Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.manager.application
Class ApplicationManagerGeneric

java.lang.Object
  extended by com.atlassian.crowd.manager.GenericManager
      extended by com.atlassian.crowd.manager.application.ApplicationManagerGeneric
All Implemented Interfaces:
ApplicationManager
public class ApplicationManagerGeneric
extends GenericManager
implements ApplicationManager

Field Summary
 
Fields inherited from class com.atlassian.crowd.manager.GenericManager
cacheManager, i18nHelper, logger, propertyManager, tokenDAO
 
Constructor Summary
ApplicationManagerGeneric()
           
 
Method Summary
 Application add(Application application)
          Will add the given Application to Crowd
 RemoteGroup addGroup(Application application, RemoteGroup group)
          Adds a group to ALL possible directories assigned to the application.
 RemotePrincipal addPrincipal(Application application, RemotePrincipal principal)
          Adds the principal to ALL the permissible directories.
 void addPrincipalAttribute(Application application, java.lang.String name, java.lang.String attribute, AttributeValues values)
          Adds/sets the principal's attribute values.
 void addPrincipalToGroup(Application application, java.lang.String principal, java.lang.String group)
          Makes principals matching the given name members of the group across ALL directories.
 void addPrincipalToRole(Application application, java.lang.String principal, java.lang.String role)
          Makes principals matching the given name members of the role across ALL directories.
 RemoteRole addRole(Application application, RemoteRole role)
          Adds a role to ALL possible directories assigned to the application.
 Token authenticate(ApplicationAuthenticationContext authenticationContext)
           
 Token authenticate(PrincipalAuthenticationContext authenticateContext)
           
 Token authenticate(PrincipalAuthenticationContext authenticateContext, boolean validatePassword)
          Authenticates a principal and creates a token for the authentication.
 Token authenticate(PrincipalAuthenticationContext authenticateContext, boolean validatePassword, boolean ignoreCache)
           
 Token authenticateIgnoreCache(PrincipalAuthenticationContext authenticateContext)
          Authenticates a principal, bypassing any credential caching.
 Application findByID(long ID)
           
 Application findByName(java.lang.String name)
           
 RemoteGroup findGroupByName(Application application, java.lang.String name)
          This will form a RemoteGroup based on it's group name.
 java.util.List findGroupMemberships(Application application, java.lang.String principalName)
          For each principal matching the given name across assigned directories, build a list of group names in which the principals are members.
protected  java.util.List findGroupsByName(Application application, java.lang.String name)
          Finds a List of groups matching the provided group name across all directories assigned to the application.
 RemotePrincipal findPrincipalByName(Application application, java.lang.String name)
          Returns the first principal with the matching username from all the directories assigned to the application.
protected  java.util.List<RemotePrincipal> findPrincipalsByName(Application application, java.lang.String name)
          Returns a list of the principals with the matching name in the associated directories for the application (in order).
 RemoteRole findRoleByName(Application application, java.lang.String name)
          This will form a RemoteRole based on it's role name.
 java.util.List findRoleMemberships(Application application, java.lang.String principalName)
          For each principal matching the given name across assigned directories, build a list of role names in which the principals are members.
protected  java.util.List findRolesByName(Application application, java.lang.String name)
          Finds a List of roles matching the provided role name across all directories assigned to the application.
protected  java.lang.String getDirectoryName(long directoryID)
           
 boolean isGroupMember(Application application, java.lang.String group, java.lang.String principal)
          Determines group membership across directories assigned to an application.
 boolean isRoleMember(Application application, java.lang.String role, java.lang.String principal)
          Determines role membership across directories assigned to an application.
 void remove(Application application)
           
 void removeAllGroupMappings(long directoryID, java.lang.String groupName)
          Will remove all Group mappings from the Applications that are associated to the given directoryId with the given groupName
 void removeDirectoryFromAllApplications(Directory directory)
          Will remove a given directory and its associated mapped objects, such as: ApplicationDirectoryPermission's GroupMapping's and it's DirectoryMapping From all applications
 void removeDirectoryFromApplication(Directory directory, Application application)
          Will remove a directory from an application.
 void removeGroup(Application application, java.lang.String name)
          Removes ALL groups matching the supplied name from each of the application's assigned directories.
 void removePrincipal(Application application, java.lang.String name)
          Removes ALL principals from each of the application's assigned directories.
 void removePrincipalAttribute(Application application, java.lang.String name, java.lang.String attribute)
          Removes the attribute from principal.
 void removePrincipalFromGroup(Application application, java.lang.String principal, java.lang.String group)
          Makes principals matching the given name not members of the group across ALL directories.
 void removePrincipalFromRole(Application application, java.lang.String principal, java.lang.String role)
          Makes principals matching the given name not members of the role across ALL directories.
 void removeRole(Application application, java.lang.String name)
          Removes ALL roles matching the supplied name from each of the application's assigned directories.
 void resetPrincipalCredential(Application application, java.lang.String name)
          Resets the credentials of the first matching principal in the application's directories.
 java.util.List search(SearchContext searchContext)
           
 java.util.Collection searchGroups(Application application, SearchContext searchContext)
          Returns a List matching the search criteria defined in SearchContext.
 java.util.Collection searchPrincipals(Application application, SearchContext searchContext)
          Returns a Collection matching the search criteria defined in SearchContext.
 java.util.Collection searchRoles(Application application, SearchContext searchContext)
          Returns a List matching the search criteria defined in SearchContext.
 void setApplicationDAO(ApplicationDAO applicationDAO)
           
 void setDirectoryDAO(DirectoryDAO directoryDAO)
           
 void setDirectoryManager(DirectoryManager directoryManager)
           
 void setPasswordHelper(PasswordHelper passwordHelper)
           
 void setPermissionManager(PermissionManager permissionManager)
           
 Application update(Application application)
           
 Application updateCredentials(Application application)
          Takes an application with a List of credentials that are unencrypted, encrypts them and then updates the application in the database with the encrypted credentials
 void updateGroup(Application application, java.lang.String name, java.lang.String description, boolean active)
          Updates the ALL groups located from the list of directories assigned to an application Currently available fields that can be updated are description and active
 void updatePrincipalAttribute(Application application, java.lang.String name, java.lang.String attribute, AttributeValues values)
          Adds or replaces the existing principal's attribute values.
 void updatePrincipalCredential(Application application, java.lang.String name, PasswordCredential credential)
          Updates the credentials of the first matching principal in the application's directories.
 void updateRole(Application application, java.lang.String name, java.lang.String description, boolean active)
          Updates the ALL roles located from the list of directories assigned to an application Currently available fields that can be updated are description and active
 Token validateToken(java.lang.String token, ValidationFactor[] clientValidationFactors)
           
 Token validateToken(java.lang.String principalToken, ValidationFactor[] validationFactors, java.lang.String applicationName)
           
 
Methods inherited from class com.atlassian.crowd.manager.GenericManager
generateToken, genericValidateToken, getPropertyManager, getTokenDAO, hasAccess, hasAccess, setCacheManager, setI18nHelper, setPropertyManager, setTokenDAO
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ApplicationManagerGeneric

public ApplicationManagerGeneric()
Method Detail

add

public Application add(Application application)
                throws InvalidCredentialException
Description copied from interface: ApplicationManager
Will add the given Application to Crowd

Specified by:
add in interface ApplicationManager
Parameters:
application - the Application to add.
Returns:
the added Application
Throws:
InvalidCredentialException - if there was an error encrypting the Applications password

addGroup

public RemoteGroup addGroup(Application application,
                            RemoteGroup group)
                     throws ApplicationManagerException,
                            java.rmi.RemoteException,
                            ApplicationPermissionException
Adds a group to ALL possible directories assigned to the application.

Group is added to a directory if it doesn't exist in the directory.

Specified by:
addGroup in interface ApplicationManager
Parameters:
application - add to application's assigned directories.
group - the group to add.
Returns:
findGroupByName(application,principal.getName()) after adding the principal.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ApplicationManagerException - internal error, operation unsuccessful.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation AND the group does not already exist in ANY assigned directory.

addPrincipal

public RemotePrincipal addPrincipal(Application application,
                                    RemotePrincipal principal)
                             throws InvalidPrincipalException,
                                    ApplicationPermissionException,
                                    InvalidCredentialException,
                                    java.rmi.RemoteException
Adds the principal to ALL the permissible directories.

If the principal exists in ANY of the application's assigned directories, then an InvalidPrincipalException will be thrown.

If the add operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, a ApplicationPermissionException is thrown.

If the add operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Returns the principal from the first directory containing the principal.

Specified by:
addPrincipal in interface ApplicationManager
Parameters:
application - add to application's assigned directories.
principal - the principal to add.
Returns:
findPrincipalByName(application,principal.getName()) after adding the principal.
Throws:
InvalidPrincipalException - principal already exists in ANY assigned directory.
java.rmi.RemoteException - error thrown by directory implementation.
InvalidCredentialException - principal credential validation error.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

addPrincipalAttribute

public void addPrincipalAttribute(Application application,
                                  java.lang.String name,
                                  java.lang.String attribute,
                                  AttributeValues values)
                           throws java.rmi.RemoteException,
                                  ObjectNotFoundException,
                                  ApplicationPermissionException
Adds/sets the principal's attribute values.

Applies the change to ALL permissible directories assigned to application.

Specified by:
addPrincipalAttribute in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - name of principal.
attribute - attribute name.
values - attribute values.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if principal with given name does not exist in ANY assigned directory, or the underlying directory does not exist.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

addPrincipalToGroup

public void addPrincipalToGroup(Application application,
                                java.lang.String principal,
                                java.lang.String group)
                         throws java.rmi.RemoteException,
                                ObjectNotFoundException,
                                ApplicationPermissionException
Makes principals matching the given name members of the group across ALL directories.

Specified by:
addPrincipalToGroup in interface ApplicationManager
Parameters:
application - modify groups in application's assigned directories.
principal - principal name.
group - group name.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - when the principal cannot be found in ANY directory OR when ALL principals are in directories which don't have the requested group.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

addPrincipalToRole

public void addPrincipalToRole(Application application,
                               java.lang.String principal,
                               java.lang.String role)
                        throws java.rmi.RemoteException,
                               ObjectNotFoundException,
                               ApplicationPermissionException
Makes principals matching the given name members of the role across ALL directories.

Specified by:
addPrincipalToRole in interface ApplicationManager
Parameters:
application - modify roles in application's assigned directories.
principal - principal name.
role - role name.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - when the principal cannot be found in ANY directory OR when ALL principals are in directories which don't have the requested role.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

addRole

public RemoteRole addRole(Application application,
                          RemoteRole role)
                   throws java.rmi.RemoteException,
                          ApplicationPermissionException
Adds a role to ALL possible directories assigned to the application.

Role is added to a directory if it doesn't exist in the directory.

Specified by:
addRole in interface ApplicationManager
Parameters:
application - add to application's assigned directories.
role - the role to add.
Returns:
findRoleByName(application,principal.getName()) after adding the principal.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

authenticate

public Token authenticate(ApplicationAuthenticationContext authenticationContext)
                   throws ApplicationManagerException,
                          InvalidAuthenticationException
Specified by:
authenticate in interface ApplicationManager
Throws:
ApplicationManagerException
InvalidAuthenticationException

authenticate

public Token authenticate(PrincipalAuthenticationContext authenticateContext)
                   throws ApplicationManagerException,
                          InvalidAuthenticationException,
                          java.rmi.RemoteException,
                          InactiveAccountException
Specified by:
authenticate in interface ApplicationManager
Throws:
ApplicationManagerException
InvalidAuthenticationException
java.rmi.RemoteException
InactiveAccountException
See Also:
ApplicationManager.authenticate(com.atlassian.crowd.integration.authentication.PrincipalAuthenticationContext,boolean)

authenticate

public Token authenticate(PrincipalAuthenticationContext authenticateContext,
                          boolean validatePassword)
                   throws ApplicationManagerException,
                          InvalidAuthenticationException,
                          java.rmi.RemoteException,
                          InactiveAccountException
Description copied from interface: ApplicationManager
Authenticates a principal and creates a token for the authentication.

Specified by:
authenticate in interface ApplicationManager
Parameters:
authenticateContext - The authentication details for the principal.
validatePassword - If the password should be validated before generating a token.
Returns:
The authenticated token for the principal.
Throws:
ApplicationManagerException - internal error, operation unsuccessful.
InvalidAuthenticationException - The authentication was not successful.
java.rmi.RemoteException - Error thrown by directory implementation.
InactiveAccountException - The account attempting to authenticate is inactive.

authenticateIgnoreCache

public Token authenticateIgnoreCache(PrincipalAuthenticationContext authenticateContext)
                              throws ApplicationManagerException,
                                     InvalidAuthenticationException,
                                     java.rmi.RemoteException,
                                     InactiveAccountException
Description copied from interface: ApplicationManager
Authenticates a principal, bypassing any credential caching.

Specified by:
authenticateIgnoreCache in interface ApplicationManager
Throws:
ApplicationManagerException
InvalidAuthenticationException
java.rmi.RemoteException
InactiveAccountException
See Also:
ApplicationManager.authenticate(com.atlassian.crowd.integration.authentication.PrincipalAuthenticationContext,boolean)

authenticate

public Token authenticate(PrincipalAuthenticationContext authenticateContext,
                          boolean validatePassword,
                          boolean ignoreCache)
                   throws ApplicationManagerException,
                          InvalidAuthenticationException,
                          java.rmi.RemoteException,
                          InactiveAccountException
Throws:
ApplicationManagerException
InvalidAuthenticationException
java.rmi.RemoteException
InactiveAccountException

findByID

public Application findByID(long ID)
                     throws ObjectNotFoundException
Specified by:
findByID in interface ApplicationManager
Throws:
ObjectNotFoundException

findByName

public Application findByName(java.lang.String name)
                       throws ObjectNotFoundException
Specified by:
findByName in interface ApplicationManager
Throws:
ObjectNotFoundException

findGroupByName

public RemoteGroup findGroupByName(Application application,
                                   java.lang.String name)
                            throws ObjectNotFoundException,
                                   java.rmi.RemoteException
This will form a RemoteGroup based on it's group name.

If the group only spans one of the directories configured for the application, then the group is returned with it's associated directory.

If the group spans multiple directories, a unified view of the groups in each directory is returned, where the members are amalgamated. The associated directory is the FIRST directory found that matches the group. The actual directory should be regarded as meaningless because the members span multiple directories.

The behaviour of associating a directory to the group has been maintained so that users currently relying on this feature (ie. in the use case where a group spans exactly one directory) are catered for.

Specified by:
findGroupByName in interface ApplicationManager
Parameters:
application - application with associated directories to search.
name - name of the group to find.
Returns:
unified RemoteGroup
Throws:
ObjectNotFoundException - group does not exist in ANY of the application's assigned directories.
java.rmi.RemoteException - error thrown by directory implementation.

findGroupMemberships

public java.util.List findGroupMemberships(Application application,
                                           java.lang.String principalName)
                                    throws java.rmi.RemoteException,
                                           ObjectNotFoundException
For each principal matching the given name across assigned directories, build a list of group names in which the principals are members.

Specified by:
findGroupMemberships in interface ApplicationManager
Parameters:
application - application's directories to search.
principalName - name of the principal to find memberships for.
Returns:
List of group names the principal is a member of.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if no principals are found for the given application/directories, or the underlying directories cannot be found

findPrincipalByName

public RemotePrincipal findPrincipalByName(Application application,
                                           java.lang.String name)
                                    throws ObjectNotFoundException
Returns the first principal with the matching username from all the directories assigned to the application.

The directories are searched in the order they are assigned to the application.

Specified by:
findPrincipalByName in interface ApplicationManager
Parameters:
application - search application's assigned directories.
name - the username of the principal to find.
Returns:
first matching principal.
Throws:
ObjectNotFoundException - principal not found in any of the directories.

findRoleByName

public RemoteRole findRoleByName(Application application,
                                 java.lang.String name)
                          throws ObjectNotFoundException,
                                 java.rmi.RemoteException
This will form a RemoteRole based on it's role name.

If the role only spans one of the directories configured for the application, then the role is returned with it's associated directory.

If the role spans multiple directories, a unified view of the roles in each directory is returned, where the members are amalgamated. The associated directory is the FIRST directory found that matches the role. The actual directory should be regarded as meaningless because the members span multiple directories.

The behaviour of asoociating a directory to the role has been maintained so that users currently relying on this feature (ie. in the use case where a role spans exactly one directory) are catered for.

Specified by:
findRoleByName in interface ApplicationManager
Parameters:
application - application with associated directories to search.
name - name of the role to find.
Returns:
unified RemoteRole
Throws:
ObjectNotFoundException - role does not exist in ANY of the application's assigned directories.
java.rmi.RemoteException - error thrown by directory implementation.

findRoleMemberships

public java.util.List findRoleMemberships(Application application,
                                          java.lang.String principalName)
                                   throws java.rmi.RemoteException,
                                          ObjectNotFoundException
For each principal matching the given name across assigned directories, build a list of role names in which the principals are members.

Specified by:
findRoleMemberships in interface ApplicationManager
Parameters:
application - application's directories to search.
principalName - name of the principal to find memberships for.
Returns:
List of role names the principal is a member of.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if no principals are found for the given application/directories, or the underlying directories cannot be found

isGroupMember

public boolean isGroupMember(Application application,
                             java.lang.String group,
                             java.lang.String principal)
                      throws java.rmi.RemoteException
Determines group membership across directories assigned to an application.

Returns true if a principal matching the name belongs to a group matching the name in ANY assigned directory.

Otherwise returns false.

Specified by:
isGroupMember in interface ApplicationManager
Parameters:
application - search application's assigned directories.
group - group name to check for membership.
principal - principal name to check for membership.
Returns:
true if a principal matching the name belongs to a group matching the name in ANY assigned directory
Throws:
java.rmi.RemoteException - error thrown by directory implementation.

isRoleMember

public boolean isRoleMember(Application application,
                            java.lang.String role,
                            java.lang.String principal)
                     throws java.rmi.RemoteException
Determines role membership across directories assigned to an application.

Returns true if a principal matching the name belongs to a role matching the name in ANY assigned directory.

Otherwise returns false.

Specified by:
isRoleMember in interface ApplicationManager
Parameters:
application - search application's assigned directories.
role - role name to check for membership.
principal - principal name to check for membership.
Returns:
true if a principal matching the name belongs to a role matching the name in ANY assigned directory
Throws:
java.rmi.RemoteException - error thrown by directory implementation.

remove

public void remove(Application application)
            throws ApplicationManagerException
Specified by:
remove in interface ApplicationManager
Throws:
ApplicationManagerException

removeAllGroupMappings

public void removeAllGroupMappings(long directoryID,
                                   java.lang.String groupName)
                            throws ObjectNotFoundException
Description copied from interface: ApplicationManager
Will remove all Group mappings from the Applications that are associated to the given directoryId with the given groupName

Specified by:
removeAllGroupMappings in interface ApplicationManager
Parameters:
directoryID - the directory associated to Application's
groupName - the name of the group to remove
Throws:
ObjectNotFoundException - if the given Directory cannot be found.

removeDirectoryFromApplication

public void removeDirectoryFromApplication(Directory directory,
                                           Application application)
                                    throws ApplicationManagerException
Description copied from interface: ApplicationManager
Will remove a directory from an application. This will also remove all other mapped objects, such as: ApplicationDirectoryPermission's GroupMapping's and it's DirectoryMapping

Specified by:
removeDirectoryFromApplication in interface ApplicationManager
Parameters:
directory - the directory you wish to disociate
application - the application you wish to apply this dissociation too
Throws:
ApplicationManagerException - thrown if anything goes bad, updating the application

removeDirectoryFromAllApplications

public void removeDirectoryFromAllApplications(Directory directory)
                                        throws ApplicationManagerException
Description copied from interface: ApplicationManager
Will remove a given directory and its associated mapped objects, such as: ApplicationDirectoryPermission's GroupMapping's and it's DirectoryMapping From all applications

Specified by:
removeDirectoryFromAllApplications in interface ApplicationManager
Parameters:
directory - the directory to remove from all applications
Throws:
ApplicationManagerException - thrown if anything goes bad updating an application

removeGroup

public void removeGroup(Application application,
                        java.lang.String name)
                 throws ObjectNotFoundException,
                        java.rmi.RemoteException,
                        ApplicationPermissionException
Removes ALL groups matching the supplied name from each of the application's assigned directories.

If the group doesn't exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the remove operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, a ApplicationPermissionException is thrown.

If the remove operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Specified by:
removeGroup in interface ApplicationManager
Parameters:
application - remove from application's assigned directories.
name - the name of the principal to remove.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if group with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

removePrincipal

public void removePrincipal(Application application,
                            java.lang.String name)
                     throws java.rmi.RemoteException,
                            ObjectNotFoundException,
                            ApplicationPermissionException
Removes ALL principals from each of the application's assigned directories.

If the principal doesn't exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the remove operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, a ApplicationPermissionException is thrown.

If the remove operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Specified by:
removePrincipal in interface ApplicationManager
Parameters:
application - remove from application's assigned directories.
name - the name of the principal to remove.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if principal with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

removePrincipalAttribute

public void removePrincipalAttribute(Application application,
                                     java.lang.String name,
                                     java.lang.String attribute)
                              throws java.rmi.RemoteException,
                                     ObjectNotFoundException,
                                     ApplicationPermissionException
Removes the attribute from principal.

Applies the change to ALL permissible directories assigned to application.

Specified by:
removePrincipalAttribute in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - name of principal.
attribute - attribute name.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if principal with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

removePrincipalFromGroup

public void removePrincipalFromGroup(Application application,
                                     java.lang.String principal,
                                     java.lang.String group)
                              throws java.rmi.RemoteException,
                                     ObjectNotFoundException,
                                     ApplicationPermissionException
Makes principals matching the given name not members of the group across ALL directories.

If the group does not exist in ANY of the directories with the matching principals

Specified by:
removePrincipalFromGroup in interface ApplicationManager
Parameters:
application - modify groups in application's assigned directories.
principal - principal name.
group - group name.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - when the principal cannot be found in ANY directory OR when ALL principals are in directories which don't have the requested group.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

removePrincipalFromRole

public void removePrincipalFromRole(Application application,
                                    java.lang.String principal,
                                    java.lang.String role)
                             throws java.rmi.RemoteException,
                                    ObjectNotFoundException,
                                    ApplicationPermissionException
Makes principals matching the given name not members of the role across ALL directories.

If the role does not exist in ANY of the directories with the matching principals

Specified by:
removePrincipalFromRole in interface ApplicationManager
Parameters:
application - modify roles in application's assigned directories.
principal - principal name.
role - role name.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - when the principal cannot be found in ANY directory OR when ALL principals are in directories which don't have the requested role.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

removeRole

public void removeRole(Application application,
                       java.lang.String name)
                throws ObjectNotFoundException,
                       java.rmi.RemoteException,
                       ApplicationPermissionException
Removes ALL roles matching the supplied name from each of the application's assigned directories.

If the role doesn't exist in ANY of the application's assigned directories, then an ObjectNotFoundException will be thrown.

If the remove operation fails on a directory because of permissioning restrictions, an INFO message is logged. If ALL directories permissions fail, a ApplicationPermissionException is thrown.

If the remove operation fails on a directory for any other reason, such as directory failure, update failure, etc., an Exception is thrown immediately.

Specified by:
removeRole in interface ApplicationManager
Parameters:
application - remove from application's assigned directories.
name - the name of the principal to remove.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if role with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

resetPrincipalCredential

public void resetPrincipalCredential(Application application,
                                     java.lang.String name)
                              throws java.rmi.RemoteException,
                                     ObjectNotFoundException,
                                     InvalidCredentialException,
                                     ApplicationPermissionException
Resets the credentials of the first matching principal in the application's directories.

Thus, the method only operates on the same principal returned from a call to findPrincipalByName.

Specified by:
resetPrincipalCredential in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - name of principal.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
InvalidCredentialException - principal credential validation error.
ApplicationPermissionException - the first directory in which the principal is found doesn't have the permission to modify principals.
ObjectNotFoundException - if no principal with the given name exists in ANY assigned directory, or the associated directory does not exist

search

public java.util.List search(SearchContext searchContext)
Specified by:
search in interface ApplicationManager

searchGroups

public java.util.Collection searchGroups(Application application,
                                         SearchContext searchContext)
                                  throws java.rmi.RemoteException
Returns a List matching the search criteria defined in SearchContext.

Specified by:
searchGroups in interface ApplicationManager
Parameters:
application - search application's assigned directories.
searchContext - search criteria.
Returns:
Collection results. Each RemoteGroup is a conceptual RemoteGroup with members which can span multiple directories.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.

searchPrincipals

public java.util.Collection searchPrincipals(Application application,
                                             SearchContext searchContext)
                                      throws java.rmi.RemoteException
Returns a Collection matching the search criteria defined in SearchContext.

Specified by:
searchPrincipals in interface ApplicationManager
Parameters:
application - search application's assigned directories.
searchContext - search criteria.
Returns:
Collection results.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.

searchRoles

public java.util.Collection searchRoles(Application application,
                                        SearchContext searchContext)
                                 throws java.rmi.RemoteException
Returns a List matching the search criteria defined in SearchContext.

Specified by:
searchRoles in interface ApplicationManager
Parameters:
application - search application's assigned directories.
searchContext - search criteria.
Returns:
Collection results. Each RemoteRole is a conceptual RemoteRole with members which can span multiple directories.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.

update

public Application update(Application application)
                   throws ApplicationManagerException
Specified by:
update in interface ApplicationManager
Throws:
ApplicationManagerException

updateCredentials

public Application updateCredentials(Application application)
                              throws ApplicationManagerException,
                                     InvalidCredentialException
Description copied from interface: ApplicationManager
Takes an application with a List of credentials that are unencrypted, encrypts them and then updates the application in the database with the encrypted credentials

Specified by:
updateCredentials in interface ApplicationManager
Parameters:
application - an application with unencrypted password credentials
Returns:
the updated application with encrypted credentials
Throws:
ApplicationManagerException
InvalidCredentialException

updateGroup

public void updateGroup(Application application,
                        java.lang.String name,
                        java.lang.String description,
                        boolean active)
                 throws java.rmi.RemoteException,
                        ApplicationPermissionException,
                        ObjectNotFoundException
Updates the ALL groups located from the list of directories assigned to an application Currently available fields that can be updated are description and active

Specified by:
updateGroup in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - the name of the group to update.
description - the new description of the group.
active - the new boolean active flag of the group.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if group with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

updatePrincipalAttribute

public void updatePrincipalAttribute(Application application,
                                     java.lang.String name,
                                     java.lang.String attribute,
                                     AttributeValues values)
                              throws java.rmi.RemoteException,
                                     ObjectNotFoundException,
                                     ApplicationPermissionException
Adds or replaces the existing principal's attribute values.

Applies the change to ALL permissible directories assigned to application.

Specified by:
updatePrincipalAttribute in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - name of principal.
attribute - attribute name.
values - List attribute values. This will replace any existing values.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if principal with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

updatePrincipalCredential

public void updatePrincipalCredential(Application application,
                                      java.lang.String name,
                                      PasswordCredential credential)
                               throws java.rmi.RemoteException,
                                      ObjectNotFoundException,
                                      InvalidCredentialException,
                                      ApplicationPermissionException
Updates the credentials of the first matching principal in the application's directories.

Thus, the method only operates on the same principal returned from a call to findPrincipalByName.

Specified by:
updatePrincipalCredential in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - name of principal.
credential - new credentials.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
InvalidCredentialException - principal credential validation error.
ApplicationPermissionException - the first directory in which the principal is found doesn't have the permission to modify principals.
ObjectNotFoundException - if no principal with the given name exists in ANY assigned directory.

updateRole

public void updateRole(Application application,
                       java.lang.String name,
                       java.lang.String description,
                       boolean active)
                throws java.rmi.RemoteException,
                       ApplicationPermissionException,
                       ObjectNotFoundException
Updates the ALL roles located from the list of directories assigned to an application Currently available fields that can be updated are description and active

Specified by:
updateRole in interface ApplicationManager
Parameters:
application - update in application's assigned directories.
name - the name of the role to update.
description - the new description of the role.
active - the new boolean active flag of the grop.
Throws:
java.rmi.RemoteException - error thrown by directory implementation.
ObjectNotFoundException - if role with given name does not exist in ANY assigned directory.
ApplicationPermissionException - none of the application's associated directories have the correct permission to perform the operation.

validateToken

public Token validateToken(java.lang.String token,
                           ValidationFactor[] clientValidationFactors)
                    throws InvalidTokenException,
                           ApplicationManagerException
Specified by:
validateToken in interface ApplicationManager
Throws:
InvalidTokenException
ApplicationManagerException

validateToken

public Token validateToken(java.lang.String principalToken,
                           ValidationFactor[] validationFactors,
                           java.lang.String applicationName)
                    throws InvalidTokenException,
                           java.rmi.RemoteException,
                           ApplicationManagerException
Specified by:
validateToken in interface ApplicationManager
Throws:
InvalidTokenException
java.rmi.RemoteException
ApplicationManagerException

findGroupsByName

protected java.util.List findGroupsByName(Application application,
                                          java.lang.String name)
                                   throws java.rmi.RemoteException,
                                          ObjectNotFoundException
Finds a List of groups matching the provided group name across all directories assigned to the application.

Each group represents a physical group in the directory, unlike the method findGroupByName which returns a conceptual group with amalgamated members.

Parameters:
application - search application's assigned directories
name - name of group to search for.
Returns:
List, returns an empty list of no groups found.
Throws:
java.rmi.RemoteException - if there was an error in getting an instance of any of the directories configured for the application.
ObjectNotFoundException - if no groups found with the matching name.

findPrincipalsByName

protected java.util.List<RemotePrincipal> findPrincipalsByName(Application application,
                                                               java.lang.String name)
                                                        throws ObjectNotFoundException,
                                                               java.rmi.RemoteException
Returns a list of the principals with the matching name in the associated directories for the application (in order).

If the principal is not found in ANY associated directory, an ObjectNotFoundException is thrown.

Parameters:
application - the application with assigned directories to search.
name - name of principal to search.
Returns:
List
Throws:
ObjectNotFoundException - if no matching principal found in ANY of the application's directories.
java.rmi.RemoteException - error thrown by directory implementation.

findRolesByName

protected java.util.List findRolesByName(Application application,
                                         java.lang.String name)
                                  throws java.rmi.RemoteException,
                                         ObjectNotFoundException
Finds a List of roles matching the provided role name across all directories assigned to the application.

Each role represents a physical role in the directory, unlike the method findRoleByName which returns a conceptual role with amalgamated members.

Parameters:
application - search application's assigned directories
name - name of role to search for.
Returns:
List, returns an empty list of no roles found.
Throws:
java.rmi.RemoteException - if there was an error in getting an instance of any of the directories configured for the application.
ObjectNotFoundException - no role found with the given name

getDirectoryName

protected java.lang.String getDirectoryName(long directoryID)
                                     throws ObjectNotFoundException
Throws:
ObjectNotFoundException

setApplicationDAO

public void setApplicationDAO(ApplicationDAO applicationDAO)

setDirectoryDAO

public void setDirectoryDAO(DirectoryDAO directoryDAO)

setDirectoryManager

public void setDirectoryManager(DirectoryManager directoryManager)

setPasswordHelper

public void setPasswordHelper(PasswordHelper passwordHelper)

setPermissionManager

public void setPermissionManager(PermissionManager permissionManager)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2008 Atlassian Software Systems Pty Ltd. All Rights Reserved.