Package org.alfresco.repo.security.sync

Interface UserRegistrySynchronizer

All Known Implementing Classes:
ChainingUserRegistrySynchronizer
public interface UserRegistrySynchronizer
A UserRegistrySynchronizer is responsible for synchronizing Alfresco's local user (person) and group (authority) information with one or more external sources (most typically LDAP directories).
Author:
dward

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    createMissingPerson(String username)
    Creates a person object for a successfully authenticated user who does not yet have a person object, if allowed to by configuration.
    Set<QName>
    getPersonMappedProperties(String username)
    Gets the set of property names that are auto-mapped for the user with the given user name.
    void
    synchronize(boolean forceUpdate, boolean isFullSync)
    Retrieves timestamped user and group information from configured external sources and compares it with the local users and groups last retrieved from the same sources.

  • Method Details

    • createMissingPerson

      boolean createMissingPerson(String username)
      Creates a person object for a successfully authenticated user who does not yet have a person object, if allowed to by configuration. Depending on configuration, may trigger a partial synchronize and/or create a new person with default settings.
      Parameters:
      username - the user name
      Returns:
      true, if a person is created

    • synchronize

      void synchronize(boolean forceUpdate, boolean isFullSync)
      Retrieves timestamped user and group information from configured external sources and compares it with the local users and groups last retrieved from the same sources. Any updates and additions made to those users and groups are applied to the local Alfresco copies. This process is always run in different transactions and threads.
      Parameters:
      forceUpdate - Should the complete set of users and groups be updated / created locally or just those known to have changed since the last sync? When true then all users and groups are queried from the user registry and updated locally. When false then each source is only queried for those users and groups modified since the most recent modification date of all the objects last queried from that same source.
      isFullSync - Should a complete set of user and group IDs be queried from the user registries in order to determine deletions? This parameter is independent of force as a separate query is run to process updates.

    • getPersonMappedProperties

      Set<QName> getPersonMappedProperties(String username)
      Gets the set of property names that are auto-mapped for the user with the given user name. These should remain read-only for the user in the UI.
      Returns:
      the person mapped properties