Method Detail

• updatePassword

  void updatePassword(String userID,
                    char[] oldPassword,
                    char[] newPassword)

  Updates the password stored for the user identified by userID. The oldPassword is authenticated as per usual and is replaced by the newPassword only (and atomically) on success.

  Parameters:

  userID - the ID of the user whose password is to be updated

  oldPassword - the user's current password attempt to verify against the stored password

  newPassword - the new password to replace the oldPassword

  Throws:

  SecurityException - on any failure to authenticate the oldPassword or validate and/or set the newPassword

• resetPassword

  void resetPassword(String adminID,
                   char[] adminPassword,
                   String userID,
                   char[] newPassword)

  Performs an administrative resets of the password stored for the user identified by userID. The adminID and adminPassword must authenticate to permit the userID's password to be set to the newPassword.

  Parameters:

  adminID - the ID of the administrator requesting the reset

  adminPassword - the administrator's password

  userID - the ID of the user whose password is to be reset

  newPassword - the new password to replace the user's old password

  Throws:

  SecurityException - on any failure to authenticate the oldPassword or validate and/or set the newPassword

• isAdministrator

  boolean isAdministrator(String userID)

  Queries whether a given user has administrative privileges.

  Parameters:

  userID - an user ID, which may or may not exist

  Returns:

  whether the userID exists and has administrative privileges