Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.directory
Class DelegatedAuthenticationDirectory

java.lang.Object
  extended by com.atlassian.crowd.directory.DelegatedAuthenticationDirectory
All Implemented Interfaces:
RemoteDirectory, Attributes
public class DelegatedAuthenticationDirectory
extends Object
implements RemoteDirectory

This implementation of a RemoteDirectory provides delegated authentication to an underlying remote LDAP implementation.

In essence this means that a User's groups and roles are managed internally to Crowd and only authentication is delegated to the LDAP directory.

Users, group and memberships exist in an internal directory and all query and mutation operations execute on the internal directory.

For a user to successfully authenticate, they must exist in LDAP and must authenticate against LDAP. Passwords are not stored internally.

If the ATTRIBUTE_CREATE_USER_ON_AUTH attribute is enabled, the delegated authentication directory will automatically create the user in the internal portion of this directory, once they successfully authenticate against LDAP. The initial user details, in this case, will be obtained from LDAP.

If the ATTRIBUTE_UPDATE_USER_ON_AUTH attribute is enabled, the delegated authentication directory will also update the user's details from LDAP automatically whenever they authenticate. The same behaviour will happen if the attribute is not enabled and the user is deleted internally and then re-authenticates.

If the create-on-auth option is not enabled, then users must always be manually created in this directory, before they can authenticate against LDAP. In this scenario, the user details will never be retrieved from LDAP. This is OSUser's default LDAP behaviour.

Field Summary
static String ATTRIBUTE_CREATE_USER_ON_AUTH
           
static String ATTRIBUTE_KEY_IMPORT_GROUPS
           
static String ATTRIBUTE_LDAP_DIRECTORY_CLASS
           
static String ATTRIBUTE_UPDATE_USER_ON_AUTH
           
 
Constructor Summary
DelegatedAuthenticationDirectory(RemoteDirectory ldapDirectory, InternalRemoteDirectory internalDirectory, com.atlassian.event.api.EventPublisher eventPublisher, DirectoryDao directoryDao)
           
 
Method Summary
 Group addGroup(GroupTemplate group)
          Adds a group to the directory store.
 void addGroupToGroup(String childGroup, String parentGroup)
          Adds a group as a member of a parent group.
 User addOrUpdateLdapUser(String name)
          Copies or updates a user in the internal directory from their counterpart in the LDAP directory.
 User addUser(UserTemplate user, PasswordCredential credential)
          Adds a user to the directory store.
 void addUserToGroup(String username, String groupName)
          Adds a user as a member of a group.
 User authenticate(String name, PasswordCredential credential)
          In addition to the normal authentication behaviour, following a successful authentication the following may occur: If the user does not exist in the internal directory and ATTRIBUTE_CREATE_USER_ON_AUTH is enabled, the user's details will be added to the internal directory. If the user exists in the internal directory and ATTRIBUTE_UPDATE_USER_ON_AUTH is enabled, the user's details will be updated in the internal directory. If the user exists in the internal directory and ATTRIBUTE_UPDATE_USER_ON_AUTH is enabled and the username was changed in remote directory, the user's name will be updated in the internal directory. A user marked as inactive locally will not be authenticated, retrieved, renamed or updated from the LDAP server.
 Group findGroupByName(String name)
          Finds the group that matches the supplied name.
 GroupWithAttributes findGroupWithAttributesByName(String name)
          Finds the group that matches the supplied name.
 User findUserByExternalId(String externalId)
          Finds the user that matches the supplied externalId.
 User findUserByName(String name)
          Finds the user that matches the supplied name.
 UserWithAttributes findUserWithAttributesByName(String name)
          Finds the user that matches the supplied name.
 RemoteDirectory getAuthoritativeDirectory()
           
 String getDescriptiveName()
          Returns a descriptive name for the type of directory.
 long getDirectoryId()
          Gets the internal unique directoryId of the directory store.
 Set<String> getKeys()
          Gets all the keys of the attributes.
 Iterable<Membership> getMemberships()
          Get an iterable view of the available group memberships.
 String getValue(String key)
          Returns any value associated with the given key, returns null if there is no value.
 Set<String> getValues(String key)
          Get all the values associated with a given key.
 boolean isEmpty()
           
 boolean isGroupDirectGroupMember(String childGroup, String parentGroup)
          Determines if a group is a direct member of another group.
 boolean isRolesDisabled()
          Expose whether the directory has roles disabled.
 boolean isUserDirectGroupMember(String username, String groupName)
          Determines if a user is a direct member of a group.
 void removeGroup(String name)
          Removes the group that matches the supplied name.
 void removeGroupAttributes(String groupName, String attributeName)
          Removes all the values for a single attribute key for a group.
 void removeGroupFromGroup(String childGroup, String parentGroup)
          Removes a group as a member of a parent group.
 void removeUser(String name)
          Removes the user that matches the supplied name.
 void removeUserAttributes(String username, String attributeName)
          Removes all the values for a single attribute key for a user.
 void removeUserFromGroup(String username, String groupName)
          Removes a user as a member of a group.
 Group renameGroup(String oldName, String newName)
          Renames a group.
 User renameUser(String oldName, String newName)
          Renames a user.
<T> List<T>
searchGroupRelationships(MembershipQuery<T> query)
          Searches for membership information.
<T> List<T>
searchGroups(EntityQuery<T> query)
          Searches for groups that match the supplied query criteria.
<T> List<T>
searchUsers(EntityQuery<T> query)
          Searches for users that match the supplied query criteria.
 void setAttributes(Map<String,String> attributes)
          When a directory store is loaded, the attributes map will be set by the Crowd framework.
 void setDirectoryId(long directoryId)
          When a directory store is loaded, the directoryId will be set by the crowd framework.
 void storeGroupAttributes(String groupName, Map<String,Set<String>> attributes)
          Adds or updates a group's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.
 void storeUserAttributes(String username, Map<String,Set<String>> attributes)
          Adds or updates a user's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.
 boolean supportsInactiveAccounts()
          Return true if this directory supports inactive users and groups.
 boolean supportsNestedGroups()
          Allows us to only display nested-group related UI for directories that support it.
 void testConnection()
          Test if a connection to the directory server can be established.
 Group updateGroup(GroupTemplate group)
          Updates the group.
 User updateUser(UserTemplate user)
          Updates the user.
 void updateUserCredential(String username, PasswordCredential credential)
          Updates the password for a user.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ATTRIBUTE_CREATE_USER_ON_AUTH

public static final String ATTRIBUTE_CREATE_USER_ON_AUTH
See Also:
Constant Field Values

ATTRIBUTE_UPDATE_USER_ON_AUTH

public static final String ATTRIBUTE_UPDATE_USER_ON_AUTH
See Also:
Constant Field Values

ATTRIBUTE_LDAP_DIRECTORY_CLASS

public static final String ATTRIBUTE_LDAP_DIRECTORY_CLASS
See Also:
Constant Field Values

ATTRIBUTE_KEY_IMPORT_GROUPS

public static final String ATTRIBUTE_KEY_IMPORT_GROUPS
See Also:
Constant Field Values
Constructor Detail

DelegatedAuthenticationDirectory

public DelegatedAuthenticationDirectory(RemoteDirectory ldapDirectory,
                                        InternalRemoteDirectory internalDirectory,
                                        com.atlassian.event.api.EventPublisher eventPublisher,
                                        DirectoryDao directoryDao)
Method Detail

getDirectoryId

public long getDirectoryId()
Description copied from interface: RemoteDirectory
Gets the internal unique directoryId of the directory store.

Specified by:
getDirectoryId in interface RemoteDirectory
Returns:
The directoryId.

setDirectoryId

public void setDirectoryId(long directoryId)
Description copied from interface: RemoteDirectory
When a directory store is loaded, the directoryId will be set by the crowd framework.

Specified by:
setDirectoryId in interface RemoteDirectory
Parameters:
directoryId - The unique directoryId of the DirectoryImpl stored in the database.

getDescriptiveName

public String getDescriptiveName()
Description copied from interface: RemoteDirectory
Returns a descriptive name for the type of directory.

Specified by:
getDescriptiveName in interface RemoteDirectory
Returns:
descriptive name.

setAttributes

public void setAttributes(Map<String,String> attributes)
Description copied from interface: RemoteDirectory
When a directory store is loaded, the attributes map will be set by the Crowd framework. Implementations may store a reference to this map in order to implement the Attributes

The Map is immutable and implementations are required to maintain immutability.

Specified by:
setAttributes in interface RemoteDirectory
Parameters:
attributes - attributes map.

findUserByName

public User findUserByName(String name)
                    throws UserNotFoundException,
                           OperationFailedException
Description copied from interface: RemoteDirectory
Finds the user that matches the supplied name.

Specified by:
findUserByName in interface RemoteDirectory
Parameters:
name - the name of the user (username).
Returns:
user entity.
Throws:
UserNotFoundException - a user with the supplied name does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

findUserWithAttributesByName

public UserWithAttributes findUserWithAttributesByName(String name)
                                                throws UserNotFoundException,
                                                       OperationFailedException
Description copied from interface: RemoteDirectory
Finds the user that matches the supplied name.

Specified by:
findUserWithAttributesByName in interface RemoteDirectory
Parameters:
name - the name of the user (username).
Returns:
user entity with attributes.
Throws:
UserNotFoundException - a user with the supplied name does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

findUserByExternalId

public User findUserByExternalId(String externalId)
                          throws UserNotFoundException
Description copied from interface: RemoteDirectory
Finds the user that matches the supplied externalId. This is an optional method that may not be implemented on all directory types. Currently it is implemented for LDAP and Internal directories but not Crowd directories.

Specified by:
findUserByExternalId in interface RemoteDirectory
Parameters:
externalId - the externalId of the user
Returns:
the user that matches the supplied externalId.
Throws:
UserNotFoundException - a user with the supplied externalId does not exist.
See Also:
RemoteDirectory.findUserByName(String)

authenticate

public User authenticate(String name,
                         PasswordCredential credential)
                  throws UserNotFoundException,
                         InactiveAccountException,
                         InvalidAuthenticationException,
                         ExpiredCredentialException,
                         OperationFailedException
In addition to the normal authentication behaviour, following a successful authentication the following may occur: A user marked as inactive locally will not be authenticated, retrieved, renamed or updated from the LDAP server.

Specified by:
authenticate in interface RemoteDirectory
Parameters:
name - The name of the user (username).
credential - The supplied credentials (password).
Returns:
The populated user if the authentication is valid.
Throws:
OperationFailedException - when user rename is not possible
UserNotFoundException - The user wth the supplied name does not exist.
InactiveAccountException - The supplied user is inactive.
InvalidAuthenticationException - Authentication with the provided credentials failed.
ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.
See Also:
RemoteDirectory.authenticate(String, PasswordCredential)

addOrUpdateLdapUser

public User addOrUpdateLdapUser(String name)
                         throws UserNotFoundException,
                                OperationFailedException
Copies or updates a user in the internal directory from their counterpart in the LDAP directory. Used by custom authenticators to ensure users exist when external authentication mechanisms just provide us with just a username.

Parameters:
name - the username of the user to copy
Returns:
the newly updated internal user
Throws:
UserNotFoundException - if no user with the given username exists in LDAP
OperationFailedException - if there was a problem communicating with the LDAP server or the user could not be cloned to the internal directory

addUser

public User addUser(UserTemplate user,
                    PasswordCredential credential)
             throws InvalidUserException,
                    InvalidCredentialException,
                    UserAlreadyExistsException,
                    OperationFailedException
Description copied from interface: RemoteDirectory
Adds a user to the directory store.

Specified by:
addUser in interface RemoteDirectory
Parameters:
user - template of the user to add.
credential - password. May be null, since JIRA creates a user in two steps (user THEN password)
Returns:
the added user retrieved from the underlying store.
Throws:
InvalidUserException - The supplied user is invalid.
InvalidCredentialException - The supplied credential is invalid.
UserAlreadyExistsException - The user already exists
OperationFailedException - underlying directory implementation failed to execute the operation.

updateUser

public User updateUser(UserTemplate user)
                throws InvalidUserException,
                       UserNotFoundException,
                       OperationFailedException
Description copied from interface: RemoteDirectory
Updates the user.

Specified by:
updateUser in interface RemoteDirectory
Parameters:
user - The user to update.
Returns:
the updated user retrieved from the underlying store.
Throws:
InvalidUserException - the supplied user is invalid.
UserNotFoundException - the user does not exist in the directory store.
OperationFailedException - underlying directory implementation failed to execute the operation.

updateUserCredential

public void updateUserCredential(String username,
                                 PasswordCredential credential)
                          throws UserNotFoundException,
                                 InvalidCredentialException,
                                 OperationFailedException
Description copied from interface: RemoteDirectory
Updates the password for a user.

Specified by:
updateUserCredential in interface RemoteDirectory
Parameters:
username - The name of the user (username).
credential - The new credential (password).
Throws:
UserNotFoundException - The user does not exist.
InvalidCredentialException - The supplied credential is invalid.
OperationFailedException - underlying directory implementation failed to execute the operation.

renameUser

public User renameUser(String oldName,
                       String newName)
                throws UserNotFoundException,
                       InvalidUserException,
                       UserAlreadyExistsException,
                       OperationFailedException
Description copied from interface: RemoteDirectory
Renames a user.

Specified by:
renameUser in interface RemoteDirectory
Parameters:
oldName - name of existing user.
newName - desired name of user.
Returns:
renamed user.
Throws:
UserNotFoundException - if the user with the existing name does not exist.
InvalidUserException - if the new username is invalid.
UserAlreadyExistsException - if the newName already exists.
OperationFailedException - if the underlying directory implementation failed to execute the operation.

storeUserAttributes

public void storeUserAttributes(String username,
                                Map<String,Set<String>> attributes)
                         throws UserNotFoundException,
                                OperationFailedException
Description copied from interface: RemoteDirectory
Adds or updates a user's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.

The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing

Attributes with values of empty sets are not added (these attributes are effectively removed).

Specified by:
storeUserAttributes in interface RemoteDirectory
Parameters:
username - name of user to update.
attributes - new or updated attributes (attributes that don't need changing should not appear in this Map).
Throws:
UserNotFoundException - user with supplied username does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

removeUserAttributes

public void removeUserAttributes(String username,
                                 String attributeName)
                          throws UserNotFoundException,
                                 OperationFailedException
Description copied from interface: RemoteDirectory
Removes all the values for a single attribute key for a user. If the attribute key does not exist nothing will happen.

Specified by:
removeUserAttributes in interface RemoteDirectory
Parameters:
username - name of the user to update.
attributeName - name of attribute to remove.
Throws:
UserNotFoundException - user with supplied username does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

removeUser

public void removeUser(String name)
                throws UserNotFoundException,
                       OperationFailedException
Description copied from interface: RemoteDirectory
Removes the user that matches the supplied name.

Specified by:
removeUser in interface RemoteDirectory
Parameters:
name - The name of the user (username).
Throws:
UserNotFoundException - The user does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

searchUsers

public <T> List<T> searchUsers(EntityQuery<T> query)
                    throws OperationFailedException
Description copied from interface: RemoteDirectory
Searches for users that match the supplied query criteria.

Specified by:
searchUsers in interface RemoteDirectory
Parameters:
query - EntityQuery for Entity.USER.
Returns:
List<User> or List<String> of users/usernames matching the search criteria. An empty List will be returned if no users matching the criteria are found.
Throws:
OperationFailedException - if the underlying directory implementation failed to execute the operation

findGroupByName

public Group findGroupByName(String name)
                      throws GroupNotFoundException,
                             OperationFailedException
Description copied from interface: RemoteDirectory
Finds the group that matches the supplied name.

Specified by:
findGroupByName in interface RemoteDirectory
Parameters:
name - the name of the group.
Returns:
group entity.
Throws:
GroupNotFoundException - a group with the supplied name does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

findGroupWithAttributesByName

public GroupWithAttributes findGroupWithAttributesByName(String name)
                                                  throws GroupNotFoundException,
                                                         OperationFailedException
Description copied from interface: RemoteDirectory
Finds the group that matches the supplied name.

Specified by:
findGroupWithAttributesByName in interface RemoteDirectory
Parameters:
name - the name of the group.
Returns:
group entity with attributes.
Throws:
GroupNotFoundException - a group with the supplied name does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

addGroup

public Group addGroup(GroupTemplate group)
               throws InvalidGroupException,
                      OperationFailedException
Description copied from interface: RemoteDirectory
Adds a group to the directory store.

Specified by:
addGroup in interface RemoteDirectory
Parameters:
group - template of the group to add.
Returns:
the added group retrieved from the underlying store.
Throws:
InvalidGroupException - The supplied group is invalid.
OperationFailedException - underlying directory implementation failed to execute the operation.

updateGroup

public Group updateGroup(GroupTemplate group)
                  throws InvalidGroupException,
                         GroupNotFoundException,
                         OperationFailedException,
                         ReadOnlyGroupException
Description copied from interface: RemoteDirectory
Updates the group.

Specified by:
updateGroup in interface RemoteDirectory
Parameters:
group - The group to update.
Returns:
the updated group retrieved from the underlying store.
Throws:
InvalidGroupException - the supplied group is invalid.
GroupNotFoundException - the group does not exist in the directory store.
OperationFailedException - underlying directory implementation failed to execute the operation.
ReadOnlyGroupException - the group is read-only

renameGroup

public Group renameGroup(String oldName,
                         String newName)
                  throws GroupNotFoundException,
                         InvalidGroupException,
                         OperationFailedException
Description copied from interface: RemoteDirectory
Renames a group.

Specified by:
renameGroup in interface RemoteDirectory
Parameters:
oldName - name of existing group.
newName - desired name of group.
Returns:
renamed group.
Throws:
GroupNotFoundException - if the group with the existing name does not exist.
InvalidGroupException - if the new groupname is invalid or already exists in the directory.
OperationFailedException - if the underlying directory implementation failed to execute the operation.

storeGroupAttributes

public void storeGroupAttributes(String groupName,
                                 Map<String,Set<String>> attributes)
                          throws GroupNotFoundException,
                                 OperationFailedException
Description copied from interface: RemoteDirectory
Adds or updates a group's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.

The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing

Attributes with values of empty sets are not added (these attributes are effectively removed).

Specified by:
storeGroupAttributes in interface RemoteDirectory
Parameters:
groupName - name of group to update.
attributes - new or updated attributes (attributes that don't need changing should not appear in this Map).
Throws:
GroupNotFoundException - group with supplied groupName does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

removeGroupAttributes

public void removeGroupAttributes(String groupName,
                                  String attributeName)
                           throws GroupNotFoundException,
                                  OperationFailedException
Description copied from interface: RemoteDirectory
Removes all the values for a single attribute key for a group.

Specified by:
removeGroupAttributes in interface RemoteDirectory
Parameters:
groupName - name of the group to update.
attributeName - name of attribute to remove.
Throws:
GroupNotFoundException - group with supplied groupName does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.

removeGroup

public void removeGroup(String name)
                 throws GroupNotFoundException,
                        OperationFailedException,
                        ReadOnlyGroupException
Description copied from interface: RemoteDirectory
Removes the group that matches the supplied name.

Specified by:
removeGroup in interface RemoteDirectory
Parameters:
name - The name of the group.
Throws:
GroupNotFoundException - The group does not exist.
OperationFailedException - underlying directory implementation failed to execute the operation.
ReadOnlyGroupException - if the group is read-only and not allowed to be deleted.

searchGroups

public <T> List<T> searchGroups(EntityQuery<T> query)
                     throws OperationFailedException
Description copied from interface: RemoteDirectory
Searches for groups that match the supplied query criteria.

Specified by:
searchGroups in interface RemoteDirectory
Parameters:
query - EntityQuery for Entity.GROUP.
Returns:
List or List of groups/groupnames matching the search criteria. An empty List will be returned if no groups matching the criteria are found.
Throws:
OperationFailedException - if the underlying directory implementation failed to execute the operation

isUserDirectGroupMember

public boolean isUserDirectGroupMember(String username,
                                       String groupName)
                                throws OperationFailedException
Description copied from interface: RemoteDirectory
Determines if a user is a direct member of a group. The directory is NOT expected to resolve any transitive group relationships.

Specified by:
isUserDirectGroupMember in interface RemoteDirectory
Parameters:
username - name of user.
groupName - name of group.
Returns:
true iff the user is a direct member of the group.
Throws:
OperationFailedException - underlying directory implementation failed to execute the operation.

isGroupDirectGroupMember

public boolean isGroupDirectGroupMember(String childGroup,
                                        String parentGroup)
                                 throws OperationFailedException
Description copied from interface: RemoteDirectory
Determines if a group is a direct member of another group. The directory is NOT expected to resolve any transitive group relationships.

Specified by:
isGroupDirectGroupMember in interface RemoteDirectory
Parameters:
childGroup - name of child group.
parentGroup - name of parent group.
Returns:
true iff the childGroup is a direct member of the parentGroup.
Throws:
OperationFailedException - underlying directory implementation failed to execute the operation.

addUserToGroup

public void addUserToGroup(String username,
                           String groupName)
                    throws GroupNotFoundException,
                           UserNotFoundException,
                           OperationFailedException,
                           ReadOnlyGroupException,
                           MembershipAlreadyExistsException
Description copied from interface: RemoteDirectory
Adds a user as a member of a group. This means that all user members of childGroup will appear as members of parentGroup to querying applications.

Specified by:
addUserToGroup in interface RemoteDirectory
Parameters:
username - The user that will become a member of groupName
groupName - The group that will gain a new member.
Throws:
GroupNotFoundException - If the group cannot be found.
UserNotFoundException - If the user cannot be found.
OperationFailedException - underlying directory implementation failed to execute the operation.
ReadOnlyGroupException - If the group is read-only
MembershipAlreadyExistsException - if the user is already a member of the group

addGroupToGroup

public void addGroupToGroup(String childGroup,
                            String parentGroup)
                     throws GroupNotFoundException,
                            InvalidMembershipException,
                            OperationFailedException,
                            ReadOnlyGroupException,
                            MembershipAlreadyExistsException
Description copied from interface: RemoteDirectory
Adds a group as a member of a parent group.

Specified by:
addGroupToGroup in interface RemoteDirectory
Parameters:
childGroup - The group that will become a member of parentGroup
parentGroup - The group that will gain a new member
Throws:
GroupNotFoundException - One or both of the groups cannot be found.
InvalidMembershipException - if the childGroup and parentGroup exist but are of different GroupTypes.
OperationFailedException - underlying directory implementation failed to execute the operation.
ReadOnlyGroupException - if either of the groups are read-only
MembershipAlreadyExistsException - if the child group is already a child of the parent group

removeUserFromGroup

public void removeUserFromGroup(String username,
                                String groupName)
                         throws GroupNotFoundException,
                                UserNotFoundException,
                                MembershipNotFoundException,
                                OperationFailedException,
                                ReadOnlyGroupException
Description copied from interface: RemoteDirectory
Removes a user as a member of a group.

Specified by:
removeUserFromGroup in interface RemoteDirectory
Parameters:
username - The user that will be removed from parentGroup
groupName - The group that will lose the member.
Throws:
GroupNotFoundException - If the group cannot be found.
UserNotFoundException - If the user cannot be found.
MembershipNotFoundException - if the user is not a direct member of the group.
OperationFailedException - underlying directory implementation failed to execute the operation.
ReadOnlyGroupException - if the group is read-only

removeGroupFromGroup

public void removeGroupFromGroup(String childGroup,
                                 String parentGroup)
                          throws GroupNotFoundException,
                                 InvalidMembershipException,
                                 MembershipNotFoundException,
                                 OperationFailedException,
                                 ReadOnlyGroupException
Description copied from interface: RemoteDirectory
Removes a group as a member of a parent group.

Specified by:
removeGroupFromGroup in interface RemoteDirectory
Parameters:
childGroup - The group that will be removed from parentGroup
parentGroup - The group that will lose the member.
Throws:
GroupNotFoundException - One or both of the groups cannot be found.
InvalidMembershipException - if the childGroup and parentGroup exist but are of different GroupTypes.
MembershipNotFoundException - if the childGroup is not a direct member of the parentGroup.
OperationFailedException - underlying directory implementation failed to execute the operation.
ReadOnlyGroupException - if the groups are read-only

searchGroupRelationships

public <T> List<T> searchGroupRelationships(MembershipQuery<T> query)
                                 throws OperationFailedException
Description copied from interface: RemoteDirectory
Searches for membership information.

Specified by:
searchGroupRelationships in interface RemoteDirectory
Parameters:
query - query for memberships.
Returns:
a List of Users or Groups or Strings depending on the query criteria. An empty List if there are no results.
Throws:
OperationFailedException - underlying directory implementation failed to execute the operation.

testConnection

public void testConnection()
                    throws OperationFailedException
Description copied from interface: RemoteDirectory
Test if a connection to the directory server can be established.

Specified by:
testConnection in interface RemoteDirectory
Throws:
OperationFailedException - underlying directory implementation failed to execute the operation.

supportsInactiveAccounts

public boolean supportsInactiveAccounts()
Description copied from interface: RemoteDirectory
Return true if this directory supports inactive users and groups.

Specified by:
supportsInactiveAccounts in interface RemoteDirectory
Returns:
true if the directory supports inactive users and groups

supportsNestedGroups

public boolean supportsNestedGroups()
Description copied from interface: RemoteDirectory
Allows us to only display nested-group related UI for directories that support it.

Specified by:
supportsNestedGroups in interface RemoteDirectory
Returns:
true if the directory can handle having a group added to a group.

isRolesDisabled

public boolean isRolesDisabled()
Description copied from interface: RemoteDirectory
Expose whether the directory has roles disabled. Always true.

Specified by:
isRolesDisabled in interface RemoteDirectory
Returns:
true

getValues

public Set<String> getValues(String key)
Description copied from interface: Attributes
Get all the values associated with a given key. Duplicate values are not allowed, and this should be enforced case-insensitively to match the behaviour of LDAP servers. Will return null if the key does not exist.

Specified by:
getValues in interface Attributes
Parameters:
key - the key to retrieve the values for
Returns:
the values associated with the given key, or null if the key does not exist.

getValue

public String getValue(String key)
Description copied from interface: Attributes
Returns any value associated with the given key, returns null if there is no value.

Specified by:
getValue in interface Attributes
Parameters:
key - the key to retrieve the value for
Returns:
any value associated with the given key, or null if there is no value

getKeys

public Set<String> getKeys()
Description copied from interface: Attributes
Gets all the keys of the attributes. Warning: case-insensitive keys are currently no enforced, however this is the case for LDAP, so this may be implemented in the future.

Specified by:
getKeys in interface Attributes
Returns:
a set of all the keys.

isEmpty

public boolean isEmpty()
Specified by:
isEmpty in interface Attributes
Returns:
true if there are no attributes

getAuthoritativeDirectory

public RemoteDirectory getAuthoritativeDirectory()
Specified by:
getAuthoritativeDirectory in interface RemoteDirectory
Returns:
the directory that is the authoritative source of data for this directory, possibly itself.

getMemberships

public Iterable<Membership> getMemberships()
                                    throws OperationFailedException
Description copied from interface: RemoteDirectory

Get an iterable view of the available group memberships. This may be implemented as a single remote call or separate calls, depending on the directory.

If there is a failure in the underlying retrieval, the iterator may throw Membership.MembershipIterationException at runtime.

If the directory does not have a bulk call interface then a typical implementation would be:

 return new DirectoryMembershipsIterable(this);

Specified by:
getMemberships in interface RemoteDirectory
Returns:
an iterable view of the available group memberships
Throws:
OperationFailedException - if the underlying directory implementation failed to execute the operation
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013 Atlassian. All Rights Reserved.