws:
      Exception

    • renameRole

      void renameRole(String oldName, String newName, UICallback ui) throws Exception
      Throws:
      Exception

    • addUser

      void addUser(User user, UICallback ui) throws Exception
      Throws:
      Exception

    • alterUser

      void alterUser(User user, UICallback ui) throws Exception
      Throws:
      Exception

    • removeUser

      void removeUser(User user, UICallback ui) throws Exception
      Throws:
      Exception

    • alterPassword

      void alterPassword(User user, String oldPassword, String newPassword) throws Exception
      Throws:
      Exception