com.sun.identity.idsvcs

Interface IdentityServices

All Superinterfaces:

Remote

public interface IdentityServices
extends Remote

Base interface for all security providers.

Method Summary

Modifier and Type	Method and Description
UserDetails	attributes(List attributeNames, Token subject, boolean refresh) Retrieve user details (roles, attributes) for the subject.
String	getCookieNameForToken() Returns the cookie used by OpenAM Authentication module to store the SSOToken.
List	getCookieNamesToForward() Returns a list of cookie names that are used by OpenAM for authentication and load balancing.
void	log(Token app, Token subject, String logName, String message) Logs a message on behalf of the authenticated app.
IdentityDetails	read(String name, List attributes, Token admin) Retrieves an identity object matching input criteria.

Method Detail

attributes

UserDetails attributes(List attributeNames,
                       Token subject,
                       boolean refresh)
                throws TokenExpired,
                       GeneralFailure,
                       AccessDenied

Retrieve user details (roles, attributes) for the subject.

Parameters:

attributeNames - Optional list of attributes to be returned.

subject - Token for subject.

Returns:

User details for the subject.

Throws:

TokenExpired - When Token has expired.

GeneralFailure - On other errors.

AccessDenied - If reading of attributes for the user is disallowed.

log

void log(Token app,
         Token subject,
         String logName,
         String message)
  throws AccessDenied,
         TokenExpired,
         GeneralFailure

Logs a message on behalf of the authenticated app.

Parameters:

app - Token corresponding to the authenticated application.

subject - Optional token identifying the subject for which the log record pertains.

logName - Identifier for the log file, e.g. "MyApp.access".

message - String containing the message to be logged.

Throws:

AccessDenied - If app token is not specified.

GeneralFailure - On error.

TokenExpired

read

IdentityDetails read(String name,
                     List attributes,
                     Token admin)
              throws NeedMoreCredentials,
                     ObjectNotFound,
                     TokenExpired,
                     GeneralFailure,
                     AccessDenied

Retrieves an identity object matching input criteria.

Parameters:

name - The name of identity to retrieve.

attributes - Attribute objects specifying criteria for the object to retrieve.

admin - Token identifying the administrator to be used to authorize the request.

Returns:

IdentityDetails of the subject.

Throws:

NeedMoreCredentials - When more credentials are required for authorization.

ObjectNotFound - If no subject is found that matches the input criteria.

TokenExpired - When subject's token has expired.

GeneralFailure - On other errors.

AccessDenied - If reading of attributes for the user is disallowed.

getCookieNameForToken

String getCookieNameForToken()
                      throws GeneralFailure

Returns the cookie used by OpenAM Authentication module to store the SSOToken. Can be used for Single-Sign-On by replaying this cookie back to OpenAM for other operations.

Returns:

Cookie name that contains the SSOToken.

Throws:

GeneralFailure - On other errors.

getCookieNamesToForward

List getCookieNamesToForward()
                      throws GeneralFailure

Returns a list of cookie names that are used by OpenAM for authentication and load balancing. Replaying all these cookies during the request is highly recommended.

Returns:

true If token is valid.

Throws:

GeneralFailure - On other errors.