Package oracle.iam.passwordmgmt.api

Interface PasswordMgmtService

public interface PasswordMgmtService
Provides common password management functionalities like
  • Create/Update/Delete Password Policies
  • Get description of the password policies
  • Validate given passwords against the applicable Password Policy
  • Get description of the password policy applicable to user/organization
Author:
nihashar

  • Method Details

    • resetPassword

      @Deprecated void resetPassword(String userID)
      Deprecated.
      This method is not longer supported. The preferred way to do this is via UserManager.resetPassword(String,boolean)
      Resets the password of an user to a randomly generated password. As part of the password reset, a notification is sent to the user regarding the new password
      NOTE: The email attribute of the user must be set for reset password to work
      Parameters:
      userID - the userID of the user whose password is to be reset.
      See Also:

    • resetPassword

      @Deprecated void resetPassword(String userID, Map<String,Object> controls)
      Deprecated.
      This method is not longer supported. The preferred way to do this is via UserManager.resetPassword(String,boolean,Map)
      Resets the password of an user to a randomly generated password. As part of the password reset, a notification is sent to the user regarding the new password. It takes a Map of control parameters to perform additional operation along with reset pasword.
      NOTE: The email attribute of the user must be set for reset password to work
      Parameters:
      userID - the userID of the user whose password is to be reset.
      controls - This Map contains control parameters used for performing additional opreration along with reset password.
      Supported Control Parameters:
      • SendNotification - Boolean flag whether to send notification or not.
      • SendNotificationTo - Comma separated email address.
      See Also:

    • validatePasswordAgainstPolicy

      ValidationResult validatePasswordAgainstPolicy(char[] password, String userID, Locale locale)
      Validates the given password against the applicable Password Policy
      Used in following scenarios
      • Validating the password entered by the user while changing his/her password
      • Validating the password entered by a delegated admin while changing the password of the user
      Parameters:
      password - the password to be validated, should not be null
      userID - the User Login of the user, should not be null. Password will be validated against this user's applicable password policy
      locale - the locale in which validation errors will be translated in case of password validation failure. If locale is null, It will return result in Server's default locale.
      Returns:
      a ValidationResult containing the result of the validation
      Throws:
      NullPointerException - if null userID or password is passed This object contains the validation status (success/failure) and the validation errors, if any

    • validatePasswordAgainstPolicy

      ValidationResult validatePasswordAgainstPolicy(char[] password, String userID, Locale locale, boolean isUserLogin)
      Validates the given password against the applicable Password Policy
      Used in the following scenarios
      • Validating the password entered by the user while changing his/her password
      • Validating the password entered by a delegated admin while changing the password of the user
      Parameters:
      password - the password to be validated, should not be null
      userID - The id of the user whose password is to be changed. The isUserLogin flag will decide where userID contains the user login or the entity ID. Password will be validated against this user's applicable password policy
      locale - the locale in which validation errors will be translated in case of password validation failure. If locale is null, It will return result in Server's default locale.
      isUserLogin - Set to true if the userID contains user login and false if the userID contains entity ID.
      Returns:
      a ValidationResult containing the result of the validation
      Throws:
      NullPointerException - if null userID or password is passed This object contains the validation status (success/failure) and the validation errors, if any

    • validatePasswordAgainstPolicy

      ValidationResult validatePasswordAgainstPolicy(char[] password, User user, Locale locale)
      Validates the password of a new user against the default policy, if user.getEntityId() is null Validates the password of a existing user against the applicable policy, if user.getEntityId() is not null
      Parameters:
      password - the password to be validated
      user - the user's attributes information typically requires firstName, lastName and user login. User ID to be set for existing users.
      locale - the locale in which validation errors will be translated in case of password validation failure. If locale is null, It will return result in Server's default locale.
      Returns:
      a ValidationResult object containing the result of the validation.
      Throws:
      NullPointerException - if null password is passed

    • validatePasswordAgainstDefaultPolicy

      ValidationResult validatePasswordAgainstDefaultPolicy(char[] password, User user, Locale locale)
      Validates the password of a new user against the default policy
      Used in following scenarios
      • Self Registration
      • Creation of user by Delegated Admin
      Parameters:
      password - the password to be validated
      user - the user's attributes information typically requires firstName, lastName and user login
      locale - the locale in which validation errors will be translated in case of password validation failure. If locale is null, It will return result in Server's default locale.
      Returns:
      a ValidationResult object containing the result of the validation.
      Throws:
      NullPointerException - if null password is passed

    • getApplicablePasswordPolicyDescription

      PasswordPolicyDescription getApplicablePasswordPolicyDescription(User user)
      Returns the description of the password policy applicable to the user
      Parameters:
      user - , the user's attributes information typically requires firstName, lastName and user login
      Returns:
      PasswordPolicyDescription the description of the PasswordPolicy

    • getApplicablePasswordPolicyDescription

      PasswordPolicyDescription getApplicablePasswordPolicyDescription(String userID)
      Returns the description of the password policy applicable to the user
      Parameters:
      userID - the user login of the existing user
      Returns:
      PasswordPolicyDescription the description of the PasswordPolicy

    • getApplicablePasswordPolicyDescription

      PasswordPolicyDescription getApplicablePasswordPolicyDescription(String userID, Locale locale)
      Returns the description of the password policy applicable to the user.
      Parameters:
      userID - the user login of the user
      locale - the locale in which password policy description is required. If locale is null, It will return result in Server's default locale.
      Returns:
      PasswordPolicyDescription the description of the PasswordPolicy

    • getSystemDefaultPolicyDescription

      PasswordPolicyDescription getSystemDefaultPolicyDescription(Locale locale)
      Gets the system default policy description
      Parameters:
      locale - the locale in which password policy description is required. If locale is null, It will return result in Server's default locale.
      Returns:
      PasswordPolicyDescription the description of the system wide default PasswordPolicy

    • create

      PasswordPolicyInfo create(PasswordPolicyInfo passwordPolicyInfo)
      Create a new Password Policy
      Parameters:
      passwordPolicyInfo - This VO contains the details of the Password Policy to be created
      Returns:
      PasswordPolicyInfo The information of the password policy created

    • getDetails

      PasswordPolicyInfo getDetails(String passwordPolicyName)
      Get the details of specified Password Policy by Name
      Parameters:
      passwordPolicyName - The unique Name of the required password policy
      Returns:
      PasswordPolicyInfo The VO containing the details of the recieved policy

    • update

      void update(PasswordPolicyInfo passwordPolicyInfo)
      Update the attributes of the Password Policy specified. Ensure to set either name or id of the password policy.
      Parameters:
      passwordPolicyInfo - This VO contains the details to be updated for the Password Policy

    • delete

      void delete(String passwordPolicyName)
      Delete the Password Policy
      Parameters:
      passwordPolicyName - The unique Name of the password policy to be deleted
      Throws:
      Exception

    • search

      List<PasswordPolicyInfo> search(SearchCriteria criteria)
      Search for the list of policies having a specified search criteria
      Parameters:
      criteria - This VO contains the search criteria
      Returns:
      List<PasswordPolicyInfo> A list of the password policies matching the search criteria

    • search

      List<PasswordPolicyInfo> search(SearchCriteria criteria, Map<String,Object> controlParams)
      Search for the list of policies having a specified search criteria
      Parameters:
      criteria - This VO contains the search criteria
      controlParams - Parameters to configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.

      The STARTROW and ENDROW parameters indicates which subset of the complete search result is to be fetched.

      The SORTEDBY parameter indicates the attribute on which search result is to be sorted. There is no default sorting. Attribute names for PasswordPolicy (given at oracle.iam.passwordmgmt.vo.Constants$Attributes) can be used for this parameter - pwr_name, pwr_key, etc

      The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING. This parameter is operational only when SORTEDBY is set.

      Returns:
      List<PasswordPolicyInfo> A list of the password policies matching the search criteria

    • getApplicablePasswordPolicyDescription

      PasswordPolicyDescription getApplicablePasswordPolicyDescription(String userID, String appInstance) throws NoSuchPasswordPolicyException
      Returns the description of the password policy applicable to the specific account
      Parameters:
      userID - the User Login of the user who is getting provision for this account, should not be null.
      appInstance - name the application instance name to be provisioned
      Returns:
      the description of the PasswordPolicy
      Throws:
      NoSuchPasswordPolicyException - if failed to get appInstance details.

    • getApplicablePasswordPolicyDescription

      PasswordPolicyDescription getApplicablePasswordPolicyDescription(String userID, String appInstance, Locale locale) throws NoSuchPasswordPolicyException
      Returns the description of the password policy applicable to the specific account
      Parameters:
      userID - the User Login of the user who is getting provision for this account, should not be null.
      appInstance - name the application instance name to be provisioned
      locale - the locale in which password policy description is required. If locale is null, It will return result in Server's default locale.
      Returns:
      the description of the PasswordPolicy
      Throws:
      NoSuchPasswordPolicyException - if failed to get appInstance details.

    • validatePasswordAgainstPolicy

      ValidationResult validatePasswordAgainstPolicy(char[] password, User user, String appInstance, Locale locale)
      Validates the password of a new account against the applicable policy
      Parameters:
      password - the password to be validated
      user - the user's attributes information
      appInstance - name the application instance name to be provisioned
      locale - the locale in which validation errors will be translated in case of password validation failure. If locale is null, It will return result in Server's default locale.
      Returns:
      a ValidationResult object containing the result of the validation.
      Throws:
      NullPointerException - if null password is passed

    • validatePasswordAgainstPolicy

      ValidationResult validatePasswordAgainstPolicy(char[] password, User user, String appInstance, Locale locale, long oiuKey)
      Validates the password of a new account against the applicable policy
      Parameters:
      password - the password to be validated
      user - the user's attributes information
      appInstance - name the application instance name to be provisioned
      locale - the locale in which validation errors will be translated
      oiuKey - in case of password validation failure. If locale is null, It will return result in Server's default locale.
      Returns:
      a ValidationResult object containing the result of the validation.
      Throws:
      NullPointerException - if null password is passed

    • getPasswordPolicyDescriptionForOrg

      PasswordPolicyDescription getPasswordPolicyDescriptionForOrg(String orgKey, Locale locale)
      Returns the applicable password policy for the Organization.
      Parameters:
      orgKey - - the key of the organization
      locale - - the locale in which password policy description is required. If locale is null, It will return result in Server's default locale.
      Returns:
      PasswordPolicyDescription the description of PasswordPolicy attached to org

    • validatePasswordAgainstPolicyForOrg

      ValidationResult validatePasswordAgainstPolicyForOrg(String orgKey, User user, char[] password, Locale locale)
      Validate Passowrd against applicable Password policy of the org
      Parameters:
      orgKey - - the key of the organization
      user - - the user for which password is to be validated
      password - - the password to be validated
      locale - - the locale in which validation result is required. If locale is null, It will return result in Server's default locale.
      Returns:
      a ValidationResult object containing the result of the validation.

    • getApplicablePasswordPolicy

      PasswordPolicyInfo getApplicablePasswordPolicy(String userId)
      Returns the password policy info applicable to the user
      Parameters:
      userId - the user login of the existing user. If user login is null, default system password policy is returned. userId is treated as user-login. To fetch the applicable password policy for a given id(user-key) please use
      Returns:
      PasswordPolicyInfo the PasswordPolicyInfo applicable to the user
      See Also:

    • getApplicablePasswordPolicy

      PasswordPolicyInfo getApplicablePasswordPolicy(String userId, Boolean isUserLogin)
      Returns the password policy info applicable to the user
      Parameters:
      userId - the userID of the existing user. If userId is null, default system password policy is returned.
      isUserLogin - the flag decides whether userID contains the user login(if true) or the entity ID (if false).
      Returns:
      PasswordPolicyInfo the PasswordPolicyInfo applicable to the user
      See Also:

    • getApplicablePasswordPolicyForOrg

      PasswordPolicyInfo getApplicablePasswordPolicyForOrg(String orgID)
      Returns the password policy info applicable to the org
      Parameters:
      orgID - the organization id for which password policy needs to be returned
      Returns:
      PasswordPolicyInfo the PasswordPolicyInfo applicable to the org

    • getApplicableDefaultChallengeQuestions

      Map<String,String> getApplicableDefaultChallengeQuestions(String username, Boolean isUserLogin, Locale locale)
      Returns the localized challenge questions that are available in the system based on the passed locale .
      Parameters:
      userId - the userID of the existing user
      isUserLogin - the flag decides whether userID contains the user login(if true) or the entity ID (if false).
      locale - the locale in which challenge questions are required.
      Returns:
      A map of String keys (representing Challenge Questions in english) and String values (representing localized challenge questions) returns empty map if challenge policy is disabled