com.ibm.itim.dataservices.model.domain
Class Person

java.lang.Object
  extended by com.ibm.itim.dataservices.model.DirectoryEntry
      extended by com.ibm.itim.dataservices.model.DirectoryObject
          extended by com.ibm.itim.dataservices.model.domain.Person
All Implemented Interfaces:
ProtectedObject, com.ibm.itim.util.Sortable, com.ibm.itim.util.xml.objectstream.Importable, java.io.Serializable
Direct Known Subclasses:
ExtendedPerson

public class Person
extends DirectoryObject
implements com.ibm.itim.util.xml.objectstream.Importable

Value Object class that holds the attribute information of a person (identity) in the data model. Although the class name indicates human representation, this class could be used to represent any type of identity, even a computing system, which can be provisioned accounts.

See Also:
PersonEntity, Serialized Form

Field Summary
static java.lang.String ADMINISTRATOR_ID
          String constant that holds global ID of ITIM Administrator.
static java.lang.String CERTIFIED
          The role is certified.
static java.lang.String CERTIFIED_ADMIN
          The role is certified by an administrator.
static java.lang.String PERSON_ATTR_ALIAS
          String constant for the aliases attribute name.
static java.lang.String PERSON_ATTR_CREATION_DATE
           
static java.lang.String PERSON_ATTR_DISPLAY
          String constant for the custom display attribute name.
static java.lang.String PERSON_ATTR_EMAIL
          String constant for the email attribute name.
static java.lang.String PERSON_ATTR_LAST_CERTIFIED_DATE
          String constant for the last certified date attribute name.
static java.lang.String PERSON_ATTR_LOCALE
          String constant for the preferred locale attribute name
static java.lang.String PERSON_ATTR_MANAGER
          String constant for the manager attribute name.
static java.lang.String PERSON_ATTR_NAME
          String constant for the naming attribute name.
static java.lang.String PERSON_ATTR_PASSWORD_CHANGE_DATE
          String constant that represents the LDAP attribute for the time that the password was last changed.
static java.lang.String PERSON_ATTR_ROLE
          String constant for the roles attribute name.
static java.lang.String PERSON_ATTR_ROLE_ASSIGNMENT_DATA
          String constant for the attribute name of the role assignment data to be stored.
static java.lang.String PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION
          String constant for the last recertification action attribute name for roles.
static java.lang.String PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION_DATE
          String constant for the attribute name of the date of the last recertification action for roles.
static java.lang.String PERSON_ATTR_SHAREDSECRET
          String constant for the shared secret attribute name.
static java.lang.String PERSON_ATTR_SPONSOR
          String constant for the sponsor attribute name.
static java.lang.String PERSON_ATTR_STATUS
          String constant for the status attribute name.
static java.lang.String PERSON_ATTR_STATUS_LAST_CHANGED_DATE
          String constant for last status change date attribute name.
static java.lang.String PERSON_ATTR_SUPERVISOR
          String constant for the supervisor attribute name.
static java.lang.String REJECTED_MARK
          The role is rejected with regards to being certified and is marked.
static java.lang.String ROLE_ASSIGNMENT_DATA_DELIMETER
          String constant for the attribute name of the role assignment data delimeter as data to be stored in the form of $role-global-id;$assignment-attribute-name;$assignment-attribute-value.
static java.lang.String ROLE_ASSIGNMENT_VALUE_DELIMETER
          String constant for the attribute name of the role assignment value delimeter as data to be stored in the form of $role-global-id;$assignment-attribute-name;$assignment-attribute-value|$assignment-attribute-value.
static int STATUS_ACTIVE
          Constant indicating "active" status
static int STATUS_INACTIVE
          Code indicating "inactive" status
 
Fields inherited from class com.ibm.itim.dataservices.model.DirectoryObject
ATTR_ACCESS_RIGHT, ATTR_LIFECYCLE_ENABLE, ATTR_URI, DESCRIPTION, NAME
 
Fields inherited from interface com.ibm.itim.util.Sortable
ATTR_NAME
 
Constructor Summary
Person()
          Default empty constructor
Person(Person p)
          Copy Constructor Reference copy is used for Java object except for String and other primary types
Person(java.lang.String profileName)
          Constructs object with profile.
Person(java.lang.String profileName, AttributeValues attrs)
          Deprecated. Use Person(String profileName) and setAttributes(attributes) instead
 
Method Summary
 void addRole(DistinguishedName roleDN)
          Adds the given role to the person's role membership.
 java.util.Collection getAliases()
          Returns the person's aliases.
 java.util.Date getCreationDate()
          Returns the date and time the person was created.
 java.lang.String getCustomAttribute()
          Returns the person's custom display attribute.
 java.lang.String getGlobalId()
          Gets the pseudo-unique identifier for this Person.
 DistinguishedName getImmediateSupervisor()
          Returns the person's immediate supervisor.
 java.util.Date getLastCertifiedDate(java.lang.String policyId)
          Returns the date and time the specified recertification policy last executed for this person.
 java.lang.String getLastRecertificationAction(java.lang.String roleName)
          Returns the last recertification action for a role.
 java.util.Date getLastRecertificationActionDate(java.lang.String roleName)
          Returns the date and time the recertification action was last recorded for the given role.
 java.util.Date getLastStatusChangeDate()
          Returns the date and time the the person's status was last changed.
 java.util.Locale getLocale()
          Returns the person's preferred locale
 java.lang.String getMail()
          Returns the person's email address.
 java.util.Collection getMails()
          Returns the person's email addresses.
 java.util.Date getPasswordChangeDate()
          Returns the date and time the the person was last set.
 java.util.Collection getRoles()
          Returns the person's roles.
 java.lang.String getSharedSecret()
          Returns the person's shared secret.
 int getStatus()
          Access method for the status field.
 byte[] getSynchPassword()
          Returns the password for the person, that is used for synchronization.
 void removePasswordChangeDate()
          Removes the timestamp for date and time that the person password was set.
 void removeRole(DistinguishedName roleDN)
          Removes the given role from the person's role membership.
 void removeSynchPassword()
          Removes the synchronized password for a person.
 void restore()
          Changes the Person's status to ACTIVE_STATUS.
 void setAliases(java.util.Collection aliases)
          Changes the person's aliases.
 void setCustomAttribute(java.lang.String customAttribute)
          Changes the person's custom display attribute.
 void setImmediateSupervisor(DistinguishedName supervisor)
          Changes the person's immediate supervisor.
 void setLastCertifiedDate(java.lang.String policyId, java.util.Date certifiedDate)
          Records the date and time the specified recertification policy was last executed for this person.
 void setLastRecertificationAction(java.lang.String roleName, java.lang.String action)
          Records the last recertification action taken on a role.
 void setLastRecertificationActionDate(java.lang.String roleName, java.util.Date actionDate)
          Records the date the last recertification action was recorded for the given role name.
 void setLastStatusChangeDate(java.util.Date changeDate)
          Changes the date and time the person's status was last changed.
 void setLocale(java.util.Locale loc)
          Changes the person's preferred locale.
 void setMail(java.lang.String email)
          Changes the person's email address.
 void setPasswordChangeDate(java.util.Date date)
          Records the timestamp that person password is set.
 void setRoles(java.util.Collection roles)
          Changes the person's role membership.
 void setSharedSecret(java.lang.String sharedSecret)
          Changes the person's shared secret.
 void setSynchPassword(byte[] pwd)
          Sets the synchronized password for a person.
 void suspend()
          Changes the Person's status to INACTIVE_STATUS.
 void updatePasswordChangeDate()
          Updates the date and time the person password was last set to now.
 
Methods inherited from class com.ibm.itim.dataservices.model.DirectoryObject
addAttribute, addAttributeValues, getAccessRights, getAttribute, getAttributes, getAuthorizationOwners, getMapAttributeNames, getMappedAttributes, getName, getNameAttribute, getOldMappedAttributes, getProfileName, getRawAttributes, getSortValue, getTenantDN, isLifecycleDefined, removeAttribute, removeAttribute, setAccessRights, setAttribute, setAttributes, setAuthorizationOwners, setProfileName, setTenantDN, toString
 
Methods inherited from class com.ibm.itim.dataservices.model.DirectoryEntry
clearChange, clearChanges, getChanges, getDistinguishedName, getLastModified, getObjectClasses, getOldAttributes, setDistinguishedName
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

PERSON_ATTR_NAME

public static java.lang.String PERSON_ATTR_NAME
String constant for the naming attribute name.


PERSON_ATTR_EMAIL

public static java.lang.String PERSON_ATTR_EMAIL
String constant for the email attribute name.


PERSON_ATTR_STATUS

public static java.lang.String PERSON_ATTR_STATUS
String constant for the status attribute name.


PERSON_ATTR_SUPERVISOR

public static java.lang.String PERSON_ATTR_SUPERVISOR
String constant for the supervisor attribute name.


PERSON_ATTR_MANAGER

public static java.lang.String PERSON_ATTR_MANAGER
String constant for the manager attribute name.


PERSON_ATTR_SPONSOR

public static java.lang.String PERSON_ATTR_SPONSOR
String constant for the sponsor attribute name.


PERSON_ATTR_ROLE

public static java.lang.String PERSON_ATTR_ROLE
String constant for the roles attribute name.


PERSON_ATTR_ALIAS

public static java.lang.String PERSON_ATTR_ALIAS
String constant for the aliases attribute name.


PERSON_ATTR_SHAREDSECRET

public static java.lang.String PERSON_ATTR_SHAREDSECRET
String constant for the shared secret attribute name.


STATUS_ACTIVE

public static int STATUS_ACTIVE
Constant indicating "active" status


STATUS_INACTIVE

public static int STATUS_INACTIVE
Code indicating "inactive" status


PERSON_ATTR_DISPLAY

public static java.lang.String PERSON_ATTR_DISPLAY
String constant for the custom display attribute name.


PERSON_ATTR_LOCALE

public static java.lang.String PERSON_ATTR_LOCALE
String constant for the preferred locale attribute name


PERSON_ATTR_CREATION_DATE

public static final java.lang.String PERSON_ATTR_CREATION_DATE
See Also:
Constant Field Values

PERSON_ATTR_STATUS_LAST_CHANGED_DATE

public static final java.lang.String PERSON_ATTR_STATUS_LAST_CHANGED_DATE
String constant for last status change date attribute name.

See Also:
Constant Field Values

PERSON_ATTR_LAST_CERTIFIED_DATE

public static final java.lang.String PERSON_ATTR_LAST_CERTIFIED_DATE
String constant for the last certified date attribute name.

See Also:
Constant Field Values

PERSON_ATTR_PASSWORD_CHANGE_DATE

public static final java.lang.String PERSON_ATTR_PASSWORD_CHANGE_DATE
String constant that represents the LDAP attribute for the time that the password was last changed.

See Also:
Constant Field Values

PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION

public static final java.lang.String PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION
String constant for the last recertification action attribute name for roles.

See Also:
Constant Field Values

PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION_DATE

public static final java.lang.String PERSON_ATTR_ROLE_RECERTIFICATION_LAST_ACTION_DATE
String constant for the attribute name of the date of the last recertification action for roles.

See Also:
Constant Field Values

PERSON_ATTR_ROLE_ASSIGNMENT_DATA

public static final java.lang.String PERSON_ATTR_ROLE_ASSIGNMENT_DATA
String constant for the attribute name of the role assignment data to be stored. It is also used for the checking ACI.

Since:
6.0
See Also:
Constant Field Values

ROLE_ASSIGNMENT_DATA_DELIMETER

public static final java.lang.String ROLE_ASSIGNMENT_DATA_DELIMETER
String constant for the attribute name of the role assignment data delimeter as data to be stored in the form of $role-global-id;$assignment-attribute-name;$assignment-attribute-value.

Since:
6.0
See Also:
Constant Field Values

ROLE_ASSIGNMENT_VALUE_DELIMETER

public static final java.lang.String ROLE_ASSIGNMENT_VALUE_DELIMETER
String constant for the attribute name of the role assignment value delimeter as data to be stored in the form of $role-global-id;$assignment-attribute-name;$assignment-attribute-value|$assignment-attribute-value.

Since:
6.0
See Also:
Constant Field Values

ADMINISTRATOR_ID

public static final java.lang.String ADMINISTRATOR_ID
String constant that holds global ID of ITIM Administrator.

See Also:
Constant Field Values

CERTIFIED

public static final java.lang.String CERTIFIED
The role is certified. Constant representing valid value for the errolerecertificationlastaction attribute.

See Also:
Constant Field Values

CERTIFIED_ADMIN

public static final java.lang.String CERTIFIED_ADMIN
The role is certified by an administrator. Constant representing valid value for the errolerecertificationlastaction attribute.

See Also:
Constant Field Values

REJECTED_MARK

public static final java.lang.String REJECTED_MARK
The role is rejected with regards to being certified and is marked. Constant representing valid value for the errolerecertificationlastaction attribute.

See Also:
Constant Field Values
Constructor Detail

Person

public Person()
Default empty constructor


Person

public Person(Person p)
Copy Constructor Reference copy is used for Java object except for String and other primary types


Person

public Person(java.lang.String profileName,
              AttributeValues attrs)
Deprecated. Use Person(String profileName) and setAttributes(attributes) instead

Constructs object with profile and attribute information. Warning: the purpose of this constructor is to provide clients with the ability to create value objects for creation in the data store. Do not use this constructor to create value objects that represent existing entities. See the PersonSearch object for achieving that.

Parameters:
profileName - Name of the profile (Person, BPPerson, Employee, Contractor, System, etc.) identifying the type of this person (identity).
attrs - AttributeValues holding the attributes of the person.

Person

public Person(java.lang.String profileName)
Constructs object with profile. Warning: the purpose of this constructor is to provide clients with the ability to create value objects for creation in the data store. Do not use this constructor to create value objects that represent existing entities. See the PersonSearch object for achieving that.

Parameters:
profileName - Name of the profile (Person, BPPerson, Employee, Contractor, System, etc.) identifying the type of this person (identity).
Method Detail

getAliases

public java.util.Collection getAliases()
Returns the person's aliases.

Returns:
Collection of person' aliases (Strings).

setAliases

public void setAliases(java.util.Collection aliases)
Changes the person's aliases. If the aliases have some duplicates, then only the unique aliases will be set.

Parameters:
aliases - Collection of person's new aliases (Strings).

getMail

public java.lang.String getMail()
Returns the person's email address.

Returns:
Person's email address.

getMails

public java.util.Collection getMails()
Returns the person's email addresses.

Returns:
Collection of person's email addresses (Strings).

setMail

public void setMail(java.lang.String email)
Changes the person's email address.

Parameters:
email - person's new email address.

getLocale

public java.util.Locale getLocale()
Returns the person's preferred locale

Returns:
Person's preferred locale

setLocale

public void setLocale(java.util.Locale loc)
Changes the person's preferred locale.

Parameters:
loc - person's preferred locale.

getImmediateSupervisor

public DistinguishedName getImmediateSupervisor()
Returns the person's immediate supervisor.

Returns:
DistinguishedName of the person's immediate supervisor, null if none defined.

setImmediateSupervisor

public void setImmediateSupervisor(DistinguishedName supervisor)
Changes the person's immediate supervisor.

Parameters:
supervisor - DistinguishedName of person's new immediate supervisor, null if no supervisor is to be defined.

getStatus

public int getStatus()
Access method for the status field.

Returns:
Enumeration of the person's status, ACTIVE_STATUS, INACTIVE_STATUS.

restore

public void restore()
Changes the Person's status to ACTIVE_STATUS.


suspend

public void suspend()
Changes the Person's status to INACTIVE_STATUS.


getSharedSecret

public java.lang.String getSharedSecret()
Returns the person's shared secret.

Returns:
Person's shared secret.

setSharedSecret

public void setSharedSecret(java.lang.String sharedSecret)
Changes the person's shared secret.

Parameters:
sharedSecret - New shared secret for the person.

getCustomAttribute

public java.lang.String getCustomAttribute()
Returns the person's custom display attribute.

Returns:
Person's custom display attribute.

setCustomAttribute

public void setCustomAttribute(java.lang.String customAttribute)
Changes the person's custom display attribute.

Parameters:
customAttribute - New value for the custom display attribute.

getRoles

public java.util.Collection getRoles()
Returns the person's roles.

Returns:
Collection of the DistinguishedNames of the person's roles).

setRoles

public void setRoles(java.util.Collection roles)
Changes the person's role membership.

Parameters:
roles - Collection of DistinguishedNames of person's roles.

addRole

public void addRole(DistinguishedName roleDN)
Adds the given role to the person's role membership.

Parameters:
roleDN - DisinguishedName of the role to add.

removeRole

public void removeRole(DistinguishedName roleDN)
Removes the given role from the person's role membership.

Parameters:
roleDN - DisinguishedName of the role to remove.

getSynchPassword

public byte[] getSynchPassword()
Returns the password for the person, that is used for synchronization. The password will be decrypted.

Returns:
byte[] holding the synchronized password or null if the password does not exist.

setSynchPassword

public void setSynchPassword(byte[] pwd)
Sets the synchronized password for a person. The password will be encrypted before it is saved in the datastore. Note that setting the synchronized password in this manner will not actually synchronize passwords across the person's existing accounts. Additionally, the synchronized password attribute (ersynchpassword) is considered hidden and cannot be directly set by an external client. External clients should instead use the synchPasswords methods on com.ibm.itim.apps.provisioning.PasswordManager, which will synchronize passwords across the person's existing accounts.

Parameters:
pwd - password to be used for password synchronization.

removeSynchPassword

public void removeSynchPassword()
Removes the synchronized password for a person. Note that the synchronized password attribute (ersynchpassword) is considered hidden and cannot be directly removed by an external client.


getCreationDate

public java.util.Date getCreationDate()
Returns the date and time the person was created. If the attribute does not exist then this method will return null.

Returns:
Date of person creation or null.

setLastCertifiedDate

public void setLastCertifiedDate(java.lang.String policyId,
                                 java.util.Date certifiedDate)
Records the date and time the specified recertification policy was last executed for this person.

Parameters:
policyId - global ID of the recertification policy.
certifiedDate - date and time the policy was last executed.
Since:
ITIM 5.1

getLastCertifiedDate

public java.util.Date getLastCertifiedDate(java.lang.String policyId)
Returns the date and time the specified recertification policy last executed for this person.

Parameters:
policyId - global ID of the recertification policy.
Returns:
date and time the policy was last executed.
Since:
ITIM 5.1

setPasswordChangeDate

public void setPasswordChangeDate(java.util.Date date)
Records the timestamp that person password is set.

Parameters:
date - Date holding the date and time the person password is set.

getPasswordChangeDate

public java.util.Date getPasswordChangeDate()
Returns the date and time the the person was last set. If the attribute does not exist then this method will return null.

Returns:
Date that the person password was set or null.

updatePasswordChangeDate

public void updatePasswordChangeDate()
Updates the date and time the person password was last set to now.


removePasswordChangeDate

public void removePasswordChangeDate()
Removes the timestamp for date and time that the person password was set.


getLastStatusChangeDate

public java.util.Date getLastStatusChangeDate()
Returns the date and time the the person's status was last changed. If the attribute does not exist then this method will return null.

Returns:
Date of last status change or null.

setLastStatusChangeDate

public void setLastStatusChangeDate(java.util.Date changeDate)
Changes the date and time the person's status was last changed.

Parameters:
changeDate - Date holding the date and time the person's status was last changed.

getGlobalId

public java.lang.String getGlobalId()
Gets the pseudo-unique identifier for this Person.

Returns:
String version of the globalid. Will never return null.
Since:
ITIM 5.1

setLastRecertificationAction

public void setLastRecertificationAction(java.lang.String roleName,
                                         java.lang.String action)
Records the last recertification action taken on a role. Also updates the date of the last recertification action for the role. See constants: Person.CERTIFIED Person.CERTIFIED_ADMIN Person.REJECTED_MARK

Parameters:
roleName - name of the role
action - last recertification action taken on the role, or null to remove the action for the role.
Since:
ITIM 5.1

setLastRecertificationActionDate

public void setLastRecertificationActionDate(java.lang.String roleName,
                                             java.util.Date actionDate)
Records the date the last recertification action was recorded for the given role name.

Parameters:
roleName - name of the role.
actionDate - date and time the last action was recorded, or null to to remove the date recorded for the role.
Since:
ITIM 5.1

getLastRecertificationAction

public java.lang.String getLastRecertificationAction(java.lang.String roleName)
Returns the last recertification action for a role. If the attribute does not exist then this method will return null. See constants: Person.CERTIFIED Person.CERTIFIED_ADMIN Person.REJECTED_MARK

Parameters:
roleName - name of the role.
Returns:
last role recertification action or null.
Since:
ITIM 5.1

getLastRecertificationActionDate

public java.util.Date getLastRecertificationActionDate(java.lang.String roleName)
Returns the date and time the recertification action was last recorded for the given role. If the attribute does not exist then this method will return null.

Parameters:
roleName - name of the role.
Returns:
date and time the last recertification action was recorded.
Since:
ITIM 5.1


IBM Security Identity Manager 6.0.0
© Copyright International Business Machines Corporation 2007, 2012. All rights reserved. US Government Users Restricited Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.