com.iplanet.am.sdk.common

Interface IDirectoryServices

All Known Subinterfaces:

ICachedDirectoryServices

All Known Implementing Classes:

CachedDirectoryServicesImpl, CachedRemoteServicesImpl, DirectoryServicesImpl, RemoteServicesImpl

public interface IDirectoryServices

Internal interface which provides service methods to avail all LDAP Directory related services. Classes implementing this service would be the server side classes which make calls to LDAP Server and the remote client classes which would route these method calls to the server side classes.

Author:

rarcot

Method Summary

Modifier and Type	Method and Description
void	addListener(SSOToken token, AMObjectListener listener, Map configMap) Add a listener object that will receive notifications when entries are changed.
void	changePassword(SSOToken token, String entryDN, String attrName, String oldPassword, String newPassword) Changes user password.
String	createAMTemplate(SSOToken token, String entryDN, int objectType, String serviceName, Map attributes, int priority) Create an AMTemplate (COSTemplate)
void	createEntry(SSOToken token, String entryName, int objectType, String parentDN, Map attributes) Create an entry in the Directory
boolean	doesEntryExists(SSOToken token, String entryDN) Returns a true if the entry exists in the directory.
String	getAMTemplateDN(SSOToken token, String entryDN, int objectType, String serviceName, int type) Get the AMTemplate DN (COSTemplateDN)
Map	getAttributes(SSOToken token, String entryDN, boolean ignoreCompliance, boolean byteValues, int profileType) Returns a map of attribute-values for requested attributes.
Map	getAttributes(SSOToken token, String entryDN, int profileType) Returns a Map with attribute-values requested from the directory.
Map	getAttributes(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType) Returns a map of attribute-values for requested attributes.
Map	getAttributes(SSOToken token, String entryDN, Set attrNames, int profileType) Returns a Map with attribute-values requested from the directory.
Map	getAttributesByteValues(SSOToken token, String entryDN, int profileType) Returns a map of attribute-values for binary attributes.
Map	getAttributesByteValues(SSOToken token, String entryDN, Set attrNames, int profileType) Returns a map of attribute-values for binary attributes.
Set	getAttributesForSchema(String objectclass) Returns the attributes in the directory schema, associated with the given objectclass.
Map	getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, int profileType) Returns a Map with attribute-values fetched directly from the Directory.
IComplianceServices	getComplianceServicesImpl() Returns an implementation instance of IComplianceServices.
String	getCreationTemplateName(int objectType) TODO: Remove this in 7.1 Return the name of the creation template for a given object type.
Map	getDCTreeAttributes(SSOToken token, String entryDN, Set attrNames, boolean byteValues, int objectType) Returns the attributes set in the Domain Component of the organization, in the DC Tree Enabled mode .
IDCTreeServices	getDCTreeServicesImpl() Returns an implementation instance of IDCTreeServices.
Map	getExternalAttributes(SSOToken token, String entryDN, Set attrNames, int profileType) Returns attributes from an external data store.
String[]	getGroupFilterAndScope(SSOToken token, String entryDN, int profileType) Returns the dynamic groups search filter and search scope.
Set	getMembers(SSOToken token, String entryDN, int objectType) Get members for roles, dynamic group or static group
String	getNamingAttribute(int objectType, String orgDN) Returns the naming attribute
String	getObjectClass(int objectType) Returns the objectclass representing an object type.
int	getObjectType(SSOToken token, String dn) Returns the integer type of the object represented by the DN .
int	getObjectType(SSOToken token, String dn, Map cachedAttributes) Returns the integer type of the object represented by the DN using the cached attributes.
String	getOrganizationDN(SSOToken token, String entryDN) Gets the Organization DN for the specified entryDN.
String	getOrgSearchFilter(String entryDN) Returns the search filter for organization.
Set	getRegisteredServiceNames(SSOToken token, String entryDN) Get registered services for an organization
String	getSearchFilterFromTemplate(int objectType, String orgDN, String searchTemplateName) Returns the search filter of a given search template.
Set	getTopLevelContainers(SSOToken token) Returns the set of top level containers that can be viewed by ths user
void	modifyMemberShip(SSOToken token, Set members, String target, int type, int operation) Modify member ship for role or static group
void	registerService(SSOToken token, String orgDN, String serviceName) Register a service for an org or org unit policy to a profile
void	removeAdminRole(SSOToken token, String dn, boolean recursive) Remove group admin role
void	removeEntry(SSOToken token, String entryDN, int objectType, boolean recursive, boolean softDelete) Remove an entry from the directory.
String	renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName) Renames an entry.
Set	search(SSOToken token, String entryDN, String searchFilter, int searchScope) Searches the Directory
AMSearchResults	search(SSOToken token, String entryDN, String searchFilter, SearchControl searchControl, String[] attrNames) Search the Directory
void	setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd) Method Set the attributes of an entry.
void	setGroupFilter(SSOToken token, String entryDN, String filter) Set's the dynamic groups search filter.
void	unRegisterService(SSOToken token, String entryDN, int objectType, String serviceName, int templateType) Un register service for a AMro profile.
void	updateUserAttribute(SSOToken token, Set members, String staticGroupDN, boolean toAdd) Adds or remove static group DN to or from member attribute 'iplanet-am-static-group-dn'
String	verifyAndGetOrgDN(SSOToken token, String entryDN, String childDN) Gets the Organization DN for the specified entryDN.

Method Detail

getComplianceServicesImpl

IComplianceServices getComplianceServicesImpl()

Returns an implementation instance of IComplianceServices.

Returns:

instance of IComplianceServices.

getDCTreeServicesImpl

IDCTreeServices getDCTreeServicesImpl()

Returns an implementation instance of IDCTreeServices.

Returns:

instance of IDCTreeServices.

doesEntryExists

boolean doesEntryExists(SSOToken token,
                        String entryDN)

Returns a true if the entry exists in the directory.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

Returns:

true or false

getObjectType

int getObjectType(SSOToken token,
                  String dn)
           throws AMException,
                  SSOException

Returns the integer type of the object represented by the DN .

Parameters:

token - User's single sign on token

dn - DN of the entry.

Returns:

Integer type of the entry.

Throws:

AMException - If entry is not a supported type or if unable to access the datastore.

SSOException - If user's single sign on token is invalid.

getObjectType

int getObjectType(SSOToken token,
                  String dn,
                  Map cachedAttributes)
           throws AMException,
                  SSOException

Returns the integer type of the object represented by the DN using the cached attributes.

Parameters:

token - User's single sign on token

dn - DN of the entry.

cachedAttributes - cached attributes that can be used to determine the object type

Returns:

Integer type of the entry.

Throws:

AMException - If entry is not a supported type or if unable to access the datastore.

SSOException - If user's single sign on token is invalid.

getDCTreeAttributes

Map getDCTreeAttributes(SSOToken token,
                        String entryDN,
                        Set attrNames,
                        boolean byteValues,
                        int objectType)
                 throws AMException,
                        SSOException

Returns the attributes set in the Domain Component of the organization, in the DC Tree Enabled mode .

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attribute names

byteValues - true if trying to read binary attributes

objectType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributes

Map getAttributes(SSOToken token,
                  String entryDN,
                  int profileType)
           throws AMException,
                  SSOException

Returns a Map with attribute-values requested from the directory.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributes

Map getAttributes(SSOToken token,
                  String entryDN,
                  Set attrNames,
                  int profileType)
           throws AMException,
                  SSOException

Returns a Map with attribute-values requested from the directory.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attributes to be read.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesFromDS

Map getAttributesFromDS(SSOToken token,
                        String entryDN,
                        Set attrNames,
                        int profileType)
                 throws AMException,
                        SSOException

Returns a Map with attribute-values fetched directly from the Directory. This API will avoid caching the attributes.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attributes to be read.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesByteValues

Map getAttributesByteValues(SSOToken token,
                            String entryDN,
                            int profileType)
                     throws AMException,
                            SSOException

Returns a map of attribute-values for binary attributes.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesByteValues

Map getAttributesByteValues(SSOToken token,
                            String entryDN,
                            Set attrNames,
                            int profileType)
                     throws AMException,
                            SSOException

Returns a map of attribute-values for binary attributes.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Names of the attributes to be read.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributes

Map getAttributes(SSOToken token,
                  String entryDN,
                  boolean ignoreCompliance,
                  boolean byteValues,
                  int profileType)
           throws AMException,
                  SSOException

Returns a map of attribute-values for requested attributes.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

ignoreCompliance - Ignore compliance mode when constructing search filters.

byteValues - Return binary attributes, if true.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributes

Map getAttributes(SSOToken token,
                  String entryDN,
                  Set attrNames,
                  boolean ignoreCompliance,
                  boolean byteValues,
                  int profileType)
           throws AMException,
                  SSOException

Returns a map of attribute-values for requested attributes.

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attribute names to be read.

ignoreCompliance - Ignore compliance mode when constructing search filters.

byteValues - Return binary attributes, if true.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getOrgSearchFilter

String getOrgSearchFilter(String entryDN)

Returns the search filter for organization.

Parameters:

entryDN - DN of the organization.

Returns:

Search filter.

getOrganizationDN

String getOrganizationDN(SSOToken token,
                         String entryDN)
                  throws AMException

Gets the Organization DN for the specified entryDN. If the entry itself is an org, then same DN is returned.

NOTE: This method will involve serveral directory searches, hence be cautious of Performance hit

Parameters:

token - a valid SSOToken

entryDN - the entry whose parent Organization is to be obtained

Returns:

the DN String of the parent Organization

Throws:

AMException - if an error occured while obtaining the parent Organization

verifyAndGetOrgDN

String verifyAndGetOrgDN(SSOToken token,
                         String entryDN,
                         String childDN)
                  throws AMException

Gets the Organization DN for the specified entryDN. If the entry itself is an org, then same DN is returned.

Parameters:

token - a valid SSOToken

entryDN - the entry whose parent Organization is to be obtained

childDN - the immediate entry whose parent Organization is to be obtained

Returns:

the DN String of the parent Organization

Throws:

AMException - if an error occured while obtaining the parent Organization

getExternalAttributes

Map getExternalAttributes(SSOToken token,
                          String entryDN,
                          Set attrNames,
                          int profileType)
                   throws AMException

Returns attributes from an external data store.

Parameters:

token - Single sign on token of user

entryDN - DN of the entry user is trying to read

attrNames - Set of attributes to be read

profileType - Integer determining the type of profile being read

Returns:

A Map of attribute-value pairs

Throws:

AMException - if an error occurs when trying to read external datastore

updateUserAttribute

void updateUserAttribute(SSOToken token,
                         Set members,
                         String staticGroupDN,
                         boolean toAdd)
                  throws AMException

Adds or remove static group DN to or from member attribute 'iplanet-am-static-group-dn'

Parameters:

token - SSOToken

members - set of user DN's

staticGroupDN - DN of the static group

toAdd - true to add, false to remove

Throws:

AMException - if there is an internal problem with AM Store.

createEntry

void createEntry(SSOToken token,
                 String entryName,
                 int objectType,
                 String parentDN,
                 Map attributes)
          throws AMEntryExistsException,
                 AMException,
                 SSOException

Create an entry in the Directory

Parameters:

token - SSOToken

entryName - name of the entry (naming value), e.g. "sun.com", "manager"

objectType - Profile Type, ORGANIZATION, AMObject.ROLE, AMObject.USER, etc.

parentDN - the parent DN

attributes - the initial attribute set for creation

Throws:

AMEntryExistsException

AMException

SSOException

removeEntry

void removeEntry(SSOToken token,
                 String entryDN,
                 int objectType,
                 boolean recursive,
                 boolean softDelete)
          throws AMException,
                 SSOException

Remove an entry from the directory.

Parameters:

token - SSOToken

entryDN - dn of the profile to be removed

objectType - profile type

recursive - if true, remove all sub entries & the object

softDelete - Used to let pre/post callback plugins know that this delete is either a soft delete (marked for deletion) or a purge/hard delete itself, otherwise, remove the object only

Throws:

AMException

SSOException

removeAdminRole

void removeAdminRole(SSOToken token,
                     String dn,
                     boolean recursive)
              throws SSOException,
                     AMException

Remove group admin role

Parameters:

token - SSOToken of the caller

dn - group DN

recursive - true to delete all admin roles for all sub groups or sub people container

Throws:

SSOException

AMException

search

Set search(SSOToken token,
           String entryDN,
           String searchFilter,
           int searchScope)
    throws AMException

Searches the Directory

Parameters:

token - SSOToken

entryDN - DN of the entry to start the search with

searchFilter - search filter

searchScope - search scope, BASE, ONELEVEL or SUBTREE

Returns:

Set set of matching DNs

Throws:

AMException

search

AMSearchResults search(SSOToken token,
                       String entryDN,
                       String searchFilter,
                       SearchControl searchControl,
                       String[] attrNames)
                throws AMException

Search the Directory

Parameters:

token - SSOToken

entryDN - DN of the entry to start the search with

searchFilter - search filter

searchControl - search control defining the VLV indexes and search scope

Returns:

Set set of matching DNs

Throws:

AMException

getMembers

Set getMembers(SSOToken token,
               String entryDN,
               int objectType)
        throws AMException

Get members for roles, dynamic group or static group

Parameters:

token - SSOToken

entryDN - DN of the role or group

objectType - objectType of the target object, AMObject.ROLE or AMObject.GROUP

Returns:

Set Member DNs

Throws:

AMException

renameEntry

String renameEntry(SSOToken token,
                   int objectType,
                   String entryDN,
                   String newName,
                   boolean deleteOldName)
            throws AMException

Renames an entry. Currently used for only user renaming

Parameters:

token - the sso token

objectType - the type of entry

entryDN - the entry DN

newName - the new name (i.e., if RDN is cn=John, the value passed should be "John"

deleteOldName - if true the old name is deleted otherwise it is retained.

Returns:

new DN of the renamed entry

Throws:

AMException - if the operation was not successful

setAttributes

void setAttributes(SSOToken token,
                   String entryDN,
                   int objectType,
                   Map stringAttributes,
                   Map byteAttributes,
                   boolean isAdd)
            throws AMException,
                   SSOException

Method Set the attributes of an entry.

Parameters:

token - Single sign on token

entryDN - DN of the profile whose template is to be set

objectType - profile type

stringAttributes - string attributes to be set

byteAttributes - byte attributes to be set

isAdd - true if to add to current value; otherwise it will replace current value.

Throws:

AMException

SSOException

changePassword

void changePassword(SSOToken token,
                    String entryDN,
                    String attrName,
                    String oldPassword,
                    String newPassword)
             throws AMException,
                    SSOException

Changes user password.

Parameters:

token - Single sign on token

entryDN - DN of the profile whose template is to be set

attrName - password attribute name

oldPassword - old password

newPassword - new password

Throws:

AMException - if an error occurs when changing user password

SSOException - If user's single sign on token is invalid.

getGroupFilterAndScope

String[] getGroupFilterAndScope(SSOToken token,
                                String entryDN,
                                int profileType)
                         throws SSOException,
                                AMException

Returns the dynamic groups search filter and search scope.

Parameters:

token - Single sign on token

entryDN - DN of the profile

profileType -

Throws:

AMException

SSOException

setGroupFilter

void setGroupFilter(SSOToken token,
                    String entryDN,
                    String filter)
             throws AMException,
                    SSOException

Set's the dynamic groups search filter.

Parameters:

token - Single sign on token

entryDN - DN of group entry

filter - Search filter

Throws:

AMException - If there is a datastore exception.

SSOException - If user's single sign on token is invalid.

modifyMemberShip

void modifyMemberShip(SSOToken token,
                      Set members,
                      String target,
                      int type,
                      int operation)
               throws AMException

Modify member ship for role or static group

Parameters:

token - SSOToken

members - Set of member DN to be operated

target - DN of the target object to add the member

type - type of the target object, AMObject.ROLE or AMObject.GROUP

operation - type of operation, ADD_MEMBER or REMOVE_MEMBER

Throws:

AMException

getRegisteredServiceNames

Set getRegisteredServiceNames(SSOToken token,
                              String entryDN)
                       throws AMException

Get registered services for an organization

Parameters:

token - SSOToken

entryDN - DN of the org

Returns:

Set set of service names

Throws:

AMException

registerService

void registerService(SSOToken token,
                     String orgDN,
                     String serviceName)
              throws AMException,
                     SSOException

Register a service for an org or org unit policy to a profile

Parameters:

token - token

orgDN - DN of the org

serviceName - Service Name

Throws:

AMException

SSOException

unRegisterService

void unRegisterService(SSOToken token,
                       String entryDN,
                       int objectType,
                       String serviceName,
                       int templateType)
                throws AMException

Un register service for a AMro profile.

Parameters:

token - SSOToken

entryDN - DN of the profile whose service is to be removed

objectType - profile type

serviceName - Service Name

templateType - Template type

Throws:

AMException

getAMTemplateDN

String getAMTemplateDN(SSOToken token,
                       String entryDN,
                       int objectType,
                       String serviceName,
                       int type)
                throws AMException

Get the AMTemplate DN (COSTemplateDN)

Parameters:

token - SSOToken

entryDN - DN of the profile whose template is to be set

serviceName - Service Name

type - the template type, AMTemplate.DYNAMIC_TEMPLATE

Returns:

String DN of the AMTemplate

Throws:

AMException

createAMTemplate

String createAMTemplate(SSOToken token,
                        String entryDN,
                        int objectType,
                        String serviceName,
                        Map attributes,
                        int priority)
                 throws AMException

Create an AMTemplate (COSTemplate)

Parameters:

token - token

entryDN - DN of the profile whose template is to be set

objectType - the type of object

serviceName - Service Name

attributes - attributes to be set

priority - template priority

Returns:

String DN of the newly created template

Throws:

AMException

getNamingAttribute

String getNamingAttribute(int objectType,
                          String orgDN)

Returns the naming attribute

Parameters:

objectType - the type of object of interest.

orgDN - the organization dn the object belongs to.

Returns:

the naming attribute for the object.

getObjectClass

String getObjectClass(int objectType)

Returns the objectclass representing an object type.

Parameters:

objectType - the type of object of interest.

Returns:

the objectclass for the representing the object type.

getCreationTemplateName

String getCreationTemplateName(int objectType)

TODO: Remove this in 7.1 Return the name of the creation template for a given object type.

Parameters:

objectType - Integere representing object type

Returns:

Name of creation template

getAttributesForSchema

Set getAttributesForSchema(String objectclass)

Returns the attributes in the directory schema, associated with the given objectclass.

Parameters:

objectclass -

Returns:

The set of attribute names (both required and optional) for this objectclass

getSearchFilterFromTemplate

String getSearchFilterFromTemplate(int objectType,
                                   String orgDN,
                                   String searchTemplateName)

Returns the search filter of a given search template.

Parameters:

objectType - Integere represenintg object type.

orgDN - Organization

searchTemplateName - Name of search template

Returns:

Search filter

getTopLevelContainers

Set getTopLevelContainers(SSOToken token)
                   throws AMException,
                          SSOException

Returns the set of top level containers that can be viewed by ths user

Parameters:

token - User's single sign on token.

Returns:

The top level containers this user manages based on its' administrative roles (if any)

Throws:

AMException - if a datastore access fails

SSOException - if user's single sign on token is invalid.

addListener

void addListener(SSOToken token,
                 AMObjectListener listener,
                 Map configMap)
          throws AMEventManagerException

Add a listener object that will receive notifications when entries are changed.

Parameters:

token - SSOToken of the user adding the listner

listener - listener object that will be called when entries are changed

Throws:

AMEventManagerException - if a error occurs during adding listener object