|
Project Aristotle - ArisID Attribute Services | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.openliberty.arisid.Interaction
public class Interaction
An Interaction is used to define a single transaction operation and its
related schema. The Interaction object is also used to invoke the desired
operations implemented by the IAttrSvcStack
provider.
Field Summary | |
---|---|
static int |
OP_ADD
A constant indicating that an Interaction is an Add operation. |
static int |
OP_COMPARE
A constant indicating that the Interaction is for a Compare operation. |
static int |
OP_DELETE
A constant indicating that an Interaction is a Delete operation. |
static int |
OP_FIND
A constant indicating that an Interaction is for a Find operation. |
static int |
OP_MODIFY
A constant indicating that an Interaction is a Modify operation. |
static int |
OP_READ
A constant indicating that an Interaction is a Read operation. |
static int |
OP_SEARCH
A constant indicating that the Interaction is for a Search operation. |
Method Summary | |
---|---|
org.w3c.dom.Node |
appendNode(org.w3c.dom.Node parent)
|
IPrincipalIdentifier |
doAdd(IAttributeValue[] attrVals,
java.lang.String[] roles,
javax.security.auth.Subject user)
Method to allow client code to add a new Identity through the attribute services. |
boolean |
doCompare(IPrincipalIdentifier subjectIdentifierKey,
java.util.List<IAttributeValue> attrFilterVals,
javax.security.auth.Subject user)
The compareIdentity method is used to test a set of PredicateDef conditions (declared in the Interaction) against a subject user and return a boolean response. |
void |
doDelete(IPrincipalIdentifier subjectIdentifierKey,
IPolicy dynamicConstraints,
javax.security.auth.Subject user)
Method to delete a subject from the attribute service. |
void |
doDelete(IPrincipalIdentifier subjectIdentifierKey,
javax.security.auth.Subject user)
Method to delete a subject from the attribute service. |
IDigitalSubject |
doFind(java.util.List<IAttributeValue> attrFilterVals,
java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap,
javax.security.auth.Subject user)
Method to find a single subject. |
IDigitalSubject |
doFind(java.util.List<IAttributeValue> attrFilterVals,
javax.security.auth.Subject user)
Method to find a single subject. |
IDigitalSubject |
doGet(IPrincipalIdentifier subjectIdentifierKey,
java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap,
javax.security.auth.Subject user)
The getIdentity method is used to retrieve attributes and properties about individuals based on the declared interaction and a subject index value. |
IDigitalSubject |
doGet(IPrincipalIdentifier subjectIdentifierKey,
javax.security.auth.Subject user)
The getIdentity method is used to retrieve attributes and properties about individuals based on the declared interaction and a subject index value. |
IDigitalSubject |
doGetByRequest(javax.servlet.http.HttpServletRequest request,
java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap,
javax.security.auth.Subject user)
This getIdentityByServletReq allows the attribute service to locate information using content from the ServletRequest object such as form input, or SAML assertions to process a lookup defined in the Interaction. |
IDigitalSubject |
doGetByRequest(javax.servlet.http.HttpServletRequest request,
javax.security.auth.Subject user)
This getIdentityByServletReq allows the attribute service to locate information using content from the ServletRequest object such as form input, or SAML assertions to process a lookup defined in the Interaction. |
void |
doModify(IPrincipalIdentifier subjectIdentifierKey,
IAttributeValue[] modVals,
java.lang.String[] roleVals,
javax.security.auth.Subject user)
The modify method allows attributes of a Subject to be modified within the attribute service. |
IResultSet |
doSearch(java.util.List<IAttributeValue> attrFilterVals,
java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap,
javax.security.auth.Subject user)
The search operation can be used for reporting purposes to locate a set of subjects that match a particular condition. |
IResultSet |
doSearch(java.util.List<IAttributeValue> attrFilterVals,
javax.security.auth.Subject user)
The search operation can be used for reporting purposes to locate a set of subjects that match a particular condition. |
AttributeDef |
getAttributeDef(java.lang.String nameId)
Get an AttributeDef used in an Interaction. |
java.util.Set<java.lang.String> |
getAttributeIds()
|
IPolicy |
getAttributePolicyDef(java.lang.String attrNameId)
|
AttributeRef |
getAttributeRef(java.lang.String nameId)
|
java.util.Collection<AttributeRef> |
getAttributeRefs()
|
ArisIdService |
getAttributeService()
|
java.lang.String |
getDescription()
|
java.lang.String |
getEntityName()
|
Filter |
getFilter()
|
IPolicy |
getInteractionPolicyDef()
|
int |
getMaxReturns()
Gets the maximum count of subjects that the client expects to process. |
java.lang.String |
getNameId()
|
int |
getOperationType()
|
int |
getPageSize()
Preferred page size for those service providers that can optimize traffic and buffering. |
PredicateDef |
getPredicateDef(java.lang.String name)
Returns a PredicateDef used in an Interaction |
java.util.Set<java.lang.String> |
getPredicateIds()
|
IPolicy |
getPredicatePolicyDef(java.lang.String predNameId)
|
PredicateRef |
getPredicateRef(java.lang.String nameId)
|
java.util.Collection<PredicateRef> |
getPredicateRefs()
|
RoleDef |
getRoleDef(java.lang.String name)
|
java.util.Set<java.lang.String> |
getRoleIds()
|
IPolicy |
getRolePolicyDef(java.lang.String roleNameId)
|
RoleRef |
getRoleRef(java.lang.String nameId)
|
java.util.Collection<RoleRef> |
getRoleRefs()
|
IPolicy |
getTransactionPolicy()
|
boolean |
isAdd()
|
boolean |
isCompare()
|
boolean |
isDelete()
|
boolean |
isFind()
|
boolean |
isModify()
|
boolean |
isRead()
|
boolean |
isSearch()
|
java.lang.String |
toString()
|
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final int OP_READ
public static final int OP_MODIFY
public static final int OP_ADD
public static final int OP_DELETE
public static final int OP_FIND
public static final int OP_SEARCH
public static final int OP_COMPARE
Method Detail |
---|
public org.w3c.dom.Node appendNode(org.w3c.dom.Node parent)
appendNode
in interface IInteraction
public ArisIdService getAttributeService()
getAttributeService
in interface IInteraction
public AttributeDef getAttributeDef(java.lang.String nameId)
getAttributeDef
in interface IInteraction
nameId
- of an AttibuteDef (baseAttribute.getNameId()
).
AttributeDef
public java.util.Set<java.lang.String> getAttributeIds()
getAttributeIds
in interface IInteraction
public java.util.Collection<AttributeRef> getAttributeRefs()
getAttributeRefs
in interface IInteraction
public AttributeRef getAttributeRef(java.lang.String nameId)
getAttributeRef
in interface IInteraction
public PredicateDef getPredicateDef(java.lang.String name)
getPredicateDef
in interface IInteraction
name
- of a PredicateDef (baseAttribute.getNameId()
).
PredicateDef
public java.util.Set<java.lang.String> getPredicateIds()
getPredicateIds
in interface IInteraction
public java.util.Collection<PredicateRef> getPredicateRefs()
getPredicateRefs
in interface IInteraction
public PredicateRef getPredicateRef(java.lang.String nameId)
getPredicateRef
in interface IInteraction
public RoleDef getRoleDef(java.lang.String name)
getRoleDef
in interface IInteraction
public java.util.Set<java.lang.String> getRoleIds()
getRoleIds
in interface IInteraction
public java.util.Collection<RoleRef> getRoleRefs()
getRoleRefs
in interface IInteraction
public RoleRef getRoleRef(java.lang.String nameId)
getRoleRef
in interface IInteraction
public Filter getFilter()
getFilter
in interface IInteraction
public java.lang.String getDescription()
getDescription
in interface IInteraction
public int getOperationType()
getOperationType
in interface IInteraction
public java.lang.String getNameId()
getNameId
in interface IInteraction
String
name of the Interaction.public IPolicy getTransactionPolicy()
getTransactionPolicy
in interface IInteraction
public int getMaxReturns()
ISearchInteraction
getMaxReturns
in interface ISearchInteraction
public int getPageSize()
ISearchInteraction
getPageSize
in interface ISearchInteraction
public boolean isAdd()
isAdd
in interface IAddInteraction
isAdd
in interface IInteraction
public boolean isFind()
isFind
in interface IFindInteraction
isFind
in interface IInteraction
public boolean isCompare()
isCompare
in interface ICompareInteraction
isCompare
in interface IInteraction
public boolean isDelete()
isDelete
in interface IDeleteInteraction
isDelete
in interface IInteraction
public boolean isModify()
isModify
in interface IInteraction
isModify
in interface IModifyInteraction
public boolean isSearch()
isSearch
in interface IInteraction
isSearch
in interface ISearchInteraction
public boolean isRead()
isRead
in interface IInteraction
isRead
in interface IReadInteraction
public IPrincipalIdentifier doAdd(IAttributeValue[] attrVals, java.lang.String[] roles, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException, NoSuchSubjectException
IAddInteraction
doAdd
in interface IAddInteraction
attrVals
- An array of IAttributeValue
objects defining the
attributes of the Subject to be added. Note: Dynamic policy
constraints may also be specified by adding them to specific
IAttributeValue values.roles
- The roles (of the declared roles) that should be set. If a
declared value is not present, that is treated as a clear. A
null value means no changes for roles are to be made.user
- the Subject credential under which the add operation is to be
performed or null if the transaction is to be done using the
application credential context alone.
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the add is refused due to policy restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
SubjectNotUniqueException
- Is thrown when a subject already exists and policy has
determined that the add may not be converted to a modify.
SchemaException
- Is thrown when the attributes being added cannot be mapped to
the schema within the attribute authority. This may or may
not indicate a partial add was completed. Exception should
indicate details.
MappingException
- Is thrown when an error has occurred mapping attribute values
to the attribute authority schema.
DeclarationException
- The Interaction was not declared as an Add Interaction.
NoSuchSubjectException
- if the non-null value of the user parameter does not exist.IAttrSvcStack.doAdd(IAddInteraction, IAttributeValue[], String[],
Subject)
public IDigitalSubject doFind(java.util.List<IAttributeValue> attrFilterVals, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, DeclarationException, InvalidFilterException, SchemaException, MappingException
IFindInteraction
doFind
in interface IFindInteraction
attrFilterVals
- An array of IFilterValue
and/or
IAttributeValue
objects that specify the comparison
values for any AttrFilter objects contained in the declared
filter for the transaction. The number of values specified
must correspond exactly to the number specified in the
declared filter. Use Filter.getCompareAttrValues()
to
obtain the values that need to be set.IFilterValue
allows for the capability for runtime
setting of the comparison operator (contains, beginswith,
etc).user
- The security credential under which the operation is to be
performed
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the authentication is refused due to policy
restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
NoSuchSubjectException
- Occurs when no Subject was located for the authenticate
operation.
SubjectNotUniqueException
- Occurs when the when more than one Subject is located and
could not be uniquely authenticated.
DeclarationException
- The interaction was not declared as a Authenticate
Interaction.
InvalidFilterException
- There is a problem with the declared filter or the provided
filter values.
SchemaException
- is thrown when a filter or role cannot be matched or used
appropriately.
MappingException
- is thrown when an error has occurred in mapping a filter or
role to an appropriate search filter or in mapping a result.public IDigitalSubject doFind(java.util.List<IAttributeValue> attrFilterVals, java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, DeclarationException, InvalidFilterException, SchemaException, MappingException
IFindInteraction
doFind
in interface IFindInteraction
attrFilterVals
- An array of IFilterValue
and/or
IAttributeValue
objects that specify the comparison
values for any AttrFilter objects contained in the declared
filter for the transaction. The number of values specified
must correspond exactly to the number specified in the
declared filter. Use Filter.getCompareAttrValues()
to
obtain the values that need to be set.IFilterValue
allows for the capability for runtime
setting of the comparison operator (contains, beginswith,
etc).dynamicConstraintsMap
- A map containing a set of dynamic constraints relevant to the
transaction. The map index is either an attribute, predicate,
or role name, or interaction name (to define policy at the
interaction level). This parameter is used for things like
specifying a localization constraint on an attribute.user
- The security credential under which the operation is to be
performed
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the authentication is refused due to policy
restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
NoSuchSubjectException
- Occurs when no Subject was located for the authenticate
operation.
SubjectNotUniqueException
- Occurs when the when more than one Subject is located and
could not be uniquely authenticated.
DeclarationException
- The interaction was not declared as a Authenticate
Interaction.
InvalidFilterException
- There is a problem with the declared filter or the provided
filter values.
SchemaException
- is thrown when a filter or role cannot be matched or used
appropriately.
MappingException
- is thrown when an error has occurred in mapping a filter or
role to an appropriate search filter or in mapping a result.public boolean doCompare(IPrincipalIdentifier subjectIdentifierKey, java.util.List<IAttributeValue> attrFilterVals, javax.security.auth.Subject user) throws IGFException
ICompareInteraction
It is anticipated that this method is the preferred method of querying since it reduces information actually transferred from federated attribute sources.
doCompare
in interface ICompareInteraction
subjectIdentifierKey
- the unique subject to be comparedattrFilterVals
- An array of AIAttributeValue
or IFilterValue
objects that specify the comparison values for any AttrFilter
objects contained in the declared filter for the transaction.
The number of values specified must correspond exactly to the
number specified in the declared filter. Use
Filter.getCompareAttrValues()
to obtain the values
that need to be set. Note: Dynamic policy constraints may also
be specified by adding them to specific IAttributeValue
values.user
- the credential context performing the compare or null if the
transaction is to be done using the application credential
context alone.
IGFException
IAttrSvcStack.doCompare(ICompareInteraction, IPrincipalIdentifier,
List, Subject)
public void doDelete(IPrincipalIdentifier subjectIdentifierKey, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, DeclarationException
IDeleteInteraction
doDelete
in interface IDeleteInteraction
subjectIdentifierKey
- the subject to be deleteduser
- The Subject credential under which the delete operation is to
be performed or null if the transaction is to be done using
the application credential context alone.
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the delete is refused due to policy restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
NoSuchSubjectException
- Occurs when no Subject was located for the delete operation.
SubjectNotUniqueException
- Occurs when the delete would impact more than one Subject.
DeclarationException
- The interaction was not declared as a Delete Interaction.public void doDelete(IPrincipalIdentifier subjectIdentifierKey, IPolicy dynamicConstraints, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, DeclarationException
IDeleteInteraction
doDelete
in interface IDeleteInteraction
subjectIdentifierKey
- the subject to be deleteddynamicConstraints
- A IPolicy object containing any transaction related
constraints or null.user
- The Subject credential under which the delete operation is to
be performed or null if the transaction is to be done using
the application credential context alone.
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the delete is refused due to policy restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
NoSuchSubjectException
- Occurs when no Subject was located for the delete operation.
SubjectNotUniqueException
- Occurs when the delete would impact more than one Subject.
DeclarationException
- The interaction was not declared as a Delete Interaction.public IDigitalSubject doGet(IPrincipalIdentifier subjectIdentifierKey, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException
IReadInteraction
doGet
in interface IReadInteraction
subjectIdentifierKey
- the unique of the user to be retrieveduser
- the credential context performing the read or null if the
transaction is to be done using the application credential
context alone.
ConnectionException
- is thrown when a network or other connection problem has
occurred causing the transaction to fail.
PolicyException
- is thrown when the the transaction has failed due to policy
or consent failure.
NoSuchContextException
- is thrown when the subject cannot be mapped to an available
context. This is usually suggestive of a configuration
problem.
NoSuchSubjectException
- is thrown when the user cannot be mapped within a context to
perform the operation.
SubjectNotUniqueException
- is thrown when the subject or user cannot be uniquely mapped
to a single context or is not unique within a context.
SchemaException
- is thrown when an attribute is not successfully matched to a
context. This can be due to a missing attribute or a
non-compatible syntax error.
MappingException
- is thrown when an error has occurred in mapping a value to a
particular schema. In this case, the schema was valid, but
the value was either invalid or not mappable.
DeclarationException
IAttrSvcStack.doRead(IReadInteraction, IPrincipalIdentifier, Map,
Subject)
public IDigitalSubject doGet(IPrincipalIdentifier subjectIdentifierKey, java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException
IReadInteraction
doGet
in interface IReadInteraction
subjectIdentifierKey
- the unique of the user to be retrieveddynamicConstraintsMap
- A map containing a set of dynamic constraints relevant to the
transaction. The map index is either an attribute, predicate,
or role name, or interaction name (to define policy at the
interaction level). This parameter is used for things like
specifying a localization constraint on an attribute.user
- the credential context performing the read or null if the
transaction is to be done using the application credential
context alone.
ConnectionException
- is thrown when a network or other connection problem has
occurred causing the transaction to fail.
PolicyException
- is thrown when the the transaction has failed due to policy
or consent failure.
NoSuchContextException
- is thrown when the subject cannot be mapped to an available
context. This is usually suggestive of a configuration
problem.
NoSuchSubjectException
- is thrown when the user cannot be mapped within a context to
perform the operation.
SubjectNotUniqueException
- is thrown when the subject or user cannot be uniquely mapped
to a single context or is not unique within a context.
SchemaException
- is thrown when an attribute is not successfully matched to a
context. This can be due to a missing attribute or a
non-compatible syntax error.
MappingException
- is thrown when an error has occurred in mapping a value to a
particular schema. In this case, the schema was valid, but
the value was either invalid or not mappable.
DeclarationException
IAttrSvcStack.doRead(IReadInteraction, IPrincipalIdentifier, Map,
Subject)
public IDigitalSubject doGetByRequest(javax.servlet.http.HttpServletRequest request, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException
IReadInteraction
doGetByRequest
in interface IReadInteraction
request
- the ServletRequest
object to be parsed for a Subject
contextuser
- the credential context performing the read or null if the
transaction is to be done using the application credential
context alone.
ConnectionException
- is thrown when a network or other connection problem has
occurred causing the transaction to fail.
PolicyException
- is thrown when the the transaction has failed due to policy
or consent failure.
NoSuchContextException
- is thrown when the subject cannot be mapped to an available
context. This is usually suggestive of a configuration
problem.
NoSuchSubjectException
- is thrown when the user cannot be mapped within a context to
perform the operation.
SubjectNotUniqueException
- is thrown when the subject or user cannot be uniquely mapped
to a single context or is not unique within a context.
SchemaException
- is thrown when an attribute is not successfully matched to a
context. This can be due to a missing attribute or a
non-compatible syntax error.
MappingException
- is thrown when an error has occurred in mapping a value to a
particular schema. In this case, the schema was valid, but
the value was either invalid or not mappable.
DeclarationException
IAttrSvcStack.doRead(IReadInteraction, HttpServletRequest, Map,
Subject)
public IDigitalSubject doGetByRequest(javax.servlet.http.HttpServletRequest request, java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException
IReadInteraction
doGetByRequest
in interface IReadInteraction
request
- the ServletRequest
object to be parsed for a Subject
contextdynamicConstraintsMap
- A map containing a set of dynamic constraints relevant to the
transaction. The map index is either an attribute, predicate,
or role name, or interaction name (to define policy at the
interaction level). This parameter is used for things like
specifying a localization constraint on an attribute.user
- the credential context performing the read or null if the
transaction is to be done using the application credential
context alone.
ConnectionException
- is thrown when a network or other connection problem has
occurred causing the transaction to fail.
PolicyException
- is thrown when the the transaction has failed due to policy
or consent failure.
NoSuchContextException
- is thrown when the subject cannot be mapped to an available
context. This is usually suggestive of a configuration
problem.
NoSuchSubjectException
- is thrown when the user cannot be mapped within a context to
perform the operation.
SubjectNotUniqueException
- is thrown when the subject or user cannot be uniquely mapped
to a single context or is not unique within a context.
SchemaException
- is thrown when an attribute is not successfully matched to a
context. This can be due to a missing attribute or a
non-compatible syntax error.
MappingException
- is thrown when an error has occurred in mapping a value to a
particular schema. In this case, the schema was valid, but
the value was either invalid or not mappable.
DeclarationException
IAttrSvcStack.doRead(IReadInteraction, HttpServletRequest, Map,
Subject)
public IResultSet doSearch(java.util.List<IAttributeValue> attrFilterVals, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException, InvalidFilterException
doSearch
in interface ISearchInteraction
attrFilterVals
- An array of IAttributeValue
objects that specify the
comparison values for any AttrFilter objects contained in the
declared filter for the transaction. The number of values
specified must correspond exactly to the number specified in
the declared filter. Use Filter.getCompareAttrValues()
to obtain the values that need to be set.user
- The security context of the user performing the search or
null.
IResultSet
of entries that were found in the search.
ConnectionException
- is thrown when a network or other connection problem has
occurred causing the transaction to fail.
PolicyException
- is thrown when the the transaction has failed due to policy
or consent failure.
NoSuchContextException
- is thrown when the subject cannot be mapped to an available
context. This is usually suggestive of a configuration
problem.
NoSuchSubjectException
- is thrown when the user cannot be mapped within a context to
perform the operation.
SubjectNotUniqueException
- is thrown when the subject or user cannot be uniquely mapped
to a single context or is not unique within a context.
SchemaException
- is thrown when a filter or role cannot be matched or used
appropriately.
MappingException
- is thrown when an error has occurred in mapping a filter or
role to an appropriate search filter.
DeclarationException
- is thrown if this method is called but the Interaction is not
declared as a search.
InvalidFilterException
- is thrown if an invalid filter or filter value has been
specifiedpublic IResultSet doSearch(java.util.List<IAttributeValue> attrFilterVals, java.util.Map<java.lang.String,IPolicy> dynamicConstraintsMap, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException, InvalidFilterException
ISearchInteraction
doSearch
in interface ISearchInteraction
attrFilterVals
- An array of IFilterValue
or IAttributeValue
objects that specify the comparison values for any AttrFilter
objects contained in the declared filter for the transaction.
The number of values specified must correspond exactly to the
number specified in the declared filter. Use
Filter.getCompareAttrValues()
to obtain the values
that need to be set.IFilterValue
allows for the
capability for runtime setting of the comparison operator
(contains, beginswith, etc).dynamicConstraintsMap
- A map containing a set of dynamic constraints relevant to the
transaction. The map index is either an attribute, predicate,
or role name, or interaction name (to define policy at the
interaction level). This parameter is used for things like
specifying a localization constraint on an attribute.user
- The user context under which the operation is to be performed
or null.
IResultSet
of entries that were found in the search.
ConnectionException
- is thrown when a network or other connection problem has
occurred causing the transaction to fail.
PolicyException
- is thrown when the the transaction has failed due to policy
or consent failure.
NoSuchContextException
- is thrown when the subject cannot be mapped to an available
context. This is usually suggestive of a configuration
problem.
NoSuchSubjectException
- is thrown when the user cannot be mapped within a context to
perform the operation.
SubjectNotUniqueException
- is thrown when the subject or user cannot be uniquely mapped
to a single context or is not unique within a context.
SchemaException
- is thrown when a filter or role cannot be matched or used
appropriately.
MappingException
- is thrown when an error has occurred in mapping a filter or
role to an appropriate search filter or in mapping a result.
DeclarationException
- is thrown if this method is called but the Interaction is not
declared as a search.
InvalidFilterException
- is thrown if an invalid filter or filter value has been
specified.public void doModify(IPrincipalIdentifier subjectIdentifierKey, IAttributeValue[] modVals, java.lang.String[] roleVals, javax.security.auth.Subject user) throws ConnectionException, PolicyException, NoSuchContextException, NoSuchSubjectException, SubjectNotUniqueException, SchemaException, MappingException, DeclarationException
IModifyInteraction
doModify
in interface IModifyInteraction
subjectIdentifierKey
- The subject to be modified.modVals
- modVals an array of IAttributeValue
to be applied to
the subject. Note: Dynamic policy constraints may also be
specified by adding them to specific IAttributeValue values.roleVals
- The roles (of the declared roles) that should be set. If a
declared value is not present, that is treated as a clear. A
null value means no changes for roles are to be made.user
- The user context under which the modify is to be performed or
null if the transaction is to be done using the application
credential context alone.
ConnectionException
- Occurs when there was a connection error trying to connect to
the appropriate attribute authority.
PolicyException
- Occurs when the modify is refused due to policy restrictions
NoSuchContextException
- Occurs when the Subject cannot be mapped to an appropriate
attribute authority context.
NoSuchSubjectException
- Occurs when no subject could be located for the modify
request.
SubjectNotUniqueException
- Is thrown when the subject index maps to more than 1 logical
subject.
SchemaException
- Is thrown when the attributes being modified cannot be mapped
to the schema within the attribute service. This may or may
not indicate a partial modify was completed. Exception should
indicate details.
MappingException
- Is thrown when an error has occurred mapping attribute values
to the attribute authority schema.
DeclarationException
- The Interaction was not declared as an Modify Interaction.public IPolicy getInteractionPolicyDef()
getInteractionPolicyDef
in interface IInteraction
public IPolicy getAttributePolicyDef(java.lang.String attrNameId)
getAttributePolicyDef
in interface IInteraction
public IPolicy getPredicatePolicyDef(java.lang.String predNameId)
getPredicatePolicyDef
in interface IInteraction
public IPolicy getRolePolicyDef(java.lang.String roleNameId)
getRolePolicyDef
in interface IInteraction
public java.lang.String toString()
toString
in class java.lang.Object
public java.lang.String getEntityName()
getEntityName
in interface IInteraction
|
OpenLiberty.org - Licensed under Apache APL 2.0 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |