Package org.apache.jackrabbit.oak.spi.security.user

Interface UserConstants

  • All Known Implementing Classes:
    UserUtil
    public interface UserConstants
    User management related constants. Please note that all names and paths are OAK names/paths and therefore are not suited to be used in JCR context with remapped namespaces.

    • Field Detail

      • PARAM_ADMIN_ID

        static final String PARAM_ADMIN_ID
        Configuration option defining the ID of the administrator user.
        See Also:
        Constant Field Values

      • PARAM_IMPERSONATOR_PRINCIPAL_NAMES

        static final String PARAM_IMPERSONATOR_PRINCIPAL_NAMES
        Configuration option defining the names of the impersonatorPrincipals field.
        Since:
        Oak 1.54.0
        See Also:
        OAK-10173, Constant Field Values

      • PARAM_OMIT_ADMIN_PW

        static final String PARAM_OMIT_ADMIN_PW
        Configuration option defining if the admin password should be omitted upon user creation.
        See Also:
        Constant Field Values

      • PARAM_ANONYMOUS_ID

        static final String PARAM_ANONYMOUS_ID
        Configuration option defining the ID of the anonymous user. The ID might be null of no anonymous user exists. In this case Session#getUserID() may return null if it has been obtained using GuestCredentials.
        See Also:
        Constant Field Values

      • PARAM_USER_AUTHENTICATION_FACTORY

        static final String PARAM_USER_AUTHENTICATION_FACTORY
        Mandatory configuration option denoting the user Authentication implementation to use in the login module.
        See Also:
        Constant Field Values

      • PARAM_USER_PATH

        static final String PARAM_USER_PATH
        Configuration option to define the path underneath which user nodes are being created.
        See Also:
        Constant Field Values

      • PARAM_GROUP_PATH

        static final String PARAM_GROUP_PATH
        Configuration option to define the path underneath which group nodes are being created.
        See Also:
        Constant Field Values

      • PARAM_SYSTEM_RELATIVE_PATH

        static final String PARAM_SYSTEM_RELATIVE_PATH
        Configuration option to define the path relative to the user root node underneath which system user nodes are being created.
        See Also:
        Constant Field Values

      • DEFAULT_SYSTEM_RELATIVE_PATH

        static final String DEFAULT_SYSTEM_RELATIVE_PATH
        Default intermediate path for system users.
        See Also:
        Constant Field Values

      • PARAM_DEFAULT_DEPTH

        static final String PARAM_DEFAULT_DEPTH
        Parameter used to change the number of levels that are used by default to store authorizable nodes.
        The default number of levels is 2.
        See Also:
        Constant Field Values

      • PARAM_PASSWORD_HASH_ALGORITHM

        static final String PARAM_PASSWORD_HASH_ALGORITHM
        Configuration parameter to change the default algorithm used to generate password hashes.
        See Also:
        Constant Field Values

      • PARAM_PASSWORD_HASH_ITERATIONS

        static final String PARAM_PASSWORD_HASH_ITERATIONS
        Configuration parameter to change the number of iterations used for password hash generation.
        See Also:
        Constant Field Values

      • PARAM_PASSWORD_SALT_SIZE

        static final String PARAM_PASSWORD_SALT_SIZE
        Configuration parameter to change the number of iterations used for password hash generation.
        See Also:
        Constant Field Values

      • PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE

        static final String PARAM_ENABLE_RFC7613_USERCASE_MAPPED_PROFILE
        Optionally enables the UsernameCaseMapped profile defined in https://tools.ietf.org/html/rfc7613#section-3.2 for user name comparison. Use this if half-width and full-width user names should be considered equal.
        See Also:
        Constant Field Values

      • PARAM_AUTHORIZABLE_NODE_NAME

        static final String PARAM_AUTHORIZABLE_NODE_NAME
        Optional configuration parameter defining how to generate the name of the authorizable node from the ID of the new authorizable that is being created. The value is expected to be an instance of AuthorizableNodeName. By default AuthorizableNodeName.DEFAULT is used.
        See Also:
        Constant Field Values

      • PARAM_SUPPORT_AUTOSAVE

        static final String PARAM_SUPPORT_AUTOSAVE
        Optional configuration parameter that might be used to get back support for the auto-save behavior which has been dropped in the default user management implementation present with OAK.

        Note that this option has been added for those cases where API consumers rely on the implementation specific behavior present with Jackrabbit 2.x. In general using this option should not be required as the Jackrabbit User Management API expects that API consumers tests the auto-save mode is enabled. Therefore this option should be considered a temporary workaround after upgrading a repository to OAK; the affected code should be reviewed and adjusted accordingly.

        See Also:
        Constant Field Values

      • PARAM_PASSWORD_MAX_AGE

        static final String PARAM_PASSWORD_MAX_AGE
        Optional configuration parameter indicating the maximum age in days a password may have before it expires. If the value specified is > 0, password expiry is implicitly enabled.
        See Also:
        Constant Field Values

      • PARAM_PASSWORD_INITIAL_CHANGE

        static final String PARAM_PASSWORD_INITIAL_CHANGE
        Optional configuration parameter indicating whether users must change their passwords on first login. If enabled, passwords are immediately expired upon user creation.
        See Also:
        Constant Field Values

      • CREDENTIALS_ATTRIBUTE_NEWPASSWORD

        static final String CREDENTIALS_ATTRIBUTE_NEWPASSWORD
        Name of the SimpleCredentials attribute containing the new password. This may be used change the password via the credentials object.
        See Also:
        Constant Field Values

      • PARAM_PASSWORD_HISTORY_SIZE

        static final String PARAM_PASSWORD_HISTORY_SIZE
        Optional configuration parameter indicating the maximum number of passwords recorded for a user after password changes. If the value specified is > 0, password history checking during password change is implicitly enabled and the new password provided during a password change must not be found in the already recorded history.
        Since:
        Oak 1.3.3
        See Also:
        Constant Field Values

      • PASSWORD_HISTORY_DISABLED_SIZE

        static final int PASSWORD_HISTORY_DISABLED_SIZE
        Constant to indicate disabled password history, which is the default.
        Since:
        Oak 1.3.3
        See Also:
        Constant Field Values

      • PARAM_ALLOW_DISABLE_ANONYMOUS

        static final String PARAM_ALLOW_DISABLE_ANONYMOUS
        Optional configuration parameter indicating if the anonymous user can be disabled or not. By default, the anonymous user can be disabled.
        See Also:
        Constant Field Values