Overview  Package   Class  Tree  Deprecated  Index  Help 
SiteMinder
Java SDK r12.51
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.netegrity.sdk.dmsapi
Class SmDmsUser

java.lang.Object
  extended by com.netegrity.sdk.dmsapi.SmDmsObject
      extended by com.netegrity.sdk.dmsapi.SmDmsUser

public class SmDmsUser
extends SmDmsObject

Represents a user within an organization. Users can be end users or administrators.

Since:
SDK 2.0

Field Summary
static int DMSUSER_DISABLED_ADMINDISABLED
          Disabled bits to indicate that the user account is disabled by an administrator.
static int DMSUSER_DISABLED_DISABLEDMASK
          Disabled bits mask.
static int DMSUSER_DISABLED_ENABLED
          Enable the user account.
static int DMSUSER_DISABLED_INACTIVITY
          Disabled bits to indicate that the user account is disabled for inactivity over a period of time.
static int DMSUSER_DISABLED_MAXLOGINFAIL
          Disabled bits to indicate that the user account is disabled for maximum login failures.
static int DMSUSER_DISABLED_PEERDISABLED
          Disabled bits to indicate that the user account is disabled natively in the directory.
static int DMSUSER_DISABLED_PWEXPIRED
          Disabled bits to indicate that the user account is disabled for password expiration.
static int DMSUSER_DISABLED_PWMUSTCHANGE
          Disabled bits to indicate that the user will be forced to change his or her password during the next login.
 
Fields inherited from class com.netegrity.sdk.dmsapi.SmDmsObject
DMSOBJECT_CLASS_DIRECTORY, DMSOBJECT_CLASS_GROUP, DMSOBJECT_CLASS_ORGANIZATION, DMSOBJECT_CLASS_ROLE, DMSOBJECT_CLASS_UNKNOWN, DMSOBJECT_CLASS_USER
 
Method Summary
 SmApiResult addToRole(SmDmsRole role)
          Adds this user to the specified DMS role.
 SmApiResult addToRoleNoAdminCheck(SmDmsRole role)
           
 SmApiResult authenticate(java.lang.String password)
          Authenticates the user.
 SmApiResult authenticateNoAdminCheck(java.lang.String password)
           
 SmApiResult changePassword(java.lang.String newPassword, java.lang.String oldPassword, boolean doNotRequireOldPassword)
          Changes the user's password.
 SmApiResult changePasswordNoAdminCheck(java.lang.String newPassword, java.lang.String oldPassword, boolean doNotRequireOldPassword)
           
 SmApiResult getDisabledState(java.util.Vector disabledState)
          Gets the disabled state of the user account.
 SmApiResult getDisabledStateNoAdminCheck(java.util.Vector disabledState)
           
 SmApiResult getPrivileges(java.util.Hashtable privileges)
          Internal use only.
 SmApiResult getPrivilegesNoAdminCheck(java.util.Hashtable privileges)
           
 SmApiResult getRealmContext(java.lang.String ruleName, java.lang.String ruleDesc, java.util.Vector realmContexts)
          Internal use only.
 SmApiResult getRealmContextNoAdminCheck(java.lang.String ruleName, java.lang.String ruleDesc, java.util.Vector realmContexts)
           
 SmApiResult getRealmPrivileges(java.lang.String realmOID, java.util.Hashtable privileges)
          Internal use only.
 SmApiResult getRealmPrivilegesNoAdminCheck(java.lang.String realmOID, java.util.Hashtable privileges)
           
 SmApiResult getRoles(java.util.Vector roles)
          Gets a list of DMS roles that the user is a member of.
 SmApiResult getRolesNoAdminCheck(java.util.Vector roles)
           
 SmApiResult getUserPWState(SmDmsUserPWState pwState)
          Retrieves the user's password state.
 SmApiResult getUserPWStateNoAdminCheck(SmDmsUserPWState pwState)
           
 SmApiResult removeFromRole(SmDmsRole role)
          Removes this user from the specified DMS role.
 SmApiResult removeFromRoleNoAdminCheck(SmDmsRole role)
           
 SmApiResult setDisable()
          Disables the user account.
 SmApiResult setDisabledState(int disabledState)
          Sets the disabled state of the user account.
 SmApiResult setDisabledStateNoAdminCheck(int disabledState)
           
 SmApiResult setDisableNoAdminCheck()
           
 SmApiResult setEnable()
          Enables the user account.
 SmApiResult setEnableNoAdminCheck()
           
 SmApiResult setPasswordMustChange()
          Forces the user to change his or her password during the next login.
 SmApiResult setPasswordMustChangeNoAdminCheck()
           
 SmApiResult setUserPWState(SmDmsUserPWState pwState)
          Sets the user's password state with any attribute changes made to the passed SmDmsPWState object.
 SmApiResult setUserPWState(SmDmsUserPWState pwState, boolean emptyPWHistory)
          Sets the user's password state with any attribute changes made to the passed SmDmsPWState object.
 SmApiResult setUserPWStateNoAdminCheck(SmDmsUserPWState pwState)
           
 SmApiResult setUserPWStateNoAdminCheck(SmDmsUserPWState pwState, boolean emptyPWHistory)
           
 
Methods inherited from class com.netegrity.sdk.dmsapi.SmDmsObject
addObject, addObjectNoAdminCheck, addToGroup, addToGroupNoAdminCheck, clearAttributes, deleteObject, deleteObjectNoAdminCheck, getApiSession, getAttribute, getAttributes, getClassId, getDmsConfig, getDn, getGroups, getGroups, getGroupsNoAdminCheck, getGroupsNoAdminCheck, getObject, getObject, getObjectNoAdminCheck, getObjectNoAdminCheck, getOrganizationDn, getRealm, getUserDirectory, getVersion, isActiveDir, modifyObject, modifyObjectClass, modifyObjectClassNoAdminCheck, modifyObjectNoAdminCheck, newDmsObject, readAttributes, removeFromGroup, removeFromGroupNoAdminCheck, setActiveDir, setAttribute, setAttributes, setClassId, toString, writeAttributes
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

DMSUSER_DISABLED_DISABLEDMASK

public static final int DMSUSER_DISABLED_DISABLEDMASK
Disabled bits mask.

See Also:
Constant Field Values

DMSUSER_DISABLED_ENABLED

public static final int DMSUSER_DISABLED_ENABLED
Enable the user account.

See Also:
Constant Field Values

DMSUSER_DISABLED_ADMINDISABLED

public static final int DMSUSER_DISABLED_ADMINDISABLED
Disabled bits to indicate that the user account is disabled by an administrator.

See Also:
Constant Field Values

DMSUSER_DISABLED_MAXLOGINFAIL

public static final int DMSUSER_DISABLED_MAXLOGINFAIL
Disabled bits to indicate that the user account is disabled for maximum login failures.

See Also:
Constant Field Values

DMSUSER_DISABLED_INACTIVITY

public static final int DMSUSER_DISABLED_INACTIVITY
Disabled bits to indicate that the user account is disabled for inactivity over a period of time.

See Also:
Constant Field Values

DMSUSER_DISABLED_PWEXPIRED

public static final int DMSUSER_DISABLED_PWEXPIRED
Disabled bits to indicate that the user account is disabled for password expiration.

See Also:
Constant Field Values

DMSUSER_DISABLED_PEERDISABLED

public static final int DMSUSER_DISABLED_PEERDISABLED
Disabled bits to indicate that the user account is disabled natively in the directory.

See Also:
Constant Field Values

DMSUSER_DISABLED_PWMUSTCHANGE

public static final int DMSUSER_DISABLED_PWMUSTCHANGE
Disabled bits to indicate that the user will be forced to change his or her password during the next login.

See Also:
Constant Field Values
Method Detail

getDisabledState

public SmApiResult getDisabledState(java.util.Vector disabledState)
                             throws SmApiException

Gets the disabled state of the user account.

For an example of this method, see setDisabledState().

This method requires an end user session or higher.

Parameters:
disabledState - The disabled state is returned as an Integer in this Vector.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException

getDisabledStateNoAdminCheck

public SmApiResult getDisabledStateNoAdminCheck(java.util.Vector disabledState)
                                         throws SmApiException
Throws:
SmApiException

setDisabledState

public SmApiResult setDisabledState(int disabledState)
                             throws SmApiException

Sets the disabled state of the user account.

Clients that use the disabled reasons should be aware that:
This method requires an organization administrator session or higher.

You can use this method to enable or disable a user. User's can't enable or disable themselves.

Example: 
 SmDmsUser user = org.newUser("uid=developer0,ou=people,o=security.com");
 Vector vDisabledState = new Vector();

 // Get the disabled state.
 SmApiResult result = user.getDisabledState (vDisabledState);
 if (!result.isSuccess())
 {
          // failed
          System.out.println (result.toString());
          return false;
 }

 // The vector will contain a Integer object whose integer value
 // represents the disabled state
 Integer iDisabledState = (Integer)vDisabledState.elementAt (0);

 // Get the integer value
 int disabledState = iDisabledState.intValue();

 // Disable the user as an administrator disabled
 // Preserve the previous disabled state while disabling a user.
 // Clear the previous disabled state while enabling a user.
 disabledState = disabledState | SmDmsUser.DMSUSER_DISABLED_ADMINDISABLED;

 // Set the disabled state
 result = user.setDisabledState (disabledState);
 if (!result.isSuccess())
 {
    // failed to set
    System.out.println (result.toString());
    return false;
 }
 return true;

Parameters:
disabledState - The disabled state to assign to the user account.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException

setDisabledStateNoAdminCheck

public SmApiResult setDisabledStateNoAdminCheck(int disabledState)
                                         throws SmApiException
Throws:
SmApiException

setEnable

public SmApiResult setEnable()
                      throws SmApiException

Enables the user account.

Users can't enable their own accounts.

This method requires an organization administrator session or higher.

Returns:
SmApiResult Result of the request.
Throws:
SmApiException
See Also:
setDisabledState(int)

setEnableNoAdminCheck

public SmApiResult setEnableNoAdminCheck()
                                  throws SmApiException
Throws:
SmApiException

setDisable

public SmApiResult setDisable()
                       throws SmApiException

Disables the user account.

Users can't disable their own accounts.

This method requires an organization administrator session or higher.

Returns:
SmApiResult Result of the request.
Throws:
SmApiException
See Also:
setDisabledState(int)

setDisableNoAdminCheck

public SmApiResult setDisableNoAdminCheck()
                                   throws SmApiException
Throws:
SmApiException

changePassword

public SmApiResult changePassword(java.lang.String newPassword,
                                  java.lang.String oldPassword,
                                  boolean doNotRequireOldPassword)
                           throws SmApiException

Changes the user's password.

This method requires an end user session or higher.

Parameters:
newPassword - New user password.
oldPassword - Old user password.
doNotRequireOldPassword - If true, the password is changed without verifying whether oldPassword matches the user's old password. If false, oldPassword must match the user's old password for the password to be changed.

Returns:
SmApiResult Result of the request.

If the change password request fails, SmApiResult may contain one of the reason codes below. These reason codes indicate a violation of a password policy:

  • 0. No failure reason.
  • 1. Change of password is required.
  • 1000. General failure.
  • 1001. Password is too short.
  • 1002. Password is too long.
  • 1003. The old password is bad.
  • 1004. Password has already been used.
  • 1005. Password is too similar to a previous password.
  • 1006. Password has too many repeating characters.
  • 1007. Password contains a disallowed word from the password dictionary.
  • 1008. Password has too few alphabetic characters.
  • 1009. Password has too few numeric characters.
  • 1010. Password has too few alphanumeric characters.
  • 1011. Password has too few punctuation mark characters.
  • 1012. Password has too few non-printable characters.
  • 1013. Password has too few non-alphanumeric characters.
  • 1014. Password contains text that matches too many consecutive characters in the user's directory entry.
  • 1015. The grace period has been exceeded for allowing user login after the user's password has expired.
  • 1016. PIN is a system-generated PIN.
  • 1017. PIN is too long.
  • 1021. PIN is accepted.
  • 1022. Password has too few lower case letters.
  • 1023. Password has too few upper case letters.
  • 1024. Password cannot contain lower case letters.
  • 1025. Password cannot contain upper case letters.
  • 1026. Password cannot contain digit characters.
  • 1027. Password cannot contain punctuation characters.
  • 1028. Password cannot contain non-printable characters.
  • 1029. Password cannot contain non-alphanumeric characters.
  • 1030. Password cannot contain alphanumeric characters.
  • 1031. Password must not match the disallowed regular expression(s).
  • 1032. Password does not match the required regular expression(s)
  • 1033. PIN is too short.
  • 1034. PIN can contain only digit characters.
  • 1035. PIN can contain only alphanumeric characters.
Throws:
SmApiException

changePasswordNoAdminCheck

public SmApiResult changePasswordNoAdminCheck(java.lang.String newPassword,
                                              java.lang.String oldPassword,
                                              boolean doNotRequireOldPassword)
                                       throws SmApiException
Throws:
SmApiException

getUserPWState

public SmApiResult getUserPWState(SmDmsUserPWState pwState)
                           throws SmApiException

Retrieves the user's password state.

This method requires an end user session or higher.

Parameters:
pwState - The SmDmsPWState object where the retrieved attribute values will be placed.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException
Since:
SDK 6.0

getUserPWStateNoAdminCheck

public SmApiResult getUserPWStateNoAdminCheck(SmDmsUserPWState pwState)
                                       throws SmApiException
Throws:
SmApiException

setUserPWState

public SmApiResult setUserPWState(SmDmsUserPWState pwState)
                           throws SmApiException

Sets the user's password state with any attribute changes made to the passed SmDmsPWState object.

This method requires an organization administrator session or higher.

Parameters:
pwState - The new SmDmsPWState object to set.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException
Since:
SDK 6.0

setUserPWStateNoAdminCheck

public SmApiResult setUserPWStateNoAdminCheck(SmDmsUserPWState pwState)
                                       throws SmApiException
Throws:
SmApiException

setUserPWState

public SmApiResult setUserPWState(SmDmsUserPWState pwState,
                                  boolean emptyPWHistory)
                           throws SmApiException

Sets the user's password state with any attribute changes made to the passed SmDmsPWState object. Optionally, this method also clears the user's password history of all entries.

Note: You cannot retrieve password history or set password history entries.

This method requires an end user session or higher.

Parameters:
pwState - The new SmDmsPWState object to set.
emptyPWHistory - Set to true to clear the password history. If you clear password history, the last-password-change-time attribute is automatically set to 0.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException
Since:
SDK 6.0

setUserPWStateNoAdminCheck

public SmApiResult setUserPWStateNoAdminCheck(SmDmsUserPWState pwState,
                                              boolean emptyPWHistory)
                                       throws SmApiException
Throws:
SmApiException

setPasswordMustChange

public SmApiResult setPasswordMustChange()
                                  throws SmApiException

Forces the user to change his or her password during the next login.

This method requires an end user session or higher.

Returns:
SmApiResult Result of the request.
Throws:
SmApiException

setPasswordMustChangeNoAdminCheck

public SmApiResult setPasswordMustChangeNoAdminCheck()
                                              throws SmApiException
Throws:
SmApiException

authenticate

public SmApiResult authenticate(java.lang.String password)
                         throws SmApiException

Authenticates the user. The result may contain a reason code and message.

This method requires an end user session or higher.

Parameters:
password - Password of this user.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException

authenticateNoAdminCheck

public SmApiResult authenticateNoAdminCheck(java.lang.String password)
                                     throws SmApiException
Throws:
SmApiException

getPrivileges

public SmApiResult getPrivileges(java.util.Hashtable privileges)
                          throws SmApiException
Internal use only.

Throws:
SmApiException

getPrivilegesNoAdminCheck

public SmApiResult getPrivilegesNoAdminCheck(java.util.Hashtable privileges)
                                      throws SmApiException
Throws:
SmApiException

getRealmPrivileges

public SmApiResult getRealmPrivileges(java.lang.String realmOID,
                                      java.util.Hashtable privileges)
                               throws SmApiException
Internal use only.

Throws:
SmApiException

getRealmPrivilegesNoAdminCheck

public SmApiResult getRealmPrivilegesNoAdminCheck(java.lang.String realmOID,
                                                  java.util.Hashtable privileges)
                                           throws SmApiException
Throws:
SmApiException

getRealmContext

public SmApiResult getRealmContext(java.lang.String ruleName,
                                   java.lang.String ruleDesc,
                                   java.util.Vector realmContexts)
                            throws SmApiException
Internal use only.

Throws:
SmApiException

getRealmContextNoAdminCheck

public SmApiResult getRealmContextNoAdminCheck(java.lang.String ruleName,
                                               java.lang.String ruleDesc,
                                               java.util.Vector realmContexts)
                                        throws SmApiException
Throws:
SmApiException

addToRole

public SmApiResult addToRole(SmDmsRole role)
                      throws SmApiException

Adds this user to the specified DMS role.

This method requires an organization administrator session or higher.

Parameters:
role - The role's DN.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException

addToRoleNoAdminCheck

public SmApiResult addToRoleNoAdminCheck(SmDmsRole role)
                                  throws SmApiException
Throws:
SmApiException

removeFromRole

public SmApiResult removeFromRole(SmDmsRole role)
                           throws SmApiException
Removes this user from the specified DMS role.

Parameters:
role - The role's DN.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException

removeFromRoleNoAdminCheck

public SmApiResult removeFromRoleNoAdminCheck(SmDmsRole role)
                                       throws SmApiException
Throws:
SmApiException

getRoles

public SmApiResult getRoles(java.util.Vector roles)
                     throws SmApiException

Gets a list of DMS roles that the user is a member of.

This method requires an end user session or higher.

Parameters:
roles - Vector of Strings in which role DNs will be populated.
Returns:
SmApiResult Result of the request.
Throws:
SmApiException

getRolesNoAdminCheck

public SmApiResult getRolesNoAdminCheck(java.util.Vector roles)
                                 throws SmApiException
Throws:
SmApiException
Overview  Package   Class  Tree  Deprecated  Index  Help 
SiteMinder
Java SDK r12.51
Mon 04/08/2013
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
http://ca.com
Copyright (c) 2013 CA.