User Management on Palmyra

UserPasswordRepository

Mon, 01 Jan 0001 00:00:00 +0000

UserPasswordRepository#

com.palmyralabs.palmyra.ext.usermgmt.repository.UserPasswordRepository

Overview#

Plain @Repository interface for reading and updating UserPasswordModel records — login, hashed password, salt, audit fields. Not a JpaRepository: the implementation is supplied by the module so consumers don’t depend on Spring Data’s method-derivation conventions.

Methods#

Method	Signature
`findByLoginName`	`UserPasswordModel findByLoginName(String loginName)` — look up by login name (no email fallback)
`update`	`void update(UserPasswordModel user)` — persist updated fields (password hash, salt, random token, counters)

Example#

Inject as usual — Spring picks up @Repository:

PasswordMgmtService

Mon, 01 Jan 0001 00:00:00 +0000

PasswordMgmtService#

com.palmyralabs.palmyra.ext.usermgmt.service.PasswordMgmtService

Overview#

Full-surface password lifecycle SPI — verify a credential, reset as admin, change as the user, force-change without the old password. Implementations typically also implement PasswordVerificationService for consumers that only need the verify operation.

Methods#

Method	Signature
`isValid`	`boolean isValid(UserPasswordModel model, String password)` — validate against an already-loaded user model (no extra DB round-trip)
`verifyPassword`	`boolean verifyPassword(String loginName, String password) throws Exception` — login-time verification by login name
`resetPassword`	`boolean resetPassword(ResetPasswordRequest request)` — admin-driven reset flow (typically delivers a reset token / temporary password)
`changePassword`	`boolean changePassword(ChangePasswordRequest request)` — end-user self-service; requires old password in the request
`forceChangePassword`	`boolean forceChangePassword(String loginName, String newPassword)` — bypasses the old-password check; admin / force-rotate flow

Design note#

isValid(UserPasswordModel, String) is the seam that lets LocalDBAuthenticationProvider pre-load the user model once and re-use it, avoiding a second findByLoginName call inside verifyPassword.

PasswordVerificationService

Mon, 01 Jan 0001 00:00:00 +0000

PasswordVerificationService#

com.palmyralabs.palmyra.ext.usermgmt.service.PasswordVerificationService

Overview#

Narrow “verify only” SPI. Useful when a component needs to check a credential but shouldn’t pull in the full reset / change / force-change surface of PasswordMgmtService.

PasswordMgmtService and PasswordVerificationService are independent interfaces — neither extends the other — but the common implementation class typically implements both. Depend on whichever is closer to what you actually need.

Methods#

Method	Signature
`verifyPassword`	`boolean verifyPassword(String loginName, String password) throws Exception`

Example#

@RestController
@RequiredArgsConstructor
public class SensitiveActionController {

    private final PasswordVerificationService passwords;

    @PostMapping("/account/delete")
    public ResponseEntity<?> deleteAccount(Principal who, @RequestBody ConfirmReq req) throws Exception {
        if (!passwords.verifyPassword(who.getName(), req.password())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        accountService.delete(who.getName());
        return ResponseEntity.noContent().build();
    }
}

LocalDBAuthenticationProvider

Mon, 01 Jan 0001 00:00:00 +0000

LocalDBAuthenticationProvider#

com.palmyralabs.palmyra.ext.usermgmt.security.LocalDBAuthenticationProvider

Overview#

Spring Security AuthenticationProvider backed by a local database. Wire it into your SecurityFilterChain and every UsernamePasswordAuthenticationToken is validated against the user_password table via UserPasswordRepository and PasswordMgmtService.

Annotated @Component, @Slf4j, @RequiredArgsConstructor — Lombok generates the constructor over the two final dependencies.

Dependencies#

Injected via the Lombok-generated constructor:

private final UserPasswordRepository userRepository;
private final PasswordMgmtService    userMgmtService;

Methods#

Method	Signature
`authenticate`	`Authentication authenticate(Authentication authentication) throws AuthenticationException`
`supports`	`boolean supports(Class<?> authentication)` — returns `true` unconditionally (accepts every `Authentication` subtype)

Behaviour — what `authenticate()` actually does#

Loads the user via userRepository.findByLoginName(authentication.getName()).
Reads authentication.getCredentials().
If both the credential and the user model are non-null, delegates to userMgmtService.isValid(userModel, cred.toString()).
On success — returns a new UsernamePasswordAuthenticationToken(name, "password", emptyAuthorities). Note:
- The credential stored in the returned token is the literal string "password", not the original credential.
- Authorities are always an empty HashSet<GrantedAuthority>; role mapping has to happen upstream (e.g. the ACL extension) or in your own UserDetailsService wrapper.
On any failure — returns the original authentication object unchanged rather than throwing BadCredentialsException. This deviates from the typical Spring Security contract; downstream filters must check isAuthenticated() themselves to detect auth failure.

User Management on Palmyra

UserPasswordRepository

UserPasswordRepository#

Overview#

Methods#

Example#

PasswordMgmtService

PasswordMgmtService#

Overview#

Methods#

Design note#

PasswordVerificationService

PasswordVerificationService#

Overview#

Methods#

Example#

LocalDBAuthenticationProvider

LocalDBAuthenticationProvider#

Overview#

Dependencies#

Methods#

Behaviour — what authenticate() actually does#

Wiring#

Behaviour — what `authenticate()` actually does#