Sakai User Model

Owned by Former user (Deleted)
Last updated: Nov 07, 2006Version comment
2 min read

Definition

A User is used to model people who have access to a Sakai installation. Like many similar obects a User is a kind of Entity (entities used to be called resources in earlier versions of Sakai). All entities have a URL to access them, an identifier, and properties.

Mutable vs. Immutable

Methods used to access information about a user are separated from those used to modify data by a class called UserEdit that extends User.

Common Data Elements

The followin data elements are included the User object:

Element

Description

Email

The user's email address.

Display Name

The user's display name.

Sort Name

Name to use when sorting.

First Name

User's given name.

Last Name

User's family name.

Type

User type

Metadata

User metadata will (likely) be moved off to SakaiPerson, TBD.

The User Directory Service

The user directory service can be used to find a user given an id in various forms (UUID, reference, email name, etc.). It is responsible for managing and persisting Users in Sakai and is implemented against a directory system such as LDAP (hence the name). New users are created using the UserFactory.

The User Directory Provider

The user directory provider can be used to integrate the Sakai User service to external (enterprise) services. This is done using the following methods:

  • boolean authenticateUser(String id, UserEdit edit, String password);
  • boolean updateUserAfterAuthentication();
  • void destroyAuthentication();
  • boolean userExists(String id);
  • boolean getUser(UserEdit edit);
  • void getUsers(Collection users);
  • boolean findUserByEmail(UserEdit edit, String email);
  • boolean authenticateWithProviderFirst(String id);
  • boolean createUserRecord(String id);

Authentication

Authentication of a user is done based on evidence. Two kinds of evidence are currently supported, but others could be easily added. The primary one used is IdPwEvidence, which encapsulates a user id and password. These are passed to the Authentication Service that validates the user according to it's implementation.

Remote authentication is also supported by the User Directory Provider.

Preferences

This service allows a set of user preferences to be associated with a user id and managed as properties (keyword / value pairs).

Objects

The following objects are included in the Sakai user model:

User.java
UserDirectoryProvider.java
UserDirectoryService.java
UserEdit.java
UserFactory.java
UsersShareEmailUDP.java

The following objects are also included in the user module for Sakai 2.2:

Authentication.java
AuthenticationManager.java
Evidence.java
ExternalTrustedEvidence.java
IdPwEvidence.java
Preferences.java
PreferencesEdit.java
PreferencesService.java

SakaiPerson is also mentioned in some documentation, but is not present in the release. Likely this will be inluded in a future build.

Exceptions moved or added for 2.2:

AuthenticationException.java
AuthenticationFailedException.java
AuthenticationUnknownException.java
UserAlreadyDefinedException.java
UserIdInvalidException.java
UserLockedException.java
UserNotDefinedException.java
UserPermissionException.java

See also: Using the UserDirectoryService.