This class maps a key to a User. The keys should be obtained from X509 certificates. Use X509Users.GetLookupKey() go get a standard key from a certificate.
Comment.property Enabled as Security.Datatype.BooleanYN [ InitialExpression = 1 ];
Allow to log in via this key.property LookupKey as %String(MAXLEN=256) [ Required ];
0 - Disable login.
1 - Enable login.
Comment.property Username as %Library.Username;
UserName to be logged in as.
Copy an X509User.classmethod Create(LookupKey As %String, Username As %String, Enabled As %Boolean, Comment As %String) as %Status
Copy an existing X509User in the Security database to a new one.
LookupKey - LookupKey of the X509User to be copied.
NewLookupKey - LookupKey of the X509User to be created.
Create a X509User.classmethod Delete(LookupKey As %String) as %Status
Create a X509User in the Security database.
There are 2 ways to call this method and pass the parameters:
Where Properties are contained in an array subscripted by property name, passed by reference. See the Get() method for a description of the Properies array. Valid properties for the Create() method are described below, other values are ignored.
LookupKey - Key used to lookup Username UserName - Name of the user associated with this key
Enabled - 0/1, account is disabled/enabled
Comment - Comment
Delete an X509User.classmethod Exists(LookupKey As %String, ByRef X509User As %ObjectHandle, ByRef Status As %Status) as %Boolean
This method will delete a User from the security database.
LookupKey - Key to delete
X509 User exists.classmethod Export(FileName As %String = "X509UsersExport.xml", ByRef NumExported As %Integer = 0, LookupKeys As %String = "*", Usernames As %String = "*") as %Status
This method checks for the existence of a user in the security database.
LookupKey - Lookup key of the user to check existence of
Requires the %Admin_Secure:USE privilege to change the $USERNAME value.
If Value of the method = 0 (User does not exist, or some error occured)
User = Null
Status = User "x" does not exist, or other error message
If Value of the method = 1 (User exists)
User = Object handle to user
Status = User "x" already exists
This method exports X509User records to a file in xml format.classmethod Get(LookupKey As %String, ByRef Properties As %String) as %Status
Filename - Output file name
NumExported (byref) - Returns number of records exported.
LookupKeys - Comma separated list of Keys to export, "*" = All
Usernames - Comma separated list of Usernames, "*" = All. Export X509Users containing only these usernames
Get a X509User's properties.classmethod GetX509LookupKey(CredentialsCandidate As %String) as %String
Gets a X509User's properties from the security database.
Username - Name of the user to get
Properties - Array of properties
Properties("Comment") - Comment
Properties("Enabled") - 0=Disabled, 1=Enabled
Properties("LookupKey") - Key used to find Username
Properties("Username") - Name of associated user
Return the lookup key (SubjectDN) for an X509 Certificate.classmethod Import(FileName As %String = "X509UsersExport.xml", ByRef NumImported As %Integer, Flags As %Integer = 0) as %Status
There are four different ways this can be called where:
1) Certificate = DER Encoded X509 Certificate
2) Certificate = PEM Encoded X509 Certificate
3) Certificate = Alias of %SYS.X509Credentials object
4) Certificate = A %SYS.X509Credentials object
If the certificate cannot be found or is invalid, an empty string is returned.
Import User records from an xml file.classmethod Modify(LookupKey As %String, ByRef Properties As %String) as %Status
FileName - Filename to import User records from
NumImported (byref) - Returns number of records imported
Flags - Control import
Bit 0 - Do not import records, just return count
Note: On failure, no records will be imported
Modify a X509User's properties.
Modifies a X509User's properties from the security database.
LookupKey - Key of the X509User to modify
Properties - Array of properties to modify.
See the Get() method for a description of the Properties parameter.
If a specific property is not passed in the properties array, the value is not modified.
If a value is unchanged it is not set to prevent the property modified state from being set.
List all userkey records, brief display.
Keys - Comma separated list of userkeys, "*" = All
Usernames - Comma separated list of Usernames, "*"=ALL
Note: This query may change in future versions