Overview  Package   Class  Tree  Deprecated  Index  Help 
Esri Geoportal Server
1.2.9
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.esri.gpt.framework.security.identity.agp
Class PortalIdentityAdapter

java.lang.Object
  extended by com.esri.gpt.framework.security.identity.IdentityAdapter
      extended by com.esri.gpt.framework.security.identity.agp.PortalIdentityAdapter

public class PortalIdentityAdapter
extends IdentityAdapter

Identity adapter when using ArcGIS Online or Portal as the identity store.

gpt.xml configuration:

element: /gptConfig/identity/arcgisPortalAdapter

attribute appId: application id (Geoportal app registered at ArcGIS Online or Portal)

attribute authorizeUrl: OAuth2 authorize url (e.g. https://www.arcgis.com/sharing/oauth2/authorize)

attribute expirationMinutes: token expiration minutes

attribute gptAdministratorsGroupId: group id for Geoportal administrators (optional)

attribute gptPublishersGroupId: group id for Geoportal publishers (optional)

attribute allUsersCanPublish: true or false, if true all authenticated users can publish items to Geoportal

Self-care: registration, password change, etc will not be provided by Geoportal

The metadataAccessPolicy should be: <metadataAccessPolicy type="unrestricted"/>

Harvesting related e-mails will not be sent.

Field Summary
static boolean AllUsersCanPublish
           
static String AppId
           
static String AuthorizeUrl
           
static int ExpirationMinutes
           
static String GptAdministratorsGroupId
           
static String GptPublishersGroupId
           
 
Constructor Summary
PortalIdentityAdapter()
          Default constructor.
 
Method Summary
 void addUserToRole(User user, String role)
          Adds user to role.
 void authenticate(User user)
          Authenticates a user.
 void changePassword(User user, ChangePasswordCriteria criteria)
          Changes the password for a user.
 String getAppId()
          Gets the application id (the app id registered at ArcGIS Online or Portal for ArcGIS)
 String getAuthorizeUrl()
          Gets the OAuth2 authorize url.
 int getExpirationMinutes()
          Gets the token expiration minutes.
 Users readGroupMembers(String groupDN)
          Reads the members of a group.
 void readUserGroups(User user)
          Reads the groups to which a user belongs.
 void readUserProfile(User user)
          Reads the profile attributes for a user.
 User recoverPassword(RecoverPasswordCriteria criteria)
          Recovers a user password.
 void registerUser(User user)
          Registers a new user.
 void updateUserProfile(User user)
          Updates the profile attributes for a user.
 void validateOAuthResponseToken(String token, String username)
          Validates the OAuth2 response token and establishes a server side session.
 
Methods inherited from class com.esri.gpt.framework.security.identity.IdentityAdapter
addAttribute, addUserToGroup, deleteUser, getApplicationConfiguration, getRequestContext, readGroups, readUsers, removeAttribute, removeUserFromGroup, setApplicationConfiguration, setRequestContext, throwNotSupportedException
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

AppId

public static String AppId

AuthorizeUrl

public static String AuthorizeUrl

ExpirationMinutes

public static int ExpirationMinutes

GptPublishersGroupId

public static String GptPublishersGroupId

GptAdministratorsGroupId

public static String GptAdministratorsGroupId

AllUsersCanPublish

public static boolean AllUsersCanPublish
Constructor Detail

PortalIdentityAdapter

public PortalIdentityAdapter()
Default constructor.

Method Detail

getAppId

public String getAppId()
Gets the application id (the app id registered at ArcGIS Online or Portal for ArcGIS)

Returns:
the app id

getAuthorizeUrl

public String getAuthorizeUrl()
Gets the OAuth2 authorize url.

Returns:
the authorize url

getExpirationMinutes

public int getExpirationMinutes()
Gets the token expiration minutes.

Returns:
the expiration minutes

addUserToRole

public void addUserToRole(User user,
                          String role)
                   throws CredentialPolicyException,
                          IdentityException,
                          NamingException,
                          SQLException
Adds user to role.

Overrides:
addUserToRole in class IdentityAdapter
Parameters:
user - the subject user
role - the subject role
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

authenticate

public void authenticate(User user)
                  throws CredentialsDeniedException,
                         IdentityException,
                         SQLException
Authenticates a user.

Overrides:
authenticate in class IdentityAdapter
Parameters:
user - the subject user
Throws:
CredentialsDeniedException - if credentials are denied
IdentityException - if a system error occurs preventing authentication
SQLException - if a database communication exception occurs

changePassword

public void changePassword(User user,
                           ChangePasswordCriteria criteria)
                    throws CredentialsDeniedException,
                           CredentialPolicyException,
                           IdentityException,
                           NamingException,
                           SQLException
Changes the password for a user.

Overrides:
changePassword in class IdentityAdapter
Parameters:
user - the subject user
criteria - the criteria associated with the password change
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs
CredentialsDeniedException

readGroupMembers

public Users readGroupMembers(String groupDN)
                       throws IdentityException,
                              NamingException,
                              SQLException
Reads the members of a group.

Overrides:
readGroupMembers in class IdentityAdapter
Parameters:
groupDN - the distinguished name for the group
Returns:
the collection of users belonging to the group
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

readUserGroups

public void readUserGroups(User user)
                    throws IdentityException,
                           NamingException,
                           SQLException
Reads the groups to which a user belongs.

Overrides:
readUserGroups in class IdentityAdapter
Parameters:
user - the subject user
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

readUserProfile

public void readUserProfile(User user)
                     throws IdentityException,
                            NamingException,
                            SQLException
Reads the profile attributes for a user.

Overrides:
readUserProfile in class IdentityAdapter
Parameters:
user - the subject user
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

recoverPassword

public User recoverPassword(RecoverPasswordCriteria criteria)
                     throws IdentityException,
                            NamingException,
                            SQLException
Recovers a user password.

Overrides:
recoverPassword in class IdentityAdapter
Parameters:
criteria - the criteria associated with the password recovery
Returns:
the user associated with the recovered credentials (null if no match)
Throws:
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

registerUser

public void registerUser(User user)
                  throws CredentialPolicyException,
                         IdentityException,
                         NamingException,
                         SQLException
Registers a new user.

Overrides:
registerUser in class IdentityAdapter
Parameters:
user - the subject user
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

updateUserProfile

public void updateUserProfile(User user)
                       throws CredentialPolicyException,
                              IdentityException,
                              NamingException,
                              SQLException
Updates the profile attributes for a user.

Overrides:
updateUserProfile in class IdentityAdapter
Parameters:
user - the subject user
Throws:
CredentialPolicyException - if the credentials are invalid
IdentityException - if a system error occurs preventing the action
NamingException - if an LDAP naming exception occurs
SQLException - if a database communication exception occurs

validateOAuthResponseToken

public void validateOAuthResponseToken(String token,
                                       String username)
Validates the OAuth2 response token and establishes a server side session.

Parameters:
token - the token
username - the username
Overview  Package   Class  Tree  Deprecated  Index  Help 
Esri Geoportal Server
1.2.9
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2011 Environmental Systems Research Institute. All rights reserved. Use is subject to license terms.