Package com.iplanet.am.sdk.ldap
Class DirectoryServicesImpl
- java.lang.Object
-
- com.iplanet.am.sdk.ldap.DirectoryServicesImpl
-
- All Implemented Interfaces:
AMConstants
,IDirectoryServices
- Direct Known Subclasses:
CachedDirectoryServicesImpl
public class DirectoryServicesImpl extends Object implements AMConstants, IDirectoryServices
A class which manages all the major Directory related operations. Contains functionality to create, delete and manange directory entries. This class should not be used directly when caching mode is on.
-
-
Field Summary
Fields Modifier and Type Field Description protected CallBackHelper
callBackHelper
protected ComplianceServicesImpl
complianceImpl
protected DCTreeServicesImpl
dcTreeImpl
static Debug
debug
protected static String
EXTERNAL_ATTRIBUTES_FETCH_ENABLED_ATTR
protected SSOToken
internalToken
static boolean
isUserPluginInitialized
protected static String
NSROLE_ATTR
protected static String
NSROLEDN_ATTR
-
Fields inherited from interface com.iplanet.am.sdk.AMConstants
ADD_MEMBER, ADMIN_GROUPS_ENABLED_ATTR, ADMIN_ROLE_ATTR, ADMINISTRATION_SERVICE, CACHE_ENABLED_DISABLED_KEY, CACHE_MAX_SIZE_KEY, COMPLIANCE_SPECIAL_FILTER_ATTR, COMPLIANCE_USER_DELETION_ATTR, CONTAINER_DEFAULT_TEMPLATE_ROLE, CONTAINER_SUPPORTED_TYPES_ATTRIBUTE, DCT_ATTRIBUTE_LIST_ATTR, DCT_ENABLED_ATTR, DOMAIN_ADMINISTRATORS, DOMAIN_HELP_DESK_ADMINISTRATORS, EMAIL_ATTRIBUTE, FILTER_ATTR_NAME, INET_ADMIN_OBJECT_CLASS, INET_DOMAIN_STATUS_ATTR, INET_DOMAIN_STATUS_ATTRIBUTE, INVALID_USERID_CHARACTERS, OTHER_COSATTR_TYPE, POLICY_COSATTR_TYPE, POLICY_SUFFIX, PRE_POST_PROCESSING_MODULES_ATTR, REMOVE_ATTRIBUTE, REMOVE_MEMBER, REQUIRED_SERVICES_ATTR, ROLE_MANAGED_CONTAINER_DN_ATTRIBUTE, SCOPE_BASE, SCOPE_ONE, SCOPE_SUB, SERVICE_STATUS_ATTRIBUTE, STATIC_GROUP_DN_ATTRIBUTE, SUBSCRIBABLE_ATTRIBUTE, UNIQUE_ATTRIBUTE_LIST_ATTRIBUTE, UNIQUE_MEMBER_ATTRIBUTE, USER_CREATE_NOTIFICATION_LIST, USER_DELETE_NOTIFICATION_LIST, USER_ENCRYPTED_PASSWORD_ATTRIBUTE, USER_ENTRY_PROCESSING_IMPL, USER_MODIFY_NOTIFICATION_LIST, USER_PASSWORD_ATTRIBUTE, USER_SEARCH_RETURN_ATTR, USERID_PASSWORD_VALIDATION_CLASS
-
-
Constructor Summary
Constructors Constructor Description DirectoryServicesImpl()
Ideally this constructor should be private, since we are extending this class, it needs to be public.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addListener(SSOToken token, AMObjectListener listener, Map configMap)
Add a listener object that will receive notifications when entries are changed.void
changePassword(SSOToken token, String entryDN, String attrName, String oldPassword, String newPassword)
Changes user password.String
createAMTemplate(SSOToken token, String entryDN, int objectType, String serviceName, Map attributes, int priority)
Create an AMTemplate (COSTemplate)void
createEntry(SSOToken token, String entryName, int objectType, String parentDN, Map attributes)
Create an entry in the Directoryboolean
doesEntryExists(SSOToken token, String entryDN)
Checks if the entry exists in the directory.String
getAMTemplateDN(SSOToken token, String entryDN, int objectType, String serviceName, int type)
Get the AMTemplate DN (COSTemplateDN)Map
getAttributes(SSOToken token, String entryDN, boolean ignoreCompliance, boolean byteValues, int profileType)
Gets all attributes corresponding to the entryDN.Map
getAttributes(SSOToken token, String entryDN, int profileType)
Returns a Map with attribute-values requested from the directory.Map
getAttributes(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType)
Returns a map of attribute-values for requested attributes.Map
getAttributes(SSOToken token, String entryDN, Set attrNames, int profileType)
Returns a Map with attribute-values requested from the directory.Map
getAttributesByteValues(SSOToken token, String entryDN, int profileType)
Returns a map of attribute-values for binary attributes.Map
getAttributesByteValues(SSOToken token, String entryDN, Set attrNames, int profileType)
Returns a map of attribute-values for binary attributes.Set
getAttributesForSchema(String objectclass)
Returns the set of attributes (both optional and required) needed for an objectclass based on the LDAP schemaMap
getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType)
Gets the specific attributes corresponding to the entryDN.Map
getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, int profileType)
Returns a Map with attribute-values fetched directly from the Directory.IComplianceServices
getComplianceServicesImpl()
Returns an implementation instance of IComplianceServices.String
getCreationTemplateName(int objectType)
Get the name of the creation template to use for specified object type.Map
getDCTreeAttributes(SSOToken token, String entryDN, Set attrNames, boolean byteValues, int objectType)
Gets the attributes for this entryDN from the corresponding DC Tree node.IDCTreeServices
getDCTreeServicesImpl()
Returns an implementation instance of IDCTreeServices.protected String
getEntryName(UMSException e)
Map
getExternalAttributes(SSOToken token, String entryDN, Set attrNames, int profileType)
Returns attributes from an external data store.String[]
getGroupFilterAndScope(SSOToken token, String entryDN, int profileType)
Returns an array containing the dynamic group's scope, base dn, and filter.protected static IDirectoryServices
getInstance()
Set
getMembers(SSOToken token, String entryDN, int objectType)
Get members for roles, dynamic group or static groupprotected String
getNamingAttribute(int objectType)
String
getNamingAttribute(int objectType, String orgDN)
Gets the naming attribute after reading it from the corresponding creation template.String
getObjectClass(int objectType)
Returns the objectclass representing an object type.String
getObjectClassFromDS(int objectType)
int
getObjectType(SSOToken token, String dn)
Gets the type of the object given its DN.int
getObjectType(SSOToken token, String dn, Map cachedAttributes)
Gets the type of the object given its DN.int
getObjectType(String objectClass)
String
getOrganizationDN(SSOToken token, String entryDN)
Gets the Organization DN for the specified entryDN.String
getOrgSearchFilter(String entryDN)
Returns the search filter for organization.Set
getRegisteredServiceNames(SSOToken token, String entryDN)
Get registered services for an organizationString
getSearchFilterFromTemplate(int objectType, String orgDN, String searchTemplateName)
Returns the search filter of a given search template.Set
getTopLevelContainers(SSOToken token)
Returns the set of top level containers that can be viewed by ths userstatic AMUserEntryProcessed
getUserPostPlugin()
Gets the user post plugin instance.protected static boolean
isExternalGetAttributesEnabled(String orgDN)
Method to check if the CallBack plugins are enabled for reading external attributes.void
modifyMemberShip(SSOToken token, Set members, String target, int type, int operation)
Modify member ship for role or static groupvoid
registerService(SSOToken token, String orgDN, String serviceName)
Register a service for an org or org unit policy to a profilevoid
removeAdminRole(SSOToken token, String dn, boolean recursive)
Remove group admin rolevoid
removeEntry(SSOToken token, String entryDN, int objectType, boolean recursive, boolean softDelete)
Remove an entry from the directory.String
renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName)
Renames an entry.Set
search(SSOToken token, String entryDN, String searchFilter, int searchScope)
Searches the DirectoryAMSearchResults
search(SSOToken token, String entryDN, String searchFilter, SearchControl searchControl, String[] attrNames)
Search the Directoryvoid
setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd)
Method Set the attributes of an entry.void
setGroupFilter(SSOToken token, String entryDN, String filter)
Sets the filter for a dynamic group in the datastore.void
unRegisterService(SSOToken token, String entryDN, int objectType, String serviceName, int type)
Un register service for a AMro profile.void
updateUserAttribute(SSOToken token, Set members, String staticGroupDN, boolean toAdd)
Adds or remove static group DN to or from member attribute 'iplanet-am-static-group-dn'String
verifyAndGetOrgDN(SSOToken token, String entryDN, String childDN)
Gets the Organization DN for the specified entryDN.
-
-
-
Field Detail
-
EXTERNAL_ATTRIBUTES_FETCH_ENABLED_ATTR
protected static final String EXTERNAL_ATTRIBUTES_FETCH_ENABLED_ATTR
- See Also:
- Constant Field Values
-
NSROLEDN_ATTR
protected static String NSROLEDN_ATTR
-
NSROLE_ATTR
protected static String NSROLE_ATTR
-
debug
public static Debug debug
-
isUserPluginInitialized
public static boolean isUserPluginInitialized
-
dcTreeImpl
protected DCTreeServicesImpl dcTreeImpl
-
complianceImpl
protected ComplianceServicesImpl complianceImpl
-
callBackHelper
protected CallBackHelper callBackHelper
-
internalToken
protected SSOToken internalToken
-
-
Constructor Detail
-
DirectoryServicesImpl
public DirectoryServicesImpl()
Ideally this constructor should be private, since we are extending this class, it needs to be public. This constructor should not be used to create an instance of this class.Use
AMDirectoryWrapper.getInstance()
to create an instance.
-
-
Method Detail
-
getInstance
protected static IDirectoryServices getInstance()
-
getEntryName
protected String getEntryName(UMSException e)
-
isExternalGetAttributesEnabled
protected static boolean isExternalGetAttributesEnabled(String orgDN)
Method to check if the CallBack plugins are enabled for reading external attributes.
-
getUserPostPlugin
public static AMUserEntryProcessed getUserPostPlugin()
Gets the user post plugin instance. Returns a null if plugin not configured could not be loaded. TODO: REMOVE after few releases. Supported through AMCallBack
-
getDCTreeServicesImpl
public IDCTreeServices getDCTreeServicesImpl()
Description copied from interface:IDirectoryServices
Returns an implementation instance of IDCTreeServices.- Specified by:
getDCTreeServicesImpl
in interfaceIDirectoryServices
- Returns:
- instance of IDCTreeServices.
-
getComplianceServicesImpl
public IComplianceServices getComplianceServicesImpl()
Description copied from interface:IDirectoryServices
Returns an implementation instance of IComplianceServices.- Specified by:
getComplianceServicesImpl
in interfaceIDirectoryServices
- Returns:
- instance of IComplianceServices.
-
doesEntryExists
public boolean doesEntryExists(SSOToken token, String entryDN)
Checks if the entry exists in the directory.- Specified by:
doesEntryExists
in interfaceIDirectoryServices
- Parameters:
token
- a valid SSOTokenentryDN
- The DN of the entry that needs to be checked- Returns:
- true if the entryDN exists in the directory, false otherwise
-
getObjectType
public int getObjectType(SSOToken token, String dn) throws AMException, SSOException
Gets the type of the object given its DN.- Specified by:
getObjectType
in interfaceIDirectoryServices
- Parameters:
token
- token a valid SSOTokendn
- DN of the object whose type is to be known.- Returns:
- Integer type of the entry.
- Throws:
AMException
- if the data store is unavailable or if the object type is unknownSSOException
- if ssoToken is invalid or expired.
-
getObjectType
public int getObjectType(SSOToken token, String dn, Map cachedAttributes) throws AMException, SSOException
Gets the type of the object given its DN.- Specified by:
getObjectType
in interfaceIDirectoryServices
- Parameters:
token
- token a valid SSOTokendn
- DN of the object whose type is to be known.cachedAttributes
- cached attributes of the user- Returns:
- Integer type of the entry.
- Throws:
AMException
- if the data store is unavailable or if the object type is unknownSSOException
- if ssoToken is invalid or expired.
-
getDCTreeAttributes
public Map getDCTreeAttributes(SSOToken token, String entryDN, Set attrNames, boolean byteValues, int objectType) throws AMException, SSOException
Gets the attributes for this entryDN from the corresponding DC Tree node. The attributes are fetched only for Organization entries in DC tree mode.- Specified by:
getDCTreeAttributes
in interfaceIDirectoryServices
- Parameters:
token
- a valid SSOTokenentryDN
- the dn of the entryattrNames
- attribute namesbyteValues
-true
if result in byteobjectType
- the object type.- Returns:
- an AttrSet of values or null if not found
- Throws:
AMException
- if error encountered in fetching the DC node attributes.SSOException
- If user's single sign on token is invalid.
-
getAttributes
public Map getAttributes(SSOToken token, String entryDN, int profileType) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns a Map with attribute-values requested from the directory.- Specified by:
getAttributes
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on tokenentryDN
-DN
of the entry.profileType
- Integer representing type of the object.- Returns:
- Map of attribute-values.
- Throws:
AMException
- If unable to access datastoreSSOException
- If user's single sign on token is invalid.
-
getAttributes
public Map getAttributes(SSOToken token, String entryDN, Set attrNames, int profileType) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns a Map with attribute-values requested from the directory.- Specified by:
getAttributes
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on tokenentryDN
-DN
of the entry.attrNames
- Set of attributes to be read.profileType
- Integer representing type of the object.- Returns:
- Map of attribute-values.
- Throws:
AMException
- If unable to access datastoreSSOException
- If user's single sign on token is invalid.
-
getAttributesFromDS
public Map getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, int profileType) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns a Map with attribute-values fetched directly from the Directory. This API will avoid caching the attributes.- Specified by:
getAttributesFromDS
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on tokenentryDN
-DN
of the entry.attrNames
- Set of attributes to be read.profileType
- Integer representing type of the object.- Returns:
- Map of attribute-values.
- Throws:
AMException
- If unable to access datastoreSSOException
- If user's single sign on token is invalid.
-
getAttributesByteValues
public Map getAttributesByteValues(SSOToken token, String entryDN, int profileType) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns a map of attribute-values for binary attributes.- Specified by:
getAttributesByteValues
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on tokenentryDN
-DN
of the entry.profileType
- Integer representing type of the object.- Returns:
- Map of attribute-values.
- Throws:
AMException
- If unable to access datastoreSSOException
- If user's single sign on token is invalid.
-
getAttributesByteValues
public Map getAttributesByteValues(SSOToken token, String entryDN, Set attrNames, int profileType) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns a map of attribute-values for binary attributes.- Specified by:
getAttributesByteValues
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on tokenentryDN
-DN
of the entry.attrNames
- Names of the attributes to be read.profileType
- Integer representing type of the object.- Returns:
- Map of attribute-values.
- Throws:
AMException
- If unable to access datastoreSSOException
- If user's single sign on token is invalid.
-
getAttributes
public Map getAttributes(SSOToken token, String entryDN, boolean ignoreCompliance, boolean byteValues, int profileType) throws AMException, SSOException
Gets all attributes corresponding to the entryDN. This method obtains the DC Tree node attributes and also performs compliance related verification checks in compliance mode. Note: In compliance mode you can skip the compliance checks by setting ignoreCompliance to "false".- Specified by:
getAttributes
in interfaceIDirectoryServices
- Parameters:
token
- a valid SSOTokenentryDN
- the DN of the entry whose attributes need to retrievedignoreCompliance
- a boolean value specificying if compliance related entries need to ignored or not. Ignored if true.byteValues
- Return binary attributes, if true.profileType
- Integer representing type of the object.- Returns:
- a Map containing attribute names as keys and Set of values corresponding to each key.
- Throws:
AMException
- if an error is encountered in fetching the attributesSSOException
- If user's single sign on token is invalid.
-
getAttributes
public Map getAttributes(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns a map of attribute-values for requested attributes.- Specified by:
getAttributes
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on tokenentryDN
-DN
of the entry.attrNames
- Set of attribute names to be read.ignoreCompliance
- Ignore compliance mode when constructing search filters.byteValues
- Return binary attributes, if true.profileType
- Integer representing type of the object.- Returns:
- Map of attribute-values.
- Throws:
AMException
- If unable to access datastoreSSOException
- If user's single sign on token is invalid.
-
getAttributesFromDS
public Map getAttributesFromDS(SSOToken token, String entryDN, Set attrNames, boolean ignoreCompliance, boolean byteValues, int profileType) throws AMException, SSOException
Gets the specific attributes corresponding to the entryDN. This method obtains the DC Tree node attributes and also performs compliance related verification checks in compliance mode. Note: In compliance mode you can skip the compliance checks by setting ignoreCompliance to "false".- Parameters:
token
- a valid SSOTokenentryDN
- the DN of the entry whose attributes need to retrievedattrNames
- a Set of names of the attributes that need to be retrieved. The attrNames should not be null.ignoreCompliance
- a boolean value specificying if compliance related entries need to ignored or not. Ignored if true.- Returns:
- a Map containing attribute names as keys and Set of values corresponding to each key.
- Throws:
AMException
- if an error is encountered in fetching the attributesSSOException
-
getOrgSearchFilter
public String getOrgSearchFilter(String entryDN)
Description copied from interface:IDirectoryServices
Returns the search filter for organization.- Specified by:
getOrgSearchFilter
in interfaceIDirectoryServices
- Parameters:
entryDN
-DN
of the organization.- Returns:
- Search filter.
-
getOrganizationDN
public String getOrganizationDN(SSOToken token, String entryDN) throws AMException
Gets the Organization DN for the specified entryDN. If the entry itself is an org, then same DN is returned.NOTE: This method will involve serveral directory searches, hence be cautious of Performance hit
- Specified by:
getOrganizationDN
in interfaceIDirectoryServices
- Parameters:
token
- a valid SSOTokenentryDN
- the entry whose parent Organization is to be obtained- Returns:
- the DN String of the parent Organization
- Throws:
AMException
- if an error occured while obtaining the parent Organization
-
getExternalAttributes
public Map getExternalAttributes(SSOToken token, String entryDN, Set attrNames, int profileType) throws AMException
Returns attributes from an external data store.- Specified by:
getExternalAttributes
in interfaceIDirectoryServices
- Parameters:
token
- Single sign on token of userentryDN
- DN of the entry user is trying to readattrNames
- Set of attributes to be readprofileType
- Integer determining the type of profile being read- Returns:
- A Map of attribute-value pairs
- Throws:
AMException
- if an error occurs when trying to read external datastore
-
updateUserAttribute
public void updateUserAttribute(SSOToken token, Set members, String staticGroupDN, boolean toAdd) throws AMException
Adds or remove static group DN to or from member attribute 'iplanet-am-static-group-dn'- Specified by:
updateUserAttribute
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenmembers
- set of user DN'sstaticGroupDN
- DN of the static grouptoAdd
- true to add, false to remove- Throws:
AMException
- if there is an internal problem with AM Store.
-
createEntry
public void createEntry(SSOToken token, String entryName, int objectType, String parentDN, Map attributes) throws AMEntryExistsException, AMException, SSOException
Create an entry in the Directory- Specified by:
createEntry
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryName
- name of the entry (naming value), e.g. "sun.com", "manager"objectType
- Profile Type, ORGANIZATION, AMObject.ROLE, AMObject.USER, etc.parentDN
- the parent DNattributes
- the initial attribute set for creation- Throws:
AMEntryExistsException
AMException
SSOException
-
removeEntry
public void removeEntry(SSOToken token, String entryDN, int objectType, boolean recursive, boolean softDelete) throws AMException, SSOException
Remove an entry from the directory.- Specified by:
removeEntry
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- dn of the profile to be removedobjectType
- profile typerecursive
- if true, remove all sub entries & the objectsoftDelete
- Used to let pre/post callback plugins know that this delete is either a soft delete (marked for deletion) or a purge/hard delete itself, otherwise, remove the object only- Throws:
AMException
SSOException
-
removeAdminRole
public void removeAdminRole(SSOToken token, String dn, boolean recursive) throws SSOException, AMException
Remove group admin role- Specified by:
removeAdminRole
in interfaceIDirectoryServices
- Parameters:
token
- SSOToken of the callerdn
- group DNrecursive
- true to delete all admin roles for all sub groups or sub people container- Throws:
SSOException
AMException
-
search
public Set search(SSOToken token, String entryDN, String searchFilter, int searchScope) throws AMException
Searches the Directory- Specified by:
search
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the entry to start the search withsearchFilter
- search filtersearchScope
- search scope, BASE, ONELEVEL or SUBTREE- Returns:
- Set set of matching DNs
- Throws:
AMException
-
search
public AMSearchResults search(SSOToken token, String entryDN, String searchFilter, SearchControl searchControl, String[] attrNames) throws AMException
Search the Directory- Specified by:
search
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the entry to start the search withsearchFilter
- search filtersearchControl
- search control defining the VLV indexes and search scopeattrNames
- name of attributes- Returns:
- Set set of matching DNs
- Throws:
AMException
-
getMembers
public Set getMembers(SSOToken token, String entryDN, int objectType) throws AMException
Get members for roles, dynamic group or static group- Specified by:
getMembers
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the role or groupobjectType
- objectType of the target object, AMObject.ROLE or AMObject.GROUP- Returns:
- Set Member DNs
- Throws:
AMException
-
renameEntry
public String renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName) throws AMException
Renames an entry. Currently used for only user renaming- Specified by:
renameEntry
in interfaceIDirectoryServices
- Parameters:
token
- the sso tokenobjectType
- the type of entryentryDN
- the entry DNnewName
- the new name (i.e., if RDN is cn=John, the value passed should be "John"deleteOldName
- if true the old name is deleted otherwise it is retained.- Returns:
- new
DN
of the renamed entry - Throws:
AMException
- if the operation was not successful
-
setAttributes
public void setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd) throws AMException, SSOException
Method Set the attributes of an entry.- Specified by:
setAttributes
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the profile whose template is to be setobjectType
- profile typestringAttributes
- attributes to be setbyteAttributes
- attributes to be setisAdd
-true
if add to existing value; otherwise replace the existing value.- Throws:
AMException
SSOException
-
changePassword
public void changePassword(SSOToken token, String entryDN, String attrName, String oldPassword, String newPassword) throws AMException, SSOException
Changes user password.- Specified by:
changePassword
in interfaceIDirectoryServices
- Parameters:
token
- Single sign on tokenentryDN
- DN of the profile whose template is to be setattrName
- password attribute nameoldPassword
- old passwordnewPassword
- new password- Throws:
AMException
- if an error occurs when changing user passwordSSOException
- If user's single sign on token is invalid.
-
getGroupFilterAndScope
public String[] getGroupFilterAndScope(SSOToken token, String entryDN, int profileType) throws SSOException, AMException
Returns an array containing the dynamic group's scope, base dn, and filter.- Specified by:
getGroupFilterAndScope
in interfaceIDirectoryServices
- Parameters:
token
- Single sign on tokenentryDN
- DN of the profile- Throws:
SSOException
AMException
-
setGroupFilter
public void setGroupFilter(SSOToken token, String entryDN, String filter) throws AMException, SSOException
Sets the filter for a dynamic group in the datastore.- Specified by:
setGroupFilter
in interfaceIDirectoryServices
- Parameters:
token
-entryDN
-filter
-- Throws:
AMException
SSOException
-
modifyMemberShip
public void modifyMemberShip(SSOToken token, Set members, String target, int type, int operation) throws AMException
Modify member ship for role or static group- Specified by:
modifyMemberShip
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenmembers
- Set of member DN to be operatedtarget
- DN of the target object to add the membertype
- type of the target object, AMObject.ROLE or AMObject.GROUPoperation
- type of operation, ADD_MEMBER or REMOVE_MEMBER- Throws:
AMException
-
getRegisteredServiceNames
public Set getRegisteredServiceNames(SSOToken token, String entryDN) throws AMException
Get registered services for an organization- Specified by:
getRegisteredServiceNames
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the org- Returns:
- Set set of service names
- Throws:
AMException
-
registerService
public void registerService(SSOToken token, String orgDN, String serviceName) throws AMException, SSOException
Register a service for an org or org unit policy to a profile- Specified by:
registerService
in interfaceIDirectoryServices
- Parameters:
token
- tokenorgDN
- DN of the orgserviceName
- Service Name- Throws:
AMException
SSOException
-
unRegisterService
public void unRegisterService(SSOToken token, String entryDN, int objectType, String serviceName, int type) throws AMException
Un register service for a AMro profile.- Specified by:
unRegisterService
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the profile whose service is to be removedobjectType
- profile typeserviceName
- Service Nametype
- Template type- Throws:
AMException
-
getAMTemplateDN
public String getAMTemplateDN(SSOToken token, String entryDN, int objectType, String serviceName, int type) throws AMException
Get the AMTemplate DN (COSTemplateDN)- Specified by:
getAMTemplateDN
in interfaceIDirectoryServices
- Parameters:
token
- SSOTokenentryDN
- DN of the profile whose template is to be setserviceName
- Service Nametype
- the template type, AMTemplate.DYNAMIC_TEMPLATE- Returns:
- String DN of the AMTemplate
- Throws:
AMException
-
createAMTemplate
public String createAMTemplate(SSOToken token, String entryDN, int objectType, String serviceName, Map attributes, int priority) throws AMException
Create an AMTemplate (COSTemplate)- Specified by:
createAMTemplate
in interfaceIDirectoryServices
- Parameters:
token
- tokenentryDN
- DN of the profile whose template is to be setobjectType
- the entry typeserviceName
- Service Nameattributes
- attributes to be setpriority
- template priority- Returns:
- String DN of the newly created template
- Throws:
AMException
-
getNamingAttribute
protected String getNamingAttribute(int objectType)
-
getNamingAttribute
public String getNamingAttribute(int objectType, String orgDN)
Gets the naming attribute after reading it from the corresponding creation template. If not found, a default value will be used- Specified by:
getNamingAttribute
in interfaceIDirectoryServices
- Parameters:
objectType
- the type of object of interest.orgDN
- the organization dn the object belongs to.- Returns:
- the naming attribute for the object.
-
getCreationTemplateName
public String getCreationTemplateName(int objectType)
Get the name of the creation template to use for specified object type.- Specified by:
getCreationTemplateName
in interfaceIDirectoryServices
- Parameters:
objectType
- Integere representing object type- Returns:
- Name of creation template
-
getObjectClassFromDS
public String getObjectClassFromDS(int objectType)
-
getObjectClass
public String getObjectClass(int objectType)
Description copied from interface:IDirectoryServices
Returns the objectclass representing an object type.- Specified by:
getObjectClass
in interfaceIDirectoryServices
- Parameters:
objectType
- the type of object of interest.- Returns:
- the objectclass for the representing the object type.
-
getObjectType
public int getObjectType(String objectClass)
-
getSearchFilterFromTemplate
public String getSearchFilterFromTemplate(int objectType, String orgDN, String searchTemplateName)
Description copied from interface:IDirectoryServices
Returns the search filter of a given search template.- Specified by:
getSearchFilterFromTemplate
in interfaceIDirectoryServices
- Parameters:
objectType
- Integere represenintg object type.orgDN
- OrganizationsearchTemplateName
- Name of search template- Returns:
- Search filter
-
getAttributesForSchema
public Set getAttributesForSchema(String objectclass)
Returns the set of attributes (both optional and required) needed for an objectclass based on the LDAP schema- Specified by:
getAttributesForSchema
in interfaceIDirectoryServices
- Parameters:
objectclass
-- Returns:
- the attributes for the objectclass
-
getTopLevelContainers
public Set getTopLevelContainers(SSOToken token) throws AMException, SSOException
Description copied from interface:IDirectoryServices
Returns the set of top level containers that can be viewed by ths user- Specified by:
getTopLevelContainers
in interfaceIDirectoryServices
- Parameters:
token
- User's single sign on token.- Returns:
- The top level containers this user manages based on its' administrative roles (if any)
- Throws:
AMException
- if a datastore access failsSSOException
- if user's single sign on token is invalid.
-
verifyAndGetOrgDN
public String verifyAndGetOrgDN(SSOToken token, String entryDN, String childDN) throws AMException
Gets the Organization DN for the specified entryDN. If the entry itself is an org, then same DN is returned.- Specified by:
verifyAndGetOrgDN
in interfaceIDirectoryServices
- Parameters:
token
- a valid SSOTokenentryDN
- the entry whose parent Organization is to be obtainedchildDN
- the immediate entry whose parent Organization is to be obtained- Returns:
- the DN String of the parent Organization
- Throws:
AMException
- if an error occured while obtaining the parent Organization
-
addListener
public void addListener(SSOToken token, AMObjectListener listener, Map configMap) throws AMEventManagerException
Description copied from interface:IDirectoryServices
Add a listener object that will receive notifications when entries are changed.- Specified by:
addListener
in interfaceIDirectoryServices
- Parameters:
token
- SSOToken of the user adding the listnerlistener
- listener object that will be called when entries are changed- Throws:
AMEventManagerException
- if a error occurs during adding listener object
-
-