Class IdentityExclusionList

  extended by

public class IdentityExclusionList
extends java.lang.Object

Class that holds the list of identities (user id's) that should be excluded from any matching algorithms used when trying to identify account owners during a reconciliation process. A different list of excluded identities can be created for each type of service in the system. For example, the presence of the "root" identity in the exclusion list for the Solaris service type (profile) will avoid the security problem that can arise if a person creates an alias called "root" which the system then uses to determine that they are the owner of the root account on a Solaris system.

Constructor Summary
IdentityExclusionList(DistinguishedName tenantDN)
          Constructs the object with the context of a tenant.
Method Summary
 boolean isIdentityExcluded(java.lang.String serviceProfileName, java.lang.String identity)
          Returns whether or not a given identity is excluded for a given service type (profile).
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail


public IdentityExclusionList(DistinguishedName tenantDN)
                      throws ModelCommunicationException,
Constructs the object with the context of a tenant.

tenantDN - DistinguishedName of the context tenant.
Method Detail


public boolean isIdentityExcluded(java.lang.String serviceProfileName,
                                  java.lang.String identity)
Returns whether or not a given identity is excluded for a given service type (profile).

serviceProfileName - Name of the profile that identifies the type service being checked.
identity - Identity being checked.
True if identity is excluded, false if not.

IBM Security Identity Manager 6.0.0
© Copyright International Business Machines Corporation 2007, 2012. All rights reserved. US Government Users Restricited Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.