Show TOC

User Management Functions for UsersLocate this document in the navigation structure

Prerequisites

  • You have referenced the user management development component tc/je/usermanagement/api in your project.

    More information: Defining Development Component Dependencies .

  • For any functions that require write access to attributes, you have configured the relevant data sources of the UME for read-write access.

Context

This section provides an example of how to add user management functions for users. This section demonstrates the following functions:

  • Creating users

  • Editing user attributes

  • Searching for users

  • Displaying users

  • Deleting users

For information about user assignment, see the relevant group and role sections.

User and User Account

User management data is divided between two principals: user and user account. Through this division, the user management engine (UME) achieves the separation of master record data from system-specific logon data. The user master record includes information such as first name, last name, and e-mail address. The logon data includes information such as the password, password history, and account validity. Each principal has its own factory, which you must address separately.

More information:

SAP Help Portal: Logical Attributes .

User Mapping

User mapping enables users to log on to back-end systems using the user credentials stored for the user by the UME. This enables the user to use Single Sign-On.

Recommendation

While the IUserMapping and IUserMappingData interfaces are part of the UME API, we recommend that you use the destination service to enable back-end communication for your application.

More information:

Procedure

  1. Import the required interfaces: com.sap.security.api.* .
  2. Get the required factories.

    Use the following table to determine the factories you need.

    Factory

    When Required

    Method to Get

    IGroupFactory

    To assign users to groups

    getGroupFactory()

    IPrincipalFactory

    To access user or user account attributes not directly available through the user or user account factories or to use simple search

    getPrincipalFactory()

    IRoleFactory

    To assign users to roles

    getRoleFactory()

    IUserAccountFactory

    To access user account attributes

    getUserAccountFactory()

    IUserFactory

    Always

    getUserFactory()

  3. Add methods for the required functions.

Example

This code example provides a framework for you to plug in the example code from the users tasks in the sections that follow. This class imports the required interfaces, sets up the user management methods, and gets the required factories of the UME API.

            package com.example;



public class UserTest {
        
        public static void main() {
                init();
                

                

                

                        

                

                

                

                

        }               } 

        // TODO: Add the method for the group function you want to test.        
        
        // ----------------------------------------------------------------------------
        
        /*
         * You only need the principal factory for reading and editing user attributes.
         */
        
        static IUserFactory userFactory;
        static IUserAccountFactory userAccountFactory;
        static IPrincipalFactory principalFactory;
                
        public static void init() {
                // Get the factories.
                

                

                

        }

}