Depending on your choice of endpoint type, implementing the add operation involves extending AbstractAttributeStyleProcessor and implementing the following methods:
Note: See the CA IAM CS Javadoc in the CA IdentityMinder bookshelf for descriptions of parameters, and the SDK Sample connector for a complete sample implementation.
Implementing AttributeStyle
public void doAdd(final ObjectInfo objInfo,
final Attributes attrs)
throws NamingException
Note: For more information, see com.ca.jcs.processor.OpProcessor.html#doAdd(com.ca.jcs.ObjectInfo,%20javax.naming.directory.Attributes) in the CA IAM CS Javadoc in the CA IdentityMinder bookshelf.
Implementing AssocAttributeProcessor (implementing associations)
public void doModifyAssocs(final ObjectInfo objInfo,
final AssocModificationItem[] items,
final Object context)
throws NamingException
public void addAttrAssocs(final ObjectInfo objInfo,
final Association assoc,
final Attribute attr,
final Object context)
throws NamingException
Implementing doAdd(ObjectInfo objInfo, Attributes attrs) throws NamingException
Consider verifying that an object with the same name does not exist before trying to add the object.
Update the endpoint system to record the object's creation, given a reference to it (objInfo) and the attributes are assigned to it (attrs). If multiple object types can be created, you can distinguish which type is being requested by examining objInfo.getobjectclassMapping().getConnectorClassName(). This yields the connectorMapTo defined in the metadata for this object (that is, the connector terminology representation of the class name). In some cases, the alias or LDAP terminology class name can also be useful in distinguishing which object class is being targeted.
As with all do*() methods in the connector interface, all attribute names, values, and filters have been validated, converted, and mapped to connector-terminology before your method is called.
It is necessary to persist the provided attributes on the endpoint system. For example, a JDBC connector would translate this list into the column names and values in an SQL INSERT clause executed on the endpoint.
To minimize references to LDAP attribute names in your connector code, consider using the values of the connectorMapTo or connectorMapToAlias metadata properties when deciding how to process an object.
To minimize or avoid checks for syntactic validity on attribute values, consider using an attribute validator.
To minimize or avoid manipulating attribute values, consider introducing an attribute converter.
The CA IAM CS SDK includes a library of built-in validators and converters. However you can also write your own and connect them to objectclasses and attributes using metadata definitions.
If your connector handles associations then get the list of associations and handle adding them. The following code snippet shows an example:
// splitAssocAttrs will remove the associations from attrs and return them
assocAttrItems = objInfo.getObjectClassMapping().splitAssocAttrs(attrs);
// create context and implementation of object creation here
// now hand off adding the associations
if (assocAttrItems != null)
doModifyAssocs(objInfo, assocAttrItems, context);
This method is passed a list of modification items, including additions, deletions and replacements. This method is responsible for calling getModificationOp() on each modification item and then handing off the work to addAttrAssocs() or removeAttrAssocs() as appropriate. Use this method if your modification items are not independent of each other (for example, if ordering is significant).
Note: For this release, modifications are limited to additions only.
This method is called to create a single association of the type described by assoc from the objInfo object.
Coupled with objInfo.getName() and attr.get().getValue(), which return the name of the source object and the name of the target association respectively, you can construct the endpoint relationship.
Note: For more information, see com.ca.jcs.assoc.Association in the CA IAM CS Javadoc in the CA IdentityMinder bookshelf.
attr can hold multiple values indicating several relationships of the same type to different target objects. Depending on the capabilities of the endpoint system, issue separate creation statements or a single statement listing multiple parameters.
|
Copyright © 2013 CA.
All rights reserved.
|
|