test

Sun Identity Manager Deployment Reference

Find Objects View

Provides a customizable, generic Identity Manager repository search interface for any object type defined in Identity Manager that has rights and is not deprecated or restricted to internal use. The Find Objects view handler provides the associated forms for specifying one or more attribute query conditions and parameters and for the display of the find results. In addition, you can use view options to specify attribute query conditions and parameters.

This view contain the following attributes.

Table 3–33 Top-Level Attributes (Find Objects View)

Name  

Editable?  

Type  

Required? 

objectType

Read/Write 

String 

Yes 

allowedAttrs

Read/Write 

List 

No 

attrsToGet

Read/Write 

List 

No 

attrConditions 

Read/Write 

List 

No 

maxResults 

Read/Write 

String 

No 

results 

Read 

List 

No 

sortColumn 

Read/Write 

String 

No 

selectEnable 

Read/Write 

Boolean 

No 

objectType

Specifies the Identity Manager repository object type to find (for example, Role, User, or Resource).

allowedAttrs

Lists the specified object types (specified by the objectType attribute) allowed queryable attribute names that are obtained by default by calling the objectType’s listQueryableAttributeAttrs() method. This method is exposed by each class that extends PersistentObject. If not overridden by the object type class, it inherits the PersistentObject implementation returning the default set of queryable attributes supported by all PersistentObjects.

You can override the default set by specifying the set of allowedAttrs in either the default section or the objectType-specific section of the findObjectsDefaults.xml configuration file. This file resides in the sample directory. Specify each allowed attribute in the sample/findObjectsDefaults.xml file as follows:

name

Identifies the attribute.

displayName

Specifies the attribute name as it is displayed in the Identity Manager Administrator interface. If not specified, the value of this attribute defaults to the same value as name.

syntax

Indicates the data type of attribute value where supported values include string, int, and boolean. If not specified, this value defaults to string.

multiValued

Indicates whether the attribute supports multiple values. A value of true indicates that attribute supports multiple values. If unspecified, this value defaults to false. This attribute applies only if the attribute syntax is string.

allowedValuesType

Specifies the name of the Identity Manager type if the allowed values of the attribute are instances of an Identity Manager type (for example, Role or Resource). If not specified, this attribute defaults to null.

If the name attribute is an Identity Manager-defined attribute, then only name is required. If the attribute name is an extended attribute, you must specify at least the name and, optionally, the other attributes unless the defaults are sufficient.

See sample/findObjectsDefaults.xml for example formats for specification of allowed attributes.

You can specify the list of allowedAttrs as either a list of strings, a list of objects, or a combination of both.

attrsToGet

Lists the summary attribute names of the specified object types (objectType) to be returned with each object that match the specified attribute query conditions. You can obtain the object type’s set of supported summary attributes by calling the object type’s listSummaryAttributeAttrs() method. (This method is exposed by each class that extends PersistentObject.) If not overridden by the objectType class, it inherits the PersistentObject implementation that returns the default set of summary attributes that are supported by all Persistent Objects.

You can override the default by specifying the list of resultColumnNames in either the default section or the objectType-specific section of the sample/findObjectsDefaults.xml configuration file.

attrConditions

Lists the attribute conditions that are used to find objects of the specified object type (objectType) that match the specified attribute conditions (attrConditions). Each attribute condition in the list should be specified as follows:

selectedAttr

Identifies one of the attribute names from the list of allowed attributes (allowedAttrs).

selectedAttrRequired

(Optional) Indicates whether the selected attribute (selectedAttr) can be changed for this attribute condition. A value of true indicates that the selected attribute cannot be changed for this attribute condition, and the attribute condition cannot be removed from the list of attribute conditions

defaultAttr

(Optional) Identifies the allowedAttrs name to select by default when the list of allowed attributes is displayed in interface.

allowedOperators

Lists the operators allowed based on the syntax specified in the selected attribute (selectedAttr). By default, this list is obtained by calling the getAllowedOperators method passing the values of the syntax and multiValued attributes of the selected attribute (selectedAttr). You can override the default by specifying the set of allowed operators (allowedOperators) in either the default section or the objectType-specific section of the sample/findObjectsDefaults.xml configuration file.

selectedOperator

Specifies the name of one operator from the list specified in allowedOperators.

selectedOperatorRequired

(Optional) Indicates whether the selected operator (selectedOperator) can be changed for this attribute condition. A value of true indicates that the selected operator cannot be changed for this attribute condition, and the attribute condition cannot be removed from the list of attribute conditions

defaultOperator

(Optional) Specifies the name of the operator (allowedOperators) to select by default when the list of allowed operators (allowedOperators) is displayed in the form.

value

Indicates the value or operand for the selected attribute name and operator that must be tested when Identity Manager determines if it should return an object of the specified object type (objectType). You can omit this attribute if the value of selectedOperator is exists or notPresent.

valueRequired

(Optional) Indicates whether the value of the attribute condition can be changed. A value of true indicates that value can be changed. It also indicates that the attribute condition cannot be removed from the list of attribute conditions.

removeAttrCond

Determines if this attribute condition should be removed or not (internal).

You can specify attribute conditions as view options by using the FindObjects.ATTR_CONDITIONS constant or the attrCondition string. If attrConditions is not specified, Identity Manager returns all objects of the specified object type.

maxResults

(Optional) Specifies the maximum number of objects of the specified objectType that Identity Manager should return from the find request. Defaults to 100 if not specified. You can override the default by specifying the a value for resultMaxRows attribute in either the default section or the objectType-specific section of the sample/findObjectsDefaults.xml configuration file.

Use of this attribute can improve performance in cases where many Identity Manager repository objects of the specified type exist.

results

If the value of attrsToGet is null, the value of result is a list of object names that match the specified attribute condition. If the value of attrsToGet is non-null, results is a list of objects that matched the specified attrConditions, where each object consists of:

sortColumn

(Optional) Indicates the value of the column to sort the results on. Defaults to ’0’ if not specified. You can override the default by specifying a value for resultSortColumn in either the default section or the objectType-specific section of the sample/findObjectsDefaults.xml configuration file.

selectEnable

(Optional) Specifies whether more than one result row can be selected simultaneously. A value of true indicates that more than one result row can be selected. The default is false. The default can be overridden by specifying a value for resultSelectEnable in either the default section or the objectType-specific section of the sample/findObjectsDefaults.xml configuration file.