Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.service.soap.server
Class SecurityServerGeneric

java.lang.Object
  extended by com.atlassian.crowd.service.soap.server.SecurityServerGeneric
All Implemented Interfaces:
SecurityServer
public class SecurityServerGeneric
extends java.lang.Object
implements SecurityServer

Crowd XFire SOAP service implementation.

See Also:
SecurityServerClient

Constructor Summary
SecurityServerGeneric(SOAPService soapService, ApplicationService applicationService, PropertyManager propertyManager, TokenAuthenticationManager tokenAuthenticationManager)
           
 
Method Summary
 void addAllPrincipals(AuthenticatedToken applicationToken, SOAPPrincipalWithCredential[] principals)
          Adds principals to the application's assigned directory.
 void addAttributeToGroup(AuthenticatedToken applicationToken, java.lang.String group, SOAPAttribute attribute)
          Adds an attribute to a group that is in the application's assigned directory.
 void addAttributeToPrincipal(AuthenticatedToken applicationToken, java.lang.String principal, SOAPAttribute attribute)
          Adds an attribute to a principal who is in the application's assigned directory.
 SOAPGroup addGroup(AuthenticatedToken applicationToken, SOAPGroup soapGroup)
          Adds a group to the application's assigned directory.
 SOAPPrincipal addPrincipal(AuthenticatedToken applicationToken, SOAPPrincipal principal, PasswordCredential credential)
          Adds a principal to the application's assigned directory.
 void addPrincipalToGroup(AuthenticatedToken applicationToken, java.lang.String principal, java.lang.String group)
          Adds a principal to a group for the application's assigned directory.
 void addPrincipalToRole(AuthenticatedToken applicationToken, java.lang.String principal, java.lang.String role)
          Adds the principal to a role for the application's assigned directory.
 SOAPRole addRole(AuthenticatedToken applicationToken, SOAPRole soapRole)
          Adds a role to the application's assigned directory.
 AuthenticatedToken authenticateApplication(ApplicationAuthenticationContext authenticationContext)
          Authenticates an application client to the Crowd security server.
 java.lang.String authenticatePrincipal(AuthenticatedToken applicationToken, UserAuthenticationContext authenticateContext)
          Authenticates a principal verses the calling who is in the application's assigned directory.
 java.lang.String authenticatePrincipalSimple(AuthenticatedToken applicationToken, java.lang.String username, java.lang.String password)
          Authenticates a principal without SSO details utilizing centralized authentication only.
protected
<T> UserQuery<T>
buildUserQuery(java.lang.Class<T> returnType, Application application, SearchRestriction... searchRestrictions)
           
 java.lang.String createPrincipalToken(AuthenticatedToken applicationToken, java.lang.String username, ValidationFactor[] validationFactors)
          Authenticates a principal without validating a password.
 java.lang.String[] findAllGroupNames(AuthenticatedToken applicationToken)
          Finds all of the groups who are visible in the application's assigned directory.
 SOAPNestableGroup[] findAllGroupRelationships(AuthenticatedToken applicationToken)
          Finds all of the groups who are visible in the application's assigned directory.
 java.lang.String[] findAllPrincipalNames(AuthenticatedToken applicationToken)
          Finds all of the principals who are visable in the application's assigned directory.
 java.lang.String[] findAllRoleNames(AuthenticatedToken applicationToken)
          Finds all of the roles who are visible in the application's assigned directory.
 SOAPGroup findGroupByName(AuthenticatedToken applicationToken, java.lang.String name)
          Find a group by name for the application's assigned directory.
 java.lang.String[] findGroupMemberships(AuthenticatedToken applicationToken, java.lang.String principalName)
          Finds all of the principals who are members of a group that is in the application's assigned directory.
 SOAPGroup findGroupWithAttributesByName(AuthenticatedToken applicationToken, java.lang.String name)
          Find a group by name for the application's assigned directory.
 SOAPPrincipal findPrincipalByName(AuthenticatedToken applicationToken, java.lang.String name)
          Finds a principal by name who is in the application's assigned directory.
 SOAPPrincipal findPrincipalByToken(AuthenticatedToken applicationToken, java.lang.String key)
          Finds a principal by token.
 SOAPPrincipal findPrincipalWithAttributesByName(AuthenticatedToken applicationToken, java.lang.String name)
          Finds a principal by name who is in the application's assigned directory.
 SOAPRole findRoleByName(AuthenticatedToken applicationToken, java.lang.String name)
          Finds a role by name for the application's assigned directory.
 java.lang.String[] findRoleMemberships(AuthenticatedToken applicationToken, java.lang.String principalName)
          Finds all of the principals who are members of a role that is in the application's assigned directory.
 long getCacheTime(AuthenticatedToken applicationToken)
          Deprecated. since 1.0.2 All caching configuration has moved to the crowd-ehcache.xml
 SOAPCookieInfo getCookieInfo(AuthenticatedToken applicationToken)
          Returns information needed to set the SSO cookie correctly.
 java.lang.String getDomain(AuthenticatedToken applicationToken)
          This will return the domain configured in Crowd or null if no domain has been set.
 java.lang.String[] getGrantedAuthorities(AuthenticatedToken applicationToken)
          Will return the List of group names that have been given access to connect to the application
 void invalidatePrincipalToken(AuthenticatedToken applicationToken, java.lang.String token)
          Invalidates a token for all integrated applications.
 boolean isCacheEnabled(AuthenticatedToken applicationToken)
          Checks if the client application should cache security information from the Crowd server.
 boolean isGroupMember(AuthenticatedToken applicationToken, java.lang.String group, java.lang.String principal)
          Checks if a prinicipal is a member of a group for the application's assigned directory.
 boolean isRoleMember(AuthenticatedToken applicationToken, java.lang.String role, java.lang.String principal)
          Checks if a principal is a member of a role for the application's assigned directory.
 boolean isValidPrincipalToken(AuthenticatedToken applicationToken, java.lang.String principalToken, ValidationFactor[] validationFactors)
          Checks if the principal's current token is still valid.
 void removeAttributeFromGroup(AuthenticatedToken applicationToken, java.lang.String group, java.lang.String attribute)
          Removes an attribute from a group that is in the application's assigned directory.
 void removeAttributeFromPrincipal(AuthenticatedToken applicationToken, java.lang.String principal, java.lang.String attribute)
          Removes an attribute from a principal who is in the application's assigned directory.
 void removeGroup(AuthenticatedToken applicationToken, java.lang.String group)
          Removes a group from the application's assigned directory.
 void removePrincipal(AuthenticatedToken applicationToken, java.lang.String principal)
          Removes a principal from the application's assigned directory.
 void removePrincipalFromGroup(AuthenticatedToken applicationToken, java.lang.String principal, java.lang.String group)
          Removes a principal from a group for the application's assigned directory.
 void removePrincipalFromRole(AuthenticatedToken applicationToken, java.lang.String principal, java.lang.String role)
          Removes a principal from a role for the application's assigned directory.
 void removeRole(AuthenticatedToken applicationToken, java.lang.String role)
          Removes a role from the application's assigned directory.
 void resetPrincipalCredential(AuthenticatedToken applicationToken, java.lang.String principal)
          Resets a principal's password credential to a random password and emails the new password who is in the application's assigned directory.
 SOAPGroup[] searchGroups(AuthenticatedToken applicationToken, SearchRestriction[] searchRestrictions)
          Searches for groups that are in the application's assigned directory.
 SOAPPrincipal[] searchPrincipals(AuthenticatedToken applicationToken, SearchRestriction[] searchRestrictions)
          Searches for principals that are in the application's assigned directory.
 SOAPRole[] searchRoles(AuthenticatedToken applicationToken, SearchRestriction[] searchRestrictions)
          Searches for roles that are in the application's assigned directory.
 void updateGroup(AuthenticatedToken authenticatedToken, java.lang.String groupName, java.lang.String description, boolean active)
          Updates the first group located from the list of directories assigned to an application Available fields that can be updated are description and active
 void updateGroupAttribute(AuthenticatedToken applicationToken, java.lang.String group, SOAPAttribute attribute)
          Updates an attribute for a group that is in the application's assigned directory..
 void updatePrincipalAttribute(AuthenticatedToken applicationToken, java.lang.String name, SOAPAttribute attribute)
          Updates an attribute for a principal who is in the application's assigned directory..
 void updatePrincipalCredential(AuthenticatedToken applicationToken, java.lang.String principal, PasswordCredential credential)
          Updates the password credential for a principal who is in the application's assigned directory.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityServerGeneric

public SecurityServerGeneric(SOAPService soapService,
                             ApplicationService applicationService,
                             PropertyManager propertyManager,
                             TokenAuthenticationManager tokenAuthenticationManager)
Method Detail

createPrincipalToken

public java.lang.String createPrincipalToken(AuthenticatedToken applicationToken,
                                             java.lang.String username,
                                             ValidationFactor[] validationFactors)
                                      throws InvalidAuthorizationTokenException,
                                             InactiveAccountException,
                                             java.rmi.RemoteException,
                                             InvalidAuthenticationException,
                                             ApplicationAccessDeniedException
Description copied from interface: SecurityServer
Authenticates a principal without validating a password.

Specified by:
createPrincipalToken in interface SecurityServer
Parameters:
applicationToken - The application authentication details.
username - The username to create an authenticate token for.
validationFactors - The known attributes of the user to use when creating a token, such as their remote IP address and user-agent.
Returns:
The principal's authentication token.
Throws:
InvalidAuthorizationTokenException - An invalid authentication occurred.
InactiveAccountException - The principal's account is inactive.
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthenticationException - An invalid authentication occurred.
ApplicationAccessDeniedException

authenticatePrincipalSimple

public java.lang.String authenticatePrincipalSimple(AuthenticatedToken applicationToken,
                                                    java.lang.String username,
                                                    java.lang.String password)
                                             throws java.rmi.RemoteException,
                                                    InvalidAuthenticationException,
                                                    InvalidAuthorizationTokenException,
                                                    InactiveAccountException,
                                                    ApplicationAccessDeniedException,
                                                    ExpiredCredentialException
Description copied from interface: SecurityServer
Authenticates a principal without SSO details utilizing centralized authentication only.

Specified by:
authenticatePrincipalSimple in interface SecurityServer
Parameters:
applicationToken - The application authentication details.
username - The username of the principal.
password - The password credential.
Returns:
The principal's authentication token.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - An invalid authentication occurred.
InactiveAccountException - The principal's account is inactive.
ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.
InvalidAuthenticationException
ApplicationAccessDeniedException

authenticateApplication

public AuthenticatedToken authenticateApplication(ApplicationAuthenticationContext authenticationContext)
                                           throws java.rmi.RemoteException,
                                                  InvalidAuthenticationException,
                                                  InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Authenticates an application client to the Crowd security server.

Specified by:
authenticateApplication in interface SecurityServer
Parameters:
authenticationContext - The application authentication details.
Returns:
The application's authenticated token that will be reused for operations verses the security server.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthenticationException - An invalid authentication occurred.
InvalidAuthorizationTokenException - An invalid authentication occurred.

authenticatePrincipal

public java.lang.String authenticatePrincipal(AuthenticatedToken applicationToken,
                                              UserAuthenticationContext authenticateContext)
                                       throws java.rmi.RemoteException,
                                              InvalidAuthenticationException,
                                              InactiveAccountException,
                                              InvalidAuthorizationTokenException,
                                              ApplicationAccessDeniedException,
                                              ExpiredCredentialException
Description copied from interface: SecurityServer
Authenticates a principal verses the calling who is in the application's assigned directory.

Specified by:
authenticatePrincipal in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
authenticateContext - The principal's authentication details.
Returns:
The principal's authenticated token.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthenticationException - The principal's authentication details were invalid.
InactiveAccountException - The principal's account is not active.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.
ApplicationAccessDeniedException

isValidPrincipalToken

public boolean isValidPrincipalToken(AuthenticatedToken applicationToken,
                                     java.lang.String principalToken,
                                     ValidationFactor[] validationFactors)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationAccessDeniedException
Description copied from interface: SecurityServer
Checks if the principal's current token is still valid.

Specified by:
isValidPrincipalToken in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principalToken - The token to check.
validationFactors - The known identity factors used when creating the principal's token.
Returns:
true if and only if the token is active, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationAccessDeniedException

invalidatePrincipalToken

public void invalidatePrincipalToken(AuthenticatedToken applicationToken,
                                     java.lang.String token)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Invalidates a token for all integrated applications. If the token is later validated, the token will not be found valid.

Specified by:
invalidatePrincipalToken in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
token - The token to invalidate.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

searchGroups

public SOAPGroup[] searchGroups(AuthenticatedToken applicationToken,
                                SearchRestriction[] searchRestrictions)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Searches for groups that are in the application's assigned directory.

Specified by:
searchGroups in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
searchRestrictions - The search restrictions to use when performing this search.
Returns:
The search results.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

searchPrincipals

public SOAPPrincipal[] searchPrincipals(AuthenticatedToken applicationToken,
                                        SearchRestriction[] searchRestrictions)
                                 throws java.rmi.RemoteException,
                                        InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Searches for principals that are in the application's assigned directory.

Specified by:
searchPrincipals in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
searchRestrictions - The search restrictions to use when performing this search.
Returns:
The search results.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

buildUserQuery

protected <T> UserQuery<T> buildUserQuery(java.lang.Class<T> returnType,
                                          Application application,
                                          SearchRestriction... searchRestrictions)

searchRoles

public SOAPRole[] searchRoles(AuthenticatedToken applicationToken,
                              SearchRestriction[] searchRestrictions)
                       throws java.rmi.RemoteException,
                              InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Searches for roles that are in the application's assigned directory.

Specified by:
searchRoles in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
searchRestrictions - The search restrictions to use when performing this search.
Returns:
The search results.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

addGroup

public SOAPGroup addGroup(AuthenticatedToken applicationToken,
                          SOAPGroup soapGroup)
                   throws java.rmi.RemoteException,
                          InvalidAuthorizationTokenException,
                          InvalidGroupException,
                          ApplicationPermissionException
Description copied from interface: SecurityServer
Adds a group to the application's assigned directory.

Specified by:
addGroup in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
soapGroup - The group to add.
Returns:
The populated details after the add of the group to the directory server.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidGroupException - An error occurred adding the group to the directory server.
ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.

updateGroup

public void updateGroup(AuthenticatedToken authenticatedToken,
                        java.lang.String groupName,
                        java.lang.String description,
                        boolean active)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        ApplicationPermissionException
Description copied from interface: SecurityServer
Updates the first group located from the list of directories assigned to an application Available fields that can be updated are description and active

Specified by:
updateGroup in interface SecurityServer
Parameters:
authenticatedToken - The application's authentication token. Obtained from the authenticateApplication method.
groupName - The name of the group to update.
description - the new description of the group.
active - the new active flag for the group.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity to the directory server.

findGroupByName

public SOAPGroup findGroupByName(AuthenticatedToken applicationToken,
                                 java.lang.String name)
                          throws java.rmi.RemoteException,
                                 InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Find a group by name for the application's assigned directory.

Specified by:
findGroupByName in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
name - The name of the group.
Returns:
The group object.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findGroupWithAttributesByName

public SOAPGroup findGroupWithAttributesByName(AuthenticatedToken applicationToken,
                                               java.lang.String name)
                                        throws java.rmi.RemoteException,
                                               InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Find a group by name for the application's assigned directory. This will retrive the group and all its attributes.

Specified by:
findGroupWithAttributesByName in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
name - The name of the group.
Returns:
The group object.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

addRole

public SOAPRole addRole(AuthenticatedToken applicationToken,
                        SOAPRole soapRole)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        InvalidRoleException,
                        ApplicationPermissionException
Description copied from interface: SecurityServer
Adds a role to the application's assigned directory.

Specified by:
addRole in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
soapRole - The name of the role.
Returns:
The role object.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidRoleException - An error occurred adding the role to the directory server.
ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.

findRoleByName

public SOAPRole findRoleByName(AuthenticatedToken applicationToken,
                               java.lang.String name)
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds a role by name for the application's assigned directory.

Specified by:
findRoleByName in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
name - The name of the role.
Returns:
The role object.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findPrincipalByToken

public SOAPPrincipal findPrincipalByToken(AuthenticatedToken applicationToken,
                                          java.lang.String key)
                                   throws InvalidAuthorizationTokenException,
                                          java.rmi.RemoteException,
                                          InvalidTokenException
Description copied from interface: SecurityServer
Finds a principal by token.

Specified by:
findPrincipalByToken in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
key - The principal's token.
Returns:
The principal object.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidTokenException - Unable to find the specified token.

updatePrincipalAttribute

public void updatePrincipalAttribute(AuthenticatedToken applicationToken,
                                     java.lang.String name,
                                     SOAPAttribute attribute)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationPermissionException
Description copied from interface: SecurityServer
Updates an attribute for a principal who is in the application's assigned directory.. Note: This is the same as calling addAttributeToPrincipal

Specified by:
updatePrincipalAttribute in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
name - The name of the principal.
attribute - The name of the attribute to update.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

updateGroupAttribute

public void updateGroupAttribute(AuthenticatedToken applicationToken,
                                 java.lang.String group,
                                 SOAPAttribute attribute)
                          throws java.rmi.RemoteException,
                                 InvalidAuthorizationTokenException,
                                 ApplicationPermissionException
Description copied from interface: SecurityServer
Updates an attribute for a group that is in the application's assigned directory.. Note: This is the same as calling addAttributeToGroup

Specified by:
updateGroupAttribute in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
group - The name of the group.
attribute - The name of the attribute to update.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

findPrincipalByName

public SOAPPrincipal findPrincipalByName(AuthenticatedToken applicationToken,
                                         java.lang.String name)
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds a principal by name who is in the application's assigned directory.

Specified by:
findPrincipalByName in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
name - The name of the principal.
Returns:
The principal object.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findPrincipalWithAttributesByName

public SOAPPrincipal findPrincipalWithAttributesByName(AuthenticatedToken applicationToken,
                                                       java.lang.String name)
                                                throws java.rmi.RemoteException,
                                                       InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds a principal by name who is in the application's assigned directory. This will retrive the principal and all its attributes.

Specified by:
findPrincipalWithAttributesByName in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
name - The name of the principal.
Returns:
The principal object.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

addAllPrincipals

public void addAllPrincipals(AuthenticatedToken applicationToken,
                             SOAPPrincipalWithCredential[] principals)
                      throws InvalidAuthorizationTokenException,
                             java.rmi.RemoteException,
                             ApplicationPermissionException,
                             BulkAddFailedException
Description copied from interface: SecurityServer
Adds principals to the application's assigned directory.

Specified by:
addAllPrincipals in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principals - Array of SOAPPrincipalWithCredential
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occurred.
ApplicationPermissionException - thrown when no Create User Permission for any of the directories.
BulkAddFailedException - throw when it failed to create a user in of the directories.

addPrincipal

public SOAPPrincipal addPrincipal(AuthenticatedToken applicationToken,
                                  SOAPPrincipal principal,
                                  PasswordCredential credential)
                           throws InvalidAuthorizationTokenException,
                                  java.rmi.RemoteException,
                                  InvalidCredentialException,
                                  ApplicationPermissionException
Description copied from interface: SecurityServer
Adds a principal to the application's assigned directory.

Specified by:
addPrincipal in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The populated principal object to added.
credential - The password for the principal.
Returns:
The principal object.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidCredentialException - The supplied password is invalid.
ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.

addPrincipalToGroup

public void addPrincipalToGroup(AuthenticatedToken applicationToken,
                                java.lang.String principal,
                                java.lang.String group)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                ApplicationPermissionException
Description copied from interface: SecurityServer
Adds a principal to a group for the application's assigned directory.

Specified by:
addPrincipalToGroup in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
group - The name of the group.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

updatePrincipalCredential

public void updatePrincipalCredential(AuthenticatedToken applicationToken,
                                      java.lang.String principal,
                                      PasswordCredential credential)
                               throws java.rmi.RemoteException,
                                      InvalidAuthorizationTokenException,
                                      InvalidCredentialException,
                                      ApplicationPermissionException
Description copied from interface: SecurityServer
Updates the password credential for a principal who is in the application's assigned directory.

Specified by:
updatePrincipalCredential in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
credential - The password.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidCredentialException - The supplied password is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

resetPrincipalCredential

public void resetPrincipalCredential(AuthenticatedToken applicationToken,
                                     java.lang.String principal)
                              throws java.rmi.RemoteException,
                                     InvalidEmailAddressException,
                                     InvalidAuthorizationTokenException,
                                     InvalidCredentialException,
                                     ApplicationPermissionException
Description copied from interface: SecurityServer
Resets a principal's password credential to a random password and emails the new password who is in the application's assigned directory.

Specified by:
resetPrincipalCredential in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidCredentialException - Unable to reset the principal's password.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidEmailAddressException

removeGroup

public void removeGroup(AuthenticatedToken applicationToken,
                        java.lang.String group)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        ApplicationPermissionException
Description copied from interface: SecurityServer
Removes a group from the application's assigned directory.

Specified by:
removeGroup in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
group - The name of the group.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.

removeRole

public void removeRole(AuthenticatedToken applicationToken,
                       java.lang.String role)
                throws java.rmi.RemoteException,
                       InvalidAuthorizationTokenException,
                       ApplicationPermissionException
Description copied from interface: SecurityServer
Removes a role from the application's assigned directory.

Specified by:
removeRole in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
role - The name of the role.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.

removePrincipal

public void removePrincipal(AuthenticatedToken applicationToken,
                            java.lang.String principal)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            ApplicationPermissionException
Description copied from interface: SecurityServer
Removes a principal from the application's assigned directory.

Specified by:
removePrincipal in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.

addPrincipalToRole

public void addPrincipalToRole(AuthenticatedToken applicationToken,
                               java.lang.String principal,
                               java.lang.String role)
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               ApplicationPermissionException
Description copied from interface: SecurityServer
Adds the principal to a role for the application's assigned directory.

Specified by:
addPrincipalToRole in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
role - The name of the role.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity to the directory server.

isGroupMember

public boolean isGroupMember(AuthenticatedToken applicationToken,
                             java.lang.String group,
                             java.lang.String principal)
                      throws java.rmi.RemoteException,
                             InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Checks if a prinicipal is a member of a group for the application's assigned directory.

Specified by:
isGroupMember in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
group - The name of the group.
principal - The name of the principal.
Returns:
true if and only if the principal is a group member, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

isRoleMember

public boolean isRoleMember(AuthenticatedToken applicationToken,
                            java.lang.String role,
                            java.lang.String principal)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Checks if a principal is a member of a role for the application's assigned directory.

Specified by:
isRoleMember in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
role - The name of the role.
principal - The name of the principal.
Returns:
true if and only if the principal is a role member, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

removePrincipalFromGroup

public void removePrincipalFromGroup(AuthenticatedToken applicationToken,
                                     java.lang.String principal,
                                     java.lang.String group)
                              throws InvalidAuthorizationTokenException,
                                     java.rmi.RemoteException,
                                     ApplicationPermissionException
Description copied from interface: SecurityServer
Removes a principal from a group for the application's assigned directory.

Specified by:
removePrincipalFromGroup in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
group - The name of the group.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occurred.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

removePrincipalFromRole

public void removePrincipalFromRole(AuthenticatedToken applicationToken,
                                    java.lang.String principal,
                                    java.lang.String role)
                             throws InvalidAuthorizationTokenException,
                                    java.rmi.RemoteException,
                                    ApplicationPermissionException,
                                    MembershipNotFoundException
Description copied from interface: SecurityServer
Removes a principal from a role for the application's assigned directory.

Specified by:
removePrincipalFromRole in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
role - The name of the role.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occurred.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
MembershipNotFoundException

addAttributeToPrincipal

public void addAttributeToPrincipal(AuthenticatedToken applicationToken,
                                    java.lang.String principal,
                                    SOAPAttribute attribute)
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    ApplicationPermissionException
Description copied from interface: SecurityServer
Adds an attribute to a principal who is in the application's assigned directory. Note: This is the same as calling updatePrincipalAttribute

Specified by:
addAttributeToPrincipal in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
attribute - The name attribute to add.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

addAttributeToGroup

public void addAttributeToGroup(AuthenticatedToken applicationToken,
                                java.lang.String group,
                                SOAPAttribute attribute)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                ApplicationPermissionException
Description copied from interface: SecurityServer
Adds an attribute to a group that is in the application's assigned directory. Note: This is the same as calling updateGroupAttribute

Specified by:
addAttributeToGroup in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
group - The name of the group.
attribute - The name attribute to add.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.

removeAttributeFromPrincipal

public void removeAttributeFromPrincipal(AuthenticatedToken applicationToken,
                                         java.lang.String principal,
                                         java.lang.String attribute)
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         ApplicationPermissionException
Description copied from interface: SecurityServer
Removes an attribute from a principal who is in the application's assigned directory.

Specified by:
removeAttributeFromPrincipal in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principal - The name of the principal.
attribute - The name of the attribute.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.

removeAttributeFromGroup

public void removeAttributeFromGroup(AuthenticatedToken applicationToken,
                                     java.lang.String group,
                                     java.lang.String attribute)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationPermissionException
Description copied from interface: SecurityServer
Removes an attribute from a group that is in the application's assigned directory.

Specified by:
removeAttributeFromGroup in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
group - The name of the group.
attribute - The name of the attribute.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.

getCacheTime

public long getCacheTime(AuthenticatedToken applicationToken)
                  throws java.rmi.RemoteException,
                         InvalidAuthorizationTokenException
Deprecated. since 1.0.2 All caching configuration has moved to the crowd-ehcache.xml

Description copied from interface: SecurityServer
Gets the amount of time a client should cache security information from the Crowd server.

Specified by:
getCacheTime in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
The cache time in minutes.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

isCacheEnabled

public boolean isCacheEnabled(AuthenticatedToken applicationToken)
                       throws java.rmi.RemoteException,
                              InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Checks if the client application should cache security information from the Crowd server.

Specified by:
isCacheEnabled in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
true if and only if the cache is enabled, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

getDomain

public java.lang.String getDomain(AuthenticatedToken applicationToken)
                           throws java.rmi.RemoteException,
                                  InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
This will return the domain configured in Crowd or null if no domain has been set.

Specified by:
getDomain in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
the domain to set the SSO cookie for, or null
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findAllPrincipalNames

public java.lang.String[] findAllPrincipalNames(AuthenticatedToken applicationToken)
                                         throws java.rmi.RemoteException,
                                                InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds all of the principals who are visable in the application's assigned directory.

Specified by:
findAllPrincipalNames in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
The names of all known principals.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findAllGroupNames

public java.lang.String[] findAllGroupNames(AuthenticatedToken applicationToken)
                                     throws java.rmi.RemoteException,
                                            InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds all of the groups who are visible in the application's assigned directory.

Specified by:
findAllGroupNames in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
A String listing of the group names.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findAllGroupRelationships

public SOAPNestableGroup[] findAllGroupRelationships(AuthenticatedToken applicationToken)
                                              throws java.rmi.RemoteException,
                                                     InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds all of the groups who are visible in the application's assigned directory. The groups will have their application's direct sub-groups populated. Principals will not be populated.

Specified by:
findAllGroupRelationships in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
A SOAPNestableGroup listing of the groups, plus any direct sub-groups.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findAllRoleNames

public java.lang.String[] findAllRoleNames(AuthenticatedToken applicationToken)
                                    throws java.rmi.RemoteException,
                                           InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds all of the roles who are visible in the application's assigned directory.

Specified by:
findAllRoleNames in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
A String listing of the role names.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findGroupMemberships

public java.lang.String[] findGroupMemberships(AuthenticatedToken applicationToken,
                                               java.lang.String principalName)
                                        throws java.rmi.RemoteException,
                                               InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds all of the principals who are members of a group that is in the application's assigned directory. This call does not resolve nesting.

Specified by:
findGroupMemberships in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principalName - The name of the principal to use when performing the lookup.
Returns:
A String listing of the principal's group memberships.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

findRoleMemberships

public java.lang.String[] findRoleMemberships(AuthenticatedToken applicationToken,
                                              java.lang.String principalName)
                                       throws java.rmi.RemoteException,
                                              InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Finds all of the principals who are members of a role that is in the application's assigned directory.

Specified by:
findRoleMemberships in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
principalName - The name of the principal to use role performing the lookup.
Returns:
A String listing of the principal's group memberships.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.

getGrantedAuthorities

public java.lang.String[] getGrantedAuthorities(AuthenticatedToken applicationToken)
                                         throws java.rmi.RemoteException,
                                                InvalidAuthorizationTokenException
Description copied from interface: SecurityServer
Will return the List of group names that have been given access to connect to the application

Specified by:
getGrantedAuthorities in interface SecurityServer
Parameters:
applicationToken - The application's authentication token. Obtained from the authenticateApplication method.
Returns:
a list of group names that are associated to the application represented by the application token
Throws:
java.rmi.RemoteException
InvalidAuthorizationTokenException

getCookieInfo

public SOAPCookieInfo getCookieInfo(AuthenticatedToken applicationToken)
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException
Returns information needed to set the SSO cookie correctly.

Specified by:
getCookieInfo in interface SecurityServer
Parameters:
applicationToken - application token
Returns:
An object with lots of tasty configuration information
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 Atlassian. All Rights Reserved.