SharedAccessManager

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.itim.apps.pim
Class SharedAccessManager

java.lang.Object
  com.ibm.itim.apps.pim.SharedAccessManager

public class SharedAccessManager
extends java.lang.Object
extends java.lang.Object

This class provides APIs searching for the authorized shared accesses based on the search criteria.

Since:: Security Identity Manager 6.0

Constructor Summary
`SharedAccessManager(PlatformContext platform, javax.security.auth.Subject subject)` Constructs the manager with a platform context and a subject.

Method Summary
`java.util.Collection<CredentialComponent>`	`getAllSharedAccesses(Credential.Status credStatus, SharedAccessSearchFilter filter, SearchParameters searchParam, SearchResultsStatus searchStatus)` This API gets a list of authorized and non authorized shared credentials and credential pools that match the search criteria for the authenticated user.
`java.util.Collection<SAEntitlement>`	`getAuthorizedEntitlements(RoleMO roleMO, SearchParameters searchParam, SearchResultsStatus searchStatus)` This API gets a list of authorized shared access entitlements for the specified role.
`java.util.Collection<RoleMO>`	`getAuthorizedRoles(CredentialComponent credentialComp, boolean listAccessOnly, SearchParameters searchParam, SearchResultsStatus searchStatus)` This API gets a list of authorized roles for the specified credential component.
`java.util.Collection<CredentialComponent>`	`getAuthorizedSharedAccesses(boolean excludeCheckedOutAccount, SharedAccessSearchFilter filter, SearchParameters searchParam, SearchResultsStatus searchStatus)` This API gets a list of authorized credentials and credential pools that match the search criteria for the authenticated user.
`boolean`	`isCheckoutAllowed(CredentialComponent sharedAccess)` This API determines if the authenticated user is authorized to check out a credential or credential pool.
`boolean`	`isViewPasswordAllowed(Credential nonExclusiveCredential)` This API determines if an authenticated user is authorized to view the password of non-exclusive credential.

Methods inherited from class java.lang.Object
`equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

SharedAccessManager

public SharedAccessManager(PlatformContext platform,
                           javax.security.auth.Subject subject)

Constructs the manager with a platform context and a subject.

Parameters:: platform - PlatformContext that holds the platform connection information.; subject - Subject that represents the authenticated caller.
Throws:: java.lang.IllegalArgumentException - Thrown if the platform or the subject parameter is null.

Method Detail

getAuthorizedSharedAccesses

public java.util.Collection<CredentialComponent> getAuthorizedSharedAccesses(boolean excludeCheckedOutAccount,
                                                                             SharedAccessSearchFilter filter,
                                                                             SearchParameters searchParam,
                                                                             SearchResultsStatus searchStatus)
                                                                      throws ApplicationException,
                                                                             java.rmi.RemoteException

This API gets a list of authorized credentials and credential pools that match the search criteria for the authenticated user.

Parameters:: excludeCheckedOutAccount - boolean This parameter indicates whether to exclude credentials that are currently checked out. if it is true, the returned list of shared accesses excludes credentials that are currently checked out. if it is false, the returned list of shared accesses includes credentials that are currently checked out.; filter - SharedAccessSearchFilter This parameter specifies the search attribute values. If the value is null, all authorized shared accesses are returned.; searchParam - SearchParameters This parameter specifies the search limit.; searchStatus - SearchResultsStatus This parameter indicates the status of the search.
Returns:: The API returns the Collection of CredentialComponent object.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This problem can be caused by various server errors. Check the server log file for more information about the error.

getAllSharedAccesses

public java.util.Collection<CredentialComponent> getAllSharedAccesses(Credential.Status credStatus,
                                                                      SharedAccessSearchFilter filter,
                                                                      SearchParameters searchParam,
                                                                      SearchResultsStatus searchStatus)
                                                               throws ApplicationException,
                                                                      java.rmi.RemoteException

This API gets a list of authorized and non authorized shared credentials and credential pools that match the search criteria for the authenticated user.

Parameters:: excludeCheckedOutAccount - boolean This parameter indicates whether to exclude credentials that are currently checked out. if it is true, the returned list of shared accesses excludes credentials that are currently checked out. if it is false, the returned list of shared accesses includes credentials that are currently checked out.; filter - SharedAccessSearchFilter This parameter specifies the search attribute values. If the value is null, all shared accesses are returned.; searchParam - SearchParameters This parameter specifies the search limit. The scope parameter is ignored.; searchStatus - SearchResultsStatus This parameter indicates the status of the search.
Returns:: The API returns the Collection of CredentialComponent object.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This problem can be caused by various server errors. Check the server log file for more information about the error.

getAuthorizedRoles

public java.util.Collection<RoleMO> getAuthorizedRoles(CredentialComponent credentialComp,
                                                       boolean listAccessOnly,
                                                       SearchParameters searchParam,
                                                       SearchResultsStatus searchStatus)
                                                throws ApplicationException,
                                                       java.rmi.RemoteException

This API gets a list of authorized roles for the specified credential component.

Parameters:: credentialCompDN - represents the credential component that you want to return the roles.; listAccessOnly - specifies whether you want to return all qualified roles or return only the qualified roles with access enabled.; searchLimit - specifies the number of results to return. Specify 0 for no search limit. If no search limit is specified, this API will use the maximum search limit configured for the system.; searchStatus - SearchResultsStatus This parameter indicates if the search exceeds the search limit. Specify NULL if you don't any status on the search.
Returns:: The API returns the Collection of RoleMO object.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This problem can be caused by various server errors. Check the server log file for more information about the error.

isCheckoutAllowed

public boolean isCheckoutAllowed(CredentialComponent sharedAccess)
                          throws ApplicationException,
                                 java.rmi.RemoteException

This API determines if the authenticated user is authorized to check out a credential or credential pool.

Parameters:: sharedAccess - CredentialComponent representing a credential or credential pool.
Returns:: true if the user is authorized to check out, false otherwise.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This can be caused by various server errors. Check the server log file for more information about the error.

isViewPasswordAllowed

public boolean isViewPasswordAllowed(Credential nonExclusiveCredential)
                              throws ApplicationException,
                                     java.rmi.RemoteException

This API determines if an authenticated user is authorized to view the password of non-exclusive credential. The non-exclusive credential is the one that you can access without checking out.

Parameters:: nonExclusiveCredential - The Credential object that represents non-exlusive credential. If the exclusive credential is passed as this parameter then the IllegalArgumentException will be thrown.
Returns:: true if the user is authorized to view the password, false otherwise.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This can be caused by various server errors. Check the server log file for more information about the error.

getAuthorizedEntitlements

public java.util.Collection<SAEntitlement> getAuthorizedEntitlements(RoleMO roleMO,
                                                                     SearchParameters searchParam,
                                                                     SearchResultsStatus searchStatus)
                                                              throws ApplicationException,
                                                                     java.rmi.RemoteException

This API gets a list of authorized shared access entitlements for the specified role.

Parameters:: roleMO - RoleMO that represents the person's role.; searchParam - SearchParameters This parameter specifies the search limit. Specify 0 in for no search limit. If null is specified, this API uses the maximum search limit configured for the system.; searchStatus - SearchResultsStatus This parameter indicates if the search exceeds the search limit. Specify NULL if you don't want any status on the search.
Returns:: The API returns the Collection of SAEntitlement object.
Throws:: java.rmi.RemoteException - This exception is thrown if the API is unable to communicate with the platform.; ApplicationException - This exception is thrown if the system is unable to process the request. This problem can be caused by various server errors. Check the server log file for more information about the error.
See Also:: SAEntitlement, SearchResultsStatus

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

IBM Security Identity Manager 6.0.0
© Copyright International Business Machines Corporation 2007, 2012. All rights reserved. US Government Users Restricited Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

com.ibm.itim.apps.pim Class SharedAccessManager

SharedAccessManager

getAuthorizedSharedAccesses

getAllSharedAccesses

getAuthorizedRoles

isCheckoutAllowed

isViewPasswordAllowed

getAuthorizedEntitlements

com.ibm.itim.apps.pim
Class SharedAccessManager