Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.esri.adf.security.store
Class ADStore

java.lang.Object
  extended by com.esri.adf.security.store.ADStore
All Implemented Interfaces:
SecurityStore
public class ADStore
extends java.lang.Object
implements SecurityStore

This class implements methods that accesses Microsoft's Active Directory Server.

Field Summary
protected  ADConnectParams adConnectParams
           
protected  java.util.Map<java.lang.String,java.lang.String> adParamsMap
           
protected  javax.naming.directory.DirContext adRoleCtx
           
protected  javax.naming.directory.DirContext adUserCtx
           
 
Constructor Summary
ADStore()
           
 
Method Summary
 void addRole(ArcGISSecurityRole role)
          Unsupported functionality as AD is read only data store.
 void addRolesToUser(java.lang.String userName, java.lang.String[] roleList)
          Unsupported functionality as AD is read only data store.
 void addUser(ArcGISSecurityUser user)
          Unsupported functionality as AD is read only data store.
 void addUsersToRole(java.lang.String roleName, java.lang.String[] userList)
          Unsupported functionality as AD is read only data store.
 void close()
          Close all connections to the security store.
 void deleteRole(java.lang.String roleName)
          Unsupported functionality as AD is read only data store.
 void deleteRolesFromUser(java.lang.String userName, java.lang.String[] roleList)
          Unsupported functionality as AD is read only data store.
 void deleteUser(java.lang.String userName)
          Unsupported functionality as AD is read only data store.
 void deleteUsersFromRole(java.lang.String roleName, java.lang.String[] userList)
          Unsupported functionality as AD is read only data store.
protected  java.lang.String extractUserIdFromDn(java.lang.String dn)
          Returns the user-id attribute from the DN attribute of an AD entry.
 java.lang.String forgotUserPassword(java.lang.String userName, java.lang.String secretQuest, java.lang.String secretAns)
          Unsupported functionality as AD is read only data store.
 java.util.List<ArcGISSecurityRole> getAllRoles()
          Return list of roles that are present in the security store.
protected  java.util.List<ArcGISSecurityRole> getAllRolesAsAttributes()
          Returns a list of all the roles in the AD that are maintained as attribute of user entries.
protected  java.util.List<ArcGISSecurityRole> getAllRolesAsEntry()
          Returns a list of all the roles in the AD that are maintained as independent entries.
 java.util.List<ArcGISSecurityUser> getAllUsers()
          Returns a list of ArcGISSecurityUser objects that represent all the users currently in the security store.
 ArcGISSecurityRole getRole(java.lang.String roleName)
          Return a ArcGISSecurityRole object for a role identified by rolename.
protected  ArcGISSecurityRole getRoleAsAttribute(java.lang.String roleName)
          Return a particular role from the security store when roles are maintained as attributes of individual entries in the AD
protected  ArcGISSecurityRole getRoleAsEntry(java.lang.String roleName)
          Return a particular role from the security store when roles are maintained as individual entries in the AD
 java.util.List<ArcGISSecurityRole> getRolesForUser(java.lang.String userName)
          Gets the list of roles associated with a user, both of which are present in an ad.
protected  java.util.List<ArcGISSecurityRole> getRolesForUserAsAttribute(java.lang.String userName)
          Returns a list of roles for a user, when roles are maintained as attributes of individual entries.
protected  java.util.List<ArcGISSecurityRole> getRolesForUserAsEntry(java.lang.String userName)
          Returns a list of roles for a user, when roles are maintained as individual entries
 ArcGISSecurityUser getUser(java.lang.String userName)
          Return a ArcGISSecurityUser object for a ArcGISSecurityUser identified by username when the data store is AD.
 java.lang.String getUserSecretQuestion(java.lang.String userName)
          Unsupported functionality as AD is read only data store.
 java.util.List<ArcGISSecurityUser> getUsersForRole(java.lang.String roleName)
          Returns list of users that have been assigned to a particular role.
protected  java.util.List<ArcGISSecurityUser> getUsersForRoleAsAttribute(java.lang.String roleName)
          Returns list of users that have been assigned to a particular role when roles are maintained as attribute of individual entries.
protected  java.util.List<ArcGISSecurityUser> getUsersForRoleAsEntry(java.lang.String roleName)
          Returns list of users that have been assigned to a particular role when roles are maintained as individual entries.
 void init(java.util.Map<java.lang.String,java.lang.String> paramsMap)
          Initialize the AD connection.
 boolean isReadOnly()
          For the current implementation, the Active Directory is treated as a readonly data store, so this method will always return true.
protected  java.util.List<ArcGISSecurityRole> lookupRoleInLdap(java.lang.String roleDN)
          Look up the AD for a particular role entry that is associated as with a ArcGISSecurityUser as an attribute of the ArcGISSecurityUser entry
protected  ArcGISSecurityUser lookupUserInLdap(java.lang.String userDN)
          Look up the AD for a particular ArcGISSecurityUser entry that is associated as with a role as an attribute of the role entry
 void modifyRole(ArcGISSecurityRole role)
          Unsupported functionality as AD is read only data store.
 void modifyUser(ArcGISSecurityUser user)
          Unsupported functionality as AD is read only data store.
 void reinitialize()
          Reinitialize the connection to data stores.
 boolean testConnection(java.util.Map<java.lang.String,java.lang.String> paramsMap)
          Test the connection to the data store
 boolean validateUser(java.lang.String username, java.lang.String password)
          Check the user credentials with the information available in the security store.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

adConnectParams

protected ADConnectParams adConnectParams

adUserCtx

protected javax.naming.directory.DirContext adUserCtx

adRoleCtx

protected javax.naming.directory.DirContext adRoleCtx

adParamsMap

protected java.util.Map<java.lang.String,java.lang.String> adParamsMap
Constructor Detail

ADStore

public ADStore()
Method Detail

init

public void init(java.util.Map<java.lang.String,java.lang.String> paramsMap)
          throws ArcGISSecurityException
Initialize the AD connection.

Specified by:
init in interface SecurityStore
Parameters:
paramsMap - - Map generated from a ADConnectParams object.It contains information that the ArcGISSecurityStore uses to connect to an AD.
Throws:
ArcGISSecurityException - - if cannot connect to a AD

reinitialize

public void reinitialize()
                  throws ArcGISSecurityException
Reinitialize the connection to data stores. Sometimes, the connections timeout, there needs to be a hook so that clients can call the object to reinitialize without having to create a new one.

Specified by:
reinitialize in interface SecurityStore
Throws:
ArcGISSecurityException - - if connection cannot be initialized

isReadOnly

public boolean isReadOnly()
For the current implementation, the Active Directory is treated as a readonly data store, so this method will always return true.

Specified by:
isReadOnly in interface SecurityStore
Returns:
true

testConnection

public boolean testConnection(java.util.Map<java.lang.String,java.lang.String> paramsMap)
                       throws ArcGISSecurityException
Test the connection to the data store

Specified by:
testConnection in interface SecurityStore
Parameters:
paramsMap - - Map generated from a ADConnectParams object.It contains information that the ArcGISSecurityStore uses to connect to an AD.
Returns:
true if the method can successfully connect to he security store false otherwise
Throws:
ArcGISSecurityException - - if there is an error while connecting to the security data store

extractUserIdFromDn

protected java.lang.String extractUserIdFromDn(java.lang.String dn)
Returns the user-id attribute from the DN attribute of an AD entry.

Parameters:
dn - - represents the DN attribute of the AD entry.
Returns:
String representing user-id attribute within the DN

getAllUsers

public java.util.List<ArcGISSecurityUser> getAllUsers()
                                               throws ArcGISSecurityException
Returns a list of ArcGISSecurityUser objects that represent all the users currently in the security store.

Specified by:
getAllUsers in interface SecurityStore
Returns:
list of ArcGISSecurityUser objects
Throws:
ArcGISSecurityException - - if users cannot be retrieved from the security store

getAllRoles

public java.util.List<ArcGISSecurityRole> getAllRoles()
                                               throws ArcGISSecurityException
Return list of roles that are present in the security store.

Specified by:
getAllRoles in interface SecurityStore
Returns:
list of ArcGISSecurityRole objects each representing a single role
Throws:
ArcGISSecurityException - - if a role cannot be retrieved from the security store

getAllRolesAsEntry

protected java.util.List<ArcGISSecurityRole> getAllRolesAsEntry()
                                                         throws ArcGISSecurityException
Returns a list of all the roles in the AD that are maintained as independent entries.

Returns:
list of ArcGISSecurityRole objects that present all the roles in the security store.
Throws:
ArcGISSecurityException - - if role information cannot be accessed

getAllRolesAsAttributes

protected java.util.List<ArcGISSecurityRole> getAllRolesAsAttributes()
                                                              throws ArcGISSecurityException
Returns a list of all the roles in the AD that are maintained as attribute of user entries.

Returns:
list of ArcGISSecurityRole objects that present all the roles in the security store.
Throws:
ArcGISSecurityException - - if role information cannot be accessed

getUser

public ArcGISSecurityUser getUser(java.lang.String userName)
                           throws ArcGISSecurityException
Return a ArcGISSecurityUser object for a ArcGISSecurityUser identified by username when the data store is AD.

Specified by:
getUser in interface SecurityStore
Parameters:
userName - - unique name of the ArcGISSecurityUser
Returns:
ArcGISSecurityUser object that represents the ArcGISSecurityUser
Throws:
ArcGISSecurityException - - if ArcGISSecurityUser information cannot be retrieved from the security store

getRole

public ArcGISSecurityRole getRole(java.lang.String roleName)
                           throws ArcGISSecurityException
Return a ArcGISSecurityRole object for a role identified by rolename.

Specified by:
getRole in interface SecurityStore
Parameters:
roleName - - unique name of the role
Returns:
ArcGISSecurityRole object that represents the role
Throws:
ArcGISSecurityException - - if role information cannot be retrieved from the AD

getRoleAsEntry

protected ArcGISSecurityRole getRoleAsEntry(java.lang.String roleName)
                                     throws ArcGISSecurityException
Return a particular role from the security store when roles are maintained as individual entries in the AD

Parameters:
roleName - - String identifier for a role
Returns:
ArcGISSecurityRole object that contains information for the particular role
Throws:
ArcGISSecurityException - if role information cannot be accessed from the AD.

getRoleAsAttribute

protected ArcGISSecurityRole getRoleAsAttribute(java.lang.String roleName)
                                         throws ArcGISSecurityException
Return a particular role from the security store when roles are maintained as attributes of individual entries in the AD

Parameters:
roleName - - String identifier for a role
Returns:
ArcGISSecurityRole object that contains information for the particular role
Throws:
ArcGISSecurityException - if role information cannot be accessed from the AD.

getRolesForUser

public java.util.List<ArcGISSecurityRole> getRolesForUser(java.lang.String userName)
                                                   throws ArcGISSecurityException
Gets the list of roles associated with a user, both of which are present in an ad.

Specified by:
getRolesForUser in interface SecurityStore
Parameters:
userName - - String representing the unique username
Returns:
List of ArcGISSecurityRole objects that have been assigned to this user
Throws:
ArcGISSecurityException - - if role information cannot be retrieved

getRolesForUserAsEntry

protected java.util.List<ArcGISSecurityRole> getRolesForUserAsEntry(java.lang.String userName)
                                                             throws ArcGISSecurityException
Returns a list of roles for a user, when roles are maintained as individual entries

Parameters:
userName - - String identifier for the user whose roles are to be returned
Returns:
List of ArcGISSecurityRole object that are assigned to the user.
Throws:
ArcGISSecurityException - - if roles information for the user cannot be accessed.

getRolesForUserAsAttribute

protected java.util.List<ArcGISSecurityRole> getRolesForUserAsAttribute(java.lang.String userName)
                                                                 throws ArcGISSecurityException
Returns a list of roles for a user, when roles are maintained as attributes of individual entries.

Parameters:
userName - - String identifier for the user whose roles are to be returned
Returns:
List of ArcGISSecurityRole object that are assigned to the user.
Throws:
ArcGISSecurityException - - if roles information for the user cannot be accessed.

lookupRoleInLdap

protected java.util.List<ArcGISSecurityRole> lookupRoleInLdap(java.lang.String roleDN)
                                                       throws ArcGISSecurityException
Look up the AD for a particular role entry that is associated as with a ArcGISSecurityUser as an attribute of the ArcGISSecurityUser entry

Parameters:
roleDN - - String representing the DN of the role stored as attribute of the ArcGISSecurityUser entry
Returns:
list of ArcGISSecurityRole objects to which the ArcGISSecurityUser belongs
Throws:
ArcGISSecurityException - when the input parameter is null, or the API cannot successfully communicate with the AD

lookupUserInLdap

protected ArcGISSecurityUser lookupUserInLdap(java.lang.String userDN)
                                       throws ArcGISSecurityException
Look up the AD for a particular ArcGISSecurityUser entry that is associated as with a role as an attribute of the role entry

Parameters:
userDN - - String representing the DN of the ArcGISSecurityUser stored as attribute of the role entry
Returns:
ArcGISSecurityUser object associated with the userDN
Throws:
ArcGISSecurityException - when the input parameter is null, or the API cannot successfully communicate with the AD

getUsersForRole

public java.util.List<ArcGISSecurityUser> getUsersForRole(java.lang.String roleName)
                                                   throws ArcGISSecurityException
Returns list of users that have been assigned to a particular role.

Specified by:
getUsersForRole in interface SecurityStore
Parameters:
roleName - - String identifier that represents a particular role
Returns:
List of ArcGISSecurityUser objects that have a particular role.
Throws:
ArcGISSecurityException - - if user information cannot be accessed in the AD

getUsersForRoleAsEntry

protected java.util.List<ArcGISSecurityUser> getUsersForRoleAsEntry(java.lang.String roleName)
                                                             throws ArcGISSecurityException
Returns list of users that have been assigned to a particular role when roles are maintained as individual entries.

Parameters:
roleName - - String identifier that represents a particular role
Returns:
List of ArcGISSecurityUser objects that have a particular role.
Throws:
ArcGISSecurityException - - if user information cannot be accessed in the AD

getUsersForRoleAsAttribute

protected java.util.List<ArcGISSecurityUser> getUsersForRoleAsAttribute(java.lang.String roleName)
                                                                 throws ArcGISSecurityException
Returns list of users that have been assigned to a particular role when roles are maintained as attribute of individual entries.

Parameters:
roleName - - String identifier that represents a particular role
Returns:
List of ArcGISSecurityUser objects that have a particular role.
Throws:
ArcGISSecurityException - - if user information cannot be accessed in the AD

validateUser

public boolean validateUser(java.lang.String username,
                            java.lang.String password)
                     throws ArcGISSecurityException
Check the user credentials with the information available in the security store.

Specified by:
validateUser in interface SecurityStore
Parameters:
userName - - String representing a particular user
userPassword - - String representing the user's password
Returns:
true if the user credentials match with the ones in the security store.
Throws:
ArcGISSecurityException - - if user information cannot be retrieved.

close

public void close()
Close all connections to the security store.

Specified by:
close in interface SecurityStore

addRole

public void addRole(ArcGISSecurityRole role)
             throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
addRole in interface SecurityStore
Parameters:
role - - reference to the ArcGISSecurityRole object that contains the role information.
Throws:
ArcGISSecurityException - - if a new role cannot be added

modifyRole

public void modifyRole(ArcGISSecurityRole role)
                throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
modifyRole in interface SecurityStore
Parameters:
role - - reference to the ArcGISSecurityRole object that contains the modified role information.
Throws:
ArcGISSecurityException - - if role information cannot be modified.

addUser

public void addUser(ArcGISSecurityUser user)
             throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
addUser in interface SecurityStore
Parameters:
user - - reference to ArcGISSecurityUser object that contains user information.
Throws:
ArcGISSecurityException - - if user cannot be added

modifyUser

public void modifyUser(ArcGISSecurityUser user)
                throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
modifyUser in interface SecurityStore
Parameters:
user - - reference to ArcGISSecurityUser object thats contains modified user information.
Throws:
ArcGISSecurityException

addRolesToUser

public void addRolesToUser(java.lang.String userName,
                           java.lang.String[] roleList)
                    throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
addRolesToUser in interface SecurityStore
Parameters:
userName - - String representing the particular role to whom these roles are to be assigned.
roleList - - Array of strings containing the name of the roles that are to be assigned to the user.
Throws:
ArcGISSecurityException - - if roles cannot be added to the user

addUsersToRole

public void addUsersToRole(java.lang.String roleName,
                           java.lang.String[] userList)
                    throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
addUsersToRole in interface SecurityStore
Parameters:
roleName - - String representing the particular role that is to be assigned.
userList - - Array of strings containing the name of the user to whom this role is to be assigned
Throws:
ArcGISSecurityException - - if this role cannot be assigned to the users.

deleteRole

public void deleteRole(java.lang.String roleName)
                throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
deleteRole in interface SecurityStore
Parameters:
roleName - - String identifier that uniquely identifies a particular role
Throws:
ArcGISSecurityException - - if a role cannot be deleted

deleteUser

public void deleteUser(java.lang.String userName)
                throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
deleteUser in interface SecurityStore
Parameters:
userName - - String identifier that uniquely identifies a user.
Throws:
ArcGISSecurityException - - if the user cannot be deleted from the store.

deleteRolesFromUser

public void deleteRolesFromUser(java.lang.String userName,
                                java.lang.String[] roleList)
                         throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
deleteRolesFromUser in interface SecurityStore
Parameters:
userName - - String representing the particular user from whom the roles are to be deleted.
roleList - - Array of strings containing name of the roles that are to be deleted from this user.
Throws:
ArcGISSecurityException - - if roles cannot be deleted from the user

deleteUsersFromRole

public void deleteUsersFromRole(java.lang.String roleName,
                                java.lang.String[] userList)
                         throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
deleteUsersFromRole in interface SecurityStore
Parameters:
roleName - - String representing the particular role thats is to be deleted.
userList - - Array of strings containing the name of the users from whom this role is to be deleted.
Throws:
ArcGISSecurityException - - if the role cannot be deleted from the list of users

getUserSecretQuestion

public java.lang.String getUserSecretQuestion(java.lang.String userName)
                                       throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
getUserSecretQuestion in interface SecurityStore
Parameters:
userName - - String identifier that uniquely identifies a particular user
Returns:
- String representing the secret question set for the user
Throws:
ArcGISSecurityException - - if user information cannot be retrieved

forgotUserPassword

public java.lang.String forgotUserPassword(java.lang.String userName,
                                           java.lang.String secretQuest,
                                           java.lang.String secretAns)
                                    throws ArcGISSecurityException
Unsupported functionality as AD is read only data store.

Specified by:
forgotUserPassword in interface SecurityStore
Parameters:
userName - - String identifier that uniquely identifies a particular user
secretQuest - - String representing the secret question set for the user
secretAns - - String representing the answer to the secret question
Returns:
String representing the new password for the user. The password can then be changed by calling the modifyUser method.
Throws:
ArcGISSecurityException - - if password cannot be reset
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD