org.openliberty.arisid
Interface IAddInteraction
- All Superinterfaces:
- IInteraction
- All Known Implementing Classes:
- Interaction
public interface IAddInteraction
- extends IInteraction
An interface to an object used for adding objects through an ArisID provider.
Method Summary |
IPrincipalIdentifier |
doAdd(IAttributeValue[] attrVals,
java.lang.String[] roles,
javax.security.auth.Subject user)
Method to allow client code to add a new Identity through the attribute
services. |
boolean |
isAdd()
|
Methods inherited from interface org.openliberty.arisid.IInteraction |
appendNode, getAttributeDef, getAttributeIds, getAttributePolicyDef, getAttributeRef, getAttributeRefs, getAttributeService, getDescription, getEntityName, getFilter, getInteractionPolicyDef, getNameId, getOperationType, getPredicateDef, getPredicateIds, getPredicatePolicyDef, getPredicateRef, getPredicateRefs, getRoleDef, getRoleIds, getRolePolicyDef, getRoleRef, getRoleRefs, getTransactionPolicy, isCompare, isDelete, isFind, isModify, isRead, isSearch |
isAdd
boolean isAdd()
- Specified by:
isAdd
in interface IInteraction
doAdd
IPrincipalIdentifier doAdd(IAttributeValue[] attrVals,
java.lang.String[] roles,
javax.security.auth.Subject user)
throws ConnectionException,
PolicyException,
NoSuchContextException,
SubjectNotUniqueException,
SchemaException,
MappingException,
DeclarationException,
NoSuchSubjectException
- Method to allow client code to add a new Identity through the attribute
services. The IAttrSvcStack will map the correct authority and add the
entity and its values as appropriate.
Note that while the application may view a subject as a new Identity, it
is quite possible that the attribute service will re-map the add to be a
modify function in the event of a record that already exists depending on
configured policy.
- Parameters:
attrVals
- An array of IAttributeValue
objects defining the
attributes of the Subject to be added. Note: Dynamic policy
constraints may also be specified by adding them to specific
IAttributeValue values.roles
- The roles (of the declared roles) that should be set. If a
declared value is not present, that is treated as a clear. A
null value means no changes for roles are to be made.user
- the Subject credential under which the add operation is to be
performed or null if the transaction is to be done using the
application credential context alone.
- Returns:
- a principal identifier representing the subject added.
- Throws:
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the add is refused due to policy restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
SubjectNotUniqueException
- Is thrown when a subject already exists and policy has
determined that the add may not be converted to a modify.
SchemaException
- Is thrown when the attributes being added cannot be mapped to
the schema within the attribute authority. This may or may
not indicate a partial add was completed. Exception should
indicate details.
MappingException
- Is thrown when an error has occurred mapping attribute values
to the attribute authority schema.
NoSuchSubjectException
- if the non-null value of the user parameter does not exist.
DeclarationException
- The Interaction was not declared as an Add Interaction.- See Also:
IAttrSvcStack.doAdd(IAddInteraction, IAttributeValue[], String[],
Subject)