Administrator use cases for user management
Posted by Giampiero Granatella
on 11th February, 2010
This is the third tutorial of the user management series. In this tutorial we'll investigate the main use cases for the user administrator.
Contents
To start, log on to the system as a member of the User Administrators group.
Creating a new user
To create a new user:
- Go downstairs.
- Click on the "User" tab and then on "Create".
- Enter the "login" and "email" fields, then click on the "Create" button.
- Portofino stores the new user in the database.
-
Portofino generates a random password. Also:
- If email sending is not configured (in portofino-custom.properties) the generated password is printed in plain-text on the screen (so the administrator can communicate it to the user).
- If email sending is configured, the generated password is sent automatically by email to the new user.
Resetting a password
Passwords are stored encrypted in the database. Nobody can retrieve them, but an administrator can reset a password, i.e., generate a new one for the user.
- Click on "User" and then select the desired user.
- Click on "reset password".
-
A new password is generated. Also:
- If email sending is not configured (in portofino-custom.properties) the generated password is printed in plain-text on the screen (so the administrator can communicate it to the user).
- If email sending is configured, the generated password is sent automatically by email to the new user.
Managing user states
Every user has a workflow associated through the attribute "State" (see the reference). Only users in the active state can log in.
There are two cases:
- When an administrator creates a user, this user is immediately active.
- For self-registered users, the workflow involves three states: registered, verified and active. The transition from registered to verified happens when the user acts upon the verification email. The transition from verified to active happens when an administrator explicitly approves the user. More details are discussed in the tutorial on user self-registration.
To activate a user click on the "Activate" button. User administrators can change the user state at any moment according to following workflow:
Appropriate transition buttons are presented for each state.
Managing user groups
To create a new user group:
- go upstairs,
- click on the Meta user groups tab,
- click on the create link.
- enter the group's name,
- click on the Create button to save.
When you do this, you create both a meta user group (upstairs) and a user group (downstairs): the two are automatically synchronized and whatever you do to one (create, update, delete) is reflected on the other. The purpose of having meta user groups and user groups is:
- Upstairs, modelers use meta user groups to define permissions.
- Downstairs, user administrators associate users to user groups.
To associate a user to a group:
- go downstairs,
- click on the Users tab, then select the user you want to associate,
- locate the Belongs to user groups section,
- click on the Connect to user groups,
- select a group from the pick list,
- finally click on the Create button.
Managing bounce messages
Sometimes sent emails cannot reach their destination, due to misspelled addresses, full mailboxes, spam filters, addresses that no longer exist, etc. The receiving email server can notify the sending email server by sending back a bounce message.
In this cases, Portofino warns the user, after a login, that his email address is bouncing. The user should verify his email account, take any actions to solve the problem, or change his email address in Portofino if necessary.
To activate this feature you have to configure a pop3 server, so incoming bounce messages can be read. The full configuration in portofino-custom.properties is the following (again we'll use a Gmail account for this example):
mail.pop3.host=pop.gmail.com mail.pop3.port=995 mail.pop3.login=your_account@gmail.com mail.pop3.password=your_password mail.pop3.ssl.enabled=true model.mail.bounce.enabled=true
Customize this example to you needs, e.g. pop3 port is usually 110 and ssl is usually disabled.
Further readings
Read the next tutorial on "Adding user self registration".
You can find the previous tutorials here: Part 1: Getting started with the user management , Part 2: Basic use cases.
Check the reference to see all the parameters for user management configuration in the portofino-custom.properties. This tutorial covers only the application managed users, if you're instered in container managed or SSO read Single Sign On Integration with Portofino - JOSSO.