org.openliberty.arisid
Interface IAddInteraction
- All Superinterfaces:
- IInteraction
- All Known Implementing Classes:
- Interaction
public interface IAddInteraction
- extends IInteraction
An interface to an object used for adding objects through an ArisID provider.
|
Method Summary |
IPrincipalIdentifier |
doAdd(IAttributeValue[] attrVals,
java.lang.String[] roles,
javax.security.auth.Subject user)
Method to allow client code to add a new Identity through the attribute
services. |
boolean |
isAdd()
|
| Methods inherited from interface org.openliberty.arisid.IInteraction |
appendNode, getAttributeDef, getAttributeIds, getAttributePolicyDef, getAttributeRef, getAttributeRefs, getAttributeService, getDescription, getEntityName, getFilter, getInteractionPolicyDef, getNameId, getOperationType, getPredicateDef, getPredicateIds, getPredicatePolicyDef, getPredicateRef, getPredicateRefs, getRoleDef, getRoleIds, getRolePolicyDef, getRoleRef, getRoleRefs, getTransactionPolicy, isCompare, isDelete, isFind, isModify, isRead, isSearch |
isAdd
boolean isAdd()
- Specified by:
isAdd in interface IInteraction
doAdd
IPrincipalIdentifier doAdd(IAttributeValue[] attrVals,
java.lang.String[] roles,
javax.security.auth.Subject user)
throws ConnectionException,
PolicyException,
NoSuchContextException,
SubjectNotUniqueException,
SchemaException,
MappingException,
DeclarationException,
NoSuchSubjectException
- Method to allow client code to add a new Identity through the attribute
services. The IAttrSvcStack will map the correct authority and add the
entity and its values as appropriate.
Note that while the application may view a subject as a new Identity, it
is quite possible that the attribute service will re-map the add to be a
modify function in the event of a record that already exists depending on
configured policy.
- Parameters:
attrVals - An array of IAttributeValue objects defining the
attributes of the Subject to be added. Note: Dynamic policy
constraints may also be specified by adding them to specific
IAttributeValue values.roles - The roles (of the declared roles) that should be set. If a
declared value is not present, that is treated as a clear. A
null value means no changes for roles are to be made.user - the Subject credential under which the add operation is to be
performed or null if the transaction is to be done using the
application credential context alone.
- Returns:
- a principal identifier representing the subject added.
- Throws:
ConnectionException - Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException - Occurs when the add is refused due to policy restrictions
NoSuchContextException - Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
SubjectNotUniqueException - Is thrown when a subject already exists and policy has
determined that the add may not be converted to a modify.
SchemaException - Is thrown when the attributes being added cannot be mapped to
the schema within the attribute authority. This may or may
not indicate a partial add was completed. Exception should
indicate details.
MappingException - Is thrown when an error has occurred mapping attribute values
to the attribute authority schema.
NoSuchSubjectException - if the non-null value of the user parameter does not exist.
DeclarationException - The Interaction was not declared as an Add Interaction.- See Also:
IAttrSvcStack.doAdd(IAddInteraction, IAttributeValue[], String[],
Subject)