CredentialManager

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.itim.apps.pim
Class CredentialManager

java.lang.Object
  com.ibm.itim.apps.pim.CredentialManager

public class CredentialManager
extends java.lang.Object
extends java.lang.Object

This class provides credential administration capabilities. These capabilities include adding an account's credential to the vault.

Since:: ISIM 6.0

Constructor Summary
`CredentialManager(PlatformContext platform, javax.security.auth.Subject subject)` This API constructs the manager with a platform context and a subject.

Method Summary
`Request`	`addCredential(AccountMO account, Credential credential, boolean resetPassword, java.util.Date scheduledTime, java.lang.String justification)` This API adds an account's credential to the credential vault.
`Request`	`addCredential(AccountMO account, Credential credential, byte[] password, java.util.Date scheduledTime, java.lang.String justification)` The API adds an account's credential to the credential vault.
`java.util.Collection<CredentialComponent>`	`getCredentials(SharedAccessSearchFilter filter, Credential.Status credStatus, SearchParameters searchParam, SearchResultsStatus searchStatus)` This API gets a list of authorized and non authorized shared credentials and credential pools that match the search criteria for the authenticated user.

Methods inherited from class java.lang.Object
`equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

CredentialManager

public CredentialManager(PlatformContext platform,
                         javax.security.auth.Subject subject)

This API constructs the manager with a platform context and a subject.

Parameters:: platform - This parameter holds the platform connection information.; subject - This parameter represents the authenticated caller.
Throws:: java.lang.IllegalArgumentException - This exception is thrown if the platform or the subject parameter is null.

Method Detail

addCredential

public Request addCredential(AccountMO account,
                             Credential credential,
                             boolean resetPassword,
                             java.util.Date scheduledTime,
                             java.lang.String justification)
                      throws java.rmi.RemoteException,
                             AuthorizationException,
                             SchemaViolationException,
                             ApplicationException

This API adds an account's credential to the credential vault.

Parameters:: account - This parameter holds the account object for the credential to be added to vault. If the account is null, then an exception IllegalArgumentException will be thrown.; credential - This credential value object defines the attributes that the credential will have.; resetPassword - This parameter indicates if the credential password will be reset.; scheduledTime - This parameter specifies the scheduled starting time of the process. If it is null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current date or time of the client machine is not a safe technique to use, since the date or time of the client machine might not be the same as the date or time of the Security Identity Manager server machine.; justification - This parameter specifies the justification for adding the credential to the vault. The justification will appear in audit trail.
Returns:: The API returns an object that represents the status of the operation. If the schedule time is set for the future, then the request getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; AuthorizationException - This exception is thrown if the client is unauthorized to create a credential for the given account or write any of the credential attributes.; SchemaViolationException - This exception is thrown if any of the attributes in the value object violates the managed object's schema. This can be caused by an invalid attribute or if a required attribute is missing entirely.; ApplicationException - This exception is thrown if the API is unable to submit the request. This can possibly be caused by a removal of the account by another client prior to this call. This exception can also be thrown if the account is a system user account, and it is being added to vault in shared mode.

addCredential

public Request addCredential(AccountMO account,
                             Credential credential,
                             byte[] password,
                             java.util.Date scheduledTime,
                             java.lang.String justification)
                      throws java.rmi.RemoteException,
                             AuthorizationException,
                             SchemaViolationException,
                             ApplicationException

The API adds an account's credential to the credential vault.

Parameters:: account - This parameter holds the account object for the credential to be added to vault. If the account is null, then an exception IllegalArgumentException will be thrown.; credential - This parameter specifies the credential value object that defines the attributes of the credential.; password - This parameter specifies the credential's password.; scheduledTime - This parameter specifies the scheduled starting time of the process. If it is null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current date or time of the client machine is not a safe technique to use, since the date or time of the client machine might not be the same as the date or time of the Security Identity Manager server machine.; justification - This parameter specific the justification for adding the credential to the vault.
Returns:: The API returns an object that represents the status of the operation. If the schedule time is set for the future, then the request getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; AuthorizationException - This exception is thrown if the client is unauthorized to create a credential for the given account or write any of the credential attributes.; SchemaViolationException - This exception is thrown if any of the attributes in the value object violates the managed object's schema. This can be caused by an invalid attribute or if a required attribute is missing entirely.; ApplicationException - This exception is thrown if the API is unable to submit the request. This can possibly be caused by a removal of the account by another client prior to this call. This exception can also be thrown if the account is a system user account, and it is being added to vault in shared mode.

getCredentials

public java.util.Collection<CredentialComponent> getCredentials(SharedAccessSearchFilter filter,
                                                                Credential.Status credStatus,
                                                                SearchParameters searchParam,
                                                                SearchResultsStatus searchStatus)
                                                         throws ApplicationException,
                                                                java.rmi.RemoteException

This API gets a list of authorized and non authorized shared credentials and credential pools that match the search criteria for the authenticated user.

Parameters:: filter - SharedAccessSearchFilter This parameter specifies the search attribute values. If the value is null, all shared accesses are returned.; credStatus - This parameter specifies the check out status.; searchParam - SearchParameters This parameter specifies the search limit. The scope parameter is ignored.; searchStatus - SearchResultsStatus This parameter indicates the status of the search.
Returns:: The API returns the Collection of CredentialComponent object.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This problem can be caused by various server errors. Check the server log file for more information about the error.

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

IBM Security Identity Manager 6.0.0
© Copyright International Business Machines Corporation 2007, 2012. All rights reserved. US Government Users Restricited Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

com.ibm.itim.apps.pim Class CredentialManager

CredentialManager

addCredential

addCredential

getCredentials

com.ibm.itim.apps.pim
Class CredentialManager