com.iplanet.am.sdk.ldap

Class DirectoryServicesImpl

java.lang.Object

com.iplanet.am.sdk.ldap.DirectoryServicesImpl

All Implemented Interfaces:

AMConstants, IDirectoryServices

Direct Known Subclasses:

CachedDirectoryServicesImpl

public class DirectoryServicesImpl
extends Object
implements AMConstants, IDirectoryServices

A class which manages all the major Directory related operations. Contains functionality to create, delete and manange directory entries. This class should not be used directly when caching mode is on.

Field Summary

Fields

Modifier and Type	Field and Description
protected CallBackHelper	callBackHelper
protected ComplianceServicesImpl	complianceImpl
protected DCTreeServicesImpl	dcTreeImpl
static Debug	debug
protected static String	EXTERNAL_ATTRIBUTES_FETCH_ENABLED_ATTR
protected SSOToken	internalToken
static boolean	isUserPluginInitialized
protected static String	NSROLE_ATTR
protected static String	NSROLEDN_ATTR

Fields inherited from interface com.iplanet.am.sdk.AMConstants

ADD_MEMBER, ADMIN_GROUPS_ENABLED_ATTR, ADMIN_ROLE_ATTR, ADMINISTRATION_SERVICE, CACHE_ENABLED_DISABLED_KEY, CACHE_MAX_SIZE_KEY, COMPLIANCE_SPECIAL_FILTER_ATTR, COMPLIANCE_USER_DELETION_ATTR, CONTAINER_DEFAULT_TEMPLATE_ROLE, CONTAINER_SUPPORTED_TYPES_ATTRIBUTE, DCT_ATTRIBUTE_LIST_ATTR, DCT_ENABLED_ATTR, DOMAIN_ADMINISTRATORS, DOMAIN_HELP_DESK_ADMINISTRATORS, EMAIL_ATTRIBUTE, FILTER_ATTR_NAME, INET_ADMIN_OBJECT_CLASS, INET_DOMAIN_STATUS_ATTR, INET_DOMAIN_STATUS_ATTRIBUTE, INVALID_USERID_CHARACTERS, OTHER_COSATTR_TYPE, POLICY_COSATTR_TYPE, POLICY_SUFFIX, PRE_POST_PROCESSING_MODULES_ATTR, REMOVE_ATTRIBUTE, REMOVE_MEMBER, REQUIRED_SERVICES_ATTR, ROLE_MANAGED_CONTAINER_DN_ATTRIBUTE, SCOPE_BASE, SCOPE_ONE, SCOPE_SUB, SERVICE_STATUS_ATTRIBUTE, STATIC_GROUP_DN_ATTRIBUTE, SUBSCRIBABLE_ATTRIBUTE, UNIQUE_ATTRIBUTE_LIST_ATTRIBUTE, UNIQUE_MEMBER_ATTRIBUTE, USER_CREATE_NOTIFICATION_LIST, USER_DELETE_NOTIFICATION_LIST, USER_ENCRYPTED_PASSWORD_ATTRIBUTE, USER_ENTRY_PROCESSING_IMPL, USER_MODIFY_NOTIFICATION_LIST, USER_PASSWORD_ATTRIBUTE, USER_SEARCH_RETURN_ATTR, USERID_PASSWORD_VALIDATION_CLASS

Constructor Summary

Constructors

Constructor and Description
DirectoryServicesImpl() Ideally this constructor should be private, since we are extending this class, it needs to be public.

Method Summary

Modifier and Type	Method and Description
void	addListener(SSOToken token, AMObjectListener listener, Map configMap) Add a listener object that will receive notifications when entries are changed.
void	changePassword(SSOToken token, String entryDN, String attrName, String oldPassword, String newPassword) Changes user password.
String	createAMTemplate(SSOToken token, String entryDN, int objectType, String serviceName, Map attributes, int priority) Create an AMTemplate (COSTemplate)
void	createEntry(SSOToken token, String entryName, int objectType, String parentDN, Map attributes) Create an entry in the Directory
boolean	doesEntryExists(SSOToken token, String entryDN) Checks if the entry exists in the directory.
String	getAMTemplateDN(SSOToken token, String entryDN, int objectType, String serviceName, int type) Get the AMTemplate DN (COSTemplateDN)
Map	getAttributes(SSOToken token, String entryDN, boolean ignoreCompliance, boolean byteValues, int profileType) Gets all attributes corresponding to the entryDN.
Map	getAttributes(SSOToken token, String entryDN, int profileType) Returns a Map with attribute-values requested from the directory.
Map	getAttributes(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType) Returns a map of attribute-values for requested attributes.
Map	getAttributes(SSOToken token, String entryDN, Set attrNames, int profileType) Returns a Map with attribute-values requested from the directory.
Map	getAttributesByteValues(SSOToken token, String entryDN, int profileType) Returns a map of attribute-values for binary attributes.
Map	getAttributesByteValues(SSOToken token, String entryDN, Set attrNames, int profileType) Returns a map of attribute-values for binary attributes.
Set	getAttributesForSchema(String objectclass) Returns the set of attributes (both optional and required) needed for an objectclass based on the LDAP schema
Map	getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType) Gets the specific attributes corresponding to the entryDN.
Map	getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, int profileType) Returns a Map with attribute-values fetched directly from the Directory.
IComplianceServices	getComplianceServicesImpl() Returns an implementation instance of IComplianceServices.
String	getCreationTemplateName(int objectType) Get the name of the creation template to use for specified object type.
Map	getDCTreeAttributes(SSOToken token, String entryDN, Set attrNames, boolean byteValues, int objectType) Gets the attributes for this entryDN from the corresponding DC Tree node.
IDCTreeServices	getDCTreeServicesImpl() Returns an implementation instance of IDCTreeServices.
protected String	getEntryName(UMSException e)
Map	getExternalAttributes(SSOToken token, String entryDN, Set attrNames, int profileType) Returns attributes from an external data store.
String[]	getGroupFilterAndScope(SSOToken token, String entryDN, int profileType) Returns an array containing the dynamic group's scope, base dn, and filter.
protected static IDirectoryServices	getInstance()
Set	getMembers(SSOToken token, String entryDN, int objectType) Get members for roles, dynamic group or static group
protected String	getNamingAttribute(int objectType)
String	getNamingAttribute(int objectType, String orgDN) Gets the naming attribute after reading it from the corresponding creation template.
String	getObjectClass(int objectType) Returns the objectclass representing an object type.
String	getObjectClassFromDS(int objectType)
int	getObjectType(SSOToken token, String dn) Gets the type of the object given its DN.
int	getObjectType(SSOToken token, String dn, Map cachedAttributes) Gets the type of the object given its DN.
int	getObjectType(String objectClass)
String	getOrganizationDN(SSOToken token, String entryDN) Gets the Organization DN for the specified entryDN.
String	getOrgSearchFilter(String entryDN) Returns the search filter for organization.
Set	getRegisteredServiceNames(SSOToken token, String entryDN) Get registered services for an organization
String	getSearchFilterFromTemplate(int objectType, String orgDN, String searchTemplateName) Returns the search filter of a given search template.
Set	getTopLevelContainers(SSOToken token) Returns the set of top level containers that can be viewed by ths user
static AMUserEntryProcessed	getUserPostPlugin() Gets the user post plugin instance.
protected static boolean	isExternalGetAttributesEnabled(String orgDN) Method to check if the CallBack plugins are enabled for reading external attributes.
void	modifyMemberShip(SSOToken token, Set members, String target, int type, int operation) Modify member ship for role or static group
void	registerService(SSOToken token, String orgDN, String serviceName) Register a service for an org or org unit policy to a profile
void	removeAdminRole(SSOToken token, String dn, boolean recursive) Remove group admin role
void	removeEntry(SSOToken token, String entryDN, int objectType, boolean recursive, boolean softDelete) Remove an entry from the directory.
String	renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName) Renames an entry.
Set	search(SSOToken token, String entryDN, String searchFilter, int searchScope) Searches the Directory
AMSearchResults	search(SSOToken token, String entryDN, String searchFilter, SearchControl searchControl, String[] attrNames) Search the Directory
void	setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd) Method Set the attributes of an entry.
void	setGroupFilter(SSOToken token, String entryDN, String filter) Sets the filter for a dynamic group in the datastore.
void	unRegisterService(SSOToken token, String entryDN, int objectType, String serviceName, int type) Un register service for a AMro profile.
void	updateUserAttribute(SSOToken token, Set members, String staticGroupDN, boolean toAdd) Adds or remove static group DN to or from member attribute 'iplanet-am-static-group-dn'
String	verifyAndGetOrgDN(SSOToken token, String entryDN, String childDN) Gets the Organization DN for the specified entryDN.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

EXTERNAL_ATTRIBUTES_FETCH_ENABLED_ATTR

protected static final String EXTERNAL_ATTRIBUTES_FETCH_ENABLED_ATTR

See Also:

Constant Field Values

NSROLEDN_ATTR

protected static String NSROLEDN_ATTR

NSROLE_ATTR

protected static String NSROLE_ATTR

debug

public static Debug debug

isUserPluginInitialized

public static boolean isUserPluginInitialized

dcTreeImpl

protected DCTreeServicesImpl dcTreeImpl

complianceImpl

protected ComplianceServicesImpl complianceImpl

callBackHelper

protected CallBackHelper callBackHelper

internalToken

protected SSOToken internalToken

Constructor Detail

DirectoryServicesImpl

public DirectoryServicesImpl()

Ideally this constructor should be private, since we are extending this class, it needs to be public. This constructor should not be used to create an instance of this class.

Use AMDirectoryWrapper.getInstance() to create an instance.

Method Detail

getInstance

protected static IDirectoryServices getInstance()

getEntryName

protected String getEntryName(UMSException e)

isExternalGetAttributesEnabled

protected static boolean isExternalGetAttributesEnabled(String orgDN)

Method to check if the CallBack plugins are enabled for reading external attributes.

getUserPostPlugin

public static AMUserEntryProcessed getUserPostPlugin()

Gets the user post plugin instance. Returns a null if plugin not configured could not be loaded. TODO: REMOVE after few releases. Supported through AMCallBack

getDCTreeServicesImpl

public IDCTreeServices getDCTreeServicesImpl()

Description copied from interface: IDirectoryServices

Returns an implementation instance of IDCTreeServices.

Specified by:

getDCTreeServicesImpl in interface IDirectoryServices

Returns:

instance of IDCTreeServices.

getComplianceServicesImpl

public IComplianceServices getComplianceServicesImpl()

Description copied from interface: IDirectoryServices

Returns an implementation instance of IComplianceServices.

Specified by:

getComplianceServicesImpl in interface IDirectoryServices

Returns:

instance of IComplianceServices.

doesEntryExists

public boolean doesEntryExists(SSOToken token,
                               String entryDN)

Checks if the entry exists in the directory.

Specified by:

doesEntryExists in interface IDirectoryServices

Parameters:

token - a valid SSOToken

entryDN - The DN of the entry that needs to be checked

Returns:

true if the entryDN exists in the directory, false otherwise

getObjectType

public int getObjectType(SSOToken token,
                         String dn)
                  throws AMException,
                         SSOException

Gets the type of the object given its DN.

Specified by:

getObjectType in interface IDirectoryServices

Parameters:

token - token a valid SSOToken

dn - DN of the object whose type is to be known.

Returns:

Integer type of the entry.

Throws:

AMException - if the data store is unavailable or if the object type is unknown

SSOException - if ssoToken is invalid or expired.

getObjectType

public int getObjectType(SSOToken token,
                         String dn,
                         Map cachedAttributes)
                  throws AMException,
                         SSOException

Gets the type of the object given its DN.

Specified by:

getObjectType in interface IDirectoryServices

Parameters:

token - token a valid SSOToken

dn - DN of the object whose type is to be known.

cachedAttributes - cached attributes of the user

Returns:

Integer type of the entry.

Throws:

AMException - if the data store is unavailable or if the object type is unknown

SSOException - if ssoToken is invalid or expired.

getDCTreeAttributes

public Map getDCTreeAttributes(SSOToken token,
                               String entryDN,
                               Set attrNames,
                               boolean byteValues,
                               int objectType)
                        throws AMException,
                               SSOException

Gets the attributes for this entryDN from the corresponding DC Tree node. The attributes are fetched only for Organization entries in DC tree mode.

Specified by:

getDCTreeAttributes in interface IDirectoryServices

Parameters:

token - a valid SSOToken

entryDN - the dn of the entry

attrNames - attribute names

byteValues - true if result in byte

objectType - the object type.

Returns:

an AttrSet of values or null if not found

Throws:

AMException - if error encountered in fetching the DC node attributes.

SSOException - If user's single sign on token is invalid.

getAttributes

public Map getAttributes(SSOToken token,
                         String entryDN,
                         int profileType)
                  throws AMException,
                         SSOException

Description copied from interface: IDirectoryServices

Returns a Map with attribute-values requested from the directory.

Specified by:

getAttributes in interface IDirectoryServices

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributes

public Map getAttributes(SSOToken token,
                         String entryDN,
                         Set attrNames,
                         int profileType)
                  throws AMException,
                         SSOException

Description copied from interface: IDirectoryServices

Returns a Map with attribute-values requested from the directory.

Specified by:

getAttributes in interface IDirectoryServices

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attributes to be read.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesFromDS

public Map getAttributesFromDS(SSOToken token,
                               String entryDN,
                               Set attrNames,
                               int profileType)
                        throws AMException,
                               SSOException

Description copied from interface: IDirectoryServices

Returns a Map with attribute-values fetched directly from the Directory. This API will avoid caching the attributes.

Specified by:

getAttributesFromDS in interface IDirectoryServices

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attributes to be read.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesByteValues

public Map getAttributesByteValues(SSOToken token,
                                   String entryDN,
                                   int profileType)
                            throws AMException,
                                   SSOException

Description copied from interface: IDirectoryServices

Returns a map of attribute-values for binary attributes.

Specified by:

getAttributesByteValues in interface IDirectoryServices

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesByteValues

public Map getAttributesByteValues(SSOToken token,
                                   String entryDN,
                                   Set attrNames,
                                   int profileType)
                            throws AMException,
                                   SSOException

Description copied from interface: IDirectoryServices

Returns a map of attribute-values for binary attributes.

Specified by:

getAttributesByteValues in interface IDirectoryServices

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Names of the attributes to be read.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributes

public Map getAttributes(SSOToken token,
                         String entryDN,
                         boolean ignoreCompliance,
                         boolean byteValues,
                         int profileType)
                  throws AMException,
                         SSOException

Gets all attributes corresponding to the entryDN. This method obtains the DC Tree node attributes and also performs compliance related verification checks in compliance mode. Note: In compliance mode you can skip the compliance checks by setting ignoreCompliance to "false".

Specified by:

getAttributes in interface IDirectoryServices

Parameters:

token - a valid SSOToken

entryDN - the DN of the entry whose attributes need to retrieved

ignoreCompliance - a boolean value specificying if compliance related entries need to ignored or not. Ignored if true.

byteValues - Return binary attributes, if true.

profileType - Integer representing type of the object.

Returns:

a Map containing attribute names as keys and Set of values corresponding to each key.

Throws:

AMException - if an error is encountered in fetching the attributes

SSOException - If user's single sign on token is invalid.

getAttributes

public Map getAttributes(SSOToken token,
                         String entryDN,
                         Set attrNames,
                         boolean ignoreCompliance,
                         boolean byteValues,
                         int profileType)
                  throws AMException,
                         SSOException

Description copied from interface: IDirectoryServices

Returns a map of attribute-values for requested attributes.

Specified by:

getAttributes in interface IDirectoryServices

Parameters:

token - User's single sign on token

entryDN - DN of the entry.

attrNames - Set of attribute names to be read.

ignoreCompliance - Ignore compliance mode when constructing search filters.

byteValues - Return binary attributes, if true.

profileType - Integer representing type of the object.

Returns:

Map of attribute-values.

Throws:

AMException - If unable to access datastore

SSOException - If user's single sign on token is invalid.

getAttributesFromDS

public Map getAttributesFromDS(SSOToken token,
                               String entryDN,
                               Set attrNames,
                               boolean ignoreCompliance,
                               boolean byteValues,
                               int profileType)
                        throws AMException,
                               SSOException

Gets the specific attributes corresponding to the entryDN. This method obtains the DC Tree node attributes and also performs compliance related verification checks in compliance mode. Note: In compliance mode you can skip the compliance checks by setting ignoreCompliance to "false".

Parameters:

token - a valid SSOToken

entryDN - the DN of the entry whose attributes need to retrieved

attrNames - a Set of names of the attributes that need to be retrieved. The attrNames should not be null.

ignoreCompliance - a boolean value specificying if compliance related entries need to ignored or not. Ignored if true.

Returns:

a Map containing attribute names as keys and Set of values corresponding to each key.

Throws:

AMException - if an error is encountered in fetching the attributes

SSOException

getOrgSearchFilter

public String getOrgSearchFilter(String entryDN)

Description copied from interface: IDirectoryServices

Returns the search filter for organization.

Specified by:

getOrgSearchFilter in interface IDirectoryServices

Parameters:

entryDN - DN of the organization.

Returns:

Search filter.

getOrganizationDN

public String getOrganizationDN(SSOToken token,
                                String entryDN)
                         throws AMException

Gets the Organization DN for the specified entryDN. If the entry itself is an org, then same DN is returned.

NOTE: This method will involve serveral directory searches, hence be cautious of Performance hit

Specified by:

getOrganizationDN in interface IDirectoryServices

Parameters:

token - a valid SSOToken

entryDN - the entry whose parent Organization is to be obtained

Returns:

the DN String of the parent Organization

Throws:

AMException - if an error occured while obtaining the parent Organization

getExternalAttributes

public Map getExternalAttributes(SSOToken token,
                                 String entryDN,
                                 Set attrNames,
                                 int profileType)
                          throws AMException

Returns attributes from an external data store.

Specified by:

getExternalAttributes in interface IDirectoryServices

Parameters:

token - Single sign on token of user

entryDN - DN of the entry user is trying to read

attrNames - Set of attributes to be read

profileType - Integer determining the type of profile being read

Returns:

A Map of attribute-value pairs

Throws:

AMException - if an error occurs when trying to read external datastore

updateUserAttribute

public void updateUserAttribute(SSOToken token,
                                Set members,
                                String staticGroupDN,
                                boolean toAdd)
                         throws AMException

Adds or remove static group DN to or from member attribute 'iplanet-am-static-group-dn'

Specified by:

updateUserAttribute in interface IDirectoryServices

Parameters:

token - SSOToken

members - set of user DN's

staticGroupDN - DN of the static group

toAdd - true to add, false to remove

Throws:

AMException - if there is an internal problem with AM Store.

createEntry

public void createEntry(SSOToken token,
                        String entryName,
                        int objectType,
                        String parentDN,
                        Map attributes)
                 throws AMEntryExistsException,
                        AMException,
                        SSOException

Create an entry in the Directory

Specified by:

createEntry in interface IDirectoryServices

Parameters:

token - SSOToken

entryName - name of the entry (naming value), e.g. "sun.com", "manager"

objectType - Profile Type, ORGANIZATION, AMObject.ROLE, AMObject.USER, etc.

parentDN - the parent DN

attributes - the initial attribute set for creation

Throws:

AMEntryExistsException

AMException

SSOException

removeEntry

public void removeEntry(SSOToken token,
                        String entryDN,
                        int objectType,
                        boolean recursive,
                        boolean softDelete)
                 throws AMException,
                        SSOException

Remove an entry from the directory.

Specified by:

removeEntry in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - dn of the profile to be removed

objectType - profile type

recursive - if true, remove all sub entries & the object

softDelete - Used to let pre/post callback plugins know that this delete is either a soft delete (marked for deletion) or a purge/hard delete itself, otherwise, remove the object only

Throws:

AMException

SSOException

removeAdminRole

public void removeAdminRole(SSOToken token,
                            String dn,
                            boolean recursive)
                     throws SSOException,
                            AMException

Remove group admin role

Specified by:

removeAdminRole in interface IDirectoryServices

Parameters:

token - SSOToken of the caller

dn - group DN

recursive - true to delete all admin roles for all sub groups or sub people container

Throws:

SSOException

AMException

search

public Set search(SSOToken token,
                  String entryDN,
                  String searchFilter,
                  int searchScope)
           throws AMException

Searches the Directory

Specified by:

search in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the entry to start the search with

searchFilter - search filter

searchScope - search scope, BASE, ONELEVEL or SUBTREE

Returns:

Set set of matching DNs

Throws:

AMException

search

public AMSearchResults search(SSOToken token,
                              String entryDN,
                              String searchFilter,
                              SearchControl searchControl,
                              String[] attrNames)
                       throws AMException

Search the Directory

Specified by:

search in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the entry to start the search with

searchFilter - search filter

searchControl - search control defining the VLV indexes and search scope

attrNames - name of attributes

Returns:

Set set of matching DNs

Throws:

AMException

getMembers

public Set getMembers(SSOToken token,
                      String entryDN,
                      int objectType)
               throws AMException

Get members for roles, dynamic group or static group

Specified by:

getMembers in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the role or group

objectType - objectType of the target object, AMObject.ROLE or AMObject.GROUP

Returns:

Set Member DNs

Throws:

AMException

renameEntry

public String renameEntry(SSOToken token,
                          int objectType,
                          String entryDN,
                          String newName,
                          boolean deleteOldName)
                   throws AMException

Renames an entry. Currently used for only user renaming

Specified by:

renameEntry in interface IDirectoryServices

Parameters:

token - the sso token

objectType - the type of entry

entryDN - the entry DN

newName - the new name (i.e., if RDN is cn=John, the value passed should be "John"

deleteOldName - if true the old name is deleted otherwise it is retained.

Returns:

new DN of the renamed entry

Throws:

AMException - if the operation was not successful

setAttributes

public void setAttributes(SSOToken token,
                          String entryDN,
                          int objectType,
                          Map stringAttributes,
                          Map byteAttributes,
                          boolean isAdd)
                   throws AMException,
                          SSOException

Method Set the attributes of an entry.

Specified by:

setAttributes in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the profile whose template is to be set

objectType - profile type

stringAttributes - attributes to be set

byteAttributes - attributes to be set

isAdd - true if add to existing value; otherwise replace the existing value.

Throws:

AMException

SSOException

changePassword

public void changePassword(SSOToken token,
                           String entryDN,
                           String attrName,
                           String oldPassword,
                           String newPassword)
                    throws AMException,
                           SSOException

Changes user password.

Specified by:

changePassword in interface IDirectoryServices

Parameters:

token - Single sign on token

entryDN - DN of the profile whose template is to be set

attrName - password attribute name

oldPassword - old password

newPassword - new password

Throws:

AMException - if an error occurs when changing user password

SSOException - If user's single sign on token is invalid.

getGroupFilterAndScope

public String[] getGroupFilterAndScope(SSOToken token,
                                       String entryDN,
                                       int profileType)
                                throws SSOException,
                                       AMException

Returns an array containing the dynamic group's scope, base dn, and filter.

Specified by:

getGroupFilterAndScope in interface IDirectoryServices

Parameters:

token - Single sign on token

entryDN - DN of the profile

Throws:

SSOException

AMException

setGroupFilter

public void setGroupFilter(SSOToken token,
                           String entryDN,
                           String filter)
                    throws AMException,
                           SSOException

Sets the filter for a dynamic group in the datastore.

Specified by:

setGroupFilter in interface IDirectoryServices

Parameters:

token -

entryDN -

filter -

Throws:

AMException

SSOException

modifyMemberShip

public void modifyMemberShip(SSOToken token,
                             Set members,
                             String target,
                             int type,
                             int operation)
                      throws AMException

Modify member ship for role or static group

Specified by:

modifyMemberShip in interface IDirectoryServices

Parameters:

token - SSOToken

members - Set of member DN to be operated

target - DN of the target object to add the member

type - type of the target object, AMObject.ROLE or AMObject.GROUP

operation - type of operation, ADD_MEMBER or REMOVE_MEMBER

Throws:

AMException

getRegisteredServiceNames

public Set getRegisteredServiceNames(SSOToken token,
                                     String entryDN)
                              throws AMException

Get registered services for an organization

Specified by:

getRegisteredServiceNames in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the org

Returns:

Set set of service names

Throws:

AMException

registerService

public void registerService(SSOToken token,
                            String orgDN,
                            String serviceName)
                     throws AMException,
                            SSOException

Register a service for an org or org unit policy to a profile

Specified by:

registerService in interface IDirectoryServices

Parameters:

token - token

orgDN - DN of the org

serviceName - Service Name

Throws:

AMException

SSOException

unRegisterService

public void unRegisterService(SSOToken token,
                              String entryDN,
                              int objectType,
                              String serviceName,
                              int type)
                       throws AMException

Un register service for a AMro profile.

Specified by:

unRegisterService in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the profile whose service is to be removed

objectType - profile type

serviceName - Service Name

type - Template type

Throws:

AMException

getAMTemplateDN

public String getAMTemplateDN(SSOToken token,
                              String entryDN,
                              int objectType,
                              String serviceName,
                              int type)
                       throws AMException

Get the AMTemplate DN (COSTemplateDN)

Specified by:

getAMTemplateDN in interface IDirectoryServices

Parameters:

token - SSOToken

entryDN - DN of the profile whose template is to be set

serviceName - Service Name

type - the template type, AMTemplate.DYNAMIC_TEMPLATE

Returns:

String DN of the AMTemplate

Throws:

AMException

createAMTemplate

public String createAMTemplate(SSOToken token,
                               String entryDN,
                               int objectType,
                               String serviceName,
                               Map attributes,
                               int priority)
                        throws AMException

Create an AMTemplate (COSTemplate)

Specified by:

createAMTemplate in interface IDirectoryServices

Parameters:

token - token

entryDN - DN of the profile whose template is to be set

objectType - the entry type

serviceName - Service Name

attributes - attributes to be set

priority - template priority

Returns:

String DN of the newly created template

Throws:

AMException

getNamingAttribute

protected String getNamingAttribute(int objectType)

getNamingAttribute

public String getNamingAttribute(int objectType,
                                 String orgDN)

Gets the naming attribute after reading it from the corresponding creation template. If not found, a default value will be used

Specified by:

getNamingAttribute in interface IDirectoryServices

Parameters:

objectType - the type of object of interest.

orgDN - the organization dn the object belongs to.

Returns:

the naming attribute for the object.

getCreationTemplateName

public String getCreationTemplateName(int objectType)

Get the name of the creation template to use for specified object type.

Specified by:

getCreationTemplateName in interface IDirectoryServices

Parameters:

objectType - Integere representing object type

Returns:

Name of creation template

getObjectClassFromDS

public String getObjectClassFromDS(int objectType)

getObjectClass

public String getObjectClass(int objectType)

Description copied from interface: IDirectoryServices

Returns the objectclass representing an object type.

Specified by:

getObjectClass in interface IDirectoryServices

Parameters:

objectType - the type of object of interest.

Returns:

the objectclass for the representing the object type.

getObjectType

public int getObjectType(String objectClass)

getSearchFilterFromTemplate

public String getSearchFilterFromTemplate(int objectType,
                                          String orgDN,
                                          String searchTemplateName)

Description copied from interface: IDirectoryServices

Returns the search filter of a given search template.

Specified by:

getSearchFilterFromTemplate in interface IDirectoryServices

Parameters:

objectType - Integere represenintg object type.

orgDN - Organization

searchTemplateName - Name of search template

Returns:

Search filter

getAttributesForSchema

public Set getAttributesForSchema(String objectclass)

Returns the set of attributes (both optional and required) needed for an objectclass based on the LDAP schema

Specified by:

getAttributesForSchema in interface IDirectoryServices

Parameters:

objectclass -

Returns:

the attributes for the objectclass

getTopLevelContainers

public Set getTopLevelContainers(SSOToken token)
                          throws AMException,
                                 SSOException

Description copied from interface: IDirectoryServices

Returns the set of top level containers that can be viewed by ths user

Specified by:

getTopLevelContainers in interface IDirectoryServices

Parameters:

token - User's single sign on token.

Returns:

The top level containers this user manages based on its' administrative roles (if any)

Throws:

AMException - if a datastore access fails

SSOException - if user's single sign on token is invalid.

verifyAndGetOrgDN

public String verifyAndGetOrgDN(SSOToken token,
                                String entryDN,
                                String childDN)
                         throws AMException

Gets the Organization DN for the specified entryDN. If the entry itself is an org, then same DN is returned.

Specified by:

verifyAndGetOrgDN in interface IDirectoryServices

Parameters:

token - a valid SSOToken

entryDN - the entry whose parent Organization is to be obtained

childDN - the immediate entry whose parent Organization is to be obtained

Returns:

the DN String of the parent Organization

Throws:

AMException - if an error occured while obtaining the parent Organization

addListener

public void addListener(SSOToken token,
                        AMObjectListener listener,
                        Map configMap)
                 throws AMEventManagerException

Description copied from interface: IDirectoryServices

Add a listener object that will receive notifications when entries are changed.

Specified by:

addListener in interface IDirectoryServices

Parameters:

token - SSOToken of the user adding the listner

listener - listener object that will be called when entries are changed

Throws:

AMEventManagerException - if a error occurs during adding listener object