com.ibm.itim.dataservices.model.domain

Class DirectorySystem

java.lang.Object

com.ibm.itim.dataservices.model.DirectoryEntry

com.ibm.itim.dataservices.model.DirectoryObject

com.ibm.itim.dataservices.model.domain.OrganizationalContainer

com.ibm.itim.dataservices.model.domain.DirectorySystem

All Implemented Interfaces:

ProtectedObject, com.ibm.itim.util.Sortable, com.ibm.itim.util.xml.objectstream.Importable, java.io.Serializable

public class DirectorySystem
extends OrganizationalContainer

Value Object class that holds the the system (tenant) wide configuration settings.

See Also:

DirectorySystemEntity, Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	DirectorySystem.DefaultProvisioningPolicySetting

Field Summary

Fields

Modifier and Type	Field and Description
static int	ADMIN_DEFINED
static int	PRE_DEFINED
static int	RANDOM_SELECTED
static int	USER_DEFINED
static int	USER_SELECTED

Fields inherited from class com.ibm.itim.dataservices.model.DirectoryObject

ATTR_ACCESS_RIGHT, ATTR_LIFECYCLE_ENABLE, ATTR_URI, DESCRIPTION, NAME

Fields inherited from interface com.ibm.itim.util.Sortable

ATTR_NAME

Constructor Summary

Constructors

Constructor and Description
DirectorySystem() Default empty constructor
DirectorySystem(DistinguishedName dn, java.lang.String name, AttributeValues attrs) Constructor for create a directory system.

Method Summary

Modifier and Type	Method and Description
java.util.Collection	getAlertOptions() This method returns a collection containing the alert options.
java.lang.String	getBucketCount() Returns the number of hash buckets are used within the directory tree.
int	getChallengeDefinitionMode() Returns the password challenge/response definition mode.
java.lang.String	getChallengeMode() Returns the password challenge/response mode.
java.lang.String	getChallengeResponseEmail() Returns the password challenge/response failure email message recipient address.
DirectorySystem.DefaultProvisioningPolicySetting	getDefaultProvisioningPolicySetting() Returns the default provisioing policy setting
int	getLogonCount() Returns the maximum number of consecutive unsuccessful logon attempts a user can have before their account is suspended.
int	getMaxRepeatChar()
int	getMinResponseLength()
int	getNonComplianceAction() Returns the non-compliance action set globally for all services.
int	getNumberOfRandomChallenges() Returns the number of questions to randomly select for password challenge/response.
int	getNumberOfRequiredChallenges() Returns the number of required password challenge/response questions.
int	getPasswordRetrievalExpirationPeriod() Returns the password retrieval period of the system.
int	getPODeliveryInterval() Returns the time interval (in seconds) the post office delivers messages.
int	getPwdExpirationPeriod() Returns the password expiration period of the system.
java.util.Date	getResponseLastChange() Returns the date/time the challenge/response configuration parameters were last modified.
java.lang.String	getSuspendMessage() Returns the password challenge/response message when user is suspended.
boolean	isActive() Returns whether the tenant (in a multi-tenant deployment) is currently active or not.
boolean	isAnswerMatchQuestion()
boolean	isAutoGroupMembership() Returns whether "auto TIM Group membership" is enabled.
boolean	isChallengeResponseEnabled() Returns whether password challenge/response is enabled.
boolean	isLostPwdByMail() Deprecated. Replaced by isPasswordResetRequired().
boolean	isMailChangePwdLink() Returns whether mail will be send with a link to change the password.
boolean	isPasswordResetRequired() Returns whether a password reset is required if a user authenticates using challenge/response.
boolean	isPwdEditAllowed() Returns whether passwords can be entered on behalf of other users, or if passwords can only be generated for them.
boolean	isPwdOnUser() Returns whether "set password on user" is enabled.
boolean	isPwdSyncAllowed() Returns whether passwords can be synchronized on a person's all accounts.
boolean	isResponseHashedEnabled() Indicates whether to one-way hash the response of a challenge/response.
boolean	isResponseUnique()
boolean	isShowGenPwd() Returns whether passwords generated by others are shown in the UI.
boolean	isUserIDDisallowed()
void	setAlertOptions(java.util.Collection alertOptions) This method sets the alert options given a collection of the same.
void	setAnswerMatchQuestion(boolean value)
void	setAutoGroupMembership(boolean enableAutoGroupMembership) Changes the setting for whether "auto TIM Group membership" is enabled.
void	setChallengeDefinitionMode(int defMode) Changes the mode of password challenge and response definition.
void	setChallengeMode(java.lang.String mode) Changes password challenge/response mode.
void	setChallengeResponseEmail(java.lang.String email) Changes the password challenge/response failure email message recipient address.
void	setChallengeResponseEnabled(boolean enable) Disables or Enables password challenge/response.
void	setDefaultProvisioningPolicySetting(DirectorySystem.DefaultProvisioningPolicySetting setting) Sets the default provisioning policy setting
void	setLogonCount(int count) Changes the maximum number of consecutive unsuccessful logon attempts a user can have before their account is suspended.
void	setLostPwdByMail(boolean lostPwdByMail) Deprecated. Replaced by setPasswordResetRequired().
void	setMailChangePwdLink(boolean mailChangePwdLink) Changes the challenge response setting to send a mail which contains a link to change the password.
void	setMaxNumberOfIncorrectAttempt(int value)
void	setMaxRepeatChar(int value)
void	setMinResponseLength(int value)
void	setNonComplianceAction(int action) Changes the non-compliance action set globally for all services.
void	setNumberOfRandomChallenges(int num) Changes number of questions to randomly select for password challenge/response.
void	setNumberOfRequiredChallenges(int num) Changes number of required questions for password challenge/response.
void	setPasswordResetRequired(boolean isRequired) Changes whether a password reset is required if a user authenticates using challenge/response.
void	setPasswordRetrievalExpirationPeriod(int pwdRetrievalExpirationPeriod) Changes the the password retrieval period.
void	setPODeliveryInterval(int interval) Changes the time interval (in seconds) the post office delivers messages.
void	setPwdEditAllowed(boolean pwdEditAllowed) Changes the setting for whether passwords can be entered on behalf of other users, or if passwords can only be generated for them.
void	setPwdExpirationPeriod(int expPeriod) Changes the the password expiration period.
void	setPwdOnUser(boolean enablePwd) Changes the setting for whether "set password on user" is enabled.
void	setPwdSyncAllowed(boolean pwdSyncAllowed) Changes the setting for whether passwords can be synchronized on a person's all the accounts.
void	setResponseHashedEnabled(boolean enable) Changes whether or not to one-way hash the response of a challenge/response.
void	setResponseUnique(boolean value)
void	setShowGenPwd(boolean showGenPwd) Changes the setting for whether the express UI will show generated passwords created by others.
void	setSuspendMessage(java.lang.String description) Changes password challenge/response message when user is suspended.
void	setUserIDDisallowed(boolean value)
void	updateResponseLastChange() Changes the date/time the challenge/response configuration parameters were last modified.

Methods inherited from class com.ibm.itim.dataservices.model.DirectoryObject

addAttribute, addAttributeValues, getAccessRights, getAttribute, getAttributes, getAuthorizationOwners, getMapAttributeNames, getMappedAttributes, getName, getNameAttribute, getOldMappedAttributes, getProfileName, getRawAttributes, getSortValue, getTenantDN, isLifecycleDefined, removeAttribute, removeAttribute, setAccessRights, setAttribute, setAttributes, setAuthorizationOwners, setProfileName, setTenantDN, toString

Methods inherited from class com.ibm.itim.dataservices.model.DirectoryEntry

clearChange, clearChanges, getChanges, getDistinguishedName, getLastModified, getObjectClasses, getOldAttributes, setDistinguishedName

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

PRE_DEFINED

public static final int PRE_DEFINED

See Also:

Constant Field Values

USER_SELECTED

public static final int USER_SELECTED

See Also:

Constant Field Values

RANDOM_SELECTED

public static final int RANDOM_SELECTED

See Also:

Constant Field Values

ADMIN_DEFINED

public static final int ADMIN_DEFINED

See Also:

Constant Field Values

USER_DEFINED

public static final int USER_DEFINED

See Also:

Constant Field Values

Constructor Detail

DirectorySystem

public DirectorySystem()

Default empty constructor

DirectorySystem

public DirectorySystem(DistinguishedName dn,
                       java.lang.String name,
                       AttributeValues attrs)

Constructor for create a directory system.

Parameters:

dn - Distinguished Name for directory system.

name - "name" attribute value for directory system.

attrs - AttributeValues where keys are attribute names (String) and values are AttributeValue instances.

Method Detail

setLostPwdByMail

public void setLostPwdByMail(boolean lostPwdByMail)

Deprecated. Replaced by setPasswordResetRequired().

Changes the setting for sending lost passwords via email after successful challenge/response.

Parameters:

lostPwdByMail - True to email passwords, false to not email.

setMailChangePwdLink

public void setMailChangePwdLink(boolean mailChangePwdLink)

Changes the challenge response setting to send a mail which contains a link to change the password.

Parameters:

mailChangePwdLink - True to send mail, false if not.

setPwdEditAllowed

public void setPwdEditAllowed(boolean pwdEditAllowed)

Changes the setting for whether passwords can be entered on behalf of other users, or if passwords can only be generated for them.

Parameters:

pwdEditAllowed - True if passwords can be entered, false if generated only.

setPwdSyncAllowed

public void setPwdSyncAllowed(boolean pwdSyncAllowed)

Changes the setting for whether passwords can be synchronized on a person's all the accounts.

Parameters:

pwdSyncAllowed - True if passwords can be entered, false if generated only.

getLogonCount

public int getLogonCount()

Returns the maximum number of consecutive unsuccessful logon attempts a user can have before their account is suspended.

Returns:

Maximum number of attempts.

setLogonCount

public void setLogonCount(int count)

Changes the maximum number of consecutive unsuccessful logon attempts a user can have before their account is suspended.

Parameters:

count - Maximum number of attempts.

getBucketCount

public java.lang.String getBucketCount()

Returns the number of hash buckets are used within the directory tree.

Returns:

String representation of the number of buckets.

isLostPwdByMail

public boolean isLostPwdByMail()

Deprecated. Replaced by isPasswordResetRequired().

Returns whether lost passwords are emailed to the user after successful challenge/response.

Returns:

True if email is allowed, false if not.

isMailChangePwdLink

public boolean isMailChangePwdLink()

Returns whether mail will be send with a link to change the password.

Returns:

True if mail will be send, false if not.

isPwdEditAllowed

public boolean isPwdEditAllowed()

Returns whether passwords can be entered on behalf of other users, or if passwords can only be generated for them.

Returns:

True if passwords can be entered, false if generated only.

isPwdSyncAllowed

public boolean isPwdSyncAllowed()

Returns whether passwords can be synchronized on a person's all accounts.

Returns:

True if passwords can be synchronized, false otherwise.

isActive

public boolean isActive()

Returns whether the tenant (in a multi-tenant deployment) is currently active or not.

Returns:

True if active, false if not.

getPasswordRetrievalExpirationPeriod

public int getPasswordRetrievalExpirationPeriod()

Returns the password retrieval period of the system.

Returns:

Int number of hours for password retrieval expiration period. The default is 24 hours.

setPasswordRetrievalExpirationPeriod

public void setPasswordRetrievalExpirationPeriod(int pwdRetrievalExpirationPeriod)

Changes the the password retrieval period.

Parameters:

pwdRetrievalExpirationPeriod - Int number of hours for password retrieval expiration period. The default is 24 hours.

getPwdExpirationPeriod

public int getPwdExpirationPeriod()

Returns the password expiration period of the system.

Returns:

Int number of days before passwords expire. 0 indicates passwords never expire.

setPwdExpirationPeriod

public void setPwdExpirationPeriod(int expPeriod)

Changes the the password expiration period.

Parameters:

expPeriod - Int number of hours before passwords expire. 0 indicates passwords never expire and is the default.

isChallengeResponseEnabled

public boolean isChallengeResponseEnabled()

Returns whether password challenge/response is enabled.

Returns:

True if password challenge/response is enabled; else return false.

setChallengeResponseEnabled

public void setChallengeResponseEnabled(boolean enable)

Disables or Enables password challenge/response.

Parameters:

enable - True to enable, false to disable.

getSuspendMessage

public java.lang.String getSuspendMessage()

Returns the password challenge/response message when user is suspended.

Returns:

String representing the message of password challenge/response when user is suspended.

setSuspendMessage

public void setSuspendMessage(java.lang.String description)

Changes password challenge/response message when user is suspended.

Parameters:

description - New message for password challenge/response suspension.

getChallengeResponseEmail

public java.lang.String getChallengeResponseEmail()

Returns the password challenge/response failure email message recipient address.

Returns:

String representing the password challenge/response failure email message recipient address.

setChallengeResponseEmail

public void setChallengeResponseEmail(java.lang.String email)

Changes the password challenge/response failure email message recipient address.

Parameters:

email - New email address for password challenge/response failure message.

getChallengeMode

public java.lang.String getChallengeMode()

Returns the password challenge/response mode.

Returns:

String representing the mode of password challenge/response; PRE_DEFINED, USER_SELECTED, or RANDOM_SELECTED.

getChallengeDefinitionMode

public int getChallengeDefinitionMode()

Returns the password challenge/response definition mode.

Returns:

integer representing the mode of password challenge/response definition; ADMIN_DEFINED or USER_DEFINED.

setChallengeMode

public void setChallengeMode(java.lang.String mode)

Changes password challenge/response mode.

Parameters:

mode - New mode for password challenge/response; PRE_DEFINED, USER_SELECTED, or RANDOM_SELECTED.

setChallengeDefinitionMode

public void setChallengeDefinitionMode(int defMode)

Changes the mode of password challenge and response definition.

Parameters:

defMode - New mode for password challenge and response definition; ADMIN_DEFINED or USER_DEFINED.

getNumberOfRequiredChallenges

public int getNumberOfRequiredChallenges()

Returns the number of required password challenge/response questions.

Returns:

Number of the required number of questions for password challenge/response.

setNumberOfRequiredChallenges

public void setNumberOfRequiredChallenges(int num)

Changes number of required questions for password challenge/response.

Parameters:

num - New number of required questions for password challenge/response.

getNumberOfRandomChallenges

public int getNumberOfRandomChallenges()

Returns the number of questions to randomly select for password challenge/response.

Returns:

Number of questions to randomly select for password challenge/response.

getMinResponseLength

public int getMinResponseLength()

getMaxRepeatChar

public int getMaxRepeatChar()

isUserIDDisallowed

public boolean isUserIDDisallowed()

isResponseUnique

public boolean isResponseUnique()

isAnswerMatchQuestion

public boolean isAnswerMatchQuestion()

setMaxNumberOfIncorrectAttempt

public void setMaxNumberOfIncorrectAttempt(int value)

setMinResponseLength

public void setMinResponseLength(int value)

setMaxRepeatChar

public void setMaxRepeatChar(int value)

setUserIDDisallowed

public void setUserIDDisallowed(boolean value)

setResponseUnique

public void setResponseUnique(boolean value)

setAnswerMatchQuestion

public void setAnswerMatchQuestion(boolean value)

setNumberOfRandomChallenges

public void setNumberOfRandomChallenges(int num)

Changes number of questions to randomly select for password challenge/response.

Parameters:

num - New number of questions to randomly select for password challenge/response.

isResponseHashedEnabled

public boolean isResponseHashedEnabled()

Indicates whether to one-way hash the response of a challenge/response.

Returns:

True if the system requires all responses to be hashed; else false.

setResponseHashedEnabled

public void setResponseHashedEnabled(boolean enable)

Changes whether or not to one-way hash the response of a challenge/response.

Parameters:

enable - True to enable response hashing, false to disable.

getResponseLastChange

public java.util.Date getResponseLastChange()

Returns the date/time the challenge/response configuration parameters were last modified.

Returns:

Date representing when the parameters were last modified.

updateResponseLastChange

public void updateResponseLastChange()

Changes the date/time the challenge/response configuration parameters were last modified. The new date/time will be recorded as the current system time.

getPODeliveryInterval

public int getPODeliveryInterval()

Returns the time interval (in seconds) the post office delivers messages. If 0 the post office is delivering them as they are sent. No aggregation is being performed.

Returns:

int message delivery time interval (in seconds).

setPODeliveryInterval

public void setPODeliveryInterval(int interval)

Changes the time interval (in seconds) the post office delivers messages. If 0 the post office is will deliver them as they are sent. No aggregation will be performed.

Parameters:

interval - Message delivery time interval (in seconds).

isPasswordResetRequired

public boolean isPasswordResetRequired()

Returns whether a password reset is required if a user authenticates using challenge/response.

Returns:

True if password reset is required, false if not.

setPasswordResetRequired

public void setPasswordResetRequired(boolean isRequired)

Changes whether a password reset is required if a user authenticates using challenge/response.

Parameters:

isRequired - True if password reset is required, false if not.

getAlertOptions

public java.util.Collection getAlertOptions()

This method returns a collection containing the alert options. Values are: Service.COMPLIANCE_ALERT_RECONCILIATION, Service.COMPLIANCE_ALERT_POLICY_CHANGE, Service.COMPLIANCE_ALERT_IDENTITY_CHANGE, Service.COMPLIANCE_ALERT_ACCOUNT_CHANGE. Only those alert options that have been enabled would be contained in the collection.

Returns:

Collection of alert options

setAlertOptions

public void setAlertOptions(java.util.Collection alertOptions)

This method sets the alert options given a collection of the same. Accepted values: Service.COMPLIANCE_ALERT_RECONCILIATION, Service.COMPLIANCE_ALERT_POLICY_CHANGE, Service.COMPLIANCE_ALERT_IDENTITY_CHANGE, Service.COMPLIANCE_ALERT_ACCOUNT_CHANGE.

Parameters:

alertOptions -

getNonComplianceAction

public int getNonComplianceAction()

Returns the non-compliance action set globally for all services. This is the action the platform will perform if an account is found to be non-compliant with policies in the system.

Returns:

Enumerated int of the action, Service.MARK_NONCOMPLIANT, Service.SUSPEND_NONCOMPLIANT, Service.CORRECT_NONCOMPLIANT, Service.USE_WORKFLOW_FOR_NONCOMPLIANT.

setNonComplianceAction

public void setNonComplianceAction(int action)

Changes the non-compliance action set globally for all services. This is the action the platform will perform if an account is found to be non-compliant with policies within the system.

Parameters:

action - Enumerated int of the action, Service.MARK_NONCOMPLIANT, Service.SUSPEND_NONCOMPLIANT, Service.CORRECT_NONCOMPLIANT, Service.USE_WORKFLOW_FOR_NONCOMPLIANT.

setShowGenPwd

public void setShowGenPwd(boolean showGenPwd)

Changes the setting for whether the express UI will show generated passwords created by others.

Parameters:

showGenPwd - True if passwords can be entered, false if generated only.

isPwdOnUser

public boolean isPwdOnUser()

Returns whether "set password on user" is enabled.

Returns:

True if "set password on user" is enabled, false otherwise.

setPwdOnUser

public void setPwdOnUser(boolean enablePwd)

Changes the setting for whether "set password on user" is enabled.

Parameters:

enablePwd - True if "set password on user" is enabled, false otherwise.

isAutoGroupMembership

public boolean isAutoGroupMembership()

Returns whether "auto TIM Group membership" is enabled.

Returns:

True if "auto TIM Group membership" is enabled, false otherwise.

setAutoGroupMembership

public void setAutoGroupMembership(boolean enableAutoGroupMembership)

Changes the setting for whether "auto TIM Group membership" is enabled.

Parameters:

enableAutoGroupMembership - True if "auto TIM Group membership" is enabled, false otherwise.

isShowGenPwd

public boolean isShowGenPwd()

Returns whether passwords generated by others are shown in the UI.

Returns:

True if generated passwords can be shown, false otherwise.

setDefaultProvisioningPolicySetting

public void setDefaultProvisioningPolicySetting(DirectorySystem.DefaultProvisioningPolicySetting setting)

Sets the default provisioning policy setting

Parameters:

setting -

getDefaultProvisioningPolicySetting

public DirectorySystem.DefaultProvisioningPolicySetting getDefaultProvisioningPolicySetting()

Returns the default provisioing policy setting

Returns: