IdentityPlugin (Oracle Secure Enterprise Search Java API Reference)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Oracle Secure Enterprise Search Java API Reference
11g Release 1 (11.1.2.0.0)
E14433-02

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.search.sdk.security
Interface IdentityPlugin

public interface IdentityPlugin

An interface for identity-based security.

See Also:: IdentityPluginManager

Method Summary
`String`	`authenticate(String username, char[] password)` Authenticates a user and returns the value of the canonical attribute representing the authenticated user.
`void`	`close()` Called to indicate that this plug-in object will no longer be used.
`String[]`	`getAllGroups(String username)` Returns the groups or roles for a given user.
`String[]`	`getAttribute(String attrName, String username, String identityAttr)` Returns the value or values of an attribute for a given user.
`String`	`getAuthenticationAttribute()` Returns the authentication attribute name, which was configured in the call to `IdentityPluginManager.init`.
`String[]`	`getGroupAttribute(String attrName, String groupname, String identityAttr)` Returns the value or values of an attribute for a given group.
`boolean`	`isValidAttribute(String attrName)` Indicates if the given attribute name is valid.
`String`	`validateGroup(String group, String attrName)` Indicates if the given group is valid.
`String`	`validateUser(String username, String attrName)` Indicates if the given user is valid.

Method Detail

authenticate

String authenticate(String username,
                    char[] password)
                    throws PluginException

Authenticates a user and returns the value of the canonical attribute representing the authenticated user. If the authentication fails, this returns null.

Parameters:: username - the username for the search user, in the format of the authentication attribute configured in the call to IdentityPluginManager.init; password - the user's password
Returns:: the canonical attribute representing the user if authentication succeeds, otherwise null
Throws:: PluginException - if an error occurs

getAttribute

String[] getAttribute(String attrName,
                      String username,
                      String identityAttr)
                      throws PluginException

Returns the value or values of an attribute for a given user.

Parameters:: attrName - the name of the attribute. For example, AD_NAME; username - the username for the search user; identityAttr - the attribute name (format) of the username parameter
Returns:: the values for the given attribute
Throws:: PluginException - if an error occurs

getGroupAttribute

String[] getGroupAttribute(String attrName,
                           String groupname,
                           String identityAttr)
                           throws PluginException

Returns the value or values of an attribute for a given group.

Parameters:: attrName - the name of the attribute. For example, AD_NAME; groupname - the group name; identityAttr - the attribute name (format) of the groupname parameter
Returns:: the values for the given attribute
Throws:: PluginException - if an error occurs

getAllGroups

String[] getAllGroups(String username)
                      throws PluginException

Returns the groups or roles for a given user. This method is called by the query engine when building the security filters.

Parameters:: username - the username for the search user in the format of the canonical attribute (for example, as returned by a call to authenticate).
Returns:: an array of groups for the given user, as Strings in the format of the canonical attribute. The return value from a successful invocation must be non-null; null is interpreted as a failure to get group information. A zero-length array is interpreted as success (indicating that the user is not a member of any groups).
Throws:: PluginException - if an error occurs

validateUser

String validateUser(String username,
                    String attrName)
                    throws PluginException

Indicates if the given user is valid. This method is called by the administration tool and crawler to validate an identity string and convert it to the canonical attribute.

Parameters:: username - the username identity string in the format of the attrName parameter; attrName - the name of the attribute (format) of the username parameter
Returns:: the value of the canonical attribute representing the user if valid, otherwise null
Throws:: PluginException - if an error occurs

validateGroup

String validateGroup(String group,
                     String attrName)
                     throws PluginException

Indicates if the given group is valid. This method is called by the administration tool and crawler to validate an identity string and convert it to the canonical attribute.

Parameters:: group - the group identity string in the format of the attrName parameter; attrName - the name of the attribute (format) for the group parameter
Returns:: the value of the canonical attribute representing the group if valid, otherwise null
Throws:: PluginException - if an error occurs

isValidAttribute

boolean isValidAttribute(String attrName)

Indicates if the given attribute name is valid.

Parameters:: attrName - the name of the attribute
Returns:: true if the given attribute is valid (is known to the identity management system), false otherwise

getAuthenticationAttribute

String getAuthenticationAttribute()

Returns the authentication attribute name, which was configured in the call to IdentityPluginManager.init.

Returns:: the name of the authentication attribute

close

void close()

Called to indicate that this plug-in object will no longer be used.