com.netegrity.imapi
Interface ServiceProvider

All Known Subinterfaces:

BLTHContext, EventContext, EventROContext, ExposedEventContextInformation, ExposedTaskContextInformation, FieldContext, IMContext, IMPersistentContext, LogicalAttributeContext, NotificationRuleContext, ParticipantResolverContext, ScreenContext, TabControllerContext, TabSequenceContext, WorkflowContext

public interface ServiceProvider

Provides the Identity Manager APIs with access to services such as password and encryption operations.

The ServiceProvider interface is part of the core Identity Manager API architecture. The ...Context object in each Identity Manager API inherits ServiceProvider methods.

Since:

IdentityMinder 5.6

Method Summary

boolean	canUserAdministerGroup(User user, Group group) Deprecated. Deprecated in IdentityMinder 6.0 -- use canUserAdministerGroup().
void	convertLogicalToPhysical(java.util.Vector results) Converts the specified logical attributes to their corresponding physical attributes.
void	convertPhysicalToLogical(java.util.Vector results) Converts the specified physical attributes to their corresponding logical attributes.
java.lang.String	decryptString(java.lang.String toDecrypt) Decrypts a string that was encrypted by the encryptString() method.
java.lang.String	decryptString(java.lang.String key, java.lang.String toDecrypt) Decrypts a string that was encrypted by the encryptString() method.
boolean	doesSupportGroup() Determines whether the current environment supports groups.
boolean	doesSupportOrganization() Determines whether the current environment supports organizations.
java.lang.String	encryptString(java.lang.String toEncrypt) Encrypts a string using the RSA JSafe encryption libarary.
java.lang.String	encryptString(java.lang.String key, java.lang.String toEncrypt) Encrypts a string using the RSA JSafe encryption libarary.
AdminTask	findAdminTask(java.lang.String taskName) Deprecated. Deprecated in IdentityMinder 6.0 -- use findAdminTask().
java.util.Vector	getAllUsersAccessRoles(User user) Deprecated. Deprecated in IdentityMinder 6.0 -- use getAccessRolesMember() on the User object.
java.util.Vector	getGroupAdmins(Group group, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use a getAdmins() method in Group.
java.util.Vector	getGroupMembers(Group group, ObjectType objType, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use a getMembers() method in Group.
java.util.Vector	getGroups(java.util.Vector searchFilter) Deprecated. Deprecated in IdentityMinder 6.0 -- use GroupProvider.
java.util.Vector	getGroupsAdminCanAdminister(User user, Organization org, SearchDepthType scope, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use getGroupsAdminCanAssign().
ManagedObject	getManagedObject(java.lang.String ObjectId, ObjectType objectType, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use ProviderService.
ResultSet	getManagedObjects(Organization org, ObjectType objectType, SearchDepthType scope, java.util.Vector searchFilter, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use ProviderService.
ResultSet	getManagedObjects(Organization org, ObjectType objectType, java.util.Vector searchFilter, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use ProviderService.
Organization	getOrg(ManagedObject mobj) Deprecated. Deprecated in IdentityMinder 6.0 -- use a getOrg() method in ManagedObject. Business logic task handlers can also use getOrg() to retrieve the organization involved in the current task.
java.util.Vector	getOrgMembers(Organization org, ObjectType objType, SearchDepthType scope, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use a getMembers() method in Organization.
Organization	getRootOrg() Retrieves the root organization of the directory.
java.util.Vector	getSubOrgs(Organization org, java.util.Enumeration attributes) Deprecated. Deprecated in IdentityMinder 6.0 -- use a getOrgsInOrg() method in OrganizationProvider.
java.lang.String	getTemporaryPassword(java.lang.String userID) Generates a temporary password for the specified user.
java.lang.String	getTempPassword(User user) Generates a temporary password for the specified user.
boolean	isPasswordValid(User user, PasswordCondition passwordCondition) Deprecated. As of r12, replaced by #validateNewPassword(String)
boolean	isPasswordValid(User user, java.lang.String password, PasswordCondition passwordCondition) Deprecated. As of r12, replaced by #validateNewPassword(String)
boolean	isTopMostOrgWhichTaskIsBoundTo(Organization org, AdminTask adminTask) Deprecated. Deprecated in IdentityMinder 6.0. Tasks are no longer bound to organizations.
java.lang.String	validatePassword(User user) Determine if the password specified in the given User object is an acceptable password for this user.
java.lang.String	validatePassword(User user, java.lang.String password) Determine if a given string would be acceptable as a new password for given user.

Method Detail

getGroups

java.util.Vector getGroups(java.util.Vector searchFilter)
                           throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use GroupProvider.

Retrieves the groups that match the specified search filter. The search filter must comply with the search requirements of the target user directory.

Parameters:

searchFilter - The search criteria.

Returns:

The group objects that match the search criteria.

Throws:

java.lang.Exception

getGroupMembers

java.util.Vector getGroupMembers(Group group,
                                 ObjectType objType,
                                 java.util.Enumeration attributes)
                                 throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use a getMembers() method in Group.

Retrieves the members of the specified group.

Parameters:

group - The group whose members are being retrieved.

objType - The type of objects in the group.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

The members of the group.

Throws:

java.lang.Exception

getGroupAdmins

java.util.Vector getGroupAdmins(Group group,
                                java.util.Enumeration attributes)
                                throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use a getAdmins() method in Group.

Retrieves the administrators who are authorized to manage the specified group.

Parameters:

group - The group in question.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

The administrators who can manage the group.

Throws:

java.lang.Exception

getOrgMembers

java.util.Vector getOrgMembers(Organization org,
                               ObjectType objType,
                               SearchDepthType scope,
                               java.util.Enumeration attributes)
                               throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use a getMembers() method in Organization.

Retrieves the members of a given type in the specified organization.

Parameters:

org - The organization whose members are being retrieved.

objType - The type of object to retrieve from the organization.

scope - The organization level(s) to search -- that is, search only the organization specified in org, or search that organization and all of its children.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

The members of a given type in the organization.

Throws:

java.lang.Exception

getManagedObjects

ResultSet getManagedObjects(Organization org,
                            ObjectType objectType,
                            java.util.Vector searchFilter,
                            java.util.Enumeration attributes)
                            throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use ProviderService.

Retrieves the managed objects of a given type in the specified organization.

The searchFilter parameter lets you limit the search result to a defined subset of the managed objects. The search filter must comply with the search requirements of the target user directory. The following example creates a search filter and adds it to the Vector of search filters. The Vector can then be passed to the method:

      SearchExpression exp = new SearchExpression("AcountName",
                                                  OperatorType.EQUALS,
                                                  "jen*" );
      Vector searchFilter = new Vector();
      searchFilter.addElement(exp); 

Parameters:

org - The organization to search.

objectType - The type of managed object to retrieve from the organization.

searchFilter - The search criteria that let you retrieve a subset of managed objects of the specified type. This parameter is a Vector of SearchExpression objects.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

The managed objects in the specified organization that match the search criteria.

Throws:

java.lang.Exception

getManagedObjects

ResultSet getManagedObjects(Organization org,
                            ObjectType objectType,
                            SearchDepthType scope,
                            java.util.Vector searchFilter,
                            java.util.Enumeration attributes)
                            throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use ProviderService.

Retrieves the managed objects of a given type in the specified organization and within the specified scope.

The searchFilter parameter lets you limit the search result to a defined subset of the managed objects. The search filter must comply with the search requirements of the target user directory. For an example of creating a search filter and adding it to the searchFilter Vector, see getManagedObjects().

Parameters:

org - The organization to search.

objectType - The type of managed object to retrieve from the organization.

scope - The organization level(s) to search -- that is, search only the organization specified in org, or search that organization and all of its children.

searchFilter - The search criteria that let you retrieve a subset of managed objects of the specified type. This parameter is a Vector of SearchExpression objects.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

The managed objects in the specified organization that match the search criteria.

Throws:

java.lang.Exception

getManagedObject

ManagedObject getManagedObject(java.lang.String ObjectId,
                               ObjectType objectType,
                               java.util.Enumeration attributes)
                               throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use ProviderService.

Retrieves the specified managed object.

Parameters:

ObjectId - The unique ID of the managed object to retieve.

objectType - The type of managed object to retrieve.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed object. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of the returned object.

Returns:

The specified managed object.

Throws:

java.lang.Exception

canUserAdministerGroup

boolean canUserAdministerGroup(User user,
                               Group group)
                               throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use canUserAdministerGroup().

Determines whether the specified administrator can manage a particular group.

Parameters:

user - The administrator in question.

group - The group that the administrator may be allowed to manage.

Returns:

true if the administrator can manage the group, or false otherwise.

Throws:

java.lang.Exception

getGroupsAdminCanAdminister

java.util.Vector getGroupsAdminCanAdminister(User user,
                                             Organization org,
                                             SearchDepthType scope,
                                             java.util.Enumeration attributes)
                                             throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use getGroupsAdminCanAssign().

Retrieves the groups that the specified administrator can manage in a particular organization.

Parameters:

user - The administrator in question.

org - The organization where the groups are located.

scope - The organization level(s) to search -- that is, search only the organization specified in org, or search that organization and all of its children.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

The groups that the administrator can manage in the organization.

Throws:

java.lang.Exception

isPasswordValid

boolean isPasswordValid(User user,
                        PasswordCondition passwordCondition)
                        throws java.lang.Exception

Deprecated. As of r12, replaced by #validateNewPassword(String)

Determines whether the password attribute for the specified user is a valid password. The determination is made based on SiteMinder password policies.

Parameters:

user - The user whose password is being validated.

passwordCondition - If the password is invalid, this output parameter returns with a password condition object that includes the reason that the error is invalid and, if applicable, a condition code that lets you retrieve the password attribute value that violates the password policy.

Returns:

true if the password is valid, or false otherwise.

Throws:

java.lang.Exception

isPasswordValid

boolean isPasswordValid(User user,
                        java.lang.String password,
                        PasswordCondition passwordCondition)
                        throws java.lang.Exception

Deprecated. As of r12, replaced by #validateNewPassword(String)

Determines whether the specified password is valid for the specified user. The determination is made based on SiteMinder password policies.

Parameters:

user - The user whose password is being validated.

password - The password to validate.

passwordCondition - If the password is invalid, this output parameter returns with a password condition object that includes the reason that the error is invalid and, if applicable, a condition code that lets you retrieve the password attribute value that violates the password policy.

Returns:

true if the password is valid, or false otherwise.

Throws:

java.lang.Exception

validatePassword

java.lang.String validatePassword(User user)
                                  throws java.lang.Exception,
                                         PasswordPolicyException

Determine if the password specified in the given User object is an acceptable password for this user. The result can be a factor of such things as password policies, business rules, etc. This method will throw an exception if the password is invalid. Some password policies may transform a password (for example, to remove whitespace). The valid transformed password is returned.

Parameters:

newPassword - Proposed password value to check

Returns:

The valid transformed password

Throws:

SmApiException - An exception occurred while trying to validate the password.

PasswordPolicyException - The proposed password is not valid. This exception contains a PasswordCondition object that is populated with information on why a proposed password could not be validated.

java.lang.Exception

validatePassword

java.lang.String validatePassword(User user,
                                  java.lang.String password)
                                  throws java.lang.Exception,
                                         PasswordPolicyException

Determine if a given string would be acceptable as a new password for given user. The result can be a factor of such things as password policies, business rules, etc. This method will throw an exception if the password is invalid. Some password policies may transform a password (for example, to remove whitespace). The valid transformed password is returned.

Parameters:

newPassword - Proposed password value to check

Returns:

The valid transformed password

Throws:

SmApiException - An exception occurred while trying to validate the password.

PasswordPolicyException - The proposed password is not valid. This exception contains a PasswordCondition object that is populated with information on why a proposed password could not be validated.

java.lang.Exception

getTempPassword

java.lang.String getTempPassword(User user)
                                 throws java.lang.Exception

Generates a temporary password for the specified user. This method does not reset the user's password.

Parameters:

user - The user for whom a temporary password is being generated.

Returns:

The temporary password.

Throws:

java.lang.Exception

isTopMostOrgWhichTaskIsBoundTo

boolean isTopMostOrgWhichTaskIsBoundTo(Organization org,
                                       AdminTask adminTask)
                                       throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0. Tasks are no longer bound to organizations.

Determines whether the specified organization is the topmost organization where the specified task can possibly be executed.

Parameters:

org - The organization in question.

adminTask - The admin task in question.

Returns:

true if the organization is the topmost organization where the task can be executed, or false otherwise.

Throws:

java.lang.Exception

getAllUsersAccessRoles

java.util.Vector getAllUsersAccessRoles(User user)
                                        throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use getAccessRolesMember() on the User object.

Retrieves all of a user's access roles.

Parameters:

user - The user whose access roles are being retrieved.

Returns:

The user's access roles.

Throws:

java.lang.Exception

getSubOrgs

java.util.Vector getSubOrgs(Organization org,
                            java.util.Enumeration attributes)
                            throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use a getOrgsInOrg() method in OrganizationProvider.

Retrieves all of an organization's child organizations.

Parameters:

org - The organization to search for child organizations.

attributes - An enumeration that lets you specify the attributes that you want to be available in the returned managed objects. To make all attributes available, pass null in this parameter. If this parameter is empty, the only available attribute will be the unique name of each returned object.

Returns:

Child organizations of the specified organization.

Throws:

java.lang.Exception

getOrg

Organization getOrg(ManagedObject mobj)
                    throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use a getOrg() method in ManagedObject. Business logic task handlers can also use getOrg() to retrieve the organization involved in the current task.

Retrieves the organization where the specified managed object resides.

Parameters:

mobj - The managed object in question.

Returns:

The organization of the managed object.

Throws:

java.lang.Exception

findAdminTask

AdminTask findAdminTask(java.lang.String taskName)
                        throws java.lang.Exception

Deprecated. Deprecated in IdentityMinder 6.0 -- use findAdminTask().

Retrieves the specified admin task.

Parameters:

taskName - The name of the admin task.

Returns:

The admin task object.

Throws:

java.lang.Exception

encryptString

java.lang.String encryptString(java.lang.String toEncrypt)
                               throws java.lang.Exception

Encrypts a string using the RSA JSafe encryption libarary.

The encryptString() and decryptString() methods use the same hard-coded encryption functionality in all cases. There is no mechanism provided for encryption key management.

Parameters:

toEncrypt - The string to encrypt.

Returns:

The encrypted string.

Throws:

java.lang.Exception

Since:

Identity Manager 8.1

encryptString

java.lang.String encryptString(java.lang.String key,
                               java.lang.String toEncrypt)
                               throws java.lang.Exception

Encrypts a string using the RSA JSafe encryption libarary.

The encryptString() and decryptString() methods use the same hard-coded encryption functionality in all cases.

Parameters:

key - The encryption key.

toEncrypt - The string to encrypt.

Returns:

The encrypted string.

Throws:

java.lang.Exception

Since:

Identity Manager 8.1

decryptString

java.lang.String decryptString(java.lang.String toDecrypt)
                               throws java.lang.Exception

Decrypts a string that was encrypted by the encryptString() method. The RSA JSafe encryption library is used to decrypt the string.

The encryptString() and decryptString() methods use the same hard-coded encryption functionality in all cases. There is no mechanism provided for encryption key management.

Parameters:

toDecrypt - The string to decrypt.

Returns:

The decrypted string.

Throws:

java.lang.Exception

Since:

Identity Manager 8.1

decryptString

java.lang.String decryptString(java.lang.String key,
                               java.lang.String toDecrypt)
                               throws java.lang.Exception

Decrypts a string that was encrypted by the encryptString() method. The RSA JSafe encryption library is used to decrypt the string.

The encryptString() and decryptString() methods use the same hard-coded encryption functionality in all cases. There is no mechanism provided for encryption key management.

Parameters:

key - The encryption key.

toDecrypt - The string to decrypt.

Returns:

The decrypted string.

Throws:

java.lang.Exception

Since:

Identity Manager 8.1

getTemporaryPassword

java.lang.String getTemporaryPassword(java.lang.String userID)
                                      throws java.lang.Exception

Generates a temporary password for the specified user.

Use this method to generate a temporary password after a Forgotten Password task is submitted. Call the method in a logical attribute handler to generate the temporary password and display it on the screen.

Parameters:

userID - The user's ID.

Returns:

The temporary password.

Throws:

java.lang.Exception

getRootOrg

Organization getRootOrg()
                        throws java.lang.Exception

Retrieves the root organization of the directory.

Returns:

The root organization.

Throws:

java.lang.Exception

Since:

IdentityMinder 6.0

doesSupportOrganization

boolean doesSupportOrganization()
                                throws java.lang.Exception

Determines whether the current environment supports organizations.

Returns:

true if the current environment supports organizations, or false otherwise.

Throws:

java.lang.Exception

Since:

IdentityMinder 6.0

doesSupportGroup

boolean doesSupportGroup()
                         throws java.lang.Exception

Determines whether the current environment supports groups.

Returns:

true if the current environment supports groups, or false otherwise.

Throws:

java.lang.Exception

Since:

Framework 1.0

convertLogicalToPhysical

void convertLogicalToPhysical(java.util.Vector results)
                              throws java.lang.Exception

Converts the specified logical attributes to their corresponding physical attributes.

Parameters:

results - The list of logical attributes to convert to physical attributes.

Throws:

java.lang.Exception

Since:

IdentityMinder 6.0

convertPhysicalToLogical

void convertPhysicalToLogical(java.util.Vector results)
                              throws java.lang.Exception

Converts the specified physical attributes to their corresponding logical attributes.

Parameters:

results - The list of physical attributes to convert to logical attributes.

Throws:

java.lang.Exception

Since:

IdentityMinder 6.0