Overview  Package   Class  Use  Tree  Serialized  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.ibm.di.api.security
Class Identity

java.lang.Object
  extended by com.ibm.di.api.security.Identity
Direct Known Subclasses:
LocalIdentity
public class Identity
extends Object

This class represents an authenticated user's identity. This class has several convenient methods for querying the user's permeations over a specific operation.

Constructor Summary
protected Identity()
          default constructor, used by descendants
  Identity(String aUserId, Vector<Role> aRoles)
          Public constructor used by the Registry
  Identity(Vector<String> userAndGroups, Vector<Role> roles)
          public constructor used by LDAP authentication with enabled LDAP group support.
 
Method Summary
 boolean canExecuteAL(String aConfigId, String aAssemblyLine)
          Check that the specific AssemblyLine could be started by the user.
 boolean canExecuteAll()
          Returns whether specified user is allowed to execute everything.
 boolean canExecuteConfig(String aConfigId)
          Returns whether specified user is allowed to execute given configuration.
 boolean canExecuteConfigALs(String aConfigId)
          Returns whether specified user is allowed to execute assembly lines from a given configuration.
 boolean canReadAll()
          Returns whether specified user is allowed to read everything.
 boolean canReadConfig(String aConfigId)
          Check that the specific configuration could be read by the user.
 String[] getGroupIds()
          Retrieves LDAP groups.
 Vector<Role> getRoles()
          Retrieves assigned roles.
 String getUserId()
          Retrieves user ID.
 boolean isAdmin()
          Verifies admin privileges.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

Identity

protected Identity()
default constructor, used by descendants

Identity

public Identity(String aUserId,
                Vector<Role> aRoles)
Public constructor used by the Registry

Parameters:
aUserId - the distinguished name of the user
aRoles - the list of roles the user have.

Identity

public Identity(Vector<String> userAndGroups,
                Vector<Role> roles)
public constructor used by LDAP authentication with enabled LDAP group support.

Parameters:
userAndGroups - Vector object containing the authenticating LDAP user as first element and the groups of the user.
roles - Vector object containing the roles of the user and users' groups in the User Registry.
Since:
7.0
Method Detail

getUserId

public String getUserId()
Retrieves user ID.

Returns:
the user's distinguished name.

getGroupIds

public String[] getGroupIds()
Retrieves LDAP groups.

Returns:
Array of String objects representing the names of the LDAP groups, which the user is member of. Returns null, in case no LDAP Authentication is used or groupSupport is not enabled.
Since:
7.0

getRoles

public Vector<Role> getRoles()
Retrieves assigned roles.

Returns:
Vector object containing the roles assigned to the Identity.
Since:
7.0

isAdmin

public boolean isAdmin()
Verifies admin privileges.

Returns:
true if the user have admin privileges.

canReadConfig

public boolean canReadConfig(String aConfigId)
Check that the specific configuration could be read by the user.

Parameters:
aConfigId - the configInstance identifier
Returns:
true if the user have been given this privilege.

canExecuteAL

public boolean canExecuteAL(String aConfigId,
                            String aAssemblyLine)
Check that the specific AssemblyLine could be started by the user.

Parameters:
aConfigId - the configInstance that has this AL
aAssemblyLine - the name of the AL to check for
Returns:
true if the user have been given this privilege.

canExecuteConfigALs

public boolean canExecuteConfigALs(String aConfigId)
Returns whether specified user is allowed to execute assembly lines from a given configuration.

Parameters:
aConfigId - the configInstance identifier
Returns:
true if the user have been given this privilege.

canExecuteConfig

public boolean canExecuteConfig(String aConfigId)
Returns whether specified user is allowed to execute given configuration.

Parameters:
aConfigId - the configInstance identifier
Returns:
true if the user have been given this privilege.

canExecuteAll

public boolean canExecuteAll()
Returns whether specified user is allowed to execute everything.

Returns:
true if the user have been given this privilege.

canReadAll

public boolean canReadAll()
Returns whether specified user is allowed to read everything.

Returns:
true if the user have been given this privilege.
Overview  Package   Class  Use  Tree  Serialized  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD