org.openidentityplatform.openam.cassandra

Class Repo

java.lang.Object

com.sun.identity.idm.IdRepo

org.openidentityplatform.openam.cassandra.Repo

public class Repo
extends IdRepo

Field Summary

Fields

Modifier and Type	Field and Description
com.datastax.oss.driver.api.core.CqlSession	session

Fields inherited from class com.sun.identity.idm.IdRepo

ADDMEMBER, AND_MOD, configMap, NO_MOD, OR_MOD, REMOVEMEMBER

Constructor Summary

Constructors

Constructor and Description
Repo()

Method Summary

Modifier and Type	Method and Description
int	addListener(SSOToken token, IdRepoListener listener) Adds a listener for changes in the repository
void	assignService(SSOToken token, IdType type, String name, String serviceName, SchemaType stype, Map<String,Set<String>> attrMap) This method is used to assign a service to the given identity.
boolean	authenticate(Callback[] credentials) Returns true if the data store successfully authenticates the identity with the provided credentials.
String	create(SSOToken token, IdType type, String name, Map<String,Set<String>> attrMap) Creates an identity.
void	delete(SSOToken token, IdType type, String name) Deletes an identity.
Set<String>	getAssignedServices(SSOToken token, IdType type, String name, Map<String,Set<String>> mapOfServicesAndOCs) Returns the set of services assigned to this identity.
Map<String,Set<String>>	getAttributes(SSOToken token, IdType type, String name) Returns all attributes and values of name object
Map<String,Set<String>>	getAttributes(SSOToken token, IdType type, String name, Set<String> attrNames) Returns requested attributes and values of name object.
Map<String,byte[][]>	getBinaryAttributes(SSOToken token, IdType type, String name, Set<String> attrNames) Returns requested binary attributes as an array of bytes.
Map<String,byte[][]>	getBinaryServiceAttributes(SSOToken token, IdType type, String name, String serviceName, Set<String> attrNames) Returns the requested binary attribute values of the service attributes as an array of bytes.
Set<String>	getMembers(SSOToken token, IdType type, String name, IdType membersType) Returns the memberships of an identity.
Set<String>	getMemberships(SSOToken token, IdType type, String name, IdType membershipType) Returns the memberships of an identity.
Map<String,Set<String>>	getServiceAttributes(SSOToken token, IdType type, String name, String serviceName, Set<String> attrNames) Returns the attribute values of the service attributes.
Set<IdOperation>	getSupportedOperations(IdType type) Return supported operations for a given IdType
Set<IdType>	getSupportedTypes()
void	initialize(Map<String,Set<String>> configParams) Initialization paramters as configred for a given plugin.
boolean	isActive(SSOToken token, IdType type, String name) Returns true if the name object is active.
boolean	isExists(SSOToken token, IdType type, String name) Returns true if the name object exists in the data store.
void	modifyMemberShip(SSOToken token, IdType type, String name, Set<String> members, IdType membersType, int operation) Modify membership of the identity.
void	modifyService(SSOToken token, IdType type, String name, String serviceName, SchemaType sType, Map<String,Set<String>> attrMap) Modifies the attribute values of the service attributes.
void	removeAttributes(SSOToken token, IdType type, String name, Set<String> attrNames) Removes the attributes from the identity.
void	removeListener() Removes the listener added using addListener method.
RepoSearchResults	search(SSOToken token, IdType type, CrestQuery crestQuery, int maxTime, int maxResults, Set<String> returnAttrs, boolean returnAllAttrs, int filterOp, Map<String,Set<String>> avPairs, boolean recursive) Search for specific type of identities using a CrestQuery object instead of a string.
RepoSearchResults	search(SSOToken token, IdType type, String pattern, int maxTime, int maxResults, Set<String> returnAttrs, boolean returnAllAttrs, int filterOp, Map<String,Set<String>> avPairs, boolean recursive)
void	setActiveStatus(SSOToken token, IdType type, String name, boolean active) Sets the object's status to active.
void	setAttributes(SSOToken token, IdType type, String name, Map<String,Set<String>> attributes_in, boolean isAdd) Set the values of attributes of the identity.
void	setBinaryAttributes(SSOToken token, IdType type, String name, Map<String,byte[][]> attributes, boolean isAdd) Set the values of binary attributes the identity.
void	shutdown() This method is invoked just before the plugin is removed from the IdRepo cache of plugins.
boolean	supportsAuthentication() Returns true if the data store supports authentication of identities.
void	unassignService(SSOToken token, IdType type, String name, String serviceName, Map<String,Set<String>> attrMap) If the service is already assigned to the identity then this method unassigns the service and removes the related attributes from the entry.

Methods inherited from class com.sun.identity.idm.IdRepo

changePassword, getConfiguration, getFullyQualifiedName

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

session

public com.datastax.oss.driver.api.core.CqlSession session

Constructor Detail

Repo

public Repo()

Method Detail

initialize

public void initialize(Map<String,Set<String>> configParams)
                throws IdRepoException

Description copied from class: IdRepo

Initialization paramters as configred for a given plugin.

Overrides:

initialize in class IdRepo

Throws:

IdRepoException

shutdown

public void shutdown()

Description copied from class: IdRepo

This method is invoked just before the plugin is removed from the IdRepo cache of plugins. This helps the plugin clean up after itself (connections, persistent searches etc.). This method should be overridden by plugins that need to do this.

Overrides:

shutdown in class IdRepo

getSupportedOperations

public Set<IdOperation> getSupportedOperations(IdType type)

Description copied from class: IdRepo

Return supported operations for a given IdType

Overrides:

getSupportedOperations in class IdRepo

Parameters:

type - Identity type

Returns:

set of IdOperation supported for this IdType.

getSupportedTypes

public Set<IdType> getSupportedTypes()

Overrides:

getSupportedTypes in class IdRepo

Returns:

Returns a Set of IdTypes supported by this plugin. Returns the supported types of identities for this plugin. If a plugin does not override this method, it returns an empty set.

isExists

public boolean isExists(SSOToken token,
                        IdType type,
                        String name)
                 throws IdRepoException,
                        SSOException

Description copied from class: IdRepo

Returns true if the name object exists in the data store.

Specified by:

isExists in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

Returns:

true if name object is in data store else false

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

isActive

public boolean isActive(SSOToken token,
                        IdType type,
                        String name)
                 throws IdRepoException,
                        SSOException

Description copied from class: IdRepo

Returns true if the name object is active.

Overrides:

isActive in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

Returns:

true if name object is in active else false

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

setActiveStatus

public void setActiveStatus(SSOToken token,
                            IdType type,
                            String name,
                            boolean active)
                     throws IdRepoException,
                            SSOException

Description copied from class: IdRepo

Sets the object's status to active.

Specified by:

setActiveStatus in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

active - true if setting to active; false otherwise.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getAttributes

public Map<String,Set<String>> getAttributes(SSOToken token,
                                             IdType type,
                                             String name)
                                      throws IdRepoException,
                                             SSOException

Description copied from class: IdRepo

Returns all attributes and values of name object

Specified by:

getAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

Returns:

Map of attribute-values

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getAttributes

public Map<String,Set<String>> getAttributes(SSOToken token,
                                             IdType type,
                                             String name,
                                             Set<String> attrNames)
                                      throws IdRepoException,
                                             SSOException

Description copied from class: IdRepo

Returns requested attributes and values of name object.

Specified by:

getAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

attrNames - Set of attribute names to be read

Returns:

Map of attribute-values

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getBinaryAttributes

public Map<String,byte[][]> getBinaryAttributes(SSOToken token,
                                                IdType type,
                                                String name,
                                                Set<String> attrNames)
                                         throws IdRepoException,
                                                SSOException

Description copied from class: IdRepo

Returns requested binary attributes as an array of bytes.

Specified by:

getBinaryAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

attrNames - Set of attribute names to be read

Returns:

Map of attribute-values

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

create

public String create(SSOToken token,
                     IdType type,
                     String name,
                     Map<String,Set<String>> attrMap)
              throws IdRepoException,
                     SSOException

Description copied from class: IdRepo

Creates an identity.

Specified by:

create in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

attrMap - Map of attribute-values assoicated with this object.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

delete

public void delete(SSOToken token,
                   IdType type,
                   String name)
            throws IdRepoException,
                   SSOException

Description copied from class: IdRepo

Deletes an identity.

Specified by:

delete in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

setAttributes

public void setAttributes(SSOToken token,
                          IdType type,
                          String name,
                          Map<String,Set<String>> attributes_in,
                          boolean isAdd)
                   throws IdRepoException,
                          SSOException

Description copied from class: IdRepo

Set the values of attributes of the identity.

Specified by:

setAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

attributes_in - Map of attribute-values to set or add.

isAdd - if true add the attribute-values; otherwise replaces the attribute-values.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

setBinaryAttributes

public void setBinaryAttributes(SSOToken token,
                                IdType type,
                                String name,
                                Map<String,byte[][]> attributes,
                                boolean isAdd)
                         throws IdRepoException,
                                SSOException

Description copied from class: IdRepo

Set the values of binary attributes the identity.

Specified by:

setBinaryAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

attributes - Map of binary attribute-values to set or add.

isAdd - if true add the attribute-values; otherwise replaces the attribute-values.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

removeAttributes

public void removeAttributes(SSOToken token,
                             IdType type,
                             String name,
                             Set<String> attrNames)
                      throws IdRepoException,
                             SSOException

Description copied from class: IdRepo

Removes the attributes from the identity.

Specified by:

removeAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

attrNames - Set of attribute names to remove.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

search

public RepoSearchResults search(SSOToken token,
                                IdType type,
                                CrestQuery crestQuery,
                                int maxTime,
                                int maxResults,
                                Set<String> returnAttrs,
                                boolean returnAllAttrs,
                                int filterOp,
                                Map<String,Set<String>> avPairs,
                                boolean recursive)
                         throws SSOException,
                                IdRepoException

Description copied from class: IdRepo

Search for specific type of identities using a CrestQuery object instead of a string. This function actually supersedes the one above, since the "pattern" parameter can be wrapped in the CrestQuery parameter of this function.

Specified by:

search in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

crestQuery - pattern to search for, of type CrestQuery.

maxTime - maximum wait time for search.

maxResults - maximum records to return.

returnAttrs - Set of attribute names to return.

returnAllAttrs - return all attributes

filterOp - filter condition.

avPairs - additional search conditions.

Returns:

RepoSearchResults

Throws:

SSOException - If identity's single sign on token is invalid.

IdRepoException - If there are repository related error conditions.

search

public RepoSearchResults search(SSOToken token,
                                IdType type,
                                String pattern,
                                int maxTime,
                                int maxResults,
                                Set<String> returnAttrs,
                                boolean returnAllAttrs,
                                int filterOp,
                                Map<String,Set<String>> avPairs,
                                boolean recursive)
                         throws IdRepoException,
                                SSOException

Throws:

IdRepoException

SSOException

modifyMemberShip

public void modifyMemberShip(SSOToken token,
                             IdType type,
                             String name,
                             Set<String> members,
                             IdType membersType,
                             int operation)
                      throws IdRepoException,
                             SSOException

Description copied from class: IdRepo

Modify membership of the identity. Set of members is a set of unique identifiers of other identities.

Specified by:

modifyMemberShip in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

members - Set of names to be added as members of name

membersType - IdType of members.

operation - operations to perform on members ADDMEMBER or REMOVEMEMBER.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getMembers

public Set<String> getMembers(SSOToken token,
                              IdType type,
                              String name,
                              IdType membersType)
                       throws IdRepoException,
                              SSOException

Description copied from class: IdRepo

Returns the memberships of an identity. For example, returns the groups or roles that a user belongs to. The list retrieved here for a user MUST be consistent with member queries against the corresponding groups.

Specified by:

getMembers in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

membersType - IdType of members of name object.

Returns:

Set of of members belongs to name

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getMemberships

public Set<String> getMemberships(SSOToken token,
                                  IdType type,
                                  String name,
                                  IdType membershipType)
                           throws IdRepoException,
                                  SSOException

Description copied from class: IdRepo

Returns the memberships of an identity. For example, returns the groups or roles that a user belongs to.

Specified by:

getMemberships in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

membershipType - IdType of memberships to return.

Returns:

Set of objects that name is a member of.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

assignService

public void assignService(SSOToken token,
                          IdType type,
                          String name,
                          String serviceName,
                          SchemaType stype,
                          Map<String,Set<String>> attrMap)
                   throws IdRepoException,
                          SSOException

Description copied from class: IdRepo

This method is used to assign a service to the given identity. The behavior of this method will be different, depending on how each plugin will implement the services model. The map of attribute-values has already been validated and default values have already been inherited by the framework. The plugin has to verify if the service is assigned (in which case it should throw an exception), and assign the service and the attributes to the identity (if supported).

Specified by:

assignService in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

serviceName - service to assign

attrMap - Map of attribute-values.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getAssignedServices

public Set<String> getAssignedServices(SSOToken token,
                                       IdType type,
                                       String name,
                                       Map<String,Set<String>> mapOfServicesAndOCs)
                                throws IdRepoException,
                                       SSOException

Description copied from class: IdRepo

Returns the set of services assigned to this identity. The framework has to check if the values are objectclasses, then map it to service names. Or if they are servicenames, then there is no mapping needed.

Specified by:

getAssignedServices in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

Returns:

Set of name of services assigned to name

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

unassignService

public void unassignService(SSOToken token,
                            IdType type,
                            String name,
                            String serviceName,
                            Map<String,Set<String>> attrMap)
                     throws IdRepoException,
                            SSOException

Description copied from class: IdRepo

If the service is already assigned to the identity then this method unassigns the service and removes the related attributes from the entry.

Specified by:

unassignService in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

serviceName - Service name to remove.

attrMap - Map of attribute-values to remove

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getServiceAttributes

public Map<String,Set<String>> getServiceAttributes(SSOToken token,
                                                    IdType type,
                                                    String name,
                                                    String serviceName,
                                                    Set<String> attrNames)
                                             throws IdRepoException,
                                                    SSOException

Description copied from class: IdRepo

Returns the attribute values of the service attributes.

Specified by:

getServiceAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

serviceName - Name of service.

attrNames - Set of attribute names.

Returns:

Map of attribute-values.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

getBinaryServiceAttributes

public Map<String,byte[][]> getBinaryServiceAttributes(SSOToken token,
                                                       IdType type,
                                                       String name,
                                                       String serviceName,
                                                       Set<String> attrNames)
                                                throws IdRepoException,
                                                       SSOException

Description copied from class: IdRepo

Returns the requested binary attribute values of the service attributes as an array of bytes.

Specified by:

getBinaryServiceAttributes in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

serviceName - Name of service.

attrNames - Set of attribute names.

Returns:

Map of attribute-values.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

modifyService

public void modifyService(SSOToken token,
                          IdType type,
                          String name,
                          String serviceName,
                          SchemaType sType,
                          Map<String,Set<String>> attrMap)
                   throws IdRepoException,
                          SSOException

Description copied from class: IdRepo

Modifies the attribute values of the service attributes.

Specified by:

modifyService in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

type - Identity type of this object.

name - Name of the object of interest.

serviceName - Name of service.

attrMap - map of attribute-values.

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

addListener

public int addListener(SSOToken token,
                       IdRepoListener listener)
                throws IdRepoException,
                       SSOException

Description copied from class: IdRepo

Adds a listener for changes in the repository

Specified by:

addListener in class IdRepo

Parameters:

token - Single sign on token of identity performing the task.

Returns:

status code

Throws:

IdRepoException - If there are repository related error conditions.

SSOException - If identity's single sign on token is invalid.

removeListener

public void removeListener()

Description copied from class: IdRepo

Removes the listener added using addListener method. This is called by the IdRepo framework when the plugin is being shutdown due to configuration change, so that a new instance can be created with the new configuration map.

Specified by:

removeListener in class IdRepo

supportsAuthentication

public boolean supportsAuthentication()

Description copied from class: IdRepo

Returns true if the data store supports authentication of identities. Used by IdRepo framework to authenticate identities.

Overrides:

supportsAuthentication in class IdRepo

Returns:

true if data store supports authentication of of identities; else false

authenticate

public boolean authenticate(Callback[] credentials)
                     throws IdRepoException,
                            AuthLoginException

Description copied from class: IdRepo

Returns true if the data store successfully authenticates the identity with the provided credentials. In case the data store requires additional credentials, the list would be returned via the IdRepoException exception.

Overrides:

authenticate in class IdRepo

Parameters:

credentials - Array of callback objects containing information such as username and password.

Returns:

true if data store authenticates the identity; else false

Throws:

IdRepoException

AuthLoginException