Skip to main content
Version: 2.75.x.x LTS

IdmCreateUserState

This AuthState is a processing AuthState.

This plug-in creates a nevisIDM user with the specified user attributes and user scope properties in the specified target unit.

TopicDescription
Classch.nevis.idm.authstate.IdmCreateUserState
LoggingIdmAuth
AuditingNone
MarkerNevisIDM:mutation
Propertiesuser.attribute. (String, -)
Define user attributes. The AuthState knows where to take the attribute input from. Note that every user attribute has to be declared as either optional or mandatory by adding it to the property user.attributes.optional resp. user.attributes.mandatory (see below).
The following attributes are allowed: loginId, extId, clientExtId, clientName, firstName, name, remarks, sex, gender (has precedence over sex), birthDate, title, telephone, email, telefax, mobile, addressLine1, addressLine2, postalCode, city, country, language, Street, houseNumber, dwellingNumber, postOfficeBoxNumber, postOfficeBoxText, locality
user.attributes.mandatory (String, -)
Comma-separated list of mandatory user attributes to gather. If the referred input field remains empty, inputMissing transition will be generated. Only attributes that have been defined explicitly with user.attribute.* can be classified as mandatory.
user.attributes.optional (String, -)
Comma-separated list of optional user attributes to gather. Only attributes that have been defined explicitly with user.atribute.* can be classified as optional.
loginIdMode ([auto,email,value], auto)
auto: user loginId is automatically generated. loginIdGenerator,enabled=true has to be set in client policy;
email: user e-mail attribute is used for loginId. user.attribute.email has to be set;
value: user.attribute.loginId has to be set explicitly
user.property.* (String, -) Define user scope properties. After the prefix, the name of the user scope property should be set.
Example: user.property.USER_SCOPE_PROPERTY
user.property.mandatory (String, -)
Comma-separated list of mandatory user scope properties to gather. If the input field remains empty, inputMissing transition will be generated. Only properties that have been defined explicitly with user.property.* can be classified as mandatory.
user.property.optional (String, -)
Comma-separated list of optional user scope properties to gather. Only properties that have been defined explicitly with user.property.* can be classified as optional.
targetUnitId (String,-)
Mandatory parameter that sets the extId of the unit to which the user’s default profile belongs. It has to be an existing unit extId.
loadUser (boolean, false)
If set to "true", the extId, loginId, profileExtId, clientExtId and clientName properties of the newly created user object are set in the user DTO and stored in the session. To refresh all properties in the session, the IdmGetPropertiesState AuthState must be called afterwards.
Methodsprocess (all events)
InputNone
Transitionsok: Gathered attributes and user scope properties are stored, transition to AuthDone expected.
inputMissing: If the input field remains empty, inputMissing transition will be generated.
inputInvalid: If the input validation fails, inputInvalid transition will be generated. To display a localized input validation error message, nevisauth litdict (/var/opt/nevisauth/default/conf/LitDict.properties) has to be extended.Currently, the following message key is generated: errors.invalidParameter)
clientNotFound: user uses an unsupported client ID or the "default" client ID (see input above) is not available
loginIdExists: user with the given loginId exists in the given client
emailExists: user with the given e-mail address exists
userIdExists: user with the given extId exists
OutputNone
ErrorsNone
NotesFor the input field GUI elements, use the user.<user_attribute>.label (user.email.label, user.name.label, ...) labels. These are language-dependent labels.

Example

<AuthState name="TestIdmCreateUser"
class="ch.nevis.idm.authstate.IdmCreateUserState" >
<ResultCond name="ok" next="IdmPostProcessing"/>
<ResultCond name="inputMissing" next="TestIdmCreateUser"/>
<ResultCond name="inputInvalid" next="TestIdmCreateUser"/>
<ResultCond name="loginIdExists" next="TestIdmCreateUser"/>
<ResultCond name="emailExists" next="TestIdmCreateUser"/>
<ResultCond name="userIdExists" next="TestIdmCreateUser"/>

<Response value="AUTH_CONTINUE">
<Gui name="AuthStepupDialog" label="login.setuserprop.label">
<GuiElem name="lasterror" type="error"
label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
<GuiElem name="errordetail" type="info"
label="${notes:lasterrorinfo}"/>
<GuiElem name="email" type="text" label="user.email.label"
optional="false"/>
<GuiElem name="lastname" type="text"
label="user.lastname.label"
optional="false"/>
<GuiElem name="firstname" type="text"
label="user.firstname.label" optional="false"/>
<GuiElem name="remarks" type="text"
label="user.remarks.label"
optional="false" />
<GuiElem name="addressLine1" type="text"
label="user.addressLine1.label" optional="true"/>
<GuiElem name="postalCode" type="text"
label="user.postalCode.label" optional="true"/>
<GuiElem name="userProperty1" type="text"
label="userProperty1"
optional="false"/>
<GuiElem name="userProperty2" type="text"
label="userProperty2"
optional="true"/>
<GuiElem name="submit" type="button"
label="submit.button.label"
value="continue"/>
</Gui>
</Response>
<property name="user.attributes.mandatory"
value="email,addressLine1,firstName,name"/>

<property name="user.attributes.optional"
value="remarks,postalCode"/>

<property name="user.attribute.email" value="${inargs:email}"/>
<property name="user.attribute.name" value="${inargs:lastname}"/>
<property name="user.attribute.firstName"
value="${inargs:firstname}"/>

<property name="user.attribute.remarks" value="${inargs:remarks}"/>
<property name="user.attribute.addressLine1"
value="${inargs:addressLine1}"/>
<property name="user.attribute.postalCode"
value="${inargs:postalCode}"/>

<property name="user.property.mandatory" value="userProperty1"/>
<property name="user.property.optional" value="userProperty2"/>

<property name="user.property.userProperty1"
value="${inargs:userProperty1}"/>
<property name="user.property.userProperty2"
value="${inargs:userProperty2}"/>
<property name="targetUnitId" value="100"/>
<property name="loginIdMode" value="email"/>

</AuthState>