public class SwitchToExternalAuthenticationService extends SwitchAuthenticationService
Warning: This service should not be used while any ODI application is connected to the ODI repository.
Modifier and Type | Class and Description |
---|---|
static class |
SwitchToExternalAuthenticationService.SwitchStatistics
Statistical information resulting from a switch.
|
Constructor and Description |
---|
SwitchToExternalAuthenticationService(javax.sql.DataSource pMasterDataSource)
Create a SwitchToExternalAuthenticationService for the master repository to
which the pMasterDataSource is connected.
|
Modifier and Type | Method and Description |
---|---|
java.util.List |
listMatchedSupervisorUsernames()
This method allows to list the usernames for users with SUPERVISOR privileges and that have a match in the
user population in the IdentityStore defined in the external authentication
that would be used if the switchToExternal method is called.
|
java.util.List |
listMatchedUsernames()
This method allows to list the usernames that have a match in the user
population in the IdentityStore defined in the external authentication that
would be used if the switchToExternal method is called.
|
java.util.List |
listUnmatchedUsernames()
This method allows to list the usernames that does not have a match in the
user population in the IdentityStore defined in the external authentication
that would be used if the switchToExternal method is called.
|
SwitchToExternalAuthenticationService.SwitchStatistics |
switchToExternal()
Deprecated.
use
switchToExternal(Collection) instead |
SwitchToExternalAuthenticationService.SwitchStatistics |
switchToExternal(java.util.Collection supervisorPrincipals)
This method will do the actual switch of the repository authentication
configuration to external.
|
isMasterAlreadyConfiguredWithExternalAuthentication, validateAuthenticationConfiguration
public SwitchToExternalAuthenticationService(javax.sql.DataSource pMasterDataSource)
pMasterDataSource
- the datasource of master repositorypublic java.util.List listMatchedUsernames() throws AuthenticationConfigurationSwitchingException
AuthenticationConfigurationSwitchingException
public java.util.List listUnmatchedUsernames() throws AuthenticationConfigurationSwitchingException
AuthenticationConfigurationSwitchingException
public java.util.List listMatchedSupervisorUsernames() throws AuthenticationConfigurationSwitchingException
AuthenticationConfigurationSwitchingException
@Deprecated public SwitchToExternalAuthenticationService.SwitchStatistics switchToExternal() throws AuthenticationConfigurationSwitchingException
switchToExternal(Collection)
insteadpublic SwitchToExternalAuthenticationService.SwitchStatistics switchToExternal(java.util.Collection supervisorPrincipals) throws AuthenticationConfigurationSwitchingException
Enterprise Identities from collection supervisorPrincipalList
will be mapped to supervisor ODI Role with name . If such role
doesn't exist it will be created.
Also for backward compatibility the existing internal users are mapped to enterprise users, wherever the user names match. All users that does not match a user in the external identity store will be switched to inactive. The inactivated users can then be switch back to active using the Studio UI
Note: if no enterprise principal is provided to map to ODI role with name SUPERVISOR_ROLE the switch will fail.
Note: Usernames in LDAP server is case-insensitive. Hence, in order to compute matched usernames between LDAP server and ODI, username is lowercased for checking the username-existance in external id-store.AuthenticationConfigurationSwitchingException
- if something
goes wrong during the switchInvalidAuthenticationAPIUsageException
- if param supervisorPrincipals contains wrong principal type (not User
or Role
)