SecurityServerClient (Atlassian Crowd 2.2.4 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.service.soap.client
Interface SecurityServerClient

All Known Implementing Classes:: SecurityServerClientImpl

public interface SecurityServerClient

An interface to communicate with the Crowd Security Server.

See Also:: for a singleton factory implementation.

Method Summary
`void`	`addAllPrincipals(java.util.Collection<SOAPPrincipalWithCredential> principals)` Adds principals to the application's assigned directory.
`void`	`addAttributeToGroup(java.lang.String group, SOAPAttribute attribute)` Adds an attribute to a group that is in the application's assigned directory.
`void`	`addAttributeToPrincipal(java.lang.String principal, SOAPAttribute attribute)` Adds an attribute to a principal who is in the application's assigned directory.
`SOAPGroup`	`addGroup(SOAPGroup group)` Adds a group to the application's assigned directory.
`SOAPPrincipal`	`addPrincipal(SOAPPrincipal principal, PasswordCredential credential)` Adds a principal to the application's assigned directory.
`void`	`addPrincipalToGroup(java.lang.String principal, java.lang.String group)` Adds a principal to a group for the application's assigned directory.
`void`	`addPrincipalToRole(java.lang.String principal, java.lang.String role)` Adds the principal to a role for the application's assigned directory.
`SOAPRole`	`addRole(SOAPRole role)` Adds a role to the application's assigned directory.
`void`	`authenticate()` Authenticate the client using the application name and password from crowd.properties.
`java.lang.String`	`authenticatePrincipal(UserAuthenticationContext userAuthenticationContext)` Authenticates a principal who is in the application's assigned directory.
`java.lang.String`	`authenticatePrincipalSimple(java.lang.String username, java.lang.String password)` Authenticates a principal without SSO details utilizing centralized authentication only.
`java.lang.String`	`createPrincipalToken(java.lang.String username, ValidationFactor[] validationFactors)` Authenticates a principal without validating a password.
`java.lang.String[]`	`findAllGroupNames()` Finds all of the groups who are visible in the application's assigned directory.
`SOAPNestableGroup[]`	`findAllGroupRelationships()` Finds all of the groups who are visible in the application's assigned directory.
`SOAPGroup[]`	`findAllGroups()` Retrieves all groups in the application's assigned directories.
`java.lang.String[]`	`findAllPrincipalNames()` Finds all of the principals who are visible in the application's assigned directory.
`SOAPPrincipal[]`	`findAllPrincipals()` Retrieves all principals in the application's assigned directories.
`java.lang.String[]`	`findAllRoleNames()` Finds all of the roles who are visible in the application's assigned directory.
`SOAPRole[]`	`findAllRoles()` Retrieves all roles in the application's assigned directories.
`SOAPGroup`	`findGroupByName(java.lang.String name)` Find a group by name for the application's assigned directory.
`java.lang.String[]`	`findGroupMemberships(java.lang.String principalName)` Finds all the groups the principal is a direct member of.
`SOAPGroup`	`findGroupWithAttributesByName(java.lang.String name)` Find a group by name for the application's assigned directory.
`SOAPPrincipal`	`findPrincipalByName(java.lang.String name)` Finds a principal by name who is in the application's assigned directory.
`SOAPPrincipal`	`findPrincipalByToken(java.lang.String key)` Finds a principal by token.
`SOAPPrincipal`	`findPrincipalWithAttributesByName(java.lang.String name)` Finds a principal by name who is in the application's assigned directory.
`SOAPRole`	`findRoleByName(java.lang.String name)` Finds a role by name for the application's assigned directory.
`java.lang.String[]`	`findRoleMemberships(java.lang.String principalName)` Finds all the roles the principal is a member of.
`long`	`getCacheTime()` Deprecated. This method is now implemented by the `crowd-ehcache.xml` configuration file.
`SOAPCookieInfo`	`getCookieInfo()` Returns information needed to set the SSO cookie correctly.
`java.lang.String`	`getDomain()` This will return the domain configured in Crowd or null if no domain has been set.
`java.lang.String[]`	`getGrantedAuthorities()` Will return the List of group names that have been given access to connect to the application
`SoapClientProperties`	`getSoapClientProperties()` Retrieve the SOAP client properties used to connect to the Crowd Security Server.
`void`	`invalidateToken(java.lang.String token)` Invalidates a principal token for all integrated applications.
`boolean`	`isCacheEnabled()` Checks if the client application should cache security information from the Crowd server.
`boolean`	`isGroupMember(java.lang.String group, java.lang.String principal)` Checks if a principal is a member of a group for the application's assigned directory.
`boolean`	`isRoleMember(java.lang.String role, java.lang.String principal)` Checks if a principal is a member of a role for the application's assigned directory.
`boolean`	`isValidToken(java.lang.String principalToken, ValidationFactor[] validationFactors)` Checks if the principal's current token is still valid.
`void`	`removeAttributeFromGroup(java.lang.String group, java.lang.String attribute)` Removes an attribute from a group that is in the application's assigned directory.
`void`	`removeAttributeFromPrincipal(java.lang.String principal, java.lang.String attribute)` Removes an attribute from a principal who is in the application's assigned directory.
`void`	`removeGroup(java.lang.String group)` Removes a group from the application's assigned directory.
`void`	`removePrincipal(java.lang.String principal)` Removes a principal from the application's assigned directory.
`void`	`removePrincipalFromGroup(java.lang.String principal, java.lang.String group)` Removes a principal from a group for the application's assigned directory.
`void`	`removePrincipalFromRole(java.lang.String principal, java.lang.String role)` Removes a principal from a role for the application's assigned directory.
`void`	`removeRole(java.lang.String role)` Removes a role from the application's assigned directory.
`void`	`resetPrincipalCredential(java.lang.String principal)` Resets a principal's password credential to a random password and emails the new password who is in the application's assigned directory.
`SOAPGroup[]`	`searchGroups(SearchRestriction[] searchRestrictions)` Searches for groups that are in the application's assigned directory.
`SOAPPrincipal[]`	`searchPrincipals(SearchRestriction[] searchRestrictions)` Searches for principals that are in the application's assigned directory.
`SOAPRole[]`	`searchRoles(SearchRestriction[] searchRestrictions)` Searches for roles that are in the application's assigned directory.
`void`	`updateGroup(java.lang.String group, java.lang.String description, boolean active)` Updates the first group located from the list of directories assigned to an application Available fields that can be updated are `description` and `active`
`void`	`updateGroupAttribute(java.lang.String name, SOAPAttribute attribute)` Updates an attribute for a group that is in the application's assigned directory.
`void`	`updatePrincipalAttribute(java.lang.String name, SOAPAttribute attribute)` Updates an attribute for a principal who is in the application's assigned directory.
`void`	`updatePrincipalCredential(java.lang.String principal, PasswordCredential credential)` Updates the password credential for a principal who is in the application's assigned directory.

Method Detail

authenticate

void authenticate()
                  throws java.rmi.RemoteException,
                         InvalidAuthorizationTokenException,
                         InvalidAuthenticationException

Authenticate the client using the application name and password from crowd.properties.

NOTE: this will perform an explicit authentication call to the server. There is no reason to directly call this as all the methods will automatically attempt to authenticate when required.

Throws:: java.rmi.RemoteException - there was a problem communicating with the Crowd Security Server.; InvalidAuthorizationTokenException - incorrect credentials were used to authenticate the client. Ensure the application.password in crowd.properties matches the one defined in the Crowd Console.; InvalidAuthenticationException - application authentication is not valid

authenticatePrincipal

java.lang.String authenticatePrincipal(UserAuthenticationContext userAuthenticationContext)
                                       throws java.rmi.RemoteException,
                                              InvalidAuthorizationTokenException,
                                              InvalidAuthenticationException,
                                              InactiveAccountException,
                                              ApplicationAccessDeniedException,
                                              ExpiredCredentialException

Authenticates a principal who is in the application's assigned directory.

Parameters:: userAuthenticationContext - The principal's authentication details.
Returns:: The principal's authenticated token.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - The principal's authentication details were invalid.; InactiveAccountException - The principal's account is not active.; ApplicationAccessDeniedException - if the user does not have access to this application.; ExpiredCredentialException - The user's credentials have expired.

isValidToken

boolean isValidToken(java.lang.String principalToken,
                     ValidationFactor[] validationFactors)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            ApplicationAccessDeniedException,
                            InvalidAuthenticationException

Checks if the principal's current token is still valid.

Parameters:: principalToken - The token to check.; validationFactors - The known identity factors used when creating the principal's token.
Returns:: true if and only if the token is active, otherwise false.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; ApplicationAccessDeniedException - if the user does not have access to this application.; InvalidAuthenticationException - application authentication is not valid

invalidateToken

void invalidateToken(java.lang.String token)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            InvalidAuthenticationException

Invalidates a principal token for all integrated applications. If the token is later validated, the token will not be found valid.

Parameters:: token - The token to invalidate.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

searchGroups

SOAPGroup[] searchGroups(SearchRestriction[] searchRestrictions)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                InvalidAuthenticationException

Searches for groups that are in the application's assigned directory.

Parameters:: searchRestrictions - The search restrictions to use when performing this search.
Returns:: The search results.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

searchPrincipals

SOAPPrincipal[] searchPrincipals(SearchRestriction[] searchRestrictions)
                                 throws java.rmi.RemoteException,
                                        InvalidAuthorizationTokenException,
                                        InvalidAuthenticationException

Searches for principals that are in the application's assigned directory.

Parameters:: searchRestrictions - The search restrictions to use when performing this search.
Returns:: The search results.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

searchRoles

SOAPRole[] searchRoles(SearchRestriction[] searchRestrictions)
                       throws java.rmi.RemoteException,
                              InvalidAuthorizationTokenException,
                              InvalidAuthenticationException

Searches for roles that are in the application's assigned directory.

Parameters:: searchRestrictions - The search restrictions to use when performing this search.
Returns:: The search results.
Throws:: java.rmi.RemoteException - An unknown remote exception occured.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllGroups

SOAPGroup[] findAllGroups()
                          throws java.rmi.RemoteException,
                                 InvalidAuthorizationTokenException,
                                 InvalidAuthenticationException

Retrieves all groups in the application's assigned directories.

Returns:: all groups in the application's assigned directories.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllRoles

SOAPRole[] findAllRoles()
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               InvalidAuthenticationException

Retrieves all roles in the application's assigned directories.

Returns:: all roles in the application's assigned directories.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllPrincipals

SOAPPrincipal[] findAllPrincipals()
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         InvalidAuthenticationException

Retrieves all principals in the application's assigned directories.

Returns:: all principals in the application's assigned directories.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

addGroup

SOAPGroup addGroup(SOAPGroup group)
                   throws java.rmi.RemoteException,
                          InvalidGroupException,
                          InvalidAuthorizationTokenException,
                          ApplicationPermissionException,
                          InvalidAuthenticationException

Adds a group to the application's assigned directory.

Parameters:: group - The group to add.
Returns:: The populated details after the add of the group to the directory server.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidGroupException - An error occured adding the group to the directory server.; ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.; InvalidAuthenticationException - application authentication is not valid

updateGroup

void updateGroup(java.lang.String group,
                 java.lang.String description,
                 boolean active)
                 throws java.rmi.RemoteException,
                        GroupNotFoundException,
                        ApplicationPermissionException,
                        InvalidAuthorizationTokenException,
                        InvalidAuthenticationException

Updates the first group located from the list of directories assigned to an application Available fields that can be updated are description and active

Parameters:: group - The name of the group to update.; description - the new description of the group.; active - the new active flag for the group.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; ApplicationPermissionException - The application does not have the proper permissions to update the entity to the directory server.; GroupNotFoundException - no groups matching the supplied name is found.; InvalidAuthenticationException - application authentication is not valid

findGroupByName

SOAPGroup findGroupByName(java.lang.String name)
                          throws java.rmi.RemoteException,
                                 InvalidAuthorizationTokenException,
                                 GroupNotFoundException,
                                 InvalidAuthenticationException

Find a group by name for the application's assigned directory.

Parameters:: name - The name of the group.
Returns:: The group object.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - Unable to find the specific group.; InvalidAuthenticationException - application authentication is not valid

findGroupWithAttributesByName

SOAPGroup findGroupWithAttributesByName(java.lang.String name)
                                        throws java.rmi.RemoteException,
                                               InvalidAuthorizationTokenException,
                                               GroupNotFoundException,
                                               InvalidAuthenticationException

Find a group by name for the application's assigned directory.

This will retrieve the group and all its attributes.

Parameters:: name - The name of the group.
Returns:: The group object.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - Unable to find the specific group.; InvalidAuthenticationException - application authentication is not valid

addRole

SOAPRole addRole(SOAPRole role)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        InvalidRoleException,
                        ApplicationPermissionException,
                        InvalidAuthenticationException

Adds a role to the application's assigned directory.

Parameters:: role - The name of the role.
Returns:: The role object.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidRoleException - An error occured adding the role to the directory server.; ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.; InvalidAuthenticationException - application authentication is not valid

findRoleByName

SOAPRole findRoleByName(java.lang.String name)
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               GroupNotFoundException,
                               InvalidAuthenticationException

Finds a role by name for the application's assigned directory.

Parameters:: name - The name of the role.
Returns:: The role object.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - Unable to find the specified role.; InvalidAuthenticationException - application authentication is not valid

findPrincipalByToken

SOAPPrincipal findPrincipalByToken(java.lang.String key)
                                   throws java.rmi.RemoteException,
                                          InvalidTokenException,
                                          InvalidAuthorizationTokenException,
                                          InvalidAuthenticationException

Finds a principal by token.

Parameters:: key - The principal's token.
Returns:: The principal object.
Throws:: InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; java.rmi.RemoteException - An unknown remote exception occurred.; InvalidTokenException - Unable to find the specified token.; InvalidAuthenticationException - application authentication is not valid

updatePrincipalAttribute

void updatePrincipalAttribute(java.lang.String name,
                              SOAPAttribute attribute)
                              throws java.rmi.RemoteException,
                                     UserNotFoundException,
                                     ApplicationPermissionException,
                                     InvalidAuthorizationTokenException,
                                     InvalidAuthenticationException

Updates an attribute for a principal who is in the application's assigned directory.

Note: This is the same as calling addAttributeToPrincipal

Parameters:: name - The name of the principal.; attribute - The name of the attribute to update.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - Unable to find the specified principal.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid

updateGroupAttribute

void updateGroupAttribute(java.lang.String name,
                          SOAPAttribute attribute)
                          throws java.rmi.RemoteException,
                                 GroupNotFoundException,
                                 ApplicationPermissionException,
                                 InvalidAuthorizationTokenException,
                                 InvalidAuthenticationException

Updates an attribute for a group that is in the application's assigned directory.

Note: This is the same as calling addAttributeToGroup

Parameters:: name - The name of the group.; attribute - The name of the attribute to update.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - Unable to find the specified principal.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid

findPrincipalByName

SOAPPrincipal findPrincipalByName(java.lang.String name)
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         UserNotFoundException,
                                         InvalidAuthenticationException

Finds a principal by name who is in the application's assigned directory.

Parameters:: name - The name of the principal.
Returns:: The principal object.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - Unable to find the specified principal.; InvalidAuthenticationException - application authentication is not valid

findPrincipalWithAttributesByName

SOAPPrincipal findPrincipalWithAttributesByName(java.lang.String name)
                                                throws java.rmi.RemoteException,
                                                       UserNotFoundException,
                                                       InvalidAuthorizationTokenException,
                                                       InvalidAuthenticationException

Finds a principal by name who is in the application's assigned directory.

This will retrieve the principal and all its attributes.

Parameters:: name - The name of the principal.
Returns:: The principal object.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - Unable to find the specified principal.; InvalidAuthenticationException - application authentication is not valid

addAllPrincipals

void addAllPrincipals(java.util.Collection<SOAPPrincipalWithCredential> principals)
                      throws InvalidAuthorizationTokenException,
                             java.rmi.RemoteException,
                             ApplicationPermissionException,
                             BulkAddFailedException,
                             InvalidAuthenticationException

Adds principals to the application's assigned directory.

Parameters:: principals - Array of SOAPPrincipalWithCredential
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; ApplicationPermissionException - thrown when no Create User Permission for any of the directories.; BulkAddFailedException - throw when it failed to create a user in of the directories.; InvalidAuthenticationException - application authentication is not valid

addPrincipal

SOAPPrincipal addPrincipal(SOAPPrincipal principal,
                           PasswordCredential credential)
                           throws java.rmi.RemoteException,
                                  InvalidAuthorizationTokenException,
                                  InvalidCredentialException,
                                  InvalidUserException,
                                  ApplicationPermissionException,
                                  InvalidAuthenticationException

Adds a principal to the application's assigned directory.

Parameters:: principal - The populated principal object to added.; credential - The password for the principal.
Returns:: The principal object.
Throws:: InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; java.rmi.RemoteException - An unknown remote exception occured.; InvalidCredentialException - The supplied password is invalid.; InvalidUserException - The supplied principal is invalid.; ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.; InvalidAuthenticationException - application authentication is not valid

addPrincipalToGroup

void addPrincipalToGroup(java.lang.String principal,
                         java.lang.String group)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                UserNotFoundException,
                                GroupNotFoundException,
                                ApplicationPermissionException,
                                InvalidAuthenticationException

Adds a principal to a group for the application's assigned directory.

Parameters:: principal - The name of the principal.; group - The name of the group.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - Unable to find group by name.; UserNotFoundException - Unable to find user by name.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid

updatePrincipalCredential

void updatePrincipalCredential(java.lang.String principal,
                               PasswordCredential credential)
                               throws java.rmi.RemoteException,
                                      InvalidAuthorizationTokenException,
                                      InvalidCredentialException,
                                      UserNotFoundException,
                                      ApplicationPermissionException,
                                      InvalidAuthenticationException

Updates the password credential for a principal who is in the application's assigned directory.

Parameters:: principal - The name of the principal.; credential - The password.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - Unable to find the specified principal.; InvalidCredentialException - The supplied password is invalid.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid

resetPrincipalCredential

void resetPrincipalCredential(java.lang.String principal)
                              throws java.rmi.RemoteException,
                                     InvalidEmailAddressException,
                                     InvalidCredentialException,
                                     UserNotFoundException,
                                     ApplicationPermissionException,
                                     InvalidAuthorizationTokenException,
                                     InvalidAuthenticationException

Resets a principal's password credential to a random password and emails the new password who is in the application's assigned directory.

Parameters:: principal - The name of the principal.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidCredentialException - Unable to reset the principal's password.; UserNotFoundException - Unable to find the specified principal.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid; InvalidEmailAddressException - invalid email address

removeGroup

void removeGroup(java.lang.String group)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        ApplicationPermissionException,
                        GroupNotFoundException,
                        InvalidAuthenticationException

Removes a group from the application's assigned directory.

Parameters:: group - The name of the group.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - Unable to find the specified group.; ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.; InvalidAuthenticationException - application authentication is not valid

removeRole

void removeRole(java.lang.String role)
                throws java.rmi.RemoteException,
                       InvalidAuthorizationTokenException,
                       ApplicationPermissionException,
                       GroupNotFoundException,
                       InvalidAuthenticationException

Removes a role from the application's assigned directory.

Parameters:: role - The name of the role.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - The specified role is invalid.; ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.; InvalidAuthenticationException - application authentication is not valid

removePrincipal

void removePrincipal(java.lang.String principal)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            ApplicationPermissionException,
                            UserNotFoundException,
                            InvalidAuthenticationException

Removes a principal from the application's assigned directory.

Parameters:: principal - The name of the principal.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - The specified principal is invalid.; ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.; InvalidAuthenticationException - application authentication is not valid

addPrincipalToRole

void addPrincipalToRole(java.lang.String principal,
                        java.lang.String role)
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               ApplicationPermissionException,
                               UserNotFoundException,
                               GroupNotFoundException,
                               InvalidAuthenticationException

Adds the principal to a role for the application's assigned directory.

Parameters:: principal - The name of the principal.; role - The name of the role.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - Unable to user by name; GroupNotFoundException - Unable to group (of type Role) by name.; ApplicationPermissionException - The application does not have the proper permissions to update the entity to the directory server.; InvalidAuthenticationException - application authentication is not valid

isGroupMember

boolean isGroupMember(java.lang.String group,
                      java.lang.String principal)
                      throws java.rmi.RemoteException,
                             InvalidAuthorizationTokenException,
                             InvalidAuthenticationException

Checks if a principal is a member of a group for the application's assigned directory.

Parameters:: group - The name of the group.; principal - The name of the principal.
Returns:: true if and only if the principal is a group member, otherwise false.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

isRoleMember

boolean isRoleMember(java.lang.String role,
                     java.lang.String principal)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            InvalidAuthenticationException

Checks if a principal is a member of a role for the application's assigned directory.

Parameters:: role - The name of the role.; principal - The name of the principal.
Returns:: true if and only if the principal is a role member, otherwise false.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

removePrincipalFromGroup

void removePrincipalFromGroup(java.lang.String principal,
                              java.lang.String group)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationPermissionException,
                                     GroupNotFoundException,
                                     UserNotFoundException,
                                     MembershipNotFoundException,
                                     InvalidAuthenticationException

Removes a principal from a group for the application's assigned directory.

Parameters:: principal - The name of the principal.; group - The name of the group.
Throws:: InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; java.rmi.RemoteException - An unknown remote exception occurred.; UserNotFoundException - Unable to find user by name; GroupNotFoundException - Unable to find group by name.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid; MembershipNotFoundException - Unable to find the membership

removePrincipalFromRole

void removePrincipalFromRole(java.lang.String principal,
                             java.lang.String role)
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    ApplicationPermissionException,
                                    UserNotFoundException,
                                    GroupNotFoundException,
                                    MembershipNotFoundException,
                                    InvalidAuthenticationException

Removes a principal from a role for the application's assigned directory.

Parameters:: principal - The name of the principal.; role - The name of the role.
Throws:: InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; java.rmi.RemoteException - An unknown remote exception occurred.; UserNotFoundException - Unable to find user by name; GroupNotFoundException - Unable to find group (of type Role) by name.; ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.; InvalidAuthenticationException - application authentication is not valid; MembershipNotFoundException - Unable to find the membership

addAttributeToPrincipal

void addAttributeToPrincipal(java.lang.String principal,
                             SOAPAttribute attribute)
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    ApplicationPermissionException,
                                    UserNotFoundException,
                                    InvalidAuthenticationException

Adds an attribute to a principal who is in the application's assigned directory.

Note: This is the same as calling updatePrincipalAttribute

Parameters:: principal - The name of the principal.; attribute - The name attribute to add.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - The specified principal is invalid.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid

removeAttributeFromPrincipal

void removeAttributeFromPrincipal(java.lang.String principal,
                                  java.lang.String attribute)
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         ApplicationPermissionException,
                                         UserNotFoundException,
                                         InvalidAuthenticationException

Removes an attribute from a principal who is in the application's assigned directory.

Parameters:: principal - The name of the principal.; attribute - The name of the attribute.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - The specified principal is invalid.; ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.; InvalidAuthenticationException - application authentication is not valid

addAttributeToGroup

void addAttributeToGroup(java.lang.String group,
                         SOAPAttribute attribute)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                ApplicationPermissionException,
                                GroupNotFoundException,
                                InvalidAuthenticationException

Adds an attribute to a group that is in the application's assigned directory.

Note: This is the same as calling updateGroupAttribute

Parameters:: group - The name of the group.; attribute - The name attribute to add.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - The specified group is invalid.; ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.; InvalidAuthenticationException - application authentication is not valid

removeAttributeFromGroup

void removeAttributeFromGroup(java.lang.String group,
                              java.lang.String attribute)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationPermissionException,
                                     GroupNotFoundException,
                                     InvalidAuthenticationException

Removes an attribute from a group that is in the application's assigned directory.

Note: This is the same as calling updateGroupAttribute

Parameters:: group - The name of the group.; attribute - The name of the attribute.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; GroupNotFoundException - The specified principal is invalid.; ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.; InvalidAuthenticationException - application authentication is not valid

getCacheTime

long getCacheTime()
                  throws java.rmi.RemoteException,
                         InvalidAuthorizationTokenException,
                         InvalidAuthenticationException

Deprecated. This method is now implemented by the crowd-ehcache.xml configuration file.

Gets the amount of time a client should cache security information from the Crowd server.

Returns:: The cache time in minutes.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

isCacheEnabled

boolean isCacheEnabled()
                       throws java.rmi.RemoteException,
                              InvalidAuthorizationTokenException,
                              InvalidAuthenticationException

Checks if the client application should cache security information from the Crowd server.

Returns:: true if and only if the cache is enabled, otherwise false.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

getDomain

java.lang.String getDomain()
                           throws java.rmi.RemoteException,
                                  InvalidAuthorizationTokenException,
                                  InvalidAuthenticationException

This will return the domain configured in Crowd or null if no domain has been set.

Returns:: the domain to set the SSO cookie for, or null
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllPrincipalNames

java.lang.String[] findAllPrincipalNames()
                                         throws java.rmi.RemoteException,
                                                InvalidAuthorizationTokenException,
                                                InvalidAuthenticationException

Finds all of the principals who are visible in the application's assigned directory.

Returns:: The names of all known principals.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllGroupNames

java.lang.String[] findAllGroupNames()
                                     throws java.rmi.RemoteException,
                                            InvalidAuthorizationTokenException,
                                            InvalidAuthenticationException

Finds all of the groups who are visible in the application's assigned directory.

Returns:: A String listing of the group names.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllGroupRelationships

SOAPNestableGroup[] findAllGroupRelationships()
                                              throws java.rmi.RemoteException,
                                                     InvalidAuthorizationTokenException,
                                                     InvalidAuthenticationException

Finds all of the groups who are visible in the application's assigned directory. The groups will have their application's direct sub-groups populated. Principals will not be populated.

Returns:: A SOAPNestableGroup listing of the groups, plus any direct sub-groups.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findAllRoleNames

java.lang.String[] findAllRoleNames()
                                    throws java.rmi.RemoteException,
                                           InvalidAuthorizationTokenException,
                                           InvalidAuthenticationException

Finds all of the roles who are visible in the application's assigned directory.

Returns:: A String listing of the role names.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

findGroupMemberships

java.lang.String[] findGroupMemberships(java.lang.String principalName)
                                        throws java.rmi.RemoteException,
                                               InvalidAuthorizationTokenException,
                                               UserNotFoundException,
                                               InvalidAuthenticationException

Finds all the groups the principal is a direct member of. This call does not resolve nesting.

Parameters:: principalName - The name of the principal to use when performing the lookup.
Returns:: A String listing of the principal's group memberships.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - The principal was not found; InvalidAuthenticationException - application authentication is not valid

findRoleMemberships

java.lang.String[] findRoleMemberships(java.lang.String principalName)
                                       throws java.rmi.RemoteException,
                                              InvalidAuthorizationTokenException,
                                              UserNotFoundException,
                                              InvalidAuthenticationException

Finds all the roles the principal is a member of.

Parameters:: principalName - The name of the principal to use role performing the lookup.
Returns:: A String listing of the principal's group memberships.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; UserNotFoundException - The principal was not found; InvalidAuthenticationException - application authentication is not valid

authenticatePrincipalSimple

java.lang.String authenticatePrincipalSimple(java.lang.String username,
                                             java.lang.String password)
                                             throws java.rmi.RemoteException,
                                                    InvalidAuthorizationTokenException,
                                                    InvalidAuthenticationException,
                                                    InactiveAccountException,
                                                    ApplicationAccessDeniedException,
                                                    ExpiredCredentialException

Authenticates a principal without SSO details utilizing centralized authentication only.

Parameters:: username - The username of the principal.; password - The password credential.
Returns:: The principal's authentication token.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthenticationException - An invalid authentication occurred.; InvalidAuthorizationTokenException - An invalid authentication occurred.; InactiveAccountException - The principal's account is inactive.; ApplicationAccessDeniedException - user does not have access to the application.; ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.

createPrincipalToken

java.lang.String createPrincipalToken(java.lang.String username,
                                      ValidationFactor[] validationFactors)
                                      throws java.rmi.RemoteException,
                                             InvalidAuthorizationTokenException,
                                             InvalidAuthenticationException,
                                             InactiveAccountException,
                                             ApplicationAccessDeniedException

Authenticates a principal without validating a password.

Parameters:: username - The username to create an authenticate token for.; validationFactors - The known attributes of the user to use when creating a token, such as their remote IP address and user-agent.
Returns:: The principal's authentication token.
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthenticationException - An invalid authentication occurred.; InvalidAuthorizationTokenException - An invalid authentication occurred.; InactiveAccountException - The principal's account is inactive.; ApplicationAccessDeniedException - user does not have access to authenticate against application

getGrantedAuthorities

java.lang.String[] getGrantedAuthorities()
                                         throws InvalidAuthorizationTokenException,
                                                java.rmi.RemoteException,
                                                InvalidAuthenticationException

Will return the List of group names that have been given access to connect to the application

Returns:: a String[] of group names
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - An invalid authentication occurred.; InvalidAuthenticationException - application authentication is not valid

getCookieInfo

SOAPCookieInfo getCookieInfo()
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    InvalidAuthenticationException

Returns information needed to set the SSO cookie correctly.

Returns:: An object with lots of tasty configuration information
Throws:: java.rmi.RemoteException - An unknown remote exception occurred.; InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.; InvalidAuthenticationException - application authentication is not valid

getSoapClientProperties

SoapClientProperties getSoapClientProperties()

Retrieve the SOAP client properties used to connect to the Crowd Security Server.

Returns:: client properties used.