1 package org.apache.archiva.redback.rest.services;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import net.sf.ehcache.CacheManager;
23 import org.apache.archiva.redback.authentication.AuthenticationException;
24 import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
25 import org.apache.archiva.redback.components.cache.Cache;
26 import org.apache.archiva.redback.configuration.UserConfiguration;
27 import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
28 import org.apache.archiva.redback.integration.mail.Mailer;
29 import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
30 import org.apache.archiva.redback.keys.AuthenticationKey;
31 import org.apache.archiva.redback.keys.KeyManager;
32 import org.apache.archiva.redback.keys.KeyManagerException;
33 import org.apache.archiva.redback.keys.KeyNotFoundException;
34 import org.apache.archiva.redback.policy.AccountLockedException;
35 import org.apache.archiva.redback.policy.MustChangePasswordException;
36 import org.apache.archiva.redback.policy.PasswordEncoder;
37 import org.apache.archiva.redback.policy.UserSecurityPolicy;
38 import org.apache.archiva.redback.rbac.RBACManager;
39 import org.apache.archiva.redback.rbac.RbacManagerException;
40 import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
41 import org.apache.archiva.redback.rbac.UserAssignment;
42 import org.apache.archiva.redback.rest.api.model.ErrorMessage;
43 import org.apache.archiva.redback.rest.api.model.Operation;
44 import org.apache.archiva.redback.rest.api.model.Permission;
45 import org.apache.archiva.redback.rest.api.model.RegistrationKey;
46 import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;
47 import org.apache.archiva.redback.rest.api.model.Resource;
48 import org.apache.archiva.redback.rest.api.model.User;
49 import org.apache.archiva.redback.rest.api.model.UserRegistrationRequest;
50 import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
51 import org.apache.archiva.redback.rest.api.services.UserService;
52 import org.apache.archiva.redback.rest.services.utils.PasswordValidator;
53 import org.apache.archiva.redback.role.RoleManager;
54 import org.apache.archiva.redback.role.RoleManagerException;
55 import org.apache.archiva.redback.system.SecuritySystem;
56 import org.apache.archiva.redback.users.UserManager;
57 import org.apache.archiva.redback.users.UserNotFoundException;
58 import org.apache.commons.lang.StringUtils;
59 import org.slf4j.Logger;
60 import org.slf4j.LoggerFactory;
61 import org.springframework.stereotype.Service;
63 import javax.inject.Inject;
64 import javax.inject.Named;
65 import javax.mail.internet.AddressException;
66 import javax.mail.internet.InternetAddress;
67 import javax.servlet.http.HttpServletRequest;
68 import javax.ws.rs.core.Context;
69 import javax.ws.rs.core.Response;
70 import java.util.ArrayList;
71 import java.util.Arrays;
72 import java.util.Collection;
73 import java.util.List;
76 @Service( "userService#rest" )
77 public class DefaultUserService
78 implements UserService
81 private Logger log = LoggerFactory.getLogger( getClass() );
83 private static final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";
85 private UserManager userManager;
87 private SecuritySystem securitySystem;
90 private UserConfiguration config;
93 private RoleManager roleManager;
96 * cache used for user assignments
99 @Named( value = "cache#userAssignments" )
100 private Cache userAssignmentsCache;
103 * cache used for user permissions
106 @Named( value = "cache#userPermissions" )
107 private Cache userPermissionsCache;
110 * Cache used for users
113 @Named( value = "cache#users" )
114 private Cache usersCache;
117 private Mailer mailer;
120 @Named( value = "rBACManager#cached" )
121 private RBACManager rbacManager;
123 private HttpAuthenticator httpAuthenticator;
126 private PasswordValidator passwordValidator;
129 private HttpServletRequest httpServletRequest;
132 public DefaultUserService( @Named( value = "userManager#cached" ) UserManager userManager,
133 SecuritySystem securitySystem,
134 @Named( "httpAuthenticator#basic" ) HttpAuthenticator httpAuthenticator )
136 this.userManager = userManager;
137 this.securitySystem = securitySystem;
138 this.httpAuthenticator = httpAuthenticator;
142 public Boolean createUser( User user )
143 throws RedbackServiceException
148 org.apache.archiva.redback.users.User u = userManager.findUser( user.getUsername() );
151 throw new RedbackServiceException(
152 new ErrorMessage( "user " + user.getUsername() + " already exists" ) );
155 catch ( UserNotFoundException e )
157 //ignore we just want to prevent non human readable error message from backend :-)
158 log.debug( "user {} not exists", user.getUsername() );
162 if ( StringUtils.isEmpty( user.getUsername() ) )
164 throw new RedbackServiceException( new ErrorMessage( "username cannot be empty" ) );
167 if ( StringUtils.isEmpty( user.getFullName() ) )
169 throw new RedbackServiceException( new ErrorMessage( "fullName cannot be empty" ) );
172 if ( StringUtils.isEmpty( user.getEmail() ) )
174 throw new RedbackServiceException( new ErrorMessage( "email cannot be empty" ) );
177 org.apache.archiva.redback.users.User u =
178 userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
179 u.setPassword( user.getPassword() );
180 u.setLocked( user.isLocked() );
181 u.setPasswordChangeRequired( user.isPasswordChangeRequired() );
182 u.setPermanent( user.isPermanent() );
183 u.setValidated( user.isValidated() );
184 u = userManager.addUser( u );
185 if ( !user.isPasswordChangeRequired() )
187 u.setPasswordChangeRequired( false );
190 u = userManager.updateUser( u );
191 log.debug( "user {} created", u.getUsername() );
193 catch ( UserNotFoundException e )
195 throw new RedbackServiceException( e.getMessage() );
200 roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getPrincipal().toString() );
202 catch ( RoleManagerException rpe )
204 log.error( "RoleProfile Error: " + rpe.getMessage(), rpe );
205 throw new RedbackServiceException( new ErrorMessage( "assign.role.failure", null ) );
210 public Boolean deleteUser( String username )
211 throws RedbackServiceException
217 if ( rbacManager.userAssignmentExists( username ) )
219 UserAssignment assignment = rbacManager.getUserAssignment( username );
220 rbacManager.removeUserAssignment( assignment );
224 catch ( RbacManagerException e )
226 log.error( e.getMessage(), e );
227 throw new RedbackServiceException( e.getMessage() );
231 userManager.deleteUser( username );
234 catch ( UserNotFoundException e )
236 log.error( e.getMessage(), e );
237 throw new RedbackServiceException( e.getMessage() );
241 removeFromCache( username );
246 public User getUser( String username )
247 throws RedbackServiceException
251 org.apache.archiva.redback.users.User user = userManager.findUser( username );
252 return getSimpleUser( user );
254 catch ( UserNotFoundException e )
260 public List<User> getUsers()
261 throws RedbackServiceException
263 List<org.apache.archiva.redback.users.User> users = userManager.getUsers();
264 List<User> simpleUsers = new ArrayList<User>( users.size() );
266 for ( org.apache.archiva.redback.users.User user : users )
268 simpleUsers.add( getSimpleUser( user ) );
274 public Boolean updateMe( User user )
275 throws RedbackServiceException
277 // check username == one in the session
278 RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
279 if ( redbackRequestInformation == null || redbackRequestInformation.getUser() == null )
281 throw new RedbackServiceException( new ErrorMessage( "you must be logged to update your profile" ),
282 Response.Status.FORBIDDEN.getStatusCode() );
286 throw new RedbackServiceException( new ErrorMessage( "user parameter is mandatory" ),
287 Response.Status.BAD_REQUEST.getStatusCode() );
289 if ( !StringUtils.equals( redbackRequestInformation.getUser().getUsername(), user.getUsername() ) )
291 throw new RedbackServiceException( new ErrorMessage( "you can update only your profile" ),
292 Response.Status.FORBIDDEN.getStatusCode() );
295 if ( StringUtils.isEmpty( user.getPreviousPassword() ) )
297 throw new RedbackServiceException( new ErrorMessage( "previous password is empty" ),
298 Response.Status.BAD_REQUEST.getStatusCode() );
301 User realUser = getUser( user.getUsername() );
304 String previousEncodedPassword =
305 securitySystem.getUserManager().findUser( user.getUsername() ).getEncodedPassword();
307 // check oldPassword with the current one
309 PasswordEncoder encoder = securitySystem.getPolicy().getPasswordEncoder();
311 if ( !encoder.isPasswordValid( previousEncodedPassword, user.getPreviousPassword() ) )
314 throw new RedbackServiceException( new ErrorMessage( "password.provided.does.not.match.existing" ),
315 Response.Status.BAD_REQUEST.getStatusCode() );
318 catch ( UserNotFoundException e )
320 throw new RedbackServiceException( new ErrorMessage( "user not found" ),
321 Response.Status.BAD_REQUEST.getStatusCode() );
323 // only 3 fields to update
324 realUser.setFullName( user.getFullName() );
325 realUser.setEmail( user.getEmail() );
326 // ui can limit to not update password
327 if ( StringUtils.isNotBlank( user.getPassword() ) )
329 passwordValidator.validatePassword( user.getPassword(), user.getUsername() );
331 realUser.setPassword( user.getPassword() );
334 updateUser( realUser );
339 public Boolean updateUser( User user )
340 throws RedbackServiceException
344 org.apache.archiva.redback.users.User rawUser = userManager.findUser( user.getUsername() );
345 rawUser.setFullName( user.getFullName() );
346 rawUser.setEmail( user.getEmail() );
347 rawUser.setValidated( user.isValidated() );
348 rawUser.setLocked( user.isLocked() );
349 rawUser.setPassword( user.getPassword() );
350 rawUser.setPasswordChangeRequired( user.isPasswordChangeRequired() );
351 rawUser.setPermanent( user.isPermanent() );
353 userManager.updateUser( rawUser );
356 catch ( UserNotFoundException e )
358 throw new RedbackServiceException( e.getMessage() );
362 public int removeFromCache( String userName )
363 throws RedbackServiceException
365 if ( userAssignmentsCache != null )
367 userAssignmentsCache.remove( userName );
369 if ( userPermissionsCache != null )
371 userPermissionsCache.remove( userName );
373 if ( usersCache != null )
375 usersCache.remove( userName );
378 CacheManager cacheManager = CacheManager.getInstance();
379 String[] caches = cacheManager.getCacheNames();
380 for ( String cacheName : caches )
382 if ( StringUtils.startsWith( cacheName, "org.apache.archiva.redback.rbac.jdo" ) )
384 cacheManager.getCache( cacheName ).removeAll();
391 public User getGuestUser()
392 throws RedbackServiceException
396 org.apache.archiva.redback.users.User user = userManager.getGuestUser();
397 return getSimpleUser( user );
399 catch ( Exception e )
405 public User createGuestUser()
406 throws RedbackServiceException
408 User u = getGuestUser();
413 // temporary disable policy during guest creation as no password !
416 securitySystem.getPolicy().setEnabled( false );
417 org.apache.archiva.redback.users.User user = userManager.createGuestUser();
418 user.setPasswordChangeRequired( false );
419 user = userManager.updateUser( user, false );
420 roleManager.assignRole( "guest", user.getPrincipal().toString() );
421 return getSimpleUser( user );
423 catch ( RoleManagerException e )
425 log.error( e.getMessage(), e );
426 throw new RedbackServiceException( e.getMessage() );
428 catch ( UserNotFoundException e )
430 // olamy I wonder how this can happen :-)
431 log.error( e.getMessage(), e );
432 throw new RedbackServiceException( e.getMessage() );
437 if ( !securitySystem.getPolicy().isEnabled() )
439 securitySystem.getPolicy().setEnabled( true );
444 public Boolean ping()
445 throws RedbackServiceException
450 private User getSimpleUser( org.apache.archiva.redback.users.User user )
456 return new User( user );
459 public Boolean createAdminUser( User adminUser )
460 throws RedbackServiceException
462 if ( isAdminUserExists() )
464 return Boolean.FALSE;
467 org.apache.archiva.redback.users.User user =
468 userManager.createUser( RedbackRoleConstants.ADMINISTRATOR_ACCOUNT_NAME, adminUser.getFullName(),
469 adminUser.getEmail() );
470 user.setPassword( adminUser.getPassword() );
472 user.setLocked( false );
473 user.setPasswordChangeRequired( false );
474 user.setPermanent( true );
475 user.setValidated( true );
477 userManager.addUser( user );
481 roleManager.assignRole( "system-administrator", user.getPrincipal().toString() );
483 catch ( RoleManagerException e )
485 throw new RedbackServiceException( e.getMessage() );
490 public Boolean isAdminUserExists()
491 throws RedbackServiceException
495 userManager.findUser( config.getString( "redback.default.admin" ) );
498 catch ( UserNotFoundException e )
502 return Boolean.FALSE;
505 public Boolean resetPassword( ResetPasswordRequest resetPasswordRequest )
506 throws RedbackServiceException
508 String username = resetPasswordRequest.getUsername();
509 if ( StringUtils.isEmpty( username ) )
511 throw new RedbackServiceException( new ErrorMessage( "username.cannot.be.empty" ) );
514 UserManager userManager = securitySystem.getUserManager();
515 KeyManager keyManager = securitySystem.getKeyManager();
516 UserSecurityPolicy policy = securitySystem.getPolicy();
520 org.apache.archiva.redback.users.User user = userManager.findUser( username );
522 AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request",
523 policy.getUserValidationSettings().getEmailValidationTimeout() );
525 String applicationUrl = resetPasswordRequest.getApplicationUrl();
526 if ( StringUtils.isBlank( applicationUrl ) )
528 applicationUrl = getBaseUrl();
531 mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl );
532 log.info( "password reset request for username {}", username );
534 catch ( UserNotFoundException e )
536 log.info( "Password Reset on non-existant user [{}].", username );
537 throw new RedbackServiceException( new ErrorMessage( "password.reset.failure" ) );
539 catch ( KeyManagerException e )
541 log.info( "Unable to issue password reset.", e );
542 throw new RedbackServiceException( new ErrorMessage( "password.reset.email.generation.failure" ) );
548 public RegistrationKey registerUser( UserRegistrationRequest userRegistrationRequest )
549 throws RedbackServiceException
551 User user = userRegistrationRequest.getUser();
554 throw new RedbackServiceException( new ErrorMessage( "invalid.user.credentials", null ) );
558 UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
560 boolean emailValidationRequired = securityPolicy.getUserValidationSettings().isEmailValidationRequired();
562 if ( emailValidationRequired )
564 validateCredentialsLoose( user );
568 validateCredentialsStrict( user );
571 // NOTE: Do not perform Password Rules Validation Here.
573 if ( userManager.userExists( user.getUsername() ) )
575 throw new RedbackServiceException(
576 new ErrorMessage( "user.already.exists", new String[]{ user.getUsername() } ) );
579 org.apache.archiva.redback.users.User u =
580 userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
581 u.setPassword( user.getPassword() );
582 u.setValidated( false );
583 u.setLocked( false );
587 roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getPrincipal().toString() );
589 catch ( RoleManagerException rpe )
591 log.error( "RoleProfile Error: " + rpe.getMessage(), rpe );
592 throw new RedbackServiceException( new ErrorMessage( "assign.role.failure", null ) );
595 if ( emailValidationRequired )
601 AuthenticationKey authkey =
602 securitySystem.getKeyManager().createKey( u.getPrincipal().toString(), "New User Email Validation",
603 securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );
605 String baseUrl = userRegistrationRequest.getApplicationUrl();
606 if ( StringUtils.isBlank( baseUrl ) )
608 baseUrl = getBaseUrl();
611 mailer.sendAccountValidationEmail( Arrays.asList( u.getEmail() ), authkey, baseUrl );
613 securityPolicy.setEnabled( false );
614 userManager.addUser( u );
615 return new RegistrationKey( authkey.getKey() );
618 catch ( KeyManagerException e )
620 log.error( "Unable to register a new user.", e );
621 throw new RedbackServiceException( new ErrorMessage( "cannot.register.user", null ) );
625 securityPolicy.setEnabled( true );
630 userManager.addUser( u );
631 return new RegistrationKey( "-1" );
634 // FIXME log this event
636 AuditEvent event = new AuditEvent( getText( "log.account.create" ) );
637 event.setAffectedUser( username );
643 public Boolean validateUserFromKey( String key )
644 throws RedbackServiceException
646 String principal = null;
649 AuthenticationKey authkey = securitySystem.getKeyManager().findKey( key );
651 org.apache.archiva.redback.users.User user =
652 securitySystem.getUserManager().findUser( authkey.getForPrincipal() );
654 user.setValidated( true );
655 user.setLocked( false );
656 user.setPasswordChangeRequired( true );
657 user.setEncodedPassword( "" );
659 principal = user.getPrincipal().toString();
661 TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();
662 authsource.setPrincipal( principal );
663 authsource.setToken( authkey.getKey() );
664 authsource.setEnforcePasswordChange( false );
666 securitySystem.getUserManager().updateUser( user );
668 httpAuthenticator.authenticate( authsource, httpServletRequest.getSession( true ) );
670 log.info( "account validated for user {}", user.getUsername() );
674 catch ( MustChangePasswordException e )
676 throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
678 catch ( KeyNotFoundException e )
680 log.info( "Invalid key requested: {}", key );
681 throw new RedbackServiceException( new ErrorMessage( "cannot.find.key" ) );
683 catch ( KeyManagerException e )
685 throw new RedbackServiceException( new ErrorMessage( "cannot.find.key.at.the.momment" ) );
688 catch ( UserNotFoundException e )
690 throw new RedbackServiceException( new ErrorMessage( "cannot.find.user", new String[]{ principal } ) );
693 catch ( AccountLockedException e )
695 throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
697 catch ( AuthenticationException e )
699 throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
703 public Collection<Permission> getCurrentUserPermissions()
704 throws RedbackServiceException
706 RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
707 String userName = UserManager.GUEST_USERNAME;
708 if ( redbackRequestInformation != null && redbackRequestInformation.getUser() != null )
710 userName = redbackRequestInformation.getUser().getUsername();
713 return getUserPermissions( userName );
716 public Collection<Operation> getCurrentUserOperations()
717 throws RedbackServiceException
719 RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
720 String userName = UserManager.GUEST_USERNAME;
721 if ( redbackRequestInformation != null && redbackRequestInformation.getUser() != null )
723 userName = redbackRequestInformation.getUser().getUsername();
726 return getUserOperations( userName );
729 public Collection<Operation> getUserOperations( String userName )
730 throws RedbackServiceException
732 Collection<Permission> permissions = getUserPermissions( userName );
733 List<Operation> operations = new ArrayList<Operation>( permissions.size() );
734 for ( Permission permission : permissions )
736 if ( permission.getOperation() != null )
738 Operation operation = new Operation();
739 operation.setName( permission.getOperation().getName() );
740 operations.add( operation );
746 public Collection<Permission> getUserPermissions( String userName )
747 throws RedbackServiceException
751 Set<org.apache.archiva.redback.rbac.Permission> permissions =
752 rbacManager.getAssignedPermissions( userName );
753 // FIXME return guest permissions !!
754 List<Permission> userPermissions = new ArrayList<Permission>( permissions.size() );
755 for ( org.apache.archiva.redback.rbac.Permission p : permissions )
757 Permission permission = new Permission();
758 permission.setName( p.getName() );
760 if ( p.getOperation() != null )
762 Operation operation = new Operation();
763 operation.setName( p.getOperation().getName() );
764 permission.setOperation( operation );
767 if ( p.getResource() != null )
769 Resource resource = new Resource();
770 resource.setIdentifier( p.getResource().getIdentifier() );
771 resource.setPattern( p.getResource().isPattern() );
772 permission.setResource( resource );
775 userPermissions.add( permission );
777 return userPermissions;
779 catch ( RbacObjectNotFoundException e )
781 log.error( e.getMessage(), e );
782 throw new RedbackServiceException( e.getMessage() );
784 catch ( RbacManagerException e )
786 log.error( e.getMessage(), e );
787 throw new RedbackServiceException( e.getMessage() );
791 public void validateCredentialsLoose( User user )
792 throws RedbackServiceException
794 RedbackServiceException redbackServiceException =
795 new RedbackServiceException( "issues during validating user" );
796 if ( org.codehaus.plexus.util.StringUtils.isEmpty( user.getUsername() ) )
798 redbackServiceException.addErrorMessage( new ErrorMessage( "username.required", null ) );
802 if ( !user.getUsername().matches( VALID_USERNAME_CHARS ) )
804 redbackServiceException.addErrorMessage( new ErrorMessage( "username.invalid.characters", null ) );
808 if ( org.codehaus.plexus.util.StringUtils.isEmpty( user.getFullName() ) )
810 redbackServiceException.addErrorMessage( new ErrorMessage( "fullName.required", null ) );
813 if ( org.codehaus.plexus.util.StringUtils.isEmpty( user.getEmail() ) )
815 redbackServiceException.addErrorMessage( new ErrorMessage( "email.required", null ) );
818 if ( !org.codehaus.plexus.util.StringUtils.equals( user.getPassword(), user.getConfirmPassword() ) )
820 redbackServiceException.addErrorMessage( new ErrorMessage( "passwords.does.not.match", null ) );
825 if ( !org.codehaus.plexus.util.StringUtils.isEmpty( user.getEmail() ) )
827 new InternetAddress( user.getEmail(), true );
830 catch ( AddressException e )
832 redbackServiceException.addErrorMessage( new ErrorMessage( "email.invalid", null ) );
834 if ( !redbackServiceException.getErrorMessages().isEmpty() )
836 throw redbackServiceException;
840 public void validateCredentialsStrict( User user )
841 throws RedbackServiceException
843 validateCredentialsLoose( user );
845 org.apache.archiva.redback.users.User tmpuser =
846 userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
848 user.setPassword( user.getPassword() );
850 securitySystem.getPolicy().validatePassword( tmpuser );
852 if ( ( org.codehaus.plexus.util.StringUtils.isEmpty( user.getPassword() ) ) )
854 throw new RedbackServiceException( new ErrorMessage( "password.required", null ) );
858 private String getBaseUrl()
860 if ( httpServletRequest != null )
862 if ( httpServletRequest != null )
864 return httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + (
865 httpServletRequest.getServerPort() == 80
867 : ":" + httpServletRequest.getServerPort() ) + httpServletRequest.getContextPath();
873 public Boolean unlockUser( String username )
874 throws RedbackServiceException
876 User user = getUser( username );
879 user.setLocked( false );
883 return Boolean.FALSE;
886 public Boolean lockUser( String username )
887 throws RedbackServiceException
889 User user = getUser( username );
892 user.setLocked( true );
896 return Boolean.FALSE;
899 public Boolean passwordChangeRequired( String username )
900 throws RedbackServiceException
902 User user = getUser( username );
905 user.setPasswordChangeRequired( true );
909 return Boolean.FALSE;
912 public Boolean passwordChangeNotRequired( String username )
913 throws RedbackServiceException
915 User user = getUser( username );
918 user.setPasswordChangeRequired( false );
922 return Boolean.FALSE;