Registry (IBM Tivoli Directory Integrator API)

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.di.api.security
Class Registry

java.lang.Object
  com.ibm.di.api.security.Registry

public class Registry
extends Object
extends Object

The Registry class is used by the Server API to parse the User Registry file and hold all the user identities with their corresponding permissions. After initialization of the Registry the Identites are accessed through the getIdentity(String aUserID) method. From 7.0 this method also returns Identities for userIDs which are members of groups specified in the registry.

Constructor Summary
`Registry()`

Method Summary
`Identity`	`getIdentity(String aUserID)` The method searches for Identities with userId corresponding to the supplied parameter.
`void`	`initialize(String aRegistryFileName, RS.ConfigInstanceNamingPolicy configInstanceNamingPolicy)` Parses the User Registry file and creates a vector with all Identities found in it with their corresponding permissions.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

Registry

public Registry()

Method Detail

initialize

public void initialize(String aRegistryFileName,
                       RS.ConfigInstanceNamingPolicy configInstanceNamingPolicy)
                throws DIException

Parses the User Registry file and creates a vector with all Identities found in it with their corresponding permissions. If the server API user registry encryption is turned on the file is decrypted using the CryptoUtils class. All the tags are read line by line. This parsing traverses the Registry tags tree in depth and all authorization elements found are added as corresponding vectors to their parent object.

Parameters:: aRegistryFileName - the full path to the user registry file name; configInstanceNamingPolicy - this policy is used when parsing the tags that define which configurations the user is authorized access to
Throws:: DIException - if an Exception occurs during the reading, decrypting or parsing the file

getIdentity

public Identity getIdentity(String aUserID)

The method searches for Identities with userId corresponding to the supplied parameter. It distinguishes two cases: simple - when only user name is supplied. In this case the Identity with matching userId is returned. In the other case, when the LDAP authentication with group support is performed, as parameter is supplied not only the user, but also the users' groups separated by ";".The first in this sequience must be the authenticating user. In this case new Identity is created, which posseses all the roles assigned to the user as well to the groups in the user registry.

Parameters:: aUserID - String object containing the authenticating user or the user and the users' groups each one separated by ";" by the others.
Returns:: Identity object
Since:: 7.0