com.sun.identity.idm
Class AMIdentityRepository

java.lang.Object
  com.sun.identity.idm.AMIdentityRepository

public final class AMIdentityRepository

extends java.lang.Object

The class AMIdentityRepository represents an object to access the repositories in which user/role/group and other identity data is configured. This class provides access to methods which will search, create and delete identities. An instance of this class can be obtained in the following manner:

     AMIdentityRepository = new AMIdentityRepository(ssoToken, realmName);
 

Constructor Summary

AMIdentityRepository(SSOToken ssotoken, java.lang.String realmName)
Constructor for the AMIdentityRepository object.

Method Summary

int	addEventListener(com.sun.identity.idm.IdEventListener listener) Adds a listener, which should receive notifications for all changes that occurred in this organization.
static void	clearCache() Clears the cache.
java.util.Set	createIdentities(IdType type, java.util.Map identityNamesAndAttrs) Creates multiple objects of the same type.
AMIdentity	createIdentity(IdType type, java.lang.String idName, java.util.Map attrMap) Creates a single object of a type.
void	deleteIdentities(IdType type, java.util.Set identities) Deprecated. As of release AM 7.1, replaced by deleteIdentities(Set identities)
void	deleteIdentities(java.util.Set identities) Deletes identities.
java.util.Set	getAllowedIdOperations(IdType type) Returns the set of Operations for a given IdType, IdOperations that can be performed on an Identity.
AMIdentity	getRealmIdentity() Returns a handle of the Identity object representing this realm for services related operations only.
java.util.Set	getSupportedIdTypes() Returns the set of supported object types IdType for this deployment.
void	removeEventListener(int identifier) Removes listener as the application is no longer interested in receiving notifications.
IdSearchResults	searchIdentities(IdType type, java.lang.String pattern, IdSearchControl ctrl) Searches for identities of certain types from each plugin and returns a combined result.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AMIdentityRepository

public AMIdentityRepository(SSOToken ssotoken,
                            java.lang.String realmName)
                     throws IdRepoException,
                            SSOException

Constructor for the AMIdentityRepository object. If a null is passed for the organization identifier realmName, then the "root" realm is assumed.

Parameters:

ssotoken - Single sign on token of the user

realmName - Name of the realm (can be a Fully qualified DN)

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

Method Detail

getSupportedIdTypes

public java.util.Set getSupportedIdTypes()
                                  throws IdRepoException,
                                         SSOException

Returns the set of supported object types IdType for this deployment. This is not realm specific.

Returns:

Set of supported IdType objects.

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

getAllowedIdOperations

public java.util.Set getAllowedIdOperations(IdType type)
                                     throws IdRepoException,
                                            SSOException

Returns the set of Operations for a given IdType, IdOperations that can be performed on an Identity. This varies for each organization (and each plugin?).

Parameters:

type - Type of identity

Returns:

Set of IdOperation objects.

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

searchIdentities

public IdSearchResults searchIdentities(IdType type,
                                        java.lang.String pattern,
                                        IdSearchControl ctrl)
                                 throws IdRepoException,
                                        SSOException

Searches for identities of certain types from each plugin and returns a combined result. Note: The AMIdentity objects representing IdType.REALM can be used for services related operations only. The realm AMIdentity object can be used to assign and unassign services containing dynamic attributes to this realm.

Parameters:

type - Type of identity being searched for.

pattern - Pattern to be used when searching.

ctrl - IdSearchControl which can be used to set up various search controls on the search to be performed.

Returns:

Returns the combined results in object IdSearchResults object.

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

See Also:

IdSearchControl, IdSearchResults

getRealmIdentity

public AMIdentity getRealmIdentity()
                            throws IdRepoException,
                                   SSOException

Returns a handle of the Identity object representing this realm for services related operations only. This AMIdentity object can be used to assign and unassign services containing dynamic attributes to this realm

Returns:

a handle of the Identity object.

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

createIdentity

public AMIdentity createIdentity(IdType type,
                                 java.lang.String idName,
                                 java.util.Map attrMap)
                          throws IdRepoException,
                                 SSOException

Creates a single object of a type. The object is created in all the plugins that support creation of this type of object. This method is only valid for:

IdType.AGENT

IdType.USER

IdType.REALM

Note: For creating IdType.REALM identities, a map of sunIdentityRepositoryService attributes need to be passed. Also, AMIdentity object representing this realm can be used for services related operations only. This AMIdentity object can be used to assign and unassign services containing dynamic attributes to this realm

Parameters:

type - IdType of object to be created.

idName - Name of object. If the type is IdType.REALM then enter a valid realm name.

attrMap - Map of attribute-values to be set when creating the entry.

Returns:

Identity object representing the newly created entry.

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

createIdentities

public java.util.Set createIdentities(IdType type,
                                      java.util.Map identityNamesAndAttrs)
                               throws IdRepoException,
                                      SSOException

Creates multiple objects of the same type. The objects are created in all the IdRepo plugins that support creation of these objects. This method is only valid for:

IdType.AGENT

(@link IdType#USER IdType.USER}

IdType.REALM

Note: For creating IdType.REALM identities, a map of sunIdentityRepositoryService attributes need to be passed. Also, AMIdentity object representing this realm can be used for services related operations only. This AMIdentity object can be used to assign and unassign services containing dynamic attributes to this realm

Parameters:

type - Type of object to be created

identityNamesAndAttrs - Names of the identities and their

Returns:

Set of created Identities.

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

deleteIdentities

public void deleteIdentities(IdType type,
                             java.util.Set identities)
                      throws IdRepoException,
                             SSOException

Deprecated. As of release AM 7.1, replaced by deleteIdentities(Set identities)

Deletes identities. The Set passed is a set of AMIdentity objects. This method is only valid for:

IdType.AGENT

IdType.REALM

(@link IdType#USER IdType.USER}

Parameters:

type - Type of Identity to be deleted.

identities - Set of AMIdentity objects to be deleted

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

deleteIdentities

public void deleteIdentities(java.util.Set identities)
                      throws IdRepoException,
                             SSOException

Deletes identities. The Set passed is a set of AMIdentity objects. This method is only valid for:

IdType.AGENT

IdType.REALM

(@link IdType#USER IdType.USER}

Parameters:

identities - Set of AMIDentity objects to be deleted

Throws:

IdRepoException - if there are repository related error conditions.

SSOException - if user's single sign on token is invalid.

addEventListener

public int addEventListener(com.sun.identity.idm.IdEventListener listener)

Adds a listener, which should receive notifications for all changes that occurred in this organization. This method is only valid for IdType User and Agent.

Parameters:

listener - The callback which implements AMEventListener.

Returns:

Integer identifier for this listener.

removeEventListener

public void removeEventListener(int identifier)

Removes listener as the application is no longer interested in receiving notifications.

Parameters:

identifier - Integer identifying the listener.

clearCache

public static void clearCache()

Clears the cache.