User Account Web Service
Manages user accounts within Smart ID Digital Access storage. The account services requires that the supplied subject
belongs to a role that has been granted user account administrator and/or helpdesk privileges and that the accounts
being administrered is assigned to that role.
Endpoint Services
| Name |
add |
| Description |
Adds a new user account in Smart ID Digital Access storage.
|
| Input |
| subject |
a Subject representing the entity performing
the addition which must have user account administrator privileges.
|
| account |
an Account containing the properties for the
new account.
|
| linkToDirectory |
a boolean indicating if the new user account should be linked with a
corresponding user definition in a directory server. By linking an
account to a directory user definition the system can use information
from the directory user definition. A directory server must be available and
configured in Smart ID Digital Access storage before this can be enabled.
|
|
| Output |
A List<MapItem> containing any notification messages or
null if none was available.
|
| Since |
5.2 |
| Faults |
|
| Name |
enable |
| Description |
Sets the enabled state of an account for a given user identity.
|
| Input |
| subject |
a Subject representing the entity performing
the enable state change which must have user account administrator
privileges.
|
| username |
a string with the identity of a user account.
|
| newState |
a boolean, true to enable or false to disable account.
|
|
| Output |
None.
|
| Since |
5.2 |
| Faults |
|
| Name |
getAccount |
| Description |
Returns the account information for a given user identity.
|
| Input |
| subject |
a Subject representing the entity performing
the retrieval which must have user account administrator privileges.
|
| username |
a string with the identity of a user account.
|
|
| Output |
An Account object with the information for the account.
|
| Since |
5.2 |
| Faults |
|
| Name |
getLocked |
| Description |
Returns a list of strings with the user id's of all currently locked accounts.
|
| Input |
| subject |
a Subject representing the entity performing
the lookup which must have user account administrator privileges.
|
|
| Output |
A list of strings with the user id's of all locked accounts. If no account is locked an
empty list is returned.
|
| Since |
5.2 |
| Faults |
|
| Name |
isDefined |
| Description |
Checks whether an account is defined in Smart ID Digital Access storage for a given user.
|
| Input |
| subject |
a Subject representing the entity performing
the check which must have user account administrator privileges.
|
| username |
a string with the identity of a user account.
|
| type |
an integer constant defining the type of account.
Account types
| 1 |
Policy Service |
| 2 |
Authentication Service |
|
|
| Output |
A boolean, true if account is defined, false otherwise.
|
| Since |
5.2 |
| Faults |
|
| Name |
isLocked |
| Description |
Checks whether a user account has been locked.
|
| Input |
| subject |
a Subject representing the entity performing
the check which must have user account administrator or helpdesk
privileges.
|
| username |
a string with the identity of a user account.
|
| type |
an integer constant defining the type of account.
Account types
| 1 |
Policy Service |
| 2 |
Authentication Service |
|
|
| Output |
A boolean, true if account is locked, false otherwise.
|
| Since |
5.2 |
| Faults |
|
| Name |
link |
| Description |
Links an account to a corresponding user definition in directory server.
|
| Input |
| subject |
a Subject representing the entity performing
the linking which must have user account administrator privileges.
|
| username |
a string with the identity of a user account.
|
| overwrite |
a boolean indicating if an existing link should be overwritten or not.
|
|
| Output |
None.
|
| Since |
5.2 |
| Faults |
|
| Name |
remove |
| Description |
Removes all account references in Smart ID Digital Access storage for a given user identity.
|
| Input |
| subject |
a Subject representing the entity performing
the removal which must have user account administrator privileges.
|
| username |
a string with the identity of the user account to be removed.
|
|
| Output |
None.
|
| Since |
5.2 |
| Faults |
|
| Name |
reset |
| Description |
Resets the account logon retries for a given user identity.
|
| Input |
| subject |
a Subject representing the entity performing
the reset which must have user account administrator or helpdesk privileges.
|
| username |
a string with the identity of the user account to be reset.
|
| type |
an integer constant defining on which account type to perform the reset.
Account types
| 1 |
Policy Service |
| 2 |
Authentication Service |
|
|
| Output |
None.
|
| Since |
5.2 |
| Faults |
|
| Name |
unlink |
| Description |
Unlinks an account from a corresponding user definition in directory server.
|
| Input |
| subject |
a Subject representing the entity performing
the unlinking which must have user account administrator privileges.
|
| username |
a string with the identity of a user account.
|
|
| Output |
None.
|
| Since |
5.2 |
| Faults |
|
| Name |
unlock |
| Description |
Unlocks an account for a given user identity.
|
| Input |
| subject |
a Subject representing the entity performing
the unlock which must have user account administrator or helpdesk
privileges.
|
| username |
a string with the identity of a user account.
|
| type |
an integer constant defining the type of account.
Account types
| 1 |
Policy Service |
| 2 |
Authentication Service |
|
|
| Output |
None.
|
| Since |
5.2 |
| Faults |
|
| Name |
update |
| Description |
Updates an existing account reference in Smart ID Digital Access storage.
|
| Input |
| subject |
a Subject representing the entity performing
the update which must have user account administrator privileges.
|
| account |
an Account containing the new
properties for the account.
|
|
| Output |
A List<MapItem> containing any notification messages or
null if none was available.
|
| Since |
5.2 |
| Faults |
|
Java Example
The example shows how to manage user accounts. Error handling and authentication calls omitted.
public static final int PS_TYPE = 1;
public static final int AS_TYPE = 2;
...
UserAccountService locator = new UserAccountService();
UserAccount service = locator.getUserAccount();
boolean locked = service.isLocked(subject, "billy", PS_TYPE);
if (locked) {
service.unlock(subject, "billy", PS_TYPE);
}
service.reset(subject, "maria", PS_TYPE);
Account account = new Account();
GlobalAccess globalAccess = new GlobalAccess();
globalAccess.setLocked(false);
globalAccess.setMaxRetries(10);
globalAccess.setNumRetries(0);
account.setUserName("simon");
account.setDisplayName("Simon Says");
account.setEnabled(true);
account.setValidFrom(new Date().getTime());
account.setValidTo(account.getValidFrom() + (90 * 86400000L));
account.setGlobalAccess(globalAccess);
service.add(subject, account, true);
service.remove(subject, "joe");
Copyright © 1999-2023, Technology Nexus Secured Business Solutions AB. All rights reserved.