Package com.iplanet.ums

Class DynamicGroup

java.lang.Object

com.iplanet.ums.PersistentObject

com.iplanet.ums.DynamicGroup

All Implemented Interfaces:

IDynamicMembership, IMembership, ISearch, IUMSConstants, Serializable

Direct Known Subclasses:

AssignableDynamicGroup

public class DynamicGroup
extends PersistentObject
implements IDynamicMembership

Represents a dynamic group entry.

See Also:

Serialized Form

Field Summary

Fields inherited from class com.iplanet.ums.PersistentObject

COMPUTED_MEMBER_ATTR_NAME

Fields inherited from interface com.iplanet.ums.IUMSConstants

ADD_NULL_OBJ, ATTR_NOT_ALLOWED, ATTRIBUTETYPE_NOT_FOUND, BAD_ATTRNAMES, BAD_CHILD_OBJ, BAD_CLASS, BAD_COS_ATTR_QUALIFIER, BAD_GUID, BAD_ID, BAD_NAMING_ATTR, BAD_OBJ_TO_ADD, BAD_PRINCIPAL_HDL, BAD_STRUCTURE_TEMPLATE_PRIORITY, BAD_TEMPLATE, BAD_TOKEN_HDL, COMPOSE_GUID_FAILED, CONFIG_MGR_ERROR, COS_DEF_OR_TARGET_OBJECT_NULL, COS_DEFINITION_NOT_FOUND, COS_DEFINITION_NOT_PERSISTENT, COS_TARGET_OBJECT_DIFFERENT_TREE, COS_TARGET_OBJECT_NOT_PERSISTENT, COS_TEMPLATE_NOT_FOUND, DATA_CONSTRAINT, DEFINITION_NOT_PERSISTENT, DEL_NULL_OBJ, DSCFG_CONNECTFAIL, DSCFG_CTRLERROR, DSCFG_DIRSERVER_NODE_EXPECTED, DSCFG_INVALID_BASE_DN, DSCFG_JSSSFFAIL, DSCFG_NO_FILE_PATH, DSCFG_NOCFGMGR, DSCFG_SERVER_NOT_FOUND, DSCFG_SERVERGROUP_NODE_EXPECTED, DSCFG_UNSUPPORTEDLSTNRTYPE, DSCFG_UNSUPPORTEDSERVERCTRL, ENTRY_ALREADY_EXISTS, ENTRY_NOT_FOUND, ERROR_CM, ERROR_CM_INITIATE, ILLEGAL_ADGROUP_SCOPE, ILLEGAL_GROUP_SCOPE, INSTANCE_FAILED, INSUFFICIENT_ACCESS_ADD, INSUFFICIENT_ACCESS_DELETE, INVALID_COS_ATTRIBUTE_QUALIFIER, INVALID_COSDEFINITION, INVALID_TOKEN, MISSING_TEMPL_NAME, MULTIPLE_ENTRY, NEW_INSTANCE_FAILED, NEXT_ENTRY_FAILED, NO_NAMING_ATTR, NO_POLICY_DOMAIN, NO_RECURSION_ALLOW, NO_REQUIRED, NO_VALUE, NULL_GUIDS, NULL_PRINCIPAL, NULL_SESSION, NULL_TOKEN, OBJECT_NOT_PERSISTENT, OBJECTCLASS_NOT_FOUND, PERSISTENT_OBJECT_PARAM_NULL, POLICIES_DO_NOT_MATCH_BY_NAME_RESOURCE_ACTION, POLICY_DOMAIN_NOT_FOUND, POLICY_EXISTS_FOR_NAME, POLICY_EXISTS_FOR_RESOURCE_ACTION, POLICY_NOT_FOUND, POLICY_ROOT_NOT_FOUND, READ_ATTRIBUTES_ERROR, READING_LDIF_FAILED, REPLACE_DEFINITION_NOT_PERSISTENT, ROLE_CONTAINED, SEARCH_FAILED, services_validator_initialize_failed, services_validator_invalid_attr_name, services_validator_invalid_attr_schema, services_validator_schema_does_not_exist, SMS_ADD_SUB_CONFIG_FAILED, SMS_ADMIN_LIMIT_EXCEEDED, SMS_ATTR_LIST_NEEDED, SMS_ATTR_NAME_NOT_FOUND, SMS_ATTR_OR_VAL_EXISTS, SMS_ATTR_SYNTAX_NOT_FOUND, SMS_AUTHENTICATION_ERROR, SMS_CAN_NOT_CONSTRUCT_SERVICE_MANAGER, SMS_CANNOT_CREATE_INSTANCE, SMS_CANNOT_CREATE_PLACE_HOLDER_NODE, SMS_EVENT_NOTIFICATION_FAILED, SMS_failed_to_get_schema_manager, SMS_INSUFFICIENT_ACCESS_RIGHTS, SMS_INVALID_ATTR_ENTRY, SMS_INVALID_ATTR_NAME, SMS_INVALID_CLASS_NAME, SMS_INVALID_CONFIG_NAME, SMS_INVALID_DN, SMS_INVALID_METHOD, SMS_INVALID_OP_VALUE, SMS_INVALID_PARAMETERS, SMS_INVALID_SEARCH_BASE, SMS_INVALID_SEARCH_ORDER_PARAMETER, SMS_INVALID_SEARCH_PATTERN, SMS_LDAP_NOT_SUPPORTED, SMS_LDAP_OPERATION_FAILED, SMS_LDAP_REFERRAL_EXCEPTION, SMS_LDAP_SERVER_BUSY, SMS_NO_ATTRIBUTE_IN_ENTRY, SMS_NO_SUCH_ATTRIBUTE, SMS_NO_SUCH_OBJECT, SMS_NODE_ALREADY_EXISTS, SMS_OC_NAME_NOT_FOUND, SMS_organization_already_exists_no_args, SMS_READONLY_OBJ, SMS_SERVER_DOWN, SMS_SERVER_INSTANCE_NOT_FOUND, SMS_service_already_exists, SMS_service_already_exists_no_args, SMS_service_does_not_exist, SMS_SERVICE_NAME_NOT_FOUND, SMS_SERVICE_NODE_NOT_FOUND, SMS_services_node_does_not_exist, SMS_SMSSchema_exception_message, SMS_SMSSchema_invalid_input_stream, SMS_SMSSchema_invalid_xml_document, SMS_SMSSchema_no_schema_element, SMS_SMSSchema_no_service_element, SMS_SMSSchema_parser_error, SMS_SMSSchema_service_notfound, SMS_SUB_CONFIG_DOES_NOT_EXIST, SMS_TIME_LIMIT_EXCEEDED, SMS_UNEXPECTED_LDAP_EXCEPTION, SMS_UNKNOWN_EXCEPTION_OCCURRED, SMS_VALIDATOR_CANNOT_INSTANTIATE_CLASS, SMS_VALUE_DOES_NOT_EXIST, SMS_xml_invalid_doc_type, SMS_XML_PARSER_EXCEPTION, SMSSCHEMA_SERVICE_NOTFOUND, SSO_ILLEGALACCESS, SSO_NOPROVIDERCLASS, SSO_NOPROVIDERINSTANCE, SSO_NOPROVIDERPROPERTY, STRUCTURE_TEMPLATE_ATTRSET_NULL, TEMPLATE_NO_ATTR, UMS_BUNDLE_NAME, UMS_DEBUG, UMS_PKG, UNABLE_TO_ADD_ENTRY, UNABLE_TO_DELETE_ENTRY, UNABLE_TO_READ_ENTRY, UNMATCHED_CLASS, USER_NOT_IN_GROUP_SCOPE

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	DynamicGroup()	Default constructor.
	DynamicGroup(CreationTemplate template, AttrSet attrSet)	Constructs a DynamicGroup in memory with a given template for DynamicGroup.
	DynamicGroup(CreationTemplate template, AttrSet attrSet, Guid baseGuid, String filter, int scope)	Constructs a DynamicGroup in memory given a template for DynamicGroup.

Method Summary

Modifier and Type	Method	Description
int	getMemberCount()	Returns the member count.
Guid	getMemberIDAt(int index)	Returns a member given an index (zero-based).
SearchResults	getMemberIDs()	Returns the members of the group.
protected SearchResults	getMemberIDs(String[] attributes)	Returns the members of the group.
Guid	getSearchBase()	Returns the search base used to evaluate this dynamic group.
String	getSearchFilter()	Returns the search filter used to evaluate this dynamic group.
int	getSearchScope()	Returns the search scope used to evaluate this dynamic group.
protected org.forgerock.opendj.ldap.LDAPUrl	getUrl()	Returns the native LDAP URL used to evaluate this dynamic group.
boolean	hasMember(Guid guid)	Returns true if a given identifier is a member of the group.
void	setSearchBase(Guid baseGuid)	Sets the search base used to evaluate this dynamic group.
void	setSearchFilter(String filter)	Sets the search filter used to evaluate this dynamic group.
void	setSearchScope(int scope)	Sets the search scope used to evaluate this dynamic group.
protected void	setUrl(Guid baseGuid, org.forgerock.opendj.ldap.Filter filter, org.forgerock.opendj.ldap.SearchScope scope)	Creates a new search definition; the change is not persistent until save() is called.
protected void	setUrl(org.forgerock.opendj.ldap.LDAPUrl url)	Sets the native LDAP URL used to evaluate this dynamic group.
protected String	toUrlStr(String base, org.forgerock.opendj.ldap.Filter filter, org.forgerock.opendj.ldap.SearchScope scope)	Convert the given parameters into an LDAP URL string.

Methods inherited from class com.iplanet.ums.PersistentObject

addACI, addAttributeValue, addChild, changePassword, deleteACI, getACI, getACI, getAttribute, getAttribute, getAttributeNames, getAttributes, getAttributes, getAttributes, getAttrSet, getChildren, getChildren, getChildren, getDN, getGuid, getNamingAttribute, getParentGuid, getParentObject, getRoles, idToDN, isMemberOf, isPersistent, modify, modify, modify, remove, removeAttribute, removeAttributeValue, removeChild, removeChild, rename, replaceACI, save, search, search, search, setAttribute, setAttribute, setAttrSet, setGuid, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

DynamicGroup

protected DynamicGroup()

Default constructor.

DynamicGroup

public DynamicGroup(CreationTemplate template,
                    AttrSet attrSet)
             throws UMSException

Constructs a DynamicGroup in memory with a given template for DynamicGroup. This is an in-memory representation of a new object; the save method must be called to save this new object to persistent storage.

Parameters:

template - Template for creating a group.

attrSet - Attribute/value set, which should contain memberUrl.

Throws:

UMSException - if fail to instantiate from persistent storage.

DynamicGroup

public DynamicGroup(CreationTemplate template,
                    AttrSet attrSet,
                    Guid baseGuid,
                    String filter,
                    int scope)
             throws UMSException

Constructs a DynamicGroup in memory given a template for DynamicGroup. This is an in-memory representation of a new object and the save method must be called to save this new object to persistent storage.

Parameters:

template - Template for creating a group.

attrSet - Attribute/value set, which should not contain member Url; any values of memberUrl will be overwritten by the explicit search criteria arguments.

baseGuid - Search base for evaluating members of the group.

filter - Search filter for evaluating members of the group.

scope - Search scope for evaluating members of the group has to be LDAPv2.SCOPE_ONE or LDAPv2.SCOPE_SUB.

Throws:

UMSException - if fail to instantiate from persistent storage.

Method Detail

setSearchFilter

public void setSearchFilter(String filter)

Sets the search filter used to evaluate this dynamic group.

Specified by:

setSearchFilter in interface IDynamicMembership

Parameters:

filter - Search filter for evaluating members of the group.

getSearchFilter

public String getSearchFilter()

Returns the search filter used to evaluate this dynamic group.

Specified by:

getSearchFilter in interface IDynamicMembership

Returns:

Search filter for evaluating members of the group the scope in the filter has to be LDAPv2.SCOPE_ONE or LDAPv2.SCOPE_SUB.

setSearchBase

public void setSearchBase(Guid baseGuid)

Sets the search base used to evaluate this dynamic group.

Specified by:

setSearchBase in interface IDynamicMembership

Parameters:

baseGuid - Search base for evaluating members of the group.

getSearchBase

public Guid getSearchBase()

Returns the search base used to evaluate this dynamic group.

Specified by:

getSearchBase in interface IDynamicMembership

Returns:

Search base for evaluating members of the group.

setSearchScope

public void setSearchScope(int scope)

Sets the search scope used to evaluate this dynamic group.

Specified by:

setSearchScope in interface IDynamicMembership

Parameters:

scope - Search scope for evaluating members of the group. Use one of the search scope SCOPE_BASE, SCOPE_ONE, or SCOPE_SUB.

getSearchScope

public int getSearchScope()

Returns the search scope used to evaluate this dynamic group.

Specified by:

getSearchScope in interface IDynamicMembership

Returns:

Search scope for evaluating members of the group.

toUrlStr

protected String toUrlStr(String base,
                          org.forgerock.opendj.ldap.Filter filter,
                          org.forgerock.opendj.ldap.SearchScope scope)

Convert the given parameters into an LDAP URL string. No LDAP host, port, and attribute to return are present in the LDAP URL. Only search base, filter and scope are given.

Parameters:

base - Search Base DN in the LDAP URL.

filter - Search filter in LDAP URL.

scope - Search scope in LDAP URL.

Returns:

LDAP URL.

setUrl

protected void setUrl(Guid baseGuid,
                      org.forgerock.opendj.ldap.Filter filter,
                      org.forgerock.opendj.ldap.SearchScope scope)

Creates a new search definition; the change is not persistent until save() is called.

Parameters:

baseGuid - Search base for evaluating members of the group.

filter - Search filter for evaluating members of the group.

scope - Search scope for evaluating members of the group.

getUrl

protected org.forgerock.opendj.ldap.LDAPUrl getUrl()

Returns the native LDAP URL used to evaluate this dynamic group.

Returns:

LDAP URL for evaluating members of the group

setUrl

protected void setUrl(org.forgerock.opendj.ldap.LDAPUrl url)

Sets the native LDAP URL used to evaluate this dynamic group.

Parameters:

url - LDAP URL for evaluating members of the group search scope in the url has to be LDAPv2.SCOPE_ONE or LDAPv2.SCOPE_SUB.

getMemberIDs

protected SearchResults getMemberIDs(String[] attributes)
                              throws UMSException

Returns the members of the group.

Parameters:

attributes - Attributes to return.

Returns:

Iterator for unique identifiers for members of the group.

Throws:

UMSException - if fail to search.

getMemberIDs

public SearchResults getMemberIDs()
                           throws UMSException

Returns the members of the group.

Specified by:

getMemberIDs in interface IMembership

Returns:

Iterator for unique identifiers for members of the group.

Throws:

UMSException - if fail to search.

getMemberCount

public int getMemberCount()
                   throws UMSException

Returns the member count.

Specified by:

getMemberCount in interface IMembership

Returns:

Number of members of the group.

Throws:

UMSException - if fail to search.

getMemberIDAt

public Guid getMemberIDAt(int index)
                   throws UMSException

Returns a member given an index (zero-based).

Specified by:

getMemberIDAt in interface IMembership

Parameters:

index - Zero-based index into the group container.

Returns:

Unique identifier for a member.

Throws:

UMSException - if fail to search.

hasMember

public boolean hasMember(Guid guid)
                  throws UMSException

Returns true if a given identifier is a member of the group.

Specified by:

hasMember in interface IMembership

Parameters:

guid - Identity of member to be checked for membership.

Returns:

true if it is a member.

Throws:

UMSException - if fail to evaluate group