|
Java AFS Admin API v1.3 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--org.openafs.jafsadm.K5User
An abstract representation of an AFS Kerberos V user.
This document should be considered a preliminary
draft posted for the purpose of feedback and should not be
considered a functional API document.
The members of this class are strictly modeled after
the |
Constructor Summary | |
K5User(String name,
Cell cell)
Constructs a new K5User object instance given the name of the AFS user
and the AFS cell, represented by cell , to which it belongs. |
|
K5User(String name,
Cell cell,
K5PasswordPolicy passwordPolicy)
Constructs a new K5User object instance given the name of the AFS user
and the AFS cell, represented by cell , to which it belongs and the
Kerberos 5 Password Policy to be applied. |
Method Summary | |
boolean |
allowsDuplicateSessionKey()
K5 Attribute: Tests if this principal is allowed to obtain a session key for another user. |
boolean |
allowsForwardableTickets()
K5 Attribute: Tests if this principal is allowed to obtain forwardable tickets. |
boolean |
allowsPostDatedTickets()
K5 Attribute: Tests if this principal is allowed to obtain postdated tickets. |
boolean |
allowsProxiableTickets()
K5 Attribute: Tests if this principal is allowed to obtain proxiable tickets. |
boolean |
allowsRenewableTickets()
K5 Attribute: Tests if this principal is allowed to obtain renewable tickets. |
boolean |
allowsServiceTickets()
K5 Attribute: Tests if this principal is allowed to obtain service tickets. |
boolean |
canChangePassword()
K5: Returns whether or not the user can change their password |
int |
compareTo(K5User user)
Compares two K5User objects respective to their names and does not factor any other attribute. |
int |
compareTo(Object obj)
Comparable interface method. |
void |
create(String password)
Creates the Kerberos 5 entries for a new user in this cell. |
void |
delete()
Deletes the K5 entries for a user in this cell. |
boolean |
equals(K5User otherUser)
Tests whether two K5User objects are equal, based on their names. |
Cell |
getCell()
Returns the Cell/Realm this user belongs to. |
int |
getFailLoginCount()
K5: Returns the number of failed login attempts this user is allowed before being locked out. |
int |
getKeyVersion()
K5: Returns the version of the user's key. |
GregorianCalendar |
getLastChangePasswordDate()
K5: Returns the last date and time the user changed its password. |
GregorianCalendar |
getLastModDate()
K5: Returns the date and time the user was last modified. |
String |
getLastModName()
K5: Returns the name of this user that last modified this user. |
int |
getMasterKeyVersion()
K5: Returns the master key version of this user. |
int |
getMaxRenewableLife()
K5: Returns the the maximum renewable life of this user. |
int |
getMaxTicketLifetime()
K5: Returns the maximum lifetime of a ticket issued to this user (in seconds). |
String |
getName()
Returns the name of this user. |
GregorianCalendar |
getPasswordExpirationDate()
K5: Returns the date and time the password expires. |
K5PasswordPolicy |
getPasswordPolicy()
K5: Returns the password policy assigned to this user. |
int |
getSaltType()
K5: Returns the specified salt for generating the key. |
GregorianCalendar |
getUserExpirationDate()
K5: Returns the date and time the user expires. |
boolean |
requiresHardwareAuth()
K5 Attribute: Tests if this principal is required to preauthenticate using a hardware device before being allowed to kinit. |
boolean |
requiresPasswordChange()
K5 Attribute: Flag in attributes field to force a password change. |
boolean |
requiresPreAuth()
K5 Attribute: Tests if this principal is required to preauthenticate before being allowed to kinit. |
void |
setChangePassword(boolean setting)
K5: Sets whether or not the user can change their password |
void |
setDuplicateSessionKey(boolean flag)
K5: Sets attribute to allow/deny this principal from obtaining a session key for another user. |
void |
setFailLoginCount(int logins)
K5: Sets the number of failed login attempts this user is allowed before being locked out. |
void |
setForwardableTickets(boolean flag)
K5: Sets attribute to allow/deny this principal from obtaining forwardable tickets. |
void |
setGrantTickets(boolean setting)
K5: Sets whether or not TGS will issue tickets for this K5User |
void |
setHardwareAuth(boolean flag)
K5: Sets attribute to require this principal to preauthenticate using a hardware device before being allowed to kinit, if flag is true. |
void |
setMaxTicketLifetime(int seconds)
K5: Sets the maximum lifetime of a ticket issued to this user (in seconds). |
void |
setPassword(String newPassword)
Sets the password of this user to something new. |
void |
setPasswordChange(boolean flag)
K5: Sets attribute to force a password change for this principal, if flag is true. |
void |
setPasswordExpiration(GregorianCalendar expirationDate)
K5: Sets the date and time the password expires. |
void |
setPasswordPolicy(K5PasswordPolicy policy)
K5: Sets the password policy for this user. |
void |
setPostDatedTickets(boolean flag)
K5: Sets attribute to allow/deny this principal from obtaining postdated tickets. |
void |
setPreAuth(boolean flag)
K5: Sets attribute to require this principal to preauthenticate before being allowed to kinit, if flag is true. |
void |
setProxiableTickets(boolean flag)
K5: Sets attribute to allow/deny this principal from obtaining proxiable tickets. |
void |
setRenewableTickets(boolean flag)
K5: Sets attribute to allow/deny this principal from obtaining renewable tickets. |
void |
setSaltType(int type)
K5: Sets the specified salt for generating the key. |
void |
setServiceTickets(boolean flag)
K5: Sets attribute to allow/deny this principal from obtaining service tickets. |
void |
setUserExpiration(GregorianCalendar expirationDate)
K5: Sets the date and time the user expires. |
String |
toString()
Returns the name of this User |
boolean |
willGrantTickets()
K5: Returns whether or not TGS will issue tickets for this user |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public K5User(String name, Cell cell) throws AFSAdminException
K5User
object instance given the name of the AFS user
and the AFS cell, represented by cell
, to which it belongs.name
- the name of the user to representcell
- the cell to which the user belongs.AFSAdminException
- If an error occurs in the native codepublic K5User(String name, Cell cell, K5PasswordPolicy passwordPolicy) throws AFSAdminException
K5User
object instance given the name of the AFS user
and the AFS cell, represented by cell
, to which it belongs and the
Kerberos 5 Password Policy to be applied.name
- the name of the user to representcell
- the cell to which the user belongs.passwordPolicy
- the K5 password policy to be applied to this user.AFSAdminException
- If an error occurs in the native codeMethod Detail |
public void create(String password) throws AFSAdminException
refreshUsers
afterward to update this
Cell's
user list.password
- the password for the new userAFSAdminException
- If an error occurs in the native codepublic void delete() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic String getName()
public Cell getCell()
public boolean willGrantTickets() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean canChangePassword() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic GregorianCalendar getUserExpirationDate() throws AFSAdminException
null
value indicates the user never exipres (or that
there is no k5 entry for this user).AFSAdminException
- If an error occurs in the native codepublic GregorianCalendar getLastModDate() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic String getLastModName() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic GregorianCalendar getLastChangePasswordDate() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic int getMaxTicketLifetime() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic K5PasswordPolicy getPasswordPolicy() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic GregorianCalendar getPasswordExpirationDate() throws AFSAdminException
null
value indicates the password never exipres (or that
there is no k5 entry for this user).AFSAdminException
- If an error occurs in the native codepublic int getFailLoginCount() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic int getMasterKeyVersion() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic int getKeyVersion() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic int getMaxRenewableLife() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic int getSaltType() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean allowsPostDatedTickets() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean allowsForwardableTickets() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean allowsRenewableTickets() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean allowsProxiableTickets() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean allowsServiceTickets() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean allowsDuplicateSessionKey() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean requiresPreAuth() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean requiresHardwareAuth() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic boolean requiresPasswordChange() throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic void setGrantTickets(boolean setting)
setting
- whether or not TGS will issue tickets for this userpublic void setFailLoginCount(int logins)
logins
- the number of failed login attempts a user is allowedpublic void setChangePassword(boolean setting)
setting
- whether or not the user can change their passwordpublic void setUserExpiration(GregorianCalendar expirationDate)
null
value indicates the user never exipres.expirationDate
- the date and time the user expirespublic void setPasswordExpiration(GregorianCalendar expirationDate)
null
value indicates the password never exipres.expirationDate
- the date and time the user expirespublic void setMaxTicketLifetime(int seconds)
seconds
- the maximum lifetime of a ticket issued to this user (in seconds).public void setPasswordPolicy(K5PasswordPolicy policy)
policy
- the K5 password policypublic void setPassword(String newPassword) throws AFSAdminException
newPassword
- the new password for this userAFSAdminException
- If an error occurs in the native codepublic void setSaltType(int type) throws AFSAdminException
AFSAdminException
- If an error occurs in the native codepublic void setPostDatedTickets(boolean flag) throws AFSAdminException
flag
is false.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setForwardableTickets(boolean flag) throws AFSAdminException
flag
is false.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setRenewableTickets(boolean flag) throws AFSAdminException
flag
is false.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setProxiableTickets(boolean flag) throws AFSAdminException
flag
is false.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setServiceTickets(boolean flag) throws AFSAdminException
flag
is false.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setDuplicateSessionKey(boolean flag) throws AFSAdminException
flag
is false.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setPreAuth(boolean flag) throws AFSAdminException
flag
is true.
Effectively sets the KRB5_KDB_REQUIRES_PRE_AUTH flag on the principal in
the database if flag
is true.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setHardwareAuth(boolean flag) throws AFSAdminException
flag
is true.
Effectively sets the KRB5_KDB_REQUIRES_HW_AUTH flag on the principal in
the database if flag
is true.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic void setPasswordChange(boolean flag) throws AFSAdminException
flag
is true.
Effectively sets the KRB5_KDB_REQUIRES_PWCHANGE flag on the principal in
the database if flag
is true.flag
- the attribute flagAFSAdminException
- If an error occurs in the native codepublic int compareTo(K5User user)
user
- The K5User object to be compared to this K5User instancepublic int compareTo(Object obj)
compareTo(K5User)
public boolean equals(K5User otherUser)
K5User
objects are equal, based on their names.otherUser
- the user to testpublic String toString()
User
toString
in class Object
User
|
Java AFS Admin (jafsadm) API for OpenAFS | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |