com.ibm.itim.apps.identity

Class ContainerManager

java.lang.Object

com.ibm.itim.apps.identity.ContainerManager

public class ContainerManager
extends java.lang.Object

Provides aggregate container, or org chart, management capabilities. These capabilities include the creation of containers within the org chart in the provisioning platform.

See Also:

OrganizationalContainerMO

Constructor Summary

Constructors

Constructor and Description
ContainerManager(PlatformContext platform, javax.security.auth.Subject subject) Constructs the manager with a platform context and a subject.

Method Summary

Modifier and Type	Method and Description
OrganizationalContainerMO	createContainer(OrganizationalContainerMO container, OrganizationalContainer object) Creates a container in the provisioning platform with the specified attributes within the given parent container.
OrganizationalContainerMO	getContainerByURI(OrganizationalContainerMO container, java.lang.String uri) Returns the organizational container for the given Uniform Resource Identifier (URI) within the specified parent container.
java.util.Collection	getContainers(OrganizationalContainerMO parent, java.lang.String attributeName, java.lang.Object attributeValue) Returns the container(s) matching the given attribute within the given parent container.
java.util.Collection	getContainers(java.lang.String profileName, java.lang.String name, OrganizationalContainerMO parent) Returns the container(s) with the name within the given parent container.
OrganizationalContainerMO	getRoot() Returns the root of the organizational tree.
OrganizationalContainerMO	getRoot(java.lang.String tenantID) In a multi-tenant deployment, returns the root of the organizational tree for the given tenant.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ContainerManager

public ContainerManager(PlatformContext platform,
                        javax.security.auth.Subject subject)

Constructs the manager with a platform context and a subject.

Parameters:

platform - PlatformContext holding platform connection information.

subject - Subject representing the authenticated caller.

Method Detail

createContainer

public OrganizationalContainerMO createContainer(OrganizationalContainerMO container,
                                                 OrganizationalContainer object)
                                          throws java.rmi.RemoteException,
                                                 AuthorizationException,
                                                 SchemaViolationException,
                                                 ApplicationException

Creates a container in the provisioning platform with the specified attributes within the given parent container.

Parameters:

container - OrganizationalContainerMO within which the the new container will be placed.

object - OrganizationalContainer value object defining the attributes the container will have.

Returns:

OrganizationalContainerMO representing the successfully created container.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

AuthorizationException - Thrown if client is unauthorized to create the container in the given container.

SchemaViolationException - Thrown if any of the attributes in the value object violate the managed object's schema. This may be caused by an invalid attribute or if a required attribute is missing entirely.

ApplicationException - Thrown if unable to create the container. This may possibly be caused by the parent container being removed by another client previous to this call.

getRoot

public OrganizationalContainerMO getRoot()
                                  throws java.rmi.RemoteException,
                                         ApplicationException

Returns the root of the organizational tree. The root is not an organization since the platform can support multiple organizations. It is, instead, the node above the organization. It therefore has no real significance in terms of attributes, operations, and relationships. Its purpose is to provide context for searches where a sub-container, such as an organization or location, is not known or needed. Note, this method should only be used in a single-tenant deployment.

Returns:

OrganizationalContainerMO representing the root node of the org tree.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

ApplicationException - Thrown if unable to obtain the root.

getRoot

public OrganizationalContainerMO getRoot(java.lang.String tenantID)
                                  throws java.rmi.RemoteException,
                                         ApplicationException

In a multi-tenant deployment, returns the root of the organizational tree for the given tenant. The root is not an organization since the platform can support multiple organizations within a tenant. It is, instead, the node above the organization. It therefore has no real significance in terms of attributes, operations, and relationships. It's purpose is to provide context for searches where a sub-container, such as an organization or location, is not known or needed.

Parameters:

tenantID - a String, the tenant ID for which to create an OrganizationalContainerMO.

Returns:

OrganizationalContainerMO representing the root node of the org tree.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

ApplicationException - Thrown if unable to obtain the root. This may be caused by the tenantID being invalid.

getContainers

public java.util.Collection getContainers(java.lang.String profileName,
                                          java.lang.String name,
                                          OrganizationalContainerMO parent)
                                   throws java.rmi.RemoteException,
                                          ApplicationException

Returns the container(s) with the name within the given parent container. Note, if the client is unauthorized to view (search) a container that matches this criteria, it will be filtered out of the return list and no AuthorizationException will be thrown.

Parameters:

profileName - String profile name of container to search to return.

name - Name of the container(s) to return.

parent - OrganizationalContainerMO representing the parent container to scope the search. In a single-tenant deployment, null can be specified to indicate the entire tree should be searched. In a multi-tenant deployment, an OrganizationalContainerMO object must be provided that represents the root of the tenant.

Returns:

Collection of OrganizationalContainerMO's representing the matching containers.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

ApplicationException - Thrown if unable to obtain the containers. This may possibly be caused by the parent container being removed by another client previous to this call.

getContainers

public java.util.Collection getContainers(OrganizationalContainerMO parent,
                                          java.lang.String attributeName,
                                          java.lang.Object attributeValue)
                                   throws java.rmi.RemoteException,
                                          ApplicationException

Returns the container(s) matching the given attribute within the given parent container. Note, if the client is unauthorized to view (search) a container that matches this criteria, it will be filtered out of the return list and no AuthorizationException will be thrown. Uses the Search API.

Parameters:

parent - OrganizationalContainerMO representing the parent container to scope the search. In a single-tenant deployment, null can be specified to indicate the entire tree should be searched. In a multi-tenant deployment, an OrganizationalContainerMO object must be provided that represents the root of the tenant.

attributeName - Name of attribute to match with.

attributeValue - Value of the attribute to match with. A '*' can be used as the first and/or last character of a String value to perform a substring search for containers. This argument (the Object) should have a toString() method that returns a String suitable for the value on the right side of the '=' sign in an RFC2254 LDAP filter.

Returns:

Collection of OrganizationalContainerMO's representing the matching containers.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

ApplicationException - Thrown if unable to obtain the containers. This may possibly be caused by the parent container being removed by another client previous to this call.

getContainerByURI

public OrganizationalContainerMO getContainerByURI(OrganizationalContainerMO container,
                                                   java.lang.String uri)
                                            throws java.rmi.RemoteException,
                                                   ApplicationException

Returns the organizational container for the given Uniform Resource Identifier (URI) within the specified parent container.

Parameters:

container - OrganizationalContainerMO representing the parent container to scope the search.

uri - String representing the organizational container's URI.

Returns:

OrganizationalContainerMO representing the matching organizational container

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with platform.

ApplicationException - Thrown if unable to obtain the organizational container. This might be caused by the container being removed by another client previous to this call. This exception might also be thrown if the container object is null, no organizational container is found for the given URI within the container, or more than one organizational container is found for the given URI within the container.