Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.identity.idm
Class IdRepo

java.lang.Object
  extended bycom.sun.identity.idm.IdRepo
public abstract class IdRepo
extends java.lang.Object

This interface defines the methods which need to be implemented by identity repository plugins.

Field Summary
static int ADDMEMBER
          The constant defining the add membership operation.
static int AND_MOD
          Specifies an AND condition filter.
 java.util.Map configMap
          The plugin's configuration info.
static int NO_MOD
          Specifies a null filter.
static int OR_MOD
          Specifies an OR condition filter.
static int REMOVEMEMBER
          The constant defining the remove membership operation.
 
Constructor Summary
IdRepo()
           
 
Method Summary
abstract  int addListener(SSOToken token, com.sun.identity.idm.IdRepoListener listener)
          Adds a listener for changes in the repository
abstract  void assignService(SSOToken token, IdType type, java.lang.String name, java.lang.String serviceName, SchemaType stype, java.util.Map attrMap)
          This method is used to assign a service to the given identity.
 boolean authenticate(javax.security.auth.callback.Callback[] credentials)
          Returns true if the data store successfully authenticates the identity with the provided credentials.
abstract  java.lang.String create(SSOToken token, IdType type, java.lang.String name, java.util.Map attrMap)
          Creates an identity.
abstract  void delete(SSOToken token, IdType type, java.lang.String name)
          Deletes an identity.
abstract  java.util.Set getAssignedServices(SSOToken token, IdType type, java.lang.String name, java.util.Map mapOfServicesAndOCs)
          Returns the set of services assigned to this identity.
abstract  java.util.Map getAttributes(SSOToken token, IdType type, java.lang.String name)
          Returns all attributes and values of name object
abstract  java.util.Map getAttributes(SSOToken token, IdType type, java.lang.String name, java.util.Set attrNames)
          Returns requested attributes and values of name object.
abstract  java.util.Map getBinaryAttributes(SSOToken token, IdType type, java.lang.String name, java.util.Set attrNames)
          Returns requested binary attributes as an array of bytes.
 java.util.Map getConfiguration()
          Returns the configuration map.
 java.lang.String getFullyQualifiedName(SSOToken token, IdType type, java.lang.String name)
          Returns the fully qualified name for the identity.
abstract  java.util.Set getMembers(SSOToken token, IdType type, java.lang.String name, IdType membersType)
          Returns members of an identity.
abstract  java.util.Set getMemberships(SSOToken token, IdType type, java.lang.String name, IdType membershipType)
          Returns the memberships of an identity.
abstract  java.util.Map getServiceAttributes(SSOToken token, IdType type, java.lang.String name, java.lang.String serviceName, java.util.Set attrNames)
          Returns the attribute values of the service attributes.
 java.util.Set getSupportedOperations(IdType type)
          Returns supported operations for a given IdType
 java.util.Set getSupportedTypes()
          Returns the supported types of identities for this plugin.
 void initialize(java.util.Map configParams)
          initialization method.
 boolean isActive(SSOToken token, IdType type, java.lang.String name)
          Returns true if the name object is active.
abstract  boolean isExists(SSOToken token, IdType type, java.lang.String name)
          Returns true if the name object exists in the data store.
abstract  void modifyMemberShip(SSOToken token, IdType type, java.lang.String name, java.util.Set members, IdType membersType, int operation)
          Modify membership of the identity.
abstract  void modifyService(SSOToken token, IdType type, java.lang.String name, java.lang.String serviceName, SchemaType sType, java.util.Map attrMap)
          Modifies the attribute values of the service attributes.
abstract  void removeAttributes(SSOToken token, IdType type, java.lang.String name, java.util.Set attrNames)
          Removes the attributes from the identity.
abstract  void removeListener()
          Removes the listener added using the addListener method.
abstract  com.sun.identity.idm.RepoSearchResults search(SSOToken token, IdType type, java.lang.String pattern, int maxTime, int maxResults, java.util.Set returnAttrs, boolean returnAllAttrs, int filterOp, java.util.Map avPairs, boolean recursive)
          Search for specific type of identities.
abstract  void setActiveStatus(SSOToken token, IdType type, java.lang.String name, boolean active)
          Sets the object's status to active.
abstract  void setAttributes(SSOToken token, IdType type, java.lang.String name, java.util.Map attributes, boolean isAdd)
          Set the values of attributes of the identity.
abstract  void setBinaryAttributes(SSOToken token, IdType type, java.lang.String name, java.util.Map attributes, boolean isAdd)
          Set the values of binary attributes the identity.
 void shutdown()
          This method is invoked just before the plugin is removed from the IdRepo cache of plugins.
 boolean supportsAuthentication()
          Returns true if the data store supports authentication of identities.
abstract  void unassignService(SSOToken token, IdType type, java.lang.String name, java.lang.String serviceName, java.util.Map attrMap)
          If the service is already assigned to the identity then this method unassigns the service and removes the related attributes from the entry.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ADDMEMBER

public static final int ADDMEMBER
The constant defining the add membership operation.

See Also:
Constant Field Values

REMOVEMEMBER

public static final int REMOVEMEMBER
The constant defining the remove membership operation.

See Also:
Constant Field Values

configMap

public java.util.Map configMap
The plugin's configuration info.

OR_MOD

public static final int OR_MOD
Specifies an OR condition filter.

See Also:
Constant Field Values

AND_MOD

public static final int AND_MOD
Specifies an AND condition filter.

See Also:
Constant Field Values

NO_MOD

public static final int NO_MOD
Specifies a null filter.

See Also:
Constant Field Values
Constructor Detail

IdRepo

public IdRepo()
Method Detail

initialize

public void initialize(java.util.Map configParams)
initialization method. this method is invoked prior to calling any method in the plugin so the plugin has a chance to perform any initialization operation if necessary.

Parameters:
configParams - This plugin's configuration data.

shutdown

public void shutdown()
This method is invoked just before the plugin is removed from the IdRepo cache of plugins. This helps the plugin clean up after itself (connections, persistent searches etc.). This method should be overridden by plugins that need to do this.

getSupportedOperations

public java.util.Set getSupportedOperations(IdType type)
Returns supported operations for a given IdType

Parameters:
type - Identity type
Returns:
set of IdOperation supported for this IdType.

getSupportedTypes

public java.util.Set getSupportedTypes()
Returns the supported types of identities for this plugin. If a plugin does not override this method, it returns an empty set.

Returns:
a Set of IdTypes supported by this plugin.

isExists

public abstract boolean isExists(SSOToken token,
                                 IdType type,
                                 java.lang.String name)
                          throws IdRepoException,
                                 SSOException
Returns true if the name object exists in the data store.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
Returns:
true if name object is in data store else false
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

isActive

public boolean isActive(SSOToken token,
                        IdType type,
                        java.lang.String name)
                 throws IdRepoException,
                        SSOException
Returns true if the name object is active.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
Returns:
true if name object is in active else false
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

setActiveStatus

public abstract void setActiveStatus(SSOToken token,
                                     IdType type,
                                     java.lang.String name,
                                     boolean active)
                              throws IdRepoException,
                                     SSOException
Sets the object's status to active.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
active - true if setting to active; false otherwise.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getAttributes

public abstract java.util.Map getAttributes(SSOToken token,
                                            IdType type,
                                            java.lang.String name)
                                     throws IdRepoException,
                                            SSOException
Returns all attributes and values of name object

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
Returns:
Map of attribute-values
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getAttributes

public abstract java.util.Map getAttributes(SSOToken token,
                                            IdType type,
                                            java.lang.String name,
                                            java.util.Set attrNames)
                                     throws IdRepoException,
                                            SSOException
Returns requested attributes and values of name object.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
attrNames - Set of attribute names to be read
Returns:
Map of attribute-values
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getBinaryAttributes

public abstract java.util.Map getBinaryAttributes(SSOToken token,
                                                  IdType type,
                                                  java.lang.String name,
                                                  java.util.Set attrNames)
                                           throws IdRepoException,
                                                  SSOException
Returns requested binary attributes as an array of bytes.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
attrNames - Set of attribute names to be read
Returns:
Map of attribute-values
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

create

public abstract java.lang.String create(SSOToken token,
                                        IdType type,
                                        java.lang.String name,
                                        java.util.Map attrMap)
                                 throws IdRepoException,
                                        SSOException
Creates an identity.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
attrMap - Map of attribute-values assoicated with this object.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

delete

public abstract void delete(SSOToken token,
                            IdType type,
                            java.lang.String name)
                     throws IdRepoException,
                            SSOException
Deletes an identity.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

setAttributes

public abstract void setAttributes(SSOToken token,
                                   IdType type,
                                   java.lang.String name,
                                   java.util.Map attributes,
                                   boolean isAdd)
                            throws IdRepoException,
                                   SSOException
Set the values of attributes of the identity.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
attributes - Map of attribute-values to set or add.
isAdd - if true add the attribute-values; otherwise replaces the attribute-values.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

setBinaryAttributes

public abstract void setBinaryAttributes(SSOToken token,
                                         IdType type,
                                         java.lang.String name,
                                         java.util.Map attributes,
                                         boolean isAdd)
                                  throws IdRepoException,
                                         SSOException
Set the values of binary attributes the identity.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
attributes - Map of binary attribute-values to set or add.
isAdd - if true add the attribute-values; otherwise replaces the attribute-values.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

removeAttributes

public abstract void removeAttributes(SSOToken token,
                                      IdType type,
                                      java.lang.String name,
                                      java.util.Set attrNames)
                               throws IdRepoException,
                                      SSOException
Removes the attributes from the identity.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
attrNames - Set of attribute names to remove.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

search

public abstract com.sun.identity.idm.RepoSearchResults search(SSOToken token,
                                                              IdType type,
                                                              java.lang.String pattern,
                                                              int maxTime,
                                                              int maxResults,
                                                              java.util.Set returnAttrs,
                                                              boolean returnAllAttrs,
                                                              int filterOp,
                                                              java.util.Map avPairs,
                                                              boolean recursive)
                                                       throws IdRepoException,
                                                              SSOException
Search for specific type of identities.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
pattern - pattern to search for.
maxTime - maximum wait time for search.
maxResults - maximum records to return.
returnAttrs - Set of attribute names to return.
returnAllAttrs - return all attributes
filterOp - filter condition.
avPairs - additional search conditions.
Returns:
RepoSearchResults
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

modifyMemberShip

public abstract void modifyMemberShip(SSOToken token,
                                      IdType type,
                                      java.lang.String name,
                                      java.util.Set members,
                                      IdType membersType,
                                      int operation)
                               throws IdRepoException,
                                      SSOException
Modify membership of the identity. Set of members is a set of unique identifiers of other identities.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
members - Set of names to be added as members of name
membersType - IdType of members.
operation - operations to perform on members ADDMEMBER or REMOVEMEMBER.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getMembers

public abstract java.util.Set getMembers(SSOToken token,
                                         IdType type,
                                         java.lang.String name,
                                         IdType membersType)
                                  throws IdRepoException,
                                         SSOException
Returns members of an identity. Applicable if identity is a group or a role.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
membersType - IdType of members of name object.
Returns:
Set of of members belongs to name
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getMemberships

public abstract java.util.Set getMemberships(SSOToken token,
                                             IdType type,
                                             java.lang.String name,
                                             IdType membershipType)
                                      throws IdRepoException,
                                             SSOException
Returns the memberships of an identity. For example, returns the groups or roles that a user belongs to.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
membershipType - IdType of memberships to return.
Returns:
Set of objects that name is a member of.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

assignService

public abstract void assignService(SSOToken token,
                                   IdType type,
                                   java.lang.String name,
                                   java.lang.String serviceName,
                                   SchemaType stype,
                                   java.util.Map attrMap)
                            throws IdRepoException,
                                   SSOException
This method is used to assign a service to the given identity. The behavior of this method will be different, depending on how each plugin will implement the services model. The map of attribute-values has already been validated and default values have already been inherited by the framework. The plugin has to verify if the service is assigned (in which case it should throw an exception), and assign the service and the attributes to the identity (if supported).

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
serviceName - service to assign
stype -
attrMap - Map of attribute-values.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getAssignedServices

public abstract java.util.Set getAssignedServices(SSOToken token,
                                                  IdType type,
                                                  java.lang.String name,
                                                  java.util.Map mapOfServicesAndOCs)
                                           throws IdRepoException,
                                                  SSOException
Returns the set of services assigned to this identity. The framework has to check if the values are objectclasses, then map it to service names. Or if they are servicenames, then there is no mapping needed.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
mapOfServicesAndOCs -
Returns:
Set of name of services assigned to name
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

unassignService

public abstract void unassignService(SSOToken token,
                                     IdType type,
                                     java.lang.String name,
                                     java.lang.String serviceName,
                                     java.util.Map attrMap)
                              throws IdRepoException,
                                     SSOException
If the service is already assigned to the identity then this method unassigns the service and removes the related attributes from the entry.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
serviceName - Service name to remove.
attrMap - Map of attribute-values to remove
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

getServiceAttributes

public abstract java.util.Map getServiceAttributes(SSOToken token,
                                                   IdType type,
                                                   java.lang.String name,
                                                   java.lang.String serviceName,
                                                   java.util.Set attrNames)
                                            throws IdRepoException,
                                                   SSOException
Returns the attribute values of the service attributes.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
serviceName - Name of service.
attrNames - Set of attribute names.
Returns:
Map of attribute-values.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

modifyService

public abstract void modifyService(SSOToken token,
                                   IdType type,
                                   java.lang.String name,
                                   java.lang.String serviceName,
                                   SchemaType sType,
                                   java.util.Map attrMap)
                            throws IdRepoException,
                                   SSOException
Modifies the attribute values of the service attributes.

Parameters:
token - Single sign on token of identity performing the task.
type - Identity type of this object.
name - Name of the object of interest.
serviceName - Name of service.
sType -
attrMap - map of attribute-values.
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

addListener

public abstract int addListener(SSOToken token,
                                com.sun.identity.idm.IdRepoListener listener)
                         throws IdRepoException,
                                SSOException
Adds a listener for changes in the repository

Parameters:
token - Single sign on token of identity performing the task.
listener -
Returns:
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

removeListener

public abstract void removeListener()
Removes the listener added using the addListener method. This is called by the IdRepo framework when the plugin is being shutdown due to a configuration change, so that a new instance can be created with the new configuration map.

getConfiguration

public java.util.Map getConfiguration()
Returns the configuration map.

Returns:
configuration map

getFullyQualifiedName

public java.lang.String getFullyQualifiedName(SSOToken token,
                                              IdType type,
                                              java.lang.String name)
                                       throws IdRepoException,
                                              SSOException
Returns the fully qualified name for the identity. It is expected that the fully qualified name would be unique, hence it is recommended to prefix the name with the data store name or protocol. Used by IdRepo framework to check for equality of two identities

Parameters:
token - administrator SSOToken that can be used by the datastore to determine the fully qualified name
type - type of the identity
name - name of the identity
Returns:
fully qualified name for the identity within the data store
Throws:
IdRepoException - If there are repository related error conditions.
SSOException - If identity's single sign on token is invalid.

supportsAuthentication

public boolean supportsAuthentication()
Returns true if the data store supports authentication of identities. Used by IdRepo framework to authenticate identities.

Returns:
true if data store supports authentication of of identities; else false

authenticate

public boolean authenticate(javax.security.auth.callback.Callback[] credentials)
                     throws IdRepoException,
                            AuthLoginException
Returns true if the data store successfully authenticates the identity with the provided credentials. In case the data store requires additional credentials, the list would be returned via the IdRepoException exception.

Parameters:
credentials - Array of callback objects containing information such as username and password.
Returns:
true if data store authenticates the identity; else false
Throws:
IdRepoException
AuthLoginException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.