LDAPStore (security)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.esri.adf.security.store
Class LDAPStore

java.lang.Object
  com.esri.adf.security.store.LDAPStore

All Implemented Interfaces:: SecurityStore

public class LDAPStore
extends java.lang.Object
implements SecurityStore
extends java.lang.Object
implements SecurityStore

This class implements methods that accesses a Directory Server.

Field Summary
`protected LDAPConnectParams`	`ldapConnectParams`
`protected java.util.Map<java.lang.String,java.lang.String>`	`ldapParamsMap`
`protected javax.naming.directory.DirContext`	`ldapRoleCtx`
`protected javax.naming.directory.DirContext`	`ldapUserCtx`

Constructor Summary
`LDAPStore()`

Method Summary
`void`	`addRole(ArcGISSecurityRole role)` Unsupported functionality as LDAP is read only data store.
`void`	`addRolesToUser(java.lang.String userName, java.lang.String[] roleList)` Unsupported functionality as LDAP is read only data store.
`void`	`addUser(ArcGISSecurityUser user)` Unsupported functionality as LDAP is read only data store.
`void`	`addUsersToRole(java.lang.String roleName, java.lang.String[] userList)` Unsupported functionality as LDAP is read only data store.
`void`	`close()` Close all connections to the security store.
`void`	`deleteRole(java.lang.String roleName)` Unsupported functionality as LDAP is read only data store.
`void`	`deleteRolesFromUser(java.lang.String userName, java.lang.String[] roleList)` Unsupported functionality as LDAP is read only data store.
`void`	`deleteUser(java.lang.String userName)` Unsupported functionality as LDAP is read only data store.
`void`	`deleteUsersFromRole(java.lang.String roleName, java.lang.String[] userList)` Unsupported functionality as LDAP is read only data store.
`protected java.lang.String`	`extractUserIdFromDn(java.lang.String dn)` Returns the user-id attribute from the DN attribute of an LDAP entry.
`java.lang.String`	`forgotUserPassword(java.lang.String userName, java.lang.String secretQuest, java.lang.String secretAns)` Unsupported functionality as LDAP is read only data store.
`java.util.List<ArcGISSecurityRole>`	`getAllRoles()` Return list of roles that are present in the security store.
`protected java.util.List<ArcGISSecurityRole>`	`getAllRolesAsAttributes()` Returns a list of all the roles in the LDAP that are maintained as attribute of user entries.
`protected java.util.List<ArcGISSecurityRole>`	`getAllRolesAsEntry()` Returns a list of all the roles in the LDAP that are maintained as independent entries.
`java.util.List<ArcGISSecurityUser>`	`getAllUsers()` Returns a list of ArcGISSecurityUser objects that represent all the users currently in the security store.
`ArcGISSecurityRole`	`getRole(java.lang.String roleName)` Return a ArcGISSecurityRole object for a role identified by rolename.
`protected ArcGISSecurityRole`	`getRoleAsAttribute(java.lang.String roleName)` Return a particular role from the security store when roles are maintained as attributes of individual entries in the LDAP
`protected ArcGISSecurityRole`	`getRoleAsEntry(java.lang.String roleName)` Return a particular role from the security store when roles are maintained as individual entries in the LDAP
`java.util.List<ArcGISSecurityRole>`	`getRolesForUser(java.lang.String userName)` Gets the list of roles associated with a user, both of which are present in an ldap.
`protected java.util.List<ArcGISSecurityRole>`	`getRolesForUserAsAttribute(java.lang.String userName)` Returns a list of roles for a user, when roles are maintained as attributes of individual entries.
`protected java.util.List<ArcGISSecurityRole>`	`getRolesForUserAsEntry(java.lang.String userName)` Returns a list of roles for a user, when roles are maintained as individual entries
`ArcGISSecurityUser`	`getUser(java.lang.String userName)` Return a ArcGISSecurityUser object for a ArcGISSecurityUser identified by username when the data store is LDAP.
`java.lang.String`	`getUserSecretQuestion(java.lang.String userName)` Unsupported functionality as LDAP is read only data store.
`java.util.List<ArcGISSecurityUser>`	`getUsersForRole(java.lang.String roleName)` Returns list of users that have been assigned to a particular role.
`protected java.util.List<ArcGISSecurityUser>`	`getUsersForRoleAsAttribute(java.lang.String roleName)` Returns list of users that have been assigned to a particular role when roles are maintained as attribute of individual entries.
`protected java.util.List<ArcGISSecurityUser>`	`getUsersForRoleAsEntry(java.lang.String roleName)` Returns list of users that have been assigned to a particular role when roles are maintained as individual entries.
`void`	`init(java.util.Map<java.lang.String,java.lang.String> paramsMap)` Initialize the LDAP connection.
`boolean`	`isReadOnly()` For the current implementation, the LDAP is treated as a readonly data store, so this method will always return true.
`protected java.util.List<ArcGISSecurityRole>`	`lookupRoleInLdap(java.lang.String roleDN)` Look up the LDAP for a particular role entry that is associated as with a user as an attribute of the user entry
`protected ArcGISSecurityUser`	`lookupUserInLdap(java.lang.String userDN)` Look up the LDAP for a particular ArcGISSecurityUser entry that is associated as with a role as an attribute of the role entry
`void`	`modifyRole(ArcGISSecurityRole role)` Unsupported functionality as LDAP is read only data store.
`void`	`modifyUser(ArcGISSecurityUser user)` Unsupported functionality as LDAP is read only data store.
`void`	`reinitialize()` Reinitialize the connection to data stores.
`boolean`	`testConnection(java.util.Map<java.lang.String,java.lang.String> paramsMap)` Test the connection to the data store
`boolean`	`validateUser(java.lang.String username, java.lang.String password)` Check the user credentials with the information available in the security store.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

ldapConnectParams

protected LDAPConnectParams ldapConnectParams

ldapUserCtx

protected javax.naming.directory.DirContext ldapUserCtx

ldapRoleCtx

protected javax.naming.directory.DirContext ldapRoleCtx

ldapParamsMap

protected java.util.Map<java.lang.String,java.lang.String> ldapParamsMap

Constructor Detail

LDAPStore

public LDAPStore()

Method Detail

init

public void init(java.util.Map<java.lang.String,java.lang.String> paramsMap)
          throws ArcGISSecurityException

Initialize the LDAP connection.

Specified by:: init in interface SecurityStore

Parameters:: paramsMap - - HashMap generated from a LDAPConnectParams object. It contains information that the ArcGISSecurityStore uses to connect to an LDAP.
Throws:: ArcGISSecurityException - - if cannot connect to a LDAP

reinitialize

public void reinitialize()
                  throws ArcGISSecurityException

Reinitialize the connection to data stores. Sometimes, the connections timeout, there needs to be a hook so that clients can call the object to reinitialize without having to create a new one.

Specified by:: reinitialize in interface SecurityStore

Throws:: ArcGISSecurityException - - if connection cannot be initialized

isReadOnly

public boolean isReadOnly()

For the current implementation, the LDAP is treated as a readonly data store, so this method will always return true.

Specified by:: isReadOnly in interface SecurityStore

Returns:: true

testConnection

public boolean testConnection(java.util.Map<java.lang.String,java.lang.String> paramsMap)
                       throws ArcGISSecurityException

Test the connection to the data store

Specified by:: testConnection in interface SecurityStore

Parameters:: paramsMap - - HashMap generated from a LDAPConnectParams object. It contains information that the ArcGISSecurityStore uses to connect to an LDAP.
Returns:: true if the method can successfully connect to he security store false otherwise
Throws:: ArcGISSecurityException - - if there is an error while connecting to the security data store

extractUserIdFromDn

protected java.lang.String extractUserIdFromDn(java.lang.String dn)

Returns the user-id attribute from the DN attribute of an LDAP entry.

Parameters:: dn - - represents the DN attribute of the LDAP entry.
Returns:: String representing user-id attribute within the DN

getAllUsers

public java.util.List<ArcGISSecurityUser> getAllUsers()
                                               throws ArcGISSecurityException

Returns a list of ArcGISSecurityUser objects that represent all the users currently in the security store.

Specified by:: getAllUsers in interface SecurityStore

Returns:: list of ArcGISSecurityUser objects
Throws:: ArcGISSecurityException - - if users cannot be retrieved from the security store

getAllRoles

public java.util.List<ArcGISSecurityRole> getAllRoles()
                                               throws ArcGISSecurityException

Return list of roles that are present in the security store.

Specified by:: getAllRoles in interface SecurityStore

Returns:: list of ArcGISSecurityRole objects each representing a single role
Throws:: ArcGISSecurityException - - if a role cannot be retrieved from the security store

getAllRolesAsEntry

protected java.util.List<ArcGISSecurityRole> getAllRolesAsEntry()
                                                         throws ArcGISSecurityException

Returns a list of all the roles in the LDAP that are maintained as independent entries.

Returns:: list of ArcGISSecurityRole objects that present all the roles in the security store.
Throws:: ArcGISSecurityException - - if role information cannot be accessed

getAllRolesAsAttributes

protected java.util.List<ArcGISSecurityRole> getAllRolesAsAttributes()
                                                              throws ArcGISSecurityException

Returns a list of all the roles in the LDAP that are maintained as attribute of user entries.

Returns:: list of ArcGISSecurityRole objects that present all the roles in the security store.
Throws:: ArcGISSecurityException - - if role information cannot be accessed

getUser

public ArcGISSecurityUser getUser(java.lang.String userName)
                           throws ArcGISSecurityException

Return a ArcGISSecurityUser object for a ArcGISSecurityUser identified by username when the data store is LDAP.

Specified by:: getUser in interface SecurityStore

Parameters:: userName - - unique name of the ArcGISSecurityUser
Returns:: ArcGISSecurityUser object that represents the ArcGISSecurityUser
Throws:: ArcGISSecurityException - - if ArcGISSecurityUser information cannot be retrieved from the security store

getRole

public ArcGISSecurityRole getRole(java.lang.String roleName)
                           throws ArcGISSecurityException

Return a ArcGISSecurityRole object for a role identified by rolename.

Specified by:: getRole in interface SecurityStore

Parameters:: roleName - - unique name of the role
Returns:: ArcGISSecurityRole object that represents the role
Throws:: ArcGISSecurityException - - if role information cannot be retrieved from the LDAP

getRoleAsEntry

protected ArcGISSecurityRole getRoleAsEntry(java.lang.String roleName)
                                     throws ArcGISSecurityException

Return a particular role from the security store when roles are maintained as individual entries in the LDAP

Parameters:: roleName - - String identifier for a role
Returns:: ArcGISSecurityRole object that contains information for the particular role
Throws:: ArcGISSecurityException - if role information cannot be accessed from the LDAP.

getRoleAsAttribute

protected ArcGISSecurityRole getRoleAsAttribute(java.lang.String roleName)
                                         throws ArcGISSecurityException

Return a particular role from the security store when roles are maintained as attributes of individual entries in the LDAP

Parameters:: roleName - - String identifier for a role
Returns:: ArcGISSecurityRole object that contains information for the particular role
Throws:: ArcGISSecurityException - if role information cannot be accessed from the LDAP.

getRolesForUser

public java.util.List<ArcGISSecurityRole> getRolesForUser(java.lang.String userName)
                                                   throws ArcGISSecurityException

Gets the list of roles associated with a user, both of which are present in an ldap.

Specified by:: getRolesForUser in interface SecurityStore

Parameters:: userName - - String representing the unique username
Returns:: List of ArcGISSecurityRole objects that have been assigned to this user
Throws:: ArcGISSecurityException - - if role information cannot be retrieved

getRolesForUserAsEntry

protected java.util.List<ArcGISSecurityRole> getRolesForUserAsEntry(java.lang.String userName)
                                                             throws ArcGISSecurityException

Returns a list of roles for a user, when roles are maintained as individual entries

Parameters:: userName - - String identifier for the user whose roles are to be returned
Returns:: List of ArcGISSecurityRole object that are assigned to the user.
Throws:: ArcGISSecurityException - - if roles information for the user cannot be accessed.

getRolesForUserAsAttribute

protected java.util.List<ArcGISSecurityRole> getRolesForUserAsAttribute(java.lang.String userName)
                                                                 throws ArcGISSecurityException

Returns a list of roles for a user, when roles are maintained as attributes of individual entries.

Parameters:: userName - - String identifier for the user whose roles are to be returned
Returns:: List of ArcGISSecurityRole object that are assigned to the user.
Throws:: ArcGISSecurityException - - if roles information for the user cannot be accessed.

lookupRoleInLdap

protected java.util.List<ArcGISSecurityRole> lookupRoleInLdap(java.lang.String roleDN)
                                                       throws ArcGISSecurityException

Look up the LDAP for a particular role entry that is associated as with a user as an attribute of the user entry

Parameters:: roleDN - - String representing the DN of the role stored as attribute of the ArcGISSecurityUser entry
Returns:: list of ArcGISSecurityRole objects to which the user belongs
Throws:: ArcGISSecurityException - when the input parameter is null, or the API cannot successfully communicate with the LDAP

lookupUserInLdap

protected ArcGISSecurityUser lookupUserInLdap(java.lang.String userDN)
                                       throws ArcGISSecurityException

Look up the LDAP for a particular ArcGISSecurityUser entry that is associated as with a role as an attribute of the role entry

Parameters:: userDN - - String representing the DN of the ArcGISSecurityUser stored as attribute of the role entry
Returns:: ArcGISSecurityUser object associated with the userDN
Throws:: ArcGISSecurityException - when the input parameter is null, or the API cannot successfully communicate with the LDAP

getUsersForRole

public java.util.List<ArcGISSecurityUser> getUsersForRole(java.lang.String roleName)
                                                   throws ArcGISSecurityException

Returns list of users that have been assigned to a particular role.

Specified by:: getUsersForRole in interface SecurityStore

Parameters:: roleName - - String identifier that represents a particular role
Returns:: List of ArcGISSecurityUser objects that have a particular role.
Throws:: ArcGISSecurityException - - if user information cannot be accessed in the LDAP

getUsersForRoleAsEntry

protected java.util.List<ArcGISSecurityUser> getUsersForRoleAsEntry(java.lang.String roleName)
                                                             throws ArcGISSecurityException

Returns list of users that have been assigned to a particular role when roles are maintained as individual entries.

Parameters:: roleName - - String identifier that represents a particular role
Returns:: List of ArcGISSecurityUser objects that have a particular role.
Throws:: ArcGISSecurityException - - if user information cannot be accessed in the LDAP

getUsersForRoleAsAttribute

protected java.util.List<ArcGISSecurityUser> getUsersForRoleAsAttribute(java.lang.String roleName)
                                                                 throws ArcGISSecurityException

Returns list of users that have been assigned to a particular role when roles are maintained as attribute of individual entries.

Parameters:: roleName - - String identifier that represents a particular role
Returns:: List of ArcGISSecurityUser objects that have a particular role.
Throws:: ArcGISSecurityException - - if user information cannot be accessed in the LDAP

validateUser

public boolean validateUser(java.lang.String username,
                            java.lang.String password)
                     throws ArcGISSecurityException

Check the user credentials with the information available in the security store.

Specified by:: validateUser in interface SecurityStore

Parameters:: userName - - String representing a particular user; userPassword - - String representing the user's password
Returns:: true if the user credentials match with the ones in the security store.
Throws:: ArcGISSecurityException - - if user information cannot be retrieved.

close

public void close()

Close all connections to the security store.

Specified by:: close in interface SecurityStore