AccountMO

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.itim.apps.provisioning
Class AccountMO

java.lang.Object
  com.ibm.itim.apps.provisioning.AccountMO

All Implemented Interfaces:: java.io.Serializable

public class AccountMO
extends java.lang.Object
implements java.io.Serializable
extends java.lang.Object
implements java.io.Serializable

Managed object representing an account.

See Also:: Serialized Form

Constructor Summary
`AccountMO(PlatformContext platform, javax.security.auth.Subject subject, DistinguishedName name)` Constructs the the managed object with a platform context, a subject, and the distinguished name of the object to manage.

Method Summary
`void`	`adopt(PersonMO owner)` Adopts the account, or changes the account owner to the given person (identity).
`Request`	`changePassword(java.lang.String password)` Changes the password of the account.
`Account`	`getData()` Returns a current snapshot of the account.
`DistinguishedName`	`getDistinguishedName()` Returns the distinguished name of the managed object
`PersonMO`	`getOwner()` Returns the owner of the account (if any).
`ServiceMO`	`getService()` Returns the service that hosts this account.
`void`	`orphan()` Orphans the account, or changes the account owner to unknown.
`void`	`recertifyOverride(java.lang.String justification)` Audits the current account for recertification
`Request`	`remove(java.util.Date scheduledTime)` Removes the managed object from the provisioning platform.
`Request`	`restore(java.lang.String password, java.util.Date scheduledTime)` Restores the account.
`Request`	`suspend(java.util.Date scheduledTime)` Suspends the account.
`void`	`transfer(PersonMO owner)` Transfer the account to the given person (identity).
`Request`	`update(Account a, java.util.Date scheduledTime)` Updates the managed object.

Methods inherited from class java.lang.Object
`equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

AccountMO

public AccountMO(PlatformContext platform,
                 javax.security.auth.Subject subject,
                 DistinguishedName name)

Constructs the the managed object with a platform context, a subject, and the distinguished name of the object to manage.

Parameters:: platform - PlatformContext holding platform connection information.; subject - Subject representing the authenticated caller.; name - DistinguishedName of the account.

Method Detail

getDistinguishedName

public DistinguishedName getDistinguishedName()

Returns the distinguished name of the managed object

Returns:: DistinguishedName of the managed object.

getData

public Account getData()
                throws java.rmi.RemoteException,
                       ApplicationException

Returns a current snapshot of the account.

Returns:: Account object holding attribute information.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; ApplicationException - Thrown if unable to retrieve data.

getOwner

public PersonMO getOwner()
                  throws java.rmi.RemoteException,
                         ApplicationException,
                         AuthorizationException

Returns the owner of the account (if any).

Returns:: PersonMO representing the account owner if present, null if not.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to view the owner of the account.; ApplicationException - Thrown if unable to retrieve the account's owner. This may possibly be caused by the account being removed by another client previous to this call.

getService

public ServiceMO getService()
                     throws java.rmi.RemoteException,
                            ApplicationException,
                            AuthorizationException

Returns the service that hosts this account.

Returns:: ServiceMO representing the hosting service.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to view the service of the account.; ApplicationException - Thrown if unable to retrieve the account's service. This may possibly be caused by the account being removed by another client previous to this call.

orphan

public void orphan()
            throws java.rmi.RemoteException,
                   AuthorizationException,
                   ApplicationException

Orphans the account, or changes the account owner to unknown.

Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to orphan the account.; ApplicationException - Thrown if unable to orphan the account. This may possibly be caused by the account being removed by another client previous to this call. Also thrown if this account is an ITIM account since the ITIM account cannot be orphaned.

adopt

public void adopt(PersonMO owner)
           throws java.rmi.RemoteException,
                  AuthorizationException,
                  ApplicationException

Adopts the account, or changes the account owner to the given person (identity).

Parameters:: owner - PersonMO representing the new account owner.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to modify the account or owner attribute of the account.; ApplicationException - Thrown if unable to adopt the account. This may possibly be caused by the account or owner being removed by another client previous to this call. Also thrown if the account is disallowed and the hosting service's enforcement action is set to "Correct".

transfer

public void transfer(PersonMO owner)
              throws ApplicationException,
                     java.rmi.RemoteException,
                     ApplicationException

Transfer the account to the given person (identity).

Parameters:: owner - PersonMO representing the new account owner.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to modify the account or owner attribute of the account.; ApplicationException - Thrown if unable to transfer the account. This may possibly be caused by the account or owner being removed by another client previous to this call. Also thrown if the account is disallowed and the hosting service's enforcement action is set to "Correct".

remove

public Request remove(java.util.Date scheduledTime)
               throws java.rmi.RemoteException,
                      ApplicationException,
                      AuthorizationException

Removes the managed object from the provisioning platform. If there is an automatic provisioning policy defined for a person and a service, then a person should have at least one account on that service. If all these accounts are requested to be deleted, then the ApplicationException will be thrown.

Parameters:: scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current date/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:: Request object representing the operation's status. If the schedule time is set for the future, then the Request's getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to remove the account.; ApplicationException - Thrown if unable to submit the request. This may caused by (1) the account being removed by another client previous to this call, or (2) if the account is required by automatic provisioning policy.

update

public Request update(Account a,
                      java.util.Date scheduledTime)
               throws java.rmi.RemoteException,
                      AuthorizationException,
                      SchemaViolationException,
                      ApplicationException

Updates the managed object. An account value object is provided with the changes to make.

Parameters:: a - Account value object with changes to make.; scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current date/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:: Request object representing the operation's status. If the schedule time is set for the future, then the Request's getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to change the account. Note, even if only one of the attributes being changed is not writeable for the client, the entire request will fail and this exception will be thrown.; SchemaViolationException - Thrown if any of the attributes in the value object violates the managed object's schema.; ApplicationException - Thrown if unable to submit the request. The request cannot be submitted (1) if the account is already removed by another client previous to this call, (2) if the account is orphaned account (disallowed account), (3) if the account is non-compliant (or disallowed) and the enforcement action is set to "Suspend" or "Correct", (4) if the account has the new password set and it does not conform to the password policy, then InvalidPasswordException will be thrown in the form of ApplicationException since InvalidPasswordException is extended from ApplicationException.

suspend

public Request suspend(java.util.Date scheduledTime)
                throws java.rmi.RemoteException,
                       AuthorizationException,
                       ApplicationException

Suspends the account.

Parameters:: scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current date/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:: Request object representing the operation's status. If the schedule time is set for the future, then the Request's getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to suspend the account.; ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the account being removed by another client previous to this call.

restore

public Request restore(java.lang.String password,
                       java.util.Date scheduledTime)
                throws java.rmi.RemoteException,
                       AuthorizationException,
                       ApplicationException,
                       InvalidPasswordException

Restores the account. If the account is disallowed or non-compliant and the enforcement action of hosting service is set to "Suspend" or "Correct", the account can not be restored. In this case, ApplicationException will be thrown.

Parameters:: password - New password of the account.; scheduledTime - The scheduled starting time of the process. If null, the process will start immediately. In case this method is invoked remotely, passing this parameter as the current date/time of the client machine is not a safe technique to use, since the date/time of the client machine may not be the same as the date/time of the ITIM server machine.
Returns:: Request object representing the operation's status. If the schedule time is set for the future, then the Request's getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to restore the account.; InvalidPasswordException - Thrown if password does not conform to the password policy defined for the hosting service.; ApplicationException - Thrown if unable to submit the request. This may be possibly caused by the account being removed by another client previous to this call. Also thrown if the account is disallowed or non-compliant and the enforcement action of hosting service is set to "Suspend" or "Correct".

changePassword

public Request changePassword(java.lang.String password)
                       throws java.rmi.RemoteException,
                              AuthorizationException,
                              InvalidPasswordException,
                              ApplicationException

Changes the password of the account. Note, some accounts do not require password changes. This can be determined by checking the service the account is hosted on for password requirements.

Parameters:: password - New password of the account.
Returns:: Request object representing the operation's status. If the schedule time is set for the future, then the Request's getStatus() will return the current status at that point of time.
Throws:: java.rmi.RemoteException - Thrown if unable to communicate with platform.; AuthorizationException - Thrown if client is unauthorized to change the account's password. To change the password, the user should be granted to modify the account and also be granted to write the password attribute.; InvalidPasswordException - Thrown if password does not conform to the password policy defined for the hosting service.; ApplicationException - Thrown if unable to submit the request. This may possibly be caused by the account being removed by another client previous to this call.
See Also:: ServiceMO.isPasswordRequired()

recertifyOverride

public void recertifyOverride(java.lang.String justification)
                       throws ApplicationException,
                              java.rmi.RemoteException

Audits the current account for recertification

Parameters:: justification - The comments provided by the requester while recertifying the accounts.
Throws:: ApplicationException, - RemoteException An exception will be thrown on any failure.; ApplicationException; java.rmi.RemoteException

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

IBM Tivoli Identity Manager 5.1
© Copyright International Business Machines Corporation 2007, 2009. All rightsreserved. US Government Users Restricited RightsUse, duplication or disclosure restricted by GSA ADP ScheduleContract with IBM Corp.

com.ibm.itim.apps.provisioning Class AccountMO

AccountMO

getDistinguishedName

getData

getOwner

getService

orphan

adopt

transfer

remove

update

suspend

restore

changePassword

recertifyOverride

com.ibm.itim.apps.provisioning
Class AccountMO