com.metamatrix.admin.api.server
Interface ServerSecurityAdmin

All Superinterfaces:

CoreSecurityAdmin

All Known Subinterfaces:

ServerAdmin

All Known Implementing Classes:

ServerAdminImpl, ServerSecurityAdminImpl

@RolesAllowed(value="Admin.SystemAdmin")
public interface ServerSecurityAdmin
extends CoreSecurityAdmin

Interface that exposes MetaMatrix security system for administration.

Clients should not code directly to this interface but should instead use ServerAdmin.

Since:

4.3

Method Summary

void	assignRoleToGroup(java.lang.String roleIdentifier, java.lang.String groupIdentifier) Assign to the given Group the given Administrative Role.
boolean	authenticateUser(java.lang.String username, char[] credentials, java.io.Serializable trustePayload, java.lang.String applicationName) Authenticate a user with the specified user name and credentials for use with the specified application.
char[]	exportDataRoles(java.lang.String vdbName, java.lang.String vdbVersion) Export the data roles defined for the given vdb from the current system
java.util.List<java.lang.String>	getDomainNames() Returns the active authorization provider domain names, in authentication order.
java.util.Collection<Group>	getGroups(java.lang.String groupIdentifier) Get the group denoted by the given groupIdentifier.
java.util.Collection<Group>	getGroupsForDomain(java.lang.String domainName) Return the Groups for a given domain.
java.util.Collection<Group>	getGroupsForUser(java.lang.String userIdentifier) Get the group memberships for the given user.
java.util.Collection<Role>	getRolesForGroup(java.lang.String groupIdentifier) Get the Collection of administrative role names possessed by the given group, if any.
java.util.Collection<Role>	getRolesForUser(java.lang.String userIdentifier) Get the Collection of administrative role names possessed by the given user, if any.
java.lang.String	importDataRoles(java.lang.String vdbName, java.lang.String vdbVersion, char[] data, AdminOptions options) Import the data Roles for given vdb and version into the connected server
void	removeRoleFromGroup(java.lang.String roleIdentifier, java.lang.String groupIdentifier) Remove an administrative role from the given Group.

Method Detail

getRolesForGroup

java.util.Collection<Role> getRolesForGroup(java.lang.String groupIdentifier)
                                            throws AdminException

Get the Collection of administrative role names possessed by the given group, if any.

Parameters:

groupIdentifier - The unique identifier for the Group. This is group name. A user is a Principal and a Principal name is considered to be unique throughout the MetaMatrix system across all Membership domains. The WILDCARD cannot be used here.

Returns:

The Collection of Roles.

Throws:

AdminException - if there's a system error.

Since:

4.3

getRolesForUser

java.util.Collection<Role> getRolesForUser(java.lang.String userIdentifier)
                                           throws AdminException

Get the Collection of administrative role names possessed by the given user, if any.

Parameters:

userIdentifier - The unique identifier for the user. This is generally a user name. A user is a Principal and a Principal name is considered to be unique throughout the MetaMatrix system across all Membership domains. The WILDCARD cannot be used here.

Returns:

The Collection of Roles

Throws:

AdminException - if there's a system error.

Since:

4.3

getGroupsForUser

java.util.Collection<Group> getGroupsForUser(java.lang.String userIdentifier)
                                             throws AdminException

Get the group memberships for the given user.

Parameters:

userIdentifier - The unique identifier for the user. This is generally a user name. A user is a Principal and a Principal name is considered to be unique throughout the MetaMatrix system across all Membership domains. The WILDCARD cannot be used here.

Returns:

The collection of groups in which the given user has membership.

Throws:

AdminException - if there's a system error.

Since:

4.3

getGroups

java.util.Collection<Group> getGroups(java.lang.String groupIdentifier)
                                      throws AdminException

Get the group denoted by the given groupIdentifier.

Parameters:

groupIdentifier - The unique identifier for the Group. This is generally a group name. A group is a Principal and a Principal name is considered to be unique throughout the MetaMatrix system across all Membership domains.
Note that by supplying the WILDCARD identifier, all all users in the system will retrieved.

Returns:

The Collection of groups.

Throws:

AdminException - if there's a system error.

Since:

4.3

assignRoleToGroup

void assignRoleToGroup(java.lang.String roleIdentifier,
                       java.lang.String groupIdentifier)
                       throws AdminException

Assign to the given Group the given Administrative Role.

Parameters:

roleIdentifier - one of AdminRoles.

groupIdentifier - the unique identifier for the Principal. The WILDCARD cannot be used here.

Throws:

AdminException - if there's a system error.

Since:

4.3

removeRoleFromGroup

void removeRoleFromGroup(java.lang.String roleIdentifier,
                         java.lang.String groupIdentifier)
                         throws AdminException

Remove an administrative role from the given Group.

Parameters:

roleIdentifier - one of AdminRoles

groupIdentifier - the unique identifier for the Principal. The WILDCARD cannot be used here.

Throws:

AdminException - if there's a system error.

Since:

4.3

importDataRoles

java.lang.String importDataRoles(java.lang.String vdbName,
                                 java.lang.String vdbVersion,
                                 char[] data,
                                 AdminOptions options)
                                 throws AdminException

Import the data Roles for given vdb and version into the connected server

Parameters:

vdbName - - target name of the VDB, the roles to be imported under

vdbVersion - - target version of the vdb, the roles to be imported under

data - - character data array containing the XML file which defines the roles

options - - options to overwrite in case the matching roles already exist.

Returns:

a report of the import

Throws:

AdminException

exportDataRoles

char[] exportDataRoles(java.lang.String vdbName,
                       java.lang.String vdbVersion)
                       throws AdminException

Export the data roles defined for the given vdb from the current system

Parameters:

vdbName - - Name of the vdb

vdbVersion - - version of the vdb

Returns:

- char[] stream containing the XML contents of the roles.

Throws:

AdminException

authenticateUser

boolean authenticateUser(java.lang.String username,
                         char[] credentials,
                         java.io.Serializable trustePayload,
                         java.lang.String applicationName)
                         throws AdminException

Authenticate a user with the specified user name and credentials for use with the specified application. The application name may also be used by the Membership Service to determine the appropriate authentication mechanism.

Parameters:

username - the user name that is to be authenticated

credential -

trustePayload -

applicationName - the name of the application for which the user is authenticating

Returns:

true if the authentication is successful

Throws:

AdminException

getDomainNames

java.util.List<java.lang.String> getDomainNames()
                                                throws AdminException

Returns the active authorization provider domain names, in authentication order.

Returns:

List

Throws:

AdminException

getGroupsForDomain

java.util.Collection<Group> getGroupsForDomain(java.lang.String domainName)
                                               throws AdminException

Return the Groups for a given domain. The domain name must be an specified exactly. See #getActiveDomainNames() for possible domain names.

Parameters:

domainName -

Returns:

Throws:

AdminException