com.ibm.itim.apps.policy

Class RecertificationPolicyManager

java.lang.Object

com.ibm.itim.apps.policy.RecertificationPolicyManager

public class RecertificationPolicyManager
extends java.lang.Object

Provides the aggregate recertification policy management capabilities. These capabilities include the creation of a recertification policy. The recertification policy with the advanced workflow definition cannot be created. The recertification policy execution is always scheduled accordning to the server time zone. The time zone of the remote client, where recertification policy object is created, or explicitly time zone set to the recertification policy schedule does not work. The default notification templates are set to the recertification policy based on the policy type and reject action set to the recertification policy.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ADD String constant representing ADD operation
static java.lang.String	MODIFY String constant representing MODIFY operation
static java.lang.String	REMOVE String constant representing REMOVE operation
static java.lang.String	SEARCH String constant representing SEARCH operation

Constructor Summary

Constructors

Constructor and Description
RecertificationPolicyManager(PlatformContext platform, javax.security.auth.Subject subject) Constructs the manager with a platform context and a subject.

Method Summary

Modifier and Type	Method and Description
void	createPolicy(OrganizationalContainerMO container, RecertificationPolicy policy) Creates a recertification policy in the provisioning platform with the specified attributes within the given container.
java.util.Collection<RecertificationPolicyMO>	getPoliciesByName(OrganizationalContainerMO container, java.lang.String name, boolean subTree) Returns the policy(or policies) matching the given name within the given parent container.
java.util.Collection<RecertificationPolicyMO>	getPoliciesByNameOrDescription(OrganizationalContainerMO container, java.lang.String name, boolean subTree) Returns the policy or policies matching the given name or description within the given parent container.
RecertificationPolicyMO	getPolicy(DistinguishedName policyDn) Returns the recertification policy matching the given distinguished name.
RecertificationPolicyMO	getPolicyByAccessTarget(DistinguishedName accessTargetDn) Returns the recertification policy that has target as access and distinguished name of the access matches the given DN.
RecertificationPolicyMO	getPolicyByServiceTarget(DistinguishedName serviceTargetDn) Returns the recertification policy that has a target as service and the distinguished name of the service matches the specified distinguished name.
java.lang.Boolean	isOperationAllowed(OrganizationalContainerMO container, java.lang.String operation) This method verifies if the signed in user can perform the specified recertification policy operation within the given container.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ADD

public static final java.lang.String ADD

String constant representing ADD operation

See Also:

Constant Field Values

MODIFY

public static final java.lang.String MODIFY

String constant representing MODIFY operation

See Also:

Constant Field Values

SEARCH

public static final java.lang.String SEARCH

String constant representing SEARCH operation

See Also:

Constant Field Values

REMOVE

public static final java.lang.String REMOVE

String constant representing REMOVE operation

See Also:

Constant Field Values

Constructor Detail

RecertificationPolicyManager

public RecertificationPolicyManager(PlatformContext platform,
                                    javax.security.auth.Subject subject)

Constructs the manager with a platform context and a subject.

Parameters:

platform - PlatformContext holding the platform connection information.

subject - Subject representing the authenticated caller.

Method Detail

createPolicy

public void createPolicy(OrganizationalContainerMO container,
                         RecertificationPolicy policy)
                  throws java.rmi.RemoteException,
                         AuthorizationException,
                         ApplicationException

Creates a recertification policy in the provisioning platform with the specified attributes within the given container. The recertification policy with the advanced workflow definition cannot be created using the API.

Parameters:

container - OrganizationalContainerMO within which the recertification policy is to be placed.

policy - The recertification policy to create.

Throws:

java.rmi.RemoteException - Thrown if it is unable to communicate with the platform.

AuthorizationException - Thrown if the client is unauthorized to create the policy in the given container.

ApplicationException - Thrown if it is unable to create the recertification policy. This might be caused if another client removes the container before the call.

isOperationAllowed

public java.lang.Boolean isOperationAllowed(OrganizationalContainerMO container,
                                            java.lang.String operation)
                                     throws java.rmi.RemoteException,
                                            ApplicationException

This method verifies if the signed in user can perform the specified recertification policy operation within the given container.

Parameters:

container - OrganizationalContainerMO within which the recertification policy will be placed, removed, or added.

operation - The operation is being checked. The valid values for operations are:

• ADD,
• MODIFY,
• SEARCH,
• REMOVE.

Returns:

True if the signed in user can perform the given operation.

Throws:

java.rmi.RemoteException - Thrown if it is unable to communicate with the platform.

ApplicationException - Thrown if it is unable to check if the operation is allowed. This might be caused if another client removed the container before the call.

getPolicy

public RecertificationPolicyMO getPolicy(DistinguishedName policyDn)
                                  throws java.rmi.RemoteException,
                                         AuthorizationException,
                                         ApplicationException

Returns the recertification policy matching the given distinguished name. Returns null if there is no recertification policy matching the given distinguished name. Note: If the client is unauthorized to search the recertification policy, an AuthorizationException will be thrown.

Parameters:

policyDn - Distinguished name of a recertification policy.

Returns:

RecertificationPolicyMO representing the matching policy.

Throws:

java.rmi.RemoteException - Thrown if it is unable to communicate with the platform.

AuthorizationException - Thrown if the user is not authorized to perform the operation.

ApplicationException - Thrown if it is unable to obtain the recertification policy.

getPolicyByServiceTarget

public RecertificationPolicyMO getPolicyByServiceTarget(DistinguishedName serviceTargetDn)
                                                 throws java.rmi.RemoteException,
                                                        AuthorizationException,
                                                        ApplicationException

Returns the recertification policy that has a target as service and the distinguished name of the service matches the specified distinguished name. Returns null if no such policy exists in ITIM. Note: if the client is unauthorized to search the recertification policy, an AuthorizationException will be thrown.

Parameters:

serviceTargetDn - Distinguished name of the service.

Returns:

RecertificationPolicyMO representing the matching policy.

Throws:

java.rmi.RemoteException - Thrown if it is unable to communicate with the platform.

AuthorizationException - Thrown if the user is not authorized to perform the operation.

ApplicationException - Thrown if it is unable to obtain the recertification policy.

getPolicyByAccessTarget

public RecertificationPolicyMO getPolicyByAccessTarget(DistinguishedName accessTargetDn)
                                                throws java.rmi.RemoteException,
                                                       AuthorizationException,
                                                       ApplicationException

Returns the recertification policy that has target as access and distinguished name of the access matches the given DN. Returns null if given DN does not match. Note: if the client is unauthorized to search the recertification policy, an AuthorizationException will be thrown.

Parameters:

serviceTargetDn - Distinguished name of the access.

Returns:

RecertificationPolicyMO representing the matching policy.

Throws:

java.rmi.RemoteException - Thrown if unable to communicate with the platform.

AuthorizationException - Thrown if the user is not authorized to perform the operation.

ApplicationException - Thrown if it is unable to obtain the recertification policy.

getPoliciesByName

public java.util.Collection<RecertificationPolicyMO> getPoliciesByName(OrganizationalContainerMO container,
                                                                       java.lang.String name,
                                                                       boolean subTree)
                                                                throws java.rmi.RemoteException,
                                                                       ApplicationException

Returns the policy(or policies) matching the given name within the given parent container. The character * can be used as wildcard character for search (For example, typing *b* will find "abc"). Note that if the client is unauthorized to view or search a policy that matches this criteria, it will be filtered out of the return list and no AuthorizationException will be thrown.

Parameters:

container - OrganizationalContainerMO representing the parent container to scope the search. If the container is NULL, a not-support error message is thrown in ApplicationException.

name - Name of the policy to be searched.

subTree - boolean representing the search scope. A true value specifies subtree search scope starting from the container. A false value specifies a single-level search in the container only.

Returns:

Collection of RecertificationPolicyMO representing the matching policies.

Throws:

java.rmi.RemoteException - Thrown if it is unable to communicate with the platform.

ApplicationException - Thrown if it is unable to obtain the recertification policy objects.

getPoliciesByNameOrDescription

public java.util.Collection<RecertificationPolicyMO> getPoliciesByNameOrDescription(OrganizationalContainerMO container,
                                                                                    java.lang.String name,
                                                                                    boolean subTree)
                                                                             throws java.rmi.RemoteException,
                                                                                    ApplicationException

Returns the policy or policies matching the given name or description within the given parent container. The character * can be used as a wildcard character for search. For example, typing *b* will find "abc". Note: if the client is unauthorized to view or search a policy that matches this criteria, it will be filtered out of the return list and no AuthorizationException will be thrown.

Parameters:

container - OrganizationalContainerMO representing the parent container to scope the search. If the container is NULL, a not-support error message is thrown in ApplicationException.

nameOrDescription - Name or description of the policy to be searched.

subTree - boolean representing the search scope. A true value specifies the subtree search scope starting from the container. A false value specifies a single-level search in the container only.

Returns:

Collection of RecertificationPolicyMO representing the matching policies.

Throws:

java.rmi.RemoteException - Thrown if it is unable to communicate with the platform.

ApplicationException - Thrown if it is unable to obtain the recertification policy objects.