Interface UserConstants
- All Known Implementing Classes:
UserUtil
public interface UserConstants
User management related constants. Please note that all names and paths
are OAK names/paths and therefore are not suited to be used in JCR context
with remapped namespaces.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
Name of theSimpleCredentials
attribute containing the new password.static final String
Default value forPARAM_ADMIN_ID
static final String
Default value forPARAM_ANONYMOUS_ID
static final int
Default value forPARAM_DEFAULT_DEPTH
static final boolean
Default value forPARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
static final String
Default value forPARAM_GROUP_PATH
static final boolean
Default value forPARAM_PASSWORD_INITIAL_CHANGE
static final int
Default value forPARAM_PASSWORD_MAX_AGE
static final String
Default intermediate path for system users.static final String
Default value forPARAM_USER_PATH
static final Collection<String>
static final String
static final Collection<String>
static final String
static final String
static final String
static final String
static final String
static final String
Deprecated.static final String
static final String
static final String
static final String
Configuration option defining the ID of the administrator user.static final String
Optional configuration parameter indicating if the anonymous user can be disabled or not.static final String
Configuration option defining the ID of the anonymous user.static final String
Optional configuration parameter to set theAuthorizableActionProvider
to be used with the given user management implementation.static final String
Optional configuration parameter defining how to generate the name of the authorizable node from the ID of the new authorizable that is being created.static final String
Parameter used to change the number of levels that are used by default to store authorizable nodes.
The default number of levels is 2.static final String
Optionally enables the UsernameCaseMapped profile defined in https://tools.ietf.org/html/rfc7613#section-3.2 for user name comparison.static final String
Configuration option to define the path underneath which group nodes are being created.static final String
Configuration option defining the names of the impersonatorPrincipals field.static final String
Configuration option defining if the admin password should be omitted upon user creation.static final String
Configuration parameter to change the default algorithm used to generate password hashes.static final String
Configuration parameter to change the number of iterations used for password hash generation.static final String
Optional configuration parameter indicating the maximum number of passwords recorded for a user after password changes.static final String
Optional configuration parameter indicating whether users must change their passwords on first login.static final String
Optional configuration parameter indicating the maximum age in days a password may have before it expires.static final String
Configuration parameter to change the number of iterations used for password hash generation.static final String
Optional configuration parameter that might be used to get back support for the auto-save behavior which has been dropped in the default user management implementation present with OAK.static final String
Configuration option to define the path relative to the user root node underneath which system user nodes are being created.static final String
Mandatory configuration option denoting the userAuthentication
implementation to use in the login module.static final String
Configuration option to define the path underneath which user nodes are being created.static final int
Constant to indicate disabled password history, which is the default.static final Collection<String>
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final Collection<String>
-
Field Details
-
NT_REP_AUTHORIZABLE
- See Also:
-
NT_REP_AUTHORIZABLE_FOLDER
- See Also:
-
NT_REP_USER
- See Also:
-
NT_REP_GROUP
- See Also:
-
NT_REP_SYSTEM_USER
- See Also:
-
NT_REP_PASSWORD
- See Also:
-
NT_REP_MEMBERS
Deprecated.- See Also:
-
NT_REP_MEMBER_REFERENCES_LIST
- See Also:
-
NT_REP_MEMBER_REFERENCES
- See Also:
-
MIX_REP_IMPERSONATABLE
- See Also:
-
REP_PRINCIPAL_NAME
- See Also:
-
REP_AUTHORIZABLE_ID
- See Also:
-
REP_PASSWORD
- See Also:
-
REP_PASSWORD_LAST_MODIFIED
- See Also:
-
REP_DISABLED
- See Also:
-
REP_MEMBERS
- See Also:
-
REP_MEMBERS_LIST
- See Also:
-
REP_IMPERSONATORS
- See Also:
-
REP_PWD
- See Also:
-
REP_PWD_HISTORY
- See Also:
-
GROUP_PROPERTY_NAMES
-
USER_PROPERTY_NAMES
-
PWD_PROPERTY_NAMES
-
NT_NAMES
-
PARAM_ADMIN_ID
Configuration option defining the ID of the administrator user.- See Also:
-
PARAM_IMPERSONATOR_PRINCIPAL_NAMES
Configuration option defining the names of the impersonatorPrincipals field.- Since:
- Oak 1.54.0
- See Also:
-
PARAM_OMIT_ADMIN_PW
Configuration option defining if the admin password should be omitted upon user creation.- See Also:
-
DEFAULT_ADMIN_ID
Default value forPARAM_ADMIN_ID
- See Also:
-
PARAM_ANONYMOUS_ID
Configuration option defining the ID of the anonymous user. The ID might benull
of no anonymous user exists. In this case Session#getUserID() may returnnull
if it has been obtained usingGuestCredentials
.- See Also:
-
DEFAULT_ANONYMOUS_ID
Default value forPARAM_ANONYMOUS_ID
- See Also:
-
PARAM_USER_AUTHENTICATION_FACTORY
Mandatory configuration option denoting the userAuthentication
implementation to use in the login module.- See Also:
-
PARAM_USER_PATH
Configuration option to define the path underneath which user nodes are being created.- See Also:
-
DEFAULT_USER_PATH
Default value forPARAM_USER_PATH
- See Also:
-
PARAM_GROUP_PATH
Configuration option to define the path underneath which group nodes are being created.- See Also:
-
DEFAULT_GROUP_PATH
Default value forPARAM_GROUP_PATH
- See Also:
-
PARAM_SYSTEM_RELATIVE_PATH
Configuration option to define the path relative to the user root node underneath which system user nodes are being created.- See Also:
-
DEFAULT_SYSTEM_RELATIVE_PATH
Default intermediate path for system users.- See Also:
-
PARAM_DEFAULT_DEPTH
Parameter used to change the number of levels that are used by default to store authorizable nodes.
The default number of levels is 2.- See Also:
-
DEFAULT_DEPTH
static final int DEFAULT_DEPTHDefault value forPARAM_DEFAULT_DEPTH
- See Also:
-
PARAM_PASSWORD_HASH_ALGORITHM
Configuration parameter to change the default algorithm used to generate password hashes.- See Also:
-
PARAM_PASSWORD_HASH_ITERATIONS
Configuration parameter to change the number of iterations used for password hash generation.- See Also:
-
PARAM_PASSWORD_SALT_SIZE
Configuration parameter to change the number of iterations used for password hash generation.- See Also:
-
PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
Optionally enables the UsernameCaseMapped profile defined in https://tools.ietf.org/html/rfc7613#section-3.2 for user name comparison. Use this if half-width and full-width user names should be considered equal.- See Also:
-
DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
static final boolean DEFAULT_ENABLE_RFC7613_USERCASE_MAPPED_PROFILEDefault value forPARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
- See Also:
-
PARAM_AUTHORIZABLE_NODE_NAME
Optional configuration parameter defining how to generate the name of the authorizable node from the ID of the new authorizable that is being created. The value is expected to be an instance ofAuthorizableNodeName
. By defaultAuthorizableNodeName.DEFAULT
is used.- See Also:
-
PARAM_AUTHORIZABLE_ACTION_PROVIDER
Optional configuration parameter to set theAuthorizableActionProvider
to be used with the given user management implementation. Unless otherwise specified in the configurationDefaultAuthorizableActionProvider
is used.- See Also:
-
PARAM_SUPPORT_AUTOSAVE
Optional configuration parameter that might be used to get back support for the auto-save behavior which has been dropped in the default user management implementation present with OAK.Note that this option has been added for those cases where API consumers rely on the implementation specific behavior present with Jackrabbit 2.x. In general using this option should not be required as the Jackrabbit User Management API expects that API consumers tests the auto-save mode is enabled. Therefore this option should be considered a temporary workaround after upgrading a repository to OAK; the affected code should be reviewed and adjusted accordingly.
- See Also:
-
PARAM_PASSWORD_MAX_AGE
Optional configuration parameter indicating the maximum age in days a password may have before it expires. If the value specified is> 0
, password expiry is implicitly enabled.- See Also:
-
DEFAULT_PASSWORD_MAX_AGE
static final int DEFAULT_PASSWORD_MAX_AGEDefault value forPARAM_PASSWORD_MAX_AGE
- See Also:
-
PARAM_PASSWORD_INITIAL_CHANGE
Optional configuration parameter indicating whether users must change their passwords on first login. If enabled, passwords are immediately expired upon user creation.- See Also:
-
DEFAULT_PASSWORD_INITIAL_CHANGE
static final boolean DEFAULT_PASSWORD_INITIAL_CHANGEDefault value forPARAM_PASSWORD_INITIAL_CHANGE
- See Also:
-
CREDENTIALS_ATTRIBUTE_NEWPASSWORD
Name of theSimpleCredentials
attribute containing the new password. This may be used change the password via the credentials object.- See Also:
-
PARAM_PASSWORD_HISTORY_SIZE
Optional configuration parameter indicating the maximum number of passwords recorded for a user after password changes. If the value specified is> 0
, password history checking during password change is implicitly enabled and the new password provided during a password change must not be found in the already recorded history.- Since:
- Oak 1.3.3
- See Also:
-
PASSWORD_HISTORY_DISABLED_SIZE
static final int PASSWORD_HISTORY_DISABLED_SIZEConstant to indicate disabled password history, which is the default.- Since:
- Oak 1.3.3
- See Also:
-
PARAM_ALLOW_DISABLE_ANONYMOUS
Optional configuration parameter indicating if the anonymous user can be disabled or not. By default, the anonymous user can be disabled.- See Also:
-