Package org.yamcs.security
Class Directory
java.lang.Object
org.yamcs.security.Directory
Stores user, group and application information in the Yamcs database.
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addServiceAccount
(ServiceAccount service) Creates a new service account.void
void
changePassword
(User user, char[] password) void
deleteGroup
(Group group) void
deleteServiceAccount
(ServiceAccount service) void
deleteUser
(User user) getAccount
(String name) getAccountForApplication
(String applicationId) getRoles()
getServiceAccount
(String name) getUser
(long id) getUsers()
void
renameGroup
(String from, String to) void
void
updateGroupProperties
(Group group) void
updateUserProperties
(User user) boolean
validateApplicationPassword
(String applicationId, char[] password) Validates the provided password against the stored password hash of an application.boolean
validateUserPassword
(String username, char[] password) Validates the provided password against the stored password hash of a user.
-
Field Details
-
ID_START
public static final long ID_START- See Also:
-
-
Constructor Details
-
Directory
- Throws:
InitException
-
-
Method Details
-
addUser
- Throws:
IOException
-
updateUserProperties
-
deleteUser
- Throws:
IOException
-
addGroup
-
renameGroup
-
updateGroupProperties
-
deleteGroup
-
addServiceAccount
Creates a new service account. The service account is assumed to represent one application only, for which automatically generated credentials are returned. These may be used to identify as that application, for example to generate access tokens.- Throws:
IOException
-
deleteServiceAccount
-
updateApplicationProperties
-
validateUserPassword
Validates the provided password against the stored password hash of a user.- Returns:
- true if the password is correct, false otherwise
-
validateApplicationPassword
Validates the provided password against the stored password hash of an application.Currently this is only functional for service accounts (which map to one and only one application), but some day we may also want to support user applications.
-
changePassword
-
getAccount
-
getUser
-
getUser
-
getUsers
-
getAccountForApplication
-
getGroup
-
getGroups
-
getGroups
-
getServiceAccount
-
getServiceAccounts
-
getRoles
-
getRole
-