atg.security
Class LDAPRepositoryAccountManager

java.lang.Object
  atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      atg.nucleus.GenericService
          atg.nucleus.RegisteredService
              atg.security.GenericUserAuthority
                  atg.security.RepositoryAccountManager
                      atg.security.LDAPRepositoryAccountManager

All Implemented Interfaces:

NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, AccountManager, AccountTypes, LoginUserAuthority, UserAuthority, UserAuthority2, java.util.EventListener

Direct Known Subclasses:

ActiveDirectoryAccountManager, iPlanetDirectoryAccountManager

public class LDAPRepositoryAccountManager
extends RepositoryAccountManager

An account manager and user authority that works against an LDAPRepository

See Also:

RepositoryAccountManager

Nested Class Summary

class

LDAPRepositoryAccountManager.SecurityCache The cache of security permissions associated with this account manager

Field Summary

static java.lang.String

CLASS_VERSION

Fields inherited from class atg.nucleus.GenericService

SERVICE_INFO_KEY

Fields inherited from interface atg.security.AccountTypes

ANY_ACCOUNT, GROUP_ACCOUNT, LOGIN_ACCOUNT, PRIVILEGE_ACCOUNT

Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging

DEFAULT_LOG_TRACE_STATUS

Fields inherited from interface atg.nucleus.logging.ApplicationLogging

DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS

Constructor Summary

LDAPRepositoryAccountManager()

Method Summary

void	doStartService() Overwrites GenericService superclass
Account	getAccount(java.lang.String pAccountName) Overwrites super class
java.lang.String	getAccountLdapDescriptorName() Returns the attribute name for privs within LDAP directory
LDAPRepositoryAccountManager.SecurityCache	getCache() Returns cache to store account and privilege groupings
long	getCacheReloadFrequency() Returns How frequently the cahce should be reloaded (in minutes)
Scheduler	getCacheScheduler() Returns the scheduler for cache reload
java.lang.String	getGroupLdapDescriptorName() Returns the attribute name for groups within LDAP directory
java.lang.String[]	getLdapGroups() Returns List of groups defined in the LDAP repository
java.lang.String[]	getLdapPrivileges() Returns List of privileges defined in the LDAP repository
Persona	getPersona(java.lang.Object id) Returns a persona for a give id.
boolean	isMemberOfCacheEnabled() sets flag denoting whether the cache is enabled or not
boolean	isReadOnly() Returns flag denoting whether this account manager may create accounts
boolean	isVerifyCachedItems() Returns if true, after retrieving items from cache will verify against the repository.
java.util.Iterator	listAccounts(int pType) Lists all Accounts of specified type
protected java.util.Iterator	listGroupAccounts() Returns an iterator containing all Login Accounts
protected java.util.Iterator	listGroupAndPrivilegeAccounts() Returns an iterator containing all Login Accounts
java.util.Iterator	listGroupsFor(java.lang.String pAccountName) Lists accounts that match a given expression.
protected java.util.Iterator	listLoginAccounts() Returns an iterator containing all Login Accounts
protected java.util.Iterator	listMembersForAccount(java.lang.String pAccountName)
protected java.util.Iterator	listPrivilegeAccounts() Returns an iterator containing all Login Accounts
void	loadMemberOfCache() pre-configures Key/Value pairs acct -> list of groups the acct is a member of
void	setCacheReloadFrequency(long pCacheReloadFrequency) Sets How frequently the cahce should be reloaded (in minutes)
void	setCacheScheduler(Scheduler pCacheScheduler) Sets the scheduler for cache reload
void	setMemberOfCacheEnabled(boolean pEnabled) sets flag denoting whether the cache is enabled or not
void	setVerifyCachedItems(boolean pVerifyCachedItems) Sets if true, after retrieving items from cache will verify against the repository.

Methods inherited from class atg.security.RepositoryAccountManager

createAccount, getAccountInitializer, getAccountItem, getAccountNameProperty, getAccountQueryLimit, getAccountTypeProperty, getAttributeResourceBundle, getDefaultGroupAttributes, getDefaultLoginAttributes, getDefaultLoginGroups, getDefaultPrivilegeAttributes, getDescriptionAttribute, getDescriptionProperty, getFirstNameAttribute, getFirstNameProperty, getGroupDescriptorName, getGroupPropertyNames, getGroupsProperty, getItemNameIsAccountName, getLastNameAttribute, getLastNameProperty, getLastPasswordUpdatePropertyName, getLoginDescriptorName, getLoginPropertyNames, getPasswordAttribute, getPasswordHasher, getPasswordProperty, getPreviousNPasswordArrayPropertyName, getRepository, getTransactionManager, listMatchingAccounts, login, removeAccount, setAccountInitializer, setAccountNameProperty, setAccountQueryLimit, setAccountTypeProperty, setAttributeResourceBundle, setDefaultGroupAttributes, setDefaultLoginAttributes, setDefaultLoginGroups, setDefaultPrivilegeAttributes, setDescriptionProperty, setFirstNameProperty, setGroupDescriptorName, setGroupPropertyNames, setGroupsProperty, setItemNameIsAccountName, setLastNameProperty, setLastPasswordUpdatePropertyName, setLoginDescriptorName, setLoginPropertyNames, setPasswordHasher, setPasswordProperty, setPreviousNPasswordArrayPropertyName, setRepository, setTransactionManager, userDestroyed

Methods inherited from class atg.security.GenericUserAuthority

addAuthenticationFailedListener, addAuthenticationSucceededListener, addSpecialPersona, fireAuthenticationFailedEvent, fireAuthenticationSucceededEvent, getProxyUserAuthorities, getSpecialPersonae, getSupportsEveryone, getUserAuthorityName, removeAuthenticationFailedListener, removeAuthenticationSucceededListener, removeSpecialPersona, setProxyUserAuthorities, setSpecialPersonae, setSupportsEveryone, setUserAuthorityName

Methods inherited from class atg.nucleus.RegisteredService

addToRegistry, getRegistry, getRegistryName, getServiceName, removeFromRegistry, setRegistryName, setServiceName, startService, stopService

Methods inherited from class atg.nucleus.GenericService

addLogListener, createAdminServlet, doStopService, getAbsoluteName, getAdminServlet, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, reResolveThis, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo

Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl

vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface atg.security.UserAuthority

addAuthenticationFailedListener, addAuthenticationSucceededListener, getUserAuthorityName, removeAuthenticationFailedListener, removeAuthenticationSucceededListener

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

Constructor Detail

LDAPRepositoryAccountManager

public LDAPRepositoryAccountManager()

Method Detail

isReadOnly

public boolean isReadOnly()

Returns flag denoting whether this account manager may create accounts

getLdapGroups

public java.lang.String[] getLdapGroups()

Returns List of groups defined in the LDAP repository

getGroupLdapDescriptorName

public java.lang.String getGroupLdapDescriptorName()

Returns the attribute name for groups within LDAP directory

getLdapPrivileges

public java.lang.String[] getLdapPrivileges()

Returns List of privileges defined in the LDAP repository

getAccountLdapDescriptorName

public java.lang.String getAccountLdapDescriptorName()

Returns the attribute name for privs within LDAP directory

getCache

public LDAPRepositoryAccountManager.SecurityCache getCache()

Returns cache to store account and privilege groupings

setMemberOfCacheEnabled

public void setMemberOfCacheEnabled(boolean pEnabled)

sets flag denoting whether the cache is enabled or not

isMemberOfCacheEnabled

public boolean isMemberOfCacheEnabled()

sets flag denoting whether the cache is enabled or not

loadMemberOfCache

public void loadMemberOfCache()

pre-configures Key/Value pairs acct -> list of groups the acct is a member of

setVerifyCachedItems

public void setVerifyCachedItems(boolean pVerifyCachedItems)

Sets if true, after retrieving items from cache will verify against the repository.

isVerifyCachedItems

public boolean isVerifyCachedItems()

Returns if true, after retrieving items from cache will verify against the repository.

setCacheScheduler

public void setCacheScheduler(Scheduler pCacheScheduler)

Sets the scheduler for cache reload

getCacheScheduler

public Scheduler getCacheScheduler()

Returns the scheduler for cache reload

setCacheReloadFrequency

public void setCacheReloadFrequency(long pCacheReloadFrequency)

Sets How frequently the cahce should be reloaded (in minutes)

getCacheReloadFrequency

public long getCacheReloadFrequency()

Returns How frequently the cahce should be reloaded (in minutes)

getPersona

public Persona getPersona(java.lang.Object id)

Returns a persona for a give id.

Specified by:

getPersona in interface UserAuthority

Overrides:

getPersona in class RepositoryAccountManager

listLoginAccounts

protected java.util.Iterator listLoginAccounts()
                                        throws RepositoryException

Returns an iterator containing all Login Accounts

Throws:

RepositoryException

listGroupAccounts

protected java.util.Iterator listGroupAccounts()
                                        throws RepositoryException

Returns an iterator containing all Login Accounts

Throws:

RepositoryException

listPrivilegeAccounts

protected java.util.Iterator listPrivilegeAccounts()
                                            throws RepositoryException

Returns an iterator containing all Login Accounts

Throws:

RepositoryException

listGroupAndPrivilegeAccounts

protected java.util.Iterator listGroupAndPrivilegeAccounts()
                                                    throws RepositoryException

Returns an iterator containing all Login Accounts

Throws:

RepositoryException

listAccounts

public java.util.Iterator listAccounts(int pType)

Lists all Accounts of specified type

Specified by:

listAccounts in interface AccountManager

Overrides:

listAccounts in class RepositoryAccountManager

Parameters:

pType - -- type of the account requested

See Also:

AccountTypes

listMembersForAccount

protected java.util.Iterator listMembersForAccount(java.lang.String pAccountName)

listGroupsFor

public java.util.Iterator listGroupsFor(java.lang.String pAccountName)

Description copied from class: RepositoryAccountManager

Lists accounts that match a given expression.

Overrides:

listGroupsFor in class RepositoryAccountManager

See Also:

LDAPRepositoryAccountManager

getAccount

public Account getAccount(java.lang.String pAccountName)

Overwrites super class

Specified by:

getAccount in interface AccountManager

Overrides:

getAccount in class RepositoryAccountManager

Parameters:

pAccountName - The name of the account to retrieve.

doStartService

public void doStartService()

Overwrites GenericService superclass

Overrides:

doStartService in class RepositoryAccountManager