org.identityconnectors.databasetable

Class DatabaseTableConnector

java.lang.Object

org.identityconnectors.databasetable.DatabaseTableConnector

All Implemented Interfaces:

Connector, AuthenticateOp, CreateOp, DeleteOp, ResolveUsernameOp, SchemaOp, SearchOp<FilterWhereBuilder>, SPIOperation, SyncOp, TestOp, UpdateOp, PoolableConnector

public class DatabaseTableConnector
extends Object
implements PoolableConnector, CreateOp, SearchOp<FilterWhereBuilder>, DeleteOp, UpdateOp, SchemaOp, TestOp, AuthenticateOp, SyncOp, ResolveUsernameOp

The database table DatabaseTableConnector is a basic, but easy to use DatabaseTableConnector for accounts in a relational database.

It supports create, update, search, and delete operations. It can also be used for pass-thru authentication, although it assumes the password is in clear text in the database.

This connector assumes that all account data is stored in a single database table. The delete action is implemented to simply remove the row from the table.

Since:

1.0

Version:

$Revision $

Author:

Will Droste, Keith Yarbrough

Constructor Summary

Constructors

Constructor and Description
DatabaseTableConnector()

Method Summary

Modifier and Type	Method and Description
Uid	authenticate(ObjectClass oclass, String username, GuardedString password, OperationOptions options) Attempts to authenticate the given username combination Simple authentication with two parameters presumed to be user name and password.
void	checkAlive() Checks if the connector is still alive.
Uid	create(ObjectClass oclass, Set<Attribute> attrs, OperationOptions options) Creates a row in the database representing an account.
FilterTranslator<FilterWhereBuilder>	createFilterTranslator(ObjectClass oclass, OperationOptions options) Creates a Database Table filter translator.
void	delete(ObjectClass oclass, Uid uid, OperationOptions options) Deletes a row from the table.
void	dispose() Disposes of the DatabaseTableConnector's resources.
void	executeQuery(ObjectClass oclass, FilterWhereBuilder where, ResultsHandler handler, OperationOptions options) Search for rows ConnectorFacade calls this method once for each native query that the FilterTranslator produces in response to the Filter passed into SearchApiOp.
String	getColumnName(String attributeName) Convert the attribute name to resource specific columnName
int	getColumnType(String columnName) The required type is cached
Configuration	getConfiguration() Return the configuration that was passed to Connector.init(Configuration).
SyncToken	getLatestSyncToken(ObjectClass oclass) Returns the token corresponding to the most recent synchronization event.
void	init(Configuration cfg) Init the connector Initialize the connector with its configuration.
String	quoteName(String value) Used to escape the table or column name.
Uid	resolveUsername(ObjectClass oclass, String username, OperationOptions options) Attempts to resolve the given username Resolve an object to its Uid based on its username.
Schema	schema() Describes the types of objects this Connector supports.
void	sync(ObjectClass oclass, SyncToken token, SyncResultsHandler handler, OperationOptions options) Request synchronization events--i.e., native changes to target objects.
void	test() Test the configuration and connection Tests the Configuration with the connector.
Uid	update(ObjectClass oclass, Uid uid, Set<Attribute> attrs, OperationOptions options) Update the database row with the data provided.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DatabaseTableConnector

public DatabaseTableConnector()

Method Detail

getConfiguration

public Configuration getConfiguration()

Return the configuration that was passed to Connector.init(Configuration).

Specified by:

getConfiguration in interface Connector

Returns:

The configuration that was passed to Connector.init(Configuration).

init

public void init(Configuration cfg)

Init the connector Initialize the connector with its configuration. For instance in a JDBC Connector this would include the database URL, password, and user.

Specified by:

init in interface Connector

Parameters:

cfg - instance of the Configuration object implemented by the Connector developer and populated with information in order to initialize the Connector.

checkAlive

public void checkAlive()

Checks if the connector is still alive.

A connector can spend a large amount of time in the pool before being used. This method is intended to check if the connector is alive and operations can be invoked on it (for instance, an implementation would check that the connector's physical connection to the resource has not timed out).

The major difference between this method and TestOp.test() is that this method must do only the minimum that is necessary to check that the connector is still alive. TestOp.test() does a more thorough check of the environment specified in the Configuration, and can therefore be much slower.

This method can be called often. Implementations should do their best to keep this method fast.

Specified by:

checkAlive in interface PoolableConnector

dispose

public void dispose()

Disposes of the DatabaseTableConnector's resources. Dispose of any resources the Connector uses.

Specified by:

dispose in interface Connector

create

public Uid create(ObjectClass oclass,
                  Set<Attribute> attrs,
                  OperationOptions options)

Creates a row in the database representing an account. The Connector developer is responsible for taking the attributes given (which always includes the ObjectClass) and create an object and its Uid. The Connector developer must return the Uid so that the caller can refer to the created object.

*Note: There will never be a Uid passed in with the attribute set for this method. If the resource supports some sort of mutable Uid, you should create your own resource-specific attribute for it, such as unix_uid.

Specified by:

create in interface CreateOp

Parameters:

oclass - the type of object to create. Will never be null.

attrs - includes all the attributes necessary to create the resource object including the ObjectClass attribute and Name attribute.

options - additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not worry about this ever being null.

Returns:

the unique id for the object that is created. For instance in LDAP this would be the 'dn', for a database this would be the primary key, and for 'ActiveDirectory' this would be the GUID.

delete

public void delete(ObjectClass oclass,
                   Uid uid,
                   OperationOptions options)

Deletes a row from the table. The Connector developer is responsible for calling the native delete methods to remove the object specified by its unique id.

Specified by:

delete in interface DeleteOp

Parameters:

oclass - type of object to delete.

uid - The unique id that specifies the object to delete.

options - additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not worry about this ever being null.

update

public Uid update(ObjectClass oclass,
                  Uid uid,
                  Set<Attribute> attrs,
                  OperationOptions options)

Update the database row with the data provided. Update the object specified by the ObjectClass and Uid, replacing the current values of each attribute with the values provided.

For each input attribute, replace all of the current values of that attribute in the target object with the values of that attribute.

If the target object does not currently contain an attribute that the input set contains, then add this attribute (along with the provided values) to the target object.

If the value of an attribute in the input set is null, then do one of the following, depending on which is most appropriate for the target:

• If possible, remove that attribute from the target object entirely.
• Otherwise, replace all of the current values of that attribute in the target object with a single value of null.

Specified by:

update in interface UpdateOp

Parameters:

oclass - the type of object to modify. Will never be null.

uid - the uid of the object to modify. Will never be null.

attrs - set of new Attribute. the values in this set represent the new, merged values to be applied to the object. This set may also include operational attributes. Will never be null.

options - additional options that impact the way this operation is run. Will never be null.

Returns:

the Uid of the updated object in case the update changes the formation of the unique identifier.

createFilterTranslator

public FilterTranslator<FilterWhereBuilder> createFilterTranslator(ObjectClass oclass,
                                                                   OperationOptions options)

Creates a Database Table filter translator. Creates a filter translator that will translate a specified filter into one or more native queries. Each of these native queries will be passed subsequently into executeQuery().

Specified by:

createFilterTranslator in interface SearchOp<FilterWhereBuilder>

Parameters:

oclass - The object class for the search. Will never be null.

options - additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not worry about this ever being null.

Returns:

A filter translator. This must not be null. A null return value will cause the API ( SearchApiOp) to throw NullPointerException.

executeQuery

public void executeQuery(ObjectClass oclass,
                         FilterWhereBuilder where,
                         ResultsHandler handler,
                         OperationOptions options)

Search for rows ConnectorFacade calls this method once for each native query that the FilterTranslator produces in response to the Filter passed into SearchApiOp. If the FilterTranslator produces more than one native query, then ConnectorFacade will automatically merge the results from each query and eliminate any duplicates. NOTE that this implies an in-memory data structure that holds a set of Uid values, so memory usage in the event of multiple queries will be O(N) where N is the number of results. This is why it is important that the FilterTranslator for each Connector implement OR if possible.

Specified by:

executeQuery in interface SearchOp<FilterWhereBuilder>

Parameters:

oclass - The object class for the search. Will never be null.

where - The native query to run. A value of null means "return every instance of the given object class".

handler - Results should be returned to this handler

options - Additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not guard against options being null.

sync

public void sync(ObjectClass oclass,
                 SyncToken token,
                 SyncResultsHandler handler,
                 OperationOptions options)

Request synchronization events--i.e., native changes to target objects.

This method will call the specified handler once to pass back each matching synchronization event. Once this method returns, this method will no longer invoke the specified handler.

Each synchronization event contains a token that can be used to resume reading events starting from that point in the event stream. In typical usage, a client will save the token from the final synchronization event that was received from one invocation of this sync() method and then pass that token into that client's next call to this sync() method. This allows a client to "pick up where he left off" in receiving synchronization events. However, a client can pass the token from any synchronization event into a subsequent invocation of this sync() method. This will return synchronization events (that represent native changes that occurred) immediately subsequent to the event from which the client obtained the token.

A client that wants to read synchronization events "starting now" can call SyncOp.getLatestSyncToken(org.identityconnectors.framework.common.objects.ObjectClass) and then pass that token into this sync() method.

Specified by:

sync in interface SyncOp

Parameters:

oclass - The class of object for which to return synchronization events. Must not be null.

token - The token representing the last token from the previous sync. The SyncResultsHandler will return any number of SyncDelta objects, each of which contains a token. Should be null if this is the client's first call to the sync() method for this connector.

handler - The result handler. Must not be null.

options - Options that affect the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so an implementation need not guard against this being null.

getLatestSyncToken

public SyncToken getLatestSyncToken(ObjectClass oclass)

Returns the token corresponding to the most recent synchronization event.

An application that wants to receive synchronization events "starting now" --i.e., wants to receive only native changes that occur after this method is called-- should call this method and then pass the resulting token into the sync() method.

Specified by:

getLatestSyncToken in interface SyncOp

Parameters:

oclass - the class of object for which to find the most recent synchronization event (if any). Must not be null.

Returns:

A token if synchronization events exist; otherwise null.

schema

public Schema schema()

Describes the types of objects this Connector supports. This method is considered an operation since determining supported objects may require configuration information and allows this determination to be dynamic.

The special Uid attribute should never appear in the schema, as it is not a true attribute of an object, rather a reference to it. If your resource object-class has a writable unique id attribute that is different than its Name, then your schema should contain a resource-specific attribute that represents this unique id. For example, a Unix account object might contain unix_uid.

Specified by:

schema in interface SchemaOp

Returns:

basic schema supported by this Connector.

test

public void test()

Test the configuration and connection Tests the Configuration with the connector.

Specified by:

test in interface TestOp

authenticate

public Uid authenticate(ObjectClass oclass,
                        String username,
                        GuardedString password,
                        OperationOptions options)

Attempts to authenticate the given username combination Simple authentication with two parameters presumed to be user name and password. The Connector developer is expected to attempt to authenticate these credentials natively. If the authentication fails the developer should throw a type of RuntimeException either IllegalArgumentException or if a native exception is available and if its of type RuntimeException simple throw it. If the native exception is not a RuntimeException wrap it in one and throw it. This will provide the most detail for logging problem and failed attempts.

The developer is of course encourage to try and throw the most informative exception as possible. In that regards there are several exceptions provided in the exceptions package. For instance one of the most common is InvalidPasswordException.

Specified by:

authenticate in interface AuthenticateOp

Parameters:

oclass - The object class to use for authenticate. Will typically be an account. Must not be null.

username - the name based credential for authentication.

password - the password based credential for authentication.

options - additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not worry about this ever being null.

Returns:

Uid The uid of the account that was used to authenticate

resolveUsername

public Uid resolveUsername(ObjectClass oclass,
                           String username,
                           OperationOptions options)

Attempts to resolve the given username Resolve an object to its Uid based on its username. This is a companion to the simple authentication. The difference is that this method does not have a password parameter and does not try to authenticate the credentials; instead, it returns the Uid corresponding to the username. Implementations method must, however, validate the username (i.e., they must throw and exception if the username does not correspond to an existing object).

If the username validation fails, the developer should throw a type of RuntimeException either IllegalArgumentException or if a native exception is available and if its of type RuntimeException simple throw it. If the native exception is not a RuntimeException wrap it in one and throw it. This will provide the most detail for logging problem and failed attempts.

The developer is of course encourage to try and throw the most informative exception as possible. In that regards there are several exceptions provided in the exceptions package. For instance one of the most common is UnknownUidException.

Specified by:

resolveUsername in interface ResolveUsernameOp

Parameters:

oclass - The object class to resolve the username for. Will typically be an account. Will not be null.

username - the username to resolve. Will not be null.

options - additional options that impact the way this operation is run. If the caller passes null, the framework will convert this into an empty set of options, so SPI need not worry about this ever being null.

Returns:

Uid The uid of the object corresponding to the username.

quoteName

public String quoteName(String value)

Used to escape the table or column name.

Parameters:

value - Value to be quoted

Returns:

the quoted column name

getColumnType

public int getColumnType(String columnName)

The required type is cached

Parameters:

columnName - the column name

Returns:

the cached column type

getColumnName

public String getColumnName(String attributeName)

Convert the attribute name to resource specific columnName

Parameters:

attributeName -

Returns:

the Column Name value