© 2004 BEA Systems, Inc.

com.bea.p13n.security.management.authentication
Class AtnSecurityMgmtHelper

java.lang.Object
  extended bycom.bea.p13n.security.management.authentication.AtnSecurityMgmtHelper

public class AtnSecurityMgmtHelper
extends Object

Provides helper methods for accessing security management classes, especially those used to manage SSPI providers.


Constructor Summary
AtnSecurityMgmtHelper()
           
 
Method Summary
static AtnProviderDescription findProviderByName(String aDisplayName)
          Returns the configured SSPI authentication provider with a matching display name.
static AtnProviderDescription findProviderByUniqueName(String aUniqueId)
          Returns the configured SSPI authentication provider with a matching unique id which is the concatenation of display name and version number.
static AtnProviderDescription getDefaultProvider()
          Returns the default configured SSPI authentication provider.
static String getDisallowedUserPattern()
          Returns the set of characters which are disallowed in the creation of user names.
static List getProviders()
          Returns the list of currently configured SSPI authentication providers.
static String getProviderUniqueName(String aDisplayName, String aVersion)
          Returns unique id of the provider which is the concatenation of display name and version number.
static boolean isDeletableGroup(String aProviderDescription, String groupName)
          Checks whether the groupName specified is a protected group name or whether the groupName is a WLS special group name, neither of which will be allowed to be deleted.
static boolean isMultiAtnProviderMode()
          Returns an indication of whether multiple authentication providers have been configured.
static boolean isProtectedGroupName(String aProviderDescription, String groupName)
          Checks whether the groupName specified is an optional reserved group name or whether the groupName is a WLS special group name, neither of which will be allowed to be created by this provider.
static boolean isProtectedUserName(String aProviderDescription, String userName)
          Checks whether the userName specified is a protected user name which willnot be allowed to be created by this provider.
static boolean isReservedGroupName(String aProviderDescription, String groupName)
          Checks whether the groupName specified is an optional reserved group name which will not be allowed to be created by this provider.
static boolean isReservedUserName(String aProviderDescription, String userName)
          Checks whether the userName specified is an optional reserved user name or whether the userName is a WLS special user name, neither of which will be allowed to be created by this provider.
static void validateGroupCallerRole(String operationType, String targetUserName)
          Throws an exception if the caller is not in the proper role to perform the requested user management operation.
static void validateUserCallerRole(String operationType, String targetUserName)
          Throws an exception if the caller is not in the proper role to perform the requested user management operation.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AtnSecurityMgmtHelper

public AtnSecurityMgmtHelper()
Method Detail

getProviders

public static List getProviders()
                         throws ProviderMgmtException
Returns the list of currently configured SSPI authentication providers.

Returns:
List of AtnProviderDescription objects
Throws:
ProviderMgmtException

getDefaultProvider

public static AtnProviderDescription getDefaultProvider()
                                                 throws ProviderMgmtException
Returns the default configured SSPI authentication provider.

Returns:
default AtnProviderDescription
Throws:
ProviderMgmtException

findProviderByName

public static AtnProviderDescription findProviderByName(String aDisplayName)
                                                 throws ProviderMgmtException
Returns the configured SSPI authentication provider with a matching display name.

Parameters:
aDisplayName - The name entered at the WLS console when creating a new authentication provider.
Returns:
AtnProviderDescription or null, if no matching provider found
Throws:
ProviderMgmtException

findProviderByUniqueName

public static AtnProviderDescription findProviderByUniqueName(String aUniqueId)
                                                       throws ProviderMgmtException
Returns the configured SSPI authentication provider with a matching unique id which is the concatenation of display name and version number.

Parameters:
aUniqueId - Concatenation of display name and version number
Returns:
AtnProviderDescription or null, if no matching provider found
Throws:
ProviderMgmtException

getProviderUniqueName

public static String getProviderUniqueName(String aDisplayName,
                                           String aVersion)
Returns unique id of the provider which is the concatenation of display name and version number.

Parameters:
aDisplayName - The provider name
aVersion - The provider version
Returns:
unique id

getDisallowedUserPattern

public static String getDisallowedUserPattern()
Returns the set of characters which are disallowed in the creation of user names.

Returns:
disallowed chars

isReservedUserName

public static boolean isReservedUserName(String aProviderDescription,
                                         String userName)
Checks whether the userName specified is an optional reserved user name or whether the userName is a WLS special user name, neither of which will be allowed to be created by this provider.

Parameters:
aProviderDescription - the string identifying this authentication provider in the properties file.
userName - the user name to evaluate
Returns:
true if userName is reserved by provider, else false

isReservedGroupName

public static boolean isReservedGroupName(String aProviderDescription,
                                          String groupName)
Checks whether the groupName specified is an optional reserved group name which will not be allowed to be created by this provider.

Parameters:
aProviderDescription - the string identifying this authentication provider in the properties file.
groupName - the group name to evaluate
Returns:
True if group name is reserved, otherwise false
Throws:
IllegalArgumentException

isProtectedUserName

public static boolean isProtectedUserName(String aProviderDescription,
                                          String userName)
Checks whether the userName specified is a protected user name which willnot be allowed to be created by this provider.

Parameters:
aProviderDescription - the string identifying this authentication provider in the properties file.
userName - the user name to evaluate
Returns:
true if userName is protecteds by provider else false

isProtectedGroupName

public static boolean isProtectedGroupName(String aProviderDescription,
                                           String groupName)
Checks whether the groupName specified is an optional reserved group name or whether the groupName is a WLS special group name, neither of which will be allowed to be created by this provider.

Parameters:
aProviderDescription - the string identifying this authentication provider in the properties file.
groupName - the group name to evaluate
Returns:
List of Strings containing reserved user names

isDeletableGroup

public static boolean isDeletableGroup(String aProviderDescription,
                                       String groupName)
Checks whether the groupName specified is a protected group name or whether the groupName is a WLS special group name, neither of which will be allowed to be deleted.

Parameters:
aProviderDescription - the string identifying this authentication provider in the properties file.
groupName - the group name to evaluate
Returns:
true if group name can be deleted, else false

isMultiAtnProviderMode

public static boolean isMultiAtnProviderMode()
Returns an indication of whether multiple authentication providers have been configured.

Returns:
True if more than one authentication provider is found, else false

validateUserCallerRole

public static void validateUserCallerRole(String operationType,
                                          String targetUserName)
Throws an exception if the caller is not in the proper role to perform the requested user management operation.

Throws:
SecurityException

validateGroupCallerRole

public static void validateGroupCallerRole(String operationType,
                                           String targetUserName)
Throws an exception if the caller is not in the proper role to perform the requested user management operation.

Throws:
SecurityException

© 2004 BEA Systems, Inc.

Copyright © 2004 BEA Systems, Inc. All Rights Reserved