IDIPasswordStore (IBM Tivoli Directory Integrator API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.di.plugin.pwstore.ldap
Class IDIPasswordStore

java.lang.Object
  com.ibm.di.plugin.pwstore.ldap.IDIPasswordStore

public class IDIPasswordStore
extends java.lang.Object
extends java.lang.Object

IDIPasswordStore is the class provides function to access LDAP servers for the purpose of updating a specified server with userid and password information. A properties file is read in when the object is constructed. Information in the properties file specifies the credentials for access to the server as well as other tailorable configuration information. This information includes location of keystore files for ssl access and asymetric encryption using RSA of the password data (see the IDIPasswordCrypto class for decryption). The ssl connection processing assumes that the client keystore file which contains both client's certificate and servers signer certification. A simple usage would be as follows: When stowPassword(uid,userfullname,password) is invoked, the ibm-diPerson object defined in the LDAP DIT is modified to have the specified password. If the ibm-diPerson object for the specified uid does not exist, a new one is created.

Constructor Summary
`IDIPasswordStore(PWSyncLog log)` Construct and initialize an IDIPasswordStore object.

Method Summary
`boolean`	`addPasswordValues(java.lang.String uid, java.util.Vector<java.lang.String> newPasswords)` addPasswordValues: adds the password values specified, for specified ui The clear text password to be optionally encrypted (see properties file documentation) before LDAP server stores it, and a decryption method (see IDIPasswordCrypto class) is available for decrypting via an IDI assemblyline or other strategy.
`boolean`	`deletePasswordValues(java.lang.String uid, java.util.Vector<java.lang.String> newPasswords)` deletePasswordValues: removes the password values specified, for specified ui The clear text password to be optionally encrypted (see properties file documentation) before LDAP server stores it, and a decryption method (see IDIPasswordCrypto class) is available for decrypting via an IDI assemblyline or other strategy.
`boolean`	`readyToSync()` readyToSync: attempt initctx to see if LDAP server is available
`boolean`	`setExtendedData(java.lang.String id, java.lang.String extendedData)` Write additional information about a user to the Password Store.
`boolean`	`stowPassword(java.lang.String uid, java.util.Vector<java.lang.String> newPasswords)` stowPassword: Changes the password if the user id exists.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

IDIPasswordStore

public IDIPasswordStore(PWSyncLog log)
                 throws java.io.IOException

Construct and initialize an IDIPasswordStore object. The initialization includes loading the properties file. The properties file: idipwsync.props must be located in a directory on the CLASSPATH environment setting. To generate a template properties file that encodes passwords for the keystore and ldap login use "java com.ibm.di.plugin.idipwsync.GenPropertiesFile". Refer to readme_idipwsync.html for details on setting up a properties file.

Parameters:: log - the place to log in
Throws:: java.io.IOException - Thrown when attempting to load properties file

Method Detail

addPasswordValues

public boolean addPasswordValues(java.lang.String uid,
                                 java.util.Vector<java.lang.String> newPasswords)

addPasswordValues: adds the password values specified, for specified ui The clear text password to be optionally encrypted (see properties file documentation) before LDAP server stores it, and a decryption method (see IDIPasswordCrypto class) is available for decrypting via an IDI assemblyline or other strategy. Null passwords will not be stored. Zero length passwords will be encoded and encrypted and will required decodeing via IDIPasswordCrypto class. Other functional behavior controlled includes performing LDAP udates in async mode with a configurable delay time (necessary when dealing with certain AD configurations (due to locking mechanism).

Parameters:: uid - A String representing the stored uid, must have lenth > 0, eg. bcampbell.; newPasswords - A vector representing stored, decoded passwords, vector must have length > 0, null entries are not stored.
Returns:: boolean true if succesful.

deletePasswordValues

public boolean deletePasswordValues(java.lang.String uid,
                                    java.util.Vector<java.lang.String> newPasswords)

deletePasswordValues: removes the password values specified, for specified ui The clear text password to be optionally encrypted (see properties file documentation) before LDAP server stores it, and a decryption method (see IDIPasswordCrypto class) is available for decrypting via an IDI assemblyline or other strategy. Null passwords will not be processed. Zero length passwords will be encoded and encrypted for matching via the IDIPasswordCrypto class. Other functional behavior controlled includes performing LDAP udates in async mode with a configurable delay time (necessary when dealing with certain AD configurations (due to locking mechanism).

Parameters:: uid - A String representing the stored uid, must have lenth > 0, eg. bcampbell; newPasswords - A vector representing decoded passwords to be removed, must have length > 0, null entries are not processed.
Returns:: boolean true if succesful

readyToSync

public boolean readyToSync()

readyToSync: attempt initctx to see if LDAP server is available

Returns:: boolean true if succesf

stowPassword

public boolean stowPassword(java.lang.String uid,
                            java.util.Vector<java.lang.String> newPasswords)

stowPassword: Changes the password if the user id exists. If password vector specified is null or zero-length, password attribute will be removed from the object for specified uid. Otherwise, create a new entry. The clear text password to be optionally encrypted (see properties file documentation) before LDAP server stores it, and a decryption method (see IDIPasswordCrypto class) is available for decrypting via an IDI assemblyline or other strategy. Null passwords will not be stored. Zero length passwords will be encoded and encrypted and will required decodeing via IDIPasswordCrypto class. Other functional behavior controlled includes performing LDAP udates in async mode with a configurable delay time (necessary when dealing with certain AD configurations (due to locking mechanism).

Parameters:: uid - A String representing the stored uid, must have lenth > 0, eg. bcampbell; newPasswords - A vector representing stored, decoded password, vector must have length > 0, null entries will not be stored.
Returns:: boolean true if succesf

setExtendedData

public boolean setExtendedData(java.lang.String id,
                               java.lang.String extendedData)

Write additional information about a user to the Password Store.

Parameters:: id - The user identifier.; extendedData - The information.
Returns:: Whether the operation succeeded.