|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface DirectoryPrincipal
A DirectoryPrincipal is a Principal that is managed by a UserDirectory.
Notes:
In general, a DirectoryPrincipal is not serializable in a portable fashion.
Field Summary | |
---|---|
static java.lang.String |
CLASS_VERSION
|
Method Summary | |
---|---|
RelativeRole |
createRelativeRole(java.lang.String pFunctionName)
Create an assignable relative role, which represents the fulfillment of some function relative to this principal. |
java.util.Collection |
getAccessRights()
Get all AccessRights that are associated with this principal |
java.lang.String |
getDescription()
Return a short textual description of this principal. |
java.util.Collection |
getEffectivePrincipals()
Get a collection of all the effective principals in the directory with which this principal is implicitly associated. |
java.util.Collection |
getMembers()
Get all users and organizations that are "members" of this principal, viewing the effective-principal relationship from the end opposite to that taken by getEffectivePrincipals(). |
java.util.Collection |
getOrganizationMembersSortOnName(int pStartIndex,
int pEndIndex,
int pSortOrder)
Get all organizations that are "members" of this principal, viewing the effective-principal relationship from the end opposite to that taken by getEffectivePrincipals(). |
java.lang.Object |
getPrimaryKey()
Get the primary key of a principal which can be used to retrieve that principals from the directory. |
RelativeRole |
getRelativeRole(java.lang.String pFunctionName)
Given the name of a logical function, obtain the corresponding role representing that function performed relative to this principal if it exists, otherwise return null. |
java.util.List |
getRelativeRoles()
Obtain a set of roles that may be assumed relative to this principal. |
UserDirectory |
getUserDirectory()
|
java.util.Collection |
getUserMembersSortOnEmailAddress(int pStartIndex,
int pEndIndex,
int pSortOrder)
Get all users that are "members" of this principal, viewing the effective-principal relationship from the end opposite to that taken by getEffectivePrincipals(). |
java.util.Collection |
getUserMembersSortOnFirstName(int pStartIndex,
int pEndIndex,
int pSortOrder)
Get all users that are "members" of this principal, viewing the effective-principal relationship from the end opposite to that taken by getEffectivePrincipals(). |
java.util.Collection |
getUserMembersSortOnLastName(int pStartIndex,
int pEndIndex,
int pSortOrder)
Get all users that are "members" of this principal, viewing the effective-principal relationship from the end opposite to that taken by getEffectivePrincipals(). |
java.util.Collection |
getUserMembersSortOnLogin(int pStartIndex,
int pEndIndex,
int pSortOrder)
Get all users that are "members" of this principal, viewing the effective-principal relationship from the end opposite to that taken by getEffectivePrincipals(). |
boolean |
hasMember(java.security.Principal pMember)
Determine whether a principal has a particular principal as one of its members, that is, is an effective principal associated with that entity. |
Methods inherited from interface java.security.Principal |
---|
equals, getName, hashCode, toString |
Field Detail |
---|
static final java.lang.String CLASS_VERSION
Method Detail |
---|
java.lang.String getDescription()
java.lang.Object getPrimaryKey()
UserDirectory getUserDirectory()
java.util.Collection getEffectivePrincipals()
The order of the elements as returned by the collection's iterator is significant, as it orders the effective principals from "most specific" to "least specific" in their relationship to the original principal. An access right may granted to one effective principal but denied to another effective principal; in such cases, a security model may need to determine which principal takes precedence, and the order of this collection can be used for this purpose.
As a general policy, effective principals at greater distances in the organizational graph from the original should be less specific. Also, a role should be considered to be less specific than the effective principal that has that role. A dynamic role, being implicit and rule-based, is less specific than any roles explicitly assigned to its principal. Finally, effective principals that could be considered to have multiple rankings should be assigned the most specific of those rankings.
A
- collection of effective DirectoryPrincipalsjava.util.Collection getMembers()
Following the definition of effective principals, it follows that:
pPrincipal
- a principal
getEffectivePrincipals()
java.util.Collection getOrganizationMembersSortOnName(int pStartIndex, int pEndIndex, int pSortOrder)
Following the definition of effective principals, it follows that:
pStartIndex
- starting index of the sorted result set.pEndEndex
- end index of the sorted result set. a value of -1 sets the end index to infinite.pSortOrder
- sort order of the return set.
valid values = { UserDirectory.ASCENDING, UserDirectory.DESCENDING }
getMembers()
,
getEffectivePrincipals()
java.util.Collection getUserMembersSortOnLogin(int pStartIndex, int pEndIndex, int pSortOrder)
Following the definition of effective principals, it follows that:
pStartIndex
- starting index of the sorted result set.pEndEndex
- end index of the sorted result set. a value of -1 sets the end index to infinite.pSortOrder
- sort order of the return set.
valid values = { UserDirectory.ASCENDING, UserDirectory.DESCENDING }
getMembers()
,
getEffectivePrincipals()
java.util.Collection getUserMembersSortOnFirstName(int pStartIndex, int pEndIndex, int pSortOrder)
Following the definition of effective principals, it follows that:
pStartIndex
- starting index of the sorted result set.pEndEndex
- end index of the sorted result set. a value of -1 sets the end index to infinite.pSortOrder
- sort order of the return set.
valid values = { UserDirectory.ASCENDING, UserDirectory.DESCENDING }
getMembers()
,
getEffectivePrincipals()
java.util.Collection getUserMembersSortOnLastName(int pStartIndex, int pEndIndex, int pSortOrder)
Following the definition of effective principals, it follows that:
pStartIndex
- starting index of the sorted result set.pEndEndex
- end index of the sorted result set. a value of -1 sets the end index to infinite.pSortOrder
- sort order of the return set.
valid values = { UserDirectory.ASCENDING, UserDirectory.DESCENDING }
getMembers()
,
getEffectivePrincipals()
java.util.Collection getUserMembersSortOnEmailAddress(int pStartIndex, int pEndIndex, int pSortOrder)
Following the definition of effective principals, it follows that:
pStartIndex
- starting index of the sorted result set.pEndEndex
- end index of the sorted result set. a value of -1 sets the end index to infinite.pSortOrder
- sort order of the return set.
valid values = { UserDirectory.ASCENDING, UserDirectory.DESCENDING }
getMembers()
,
getEffectivePrincipals()
boolean hasMember(java.security.Principal pMember)
pPrincipal
- a principal that might have pMember as a memberpMember
- a principal representing a user or organization
java.util.List getRelativeRoles()
Note that an individual having a role relative to some organization need not actually belong to that organization.
The createRelativeRole() method can be used to create a new assignable role relative to this principal.
createRelativeRole(java.lang.String)
RelativeRole getRelativeRole(java.lang.String pFunctionName)
pFunctionName
- the logical name of a function relative to
this principal
RelativeRole createRelativeRole(java.lang.String pFunctionName) throws DirectoryModificationException
For instance, an relative role created for the organization "ATG Sales" and the function name "Content Admin" has the semantics of "Content Admin for ATG Sales". The resulting role can be examined with getOrganization() and getFunctionName() to find both the organization and function whose intersection it represents.
If the specified relative role already exists, it is simply returned, without any modification to the directory having taken place.
pFunctionName
- the logical name of a function relative to this principal
DirectoryModificationException
- occurs if the operation fails
unexpectedly; a nested exception provides details.java.util.Collection getAccessRights()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |