com.ibm.dse.applsrv.aa
Class SecurityManager

java.lang.Object
  |
  +--com.ibm.dse.applsrv.aa.SecurityManager

public class SecurityManager
extends java.lang.Object
implements SecurityManagerInterface, SecurityConstants, LimitsConstants

This class is the public access point to CBTF Security.


Field Summary
static java.lang.String COMPID
           
 
Fields inherited from interface com.ibm.dse.applsrv.aa.SecurityConstants
ACTIVE_CONTEXTS, ALL_CONTEXTS, AUDIT_FILE, CBTF_TRACING, CONFIGURATION, CONFIGURATIONS_DATABASE, CONTEXT_ACTIVE, CONTEXT_DATABASE, CONTEXT_INACTIVE, CONTEXT_INVALID, CONTEXTS, CONTROLLER, DEFAULT_CONFIGURATIONS_DATABASE, DEFAULT_CONTEXT_DATABASE, DEFAULT_GROUPS_DATABASE, DEFAULT_RIGHTS_DATABASE, DEFAULT_ROLES_DATABASE, DEFAULT_SERVICES_DATABASE, DEFAULT_USER_DATABASE, ENCRYPTION, GLOBAL_CONTEXTS, GROUPS, GROUPS_DATABASE, INACTIVE_CONTEXTS, JDBC_DATABASE, JDBC_DRIVER, JDBC_MAX_DATA, JDBC_MAX_GROUPS, JDBC_MAX_HANDLER, JDBC_MAX_ID, JDBC_MAX_PASSWORD, JDBC_MAX_RIGHT_TIMES, JDBC_MAX_RIGHTS, JDBC_MAX_ROLE_TIMES, JDBC_MAX_ROLES, JDBC_MAX_USER_ID, JDBC_MAX_USERS, JDBC_PASSWORD, JDBC_URL, JDBC_USER_ID, LIMIT_DATABASE, LIMITS, LOGGING_HANDLER, LOGGING_OPTIONS, PERSIST_CONTEXTS, PERSISTENCE, QUERY_PASSWORDS, RIGHTS, RIGHTS_DATABASE, ROLES, ROLES_DATABASE, SECURITY_DIRECTORY, SECURITY_MANAGER, SERVICES, SERVICES_DATABASE, SPECIFIC_CONTEXTS, TEST_ADD_RIGHT_TO_USER, TEST_ADD_RIGHTS_TO_USER, TEST_AUDIT, TEST_CONTEXT_IDS, TEST_DISABLE_PERSISTENCE, TEST_EXPORT, TEST_GET_CONFIGURATION, TEST_GET_CONTEXTS, TEST_GET_GROUPS, TEST_GET_PASSWORD_ACCESS, TEST_GET_PERSISTENCE, TEST_GET_RIGHTS, TEST_GET_ROLES, TEST_GET_SERVICES, TEST_GET_UNIQUE_LOGON, TEST_GET_USERS, TEST_GROUP_IDS, TEST_IMPORT, TEST_IMPORT2, TEST_LOAD_CONFIGURATIONS, TEST_LOAD_CONTEXTS, TEST_LOAD_GROUPS, TEST_LOAD_RIGHTS, TEST_LOAD_ROLES, TEST_LOAD_SERVICES, TEST_LOAD_USERS, TEST_PERSISTENCE, TEST_QUERY_SM, TEST_REMOVE_ALL_RIGHTS_FROM_USER, TEST_RESET, TEST_RIGHT_IDS, TEST_ROLE_IDS, TEST_SAVE, TEST_SERVICE_IDS, TEST_SET_CONFIGURATION, TEST_SET_PASSWORD_ACCESS, TEST_SET_PERSISTENCE, TEST_SET_UNIQUE_LOGON, TEST_TEST1, TEST_TEST2, TEST_TEST3, TEST_TRACE, TEST_USER_IDS, TRACE_EXCEPTIONS, TRACE_FILE, TRACE_LOGGER, UNIQUE_LOGONS, USE_LIMITS, USER_DATABASE, USERS
 
Fields inherited from interface com.ibm.dse.applsrv.aa.LimitsConstants
BIN, CLOSE_MAX_AMT, CONTAINER_SUBTYPE, CONTAINER_TYPE, CONTAINER_TYPE_DB, CURCODE, CURRENTVALUE_AMT, DESCRIPTION, DRAWER, LIMIT, LIMITS_COLUMNS, LIMITS_DATA_NAMES, OFF_VALUE_AMT, ON_VALUE_AMT, OVERSHORT_MAX_AMT, RHT_NAME, SETTLE_MAX_AMT, TRANS_TYPE, TRANS_TYPE_DB, TRAY, WRK_OFF_COUNT_HIGH, WRK_OFF_HIGH_AMT, WRK_OFF_LOW_AMT, WRK_ON_COUNT_HIGH, WRK_ON_HIGH_AMT, WRK_ON_LOW_AMT
 
Constructor Summary
SecurityManager()
          Constructor for the default security manager.
 
Method Summary
 void addRightsToRole(java.lang.String nameOfRole, java.lang.String[] rights, int id)
          Add rights to a role.
 void addRightsToService(java.lang.String nameOfService, java.lang.String[] rights, int id)
          Add rights to a service.
 void addRightsToUser(java.lang.String nameOfUser, java.lang.String[] rights, int id)
          Add rights to a user.
 void addRightToRole(java.lang.String nameOfRole, java.lang.String right, int id)
          Add a right to a role.
 void addRightToService(java.lang.String nameOfService, java.lang.String right, int id)
          Add a right to a service.
 void addRightToUser(java.lang.String nameOfUser, java.lang.String right, int id)
          Add a right to a user.
 void addRoleToUser(java.lang.String userId, java.lang.String role, int id)
          Add a role to a user.
 void addSubGroup(java.lang.String superGroup, java.lang.String subGroup, int id)
          Add a child group to a parent group.
 void addSubRole(java.lang.String superRole, java.lang.String subRole, int id)
          Add a child role to a parent role.
 void addUserToGroup(java.lang.String nameOfGroup, java.lang.String user, int id)
          Add a user to a group.
 void audit(java.lang.String message)
          Write a message to the audit log.
 boolean canLogOn(java.lang.String user, java.lang.String password)
          Check validity of user id and the corresponding password.
 void changeOwnPassword(java.lang.String oldpassword, java.lang.String newpassword, int id)
          Change the user's own password.
 void changePassword(java.lang.String userid, java.lang.String password, int id)
          Change the password of a user.
 boolean checkAccess(java.lang.String nameOfService, int id)
          Check the accessability of a service by the specified user.
 void createGroup(java.lang.String group, int id)
          Create a group.
 void createRight(java.lang.String right, int id)
          Create a right.
 void createRole(java.lang.String role, int id)
          Create a role.
 void createRole(java.lang.String role, RoleHandlerInterface handler, int id)
          Create a role with an associated handler.
 void createRole(java.lang.String role, java.lang.String handler, int id)
          Create a role with an associated handler.
 void createRoles(java.lang.String[] roles, int id)
          Create the roles named by the argument.
 void createRoles(java.lang.String[] roles, RoleHandlerInterface[] handlers, int id)
          Create the roles named by the argument.
 void createRoles(java.lang.String[] roles, java.lang.String[] handlers, int id)
          Create the roles named by the argument.
 void createService(java.lang.String service, int id)
          Create a service.
 void createUser(java.lang.String user, java.lang.String password, int id)
          Create a user with the specified password.
 void exportSecurity(java.lang.String userId, java.lang.String password, java.lang.String fileName, Dictionary options)
          Export the specified security databases into a text file.
 void forcedSignOff(int signoffContext, int callerContext)
          Disables the specified context (which may be owned by another user).
 void forcedSignOn(java.lang.String userId, java.lang.String password, int id)
          Sign on to another user's context - raising an exception if it fails.
 java.lang.String get(java.lang.String key)
          Return the value of the named configuration attribute.
 java.lang.Object[] getActivationIntervalForUser(java.lang.String userId, int id)
          Return the activation time, duration and enable flag for the specified user.
 Dictionary getAllDataFromContext(int queryContext, int callerContext)
          Return all data items from the specified context.
 Dictionary getAllDataFromGroup(java.lang.String nameOfGroup, int id)
          Return all data items from the specified group.
 Dictionary getAllDataFromRight(java.lang.String nameOfRight, int id)
          Return all data items from the specified right.
 Dictionary getAllDataFromRole(java.lang.String nameOfRole, int id)
          Return all data items from the specified role.
 Dictionary getAllDataFromService(java.lang.String nameOfService, int id)
          Return all data items from the specified service.
 Dictionary getAllDataFromUser(java.lang.String userId, int id)
          Return all data items from the specified user.
 Dictionary getAllInheritedDataFromUser(java.lang.String userId, int id)
          Return all inherited data items from the specified user.
 java.lang.String[] getAllMembersOfGroup(java.lang.String nameOfGroup, int id)
          Return a list of all direct or indirect members (users) of the specified group.
 java.lang.String[] getAllRightsOfUser(java.lang.String userId, int id)
          Return the list of names of all rights assigned to the specified user either directly or indirectly via roles or subroles thereof.
 java.lang.String[] getAllSubgroups(java.lang.String nameOfGroup, boolean include, int id)
          Return a list of all the subgroups (direct or indirect) of the specified group.
 Dictionary getAttributesOfUser(java.lang.String userId, int id)
          Get the attributes of the specified user.
 boolean getAudit()
          Get the audit control flag.
 java.lang.String[] getAvailableServices(int id)
          Return the list of all services that the specified user is authorized to access.
 java.lang.String[] getChildrenOfRole(java.lang.String nameOfRole, int id)
          Return the list of child roles of the specified role.
 Dictionary getConfiguration(int id)
          Return a dictionary of the current state of the system configurations.
 Dictionary getConfigurationAttributes()
          Return the table of all configuration attributes.
 Dictionary getContainerLmt(SecurityLimit aLimit)
          Returns a copy of the container limit information of aLimit
 Dictionary getContainerLmt(java.lang.String userId, java.lang.String curCode, java.lang.String containerType, java.lang.String containerSubType)
          Returns a copy of the container limit information of the limit that matches the parameters in the request
 int[] getContexts(int id)
          Return a list of the ids of all the contexts.
 int[] getContexts(java.lang.String userId, java.lang.String password, int type)
          Return a list of ids of all the contexts.
 int[] getContextsOfUser(java.lang.String userId, int type, int id)
          Return a list of the ids of the contexts (active or inactive or both) of the specified user.
 Dictionary[] getContextsWithAttributes(int id)
          Return a list of attributes of all the contexts.
 Dictionary[] getContextsWithAttributes(int[] contexts, int id)
          Return a list of attributes of the specified contexts.
 java.lang.String[] getCreatedRights(int id)
          Return a list of the names of the user created rights.
 java.lang.String getDataFromContext(int contextId, java.lang.String dataName, int id)
          Return the named data item from the specified context.
 java.lang.String getDataFromGroup(java.lang.String nameOfGroup, java.lang.String dataName, int id)
          Return the named data item from the specified group.
 Dictionary getDataFromLimit(SecurityLimit aLimit)
          Returns the data item from the specified limit.
 java.lang.String getDataFromLimit(SecurityLimit aLimit, java.lang.String dataName)
          A security manager must define a method to return the named data item from the specified user.
 java.lang.String getDataFromRight(java.lang.String nameOfRight, java.lang.String dataName, int id)
          Return the named data item from the specified right.
 java.lang.String getDataFromRole(java.lang.String nameOfRole, java.lang.String dataName, int id)
          Return the named data item from the specified role.
 java.lang.String getDataFromService(java.lang.String nameOfService, java.lang.String dataName, int id)
          Return the named data item from the specified service.
 java.lang.String getDataFromUser(java.lang.String userId, java.lang.String dataName, int id)
          Return the named data item from the specified user.
 java.lang.String[] getGroups(int id)
          Return a list of the names of the groups.
 Dictionary[] getGroupsWithAttributes(int id)
          Return a list of attributes of all the groups.
 Dictionary[] getGroupsWithAttributes(java.lang.String[] groups, int id)
          Return a list of attributes of the specified groups.
 java.lang.String getHandler(java.lang.String nameOfRole, int id)
          Return the name of the handler class associated with the named role.
 java.lang.String getInheritedDataFromGroup(java.lang.String nameOfGroup, java.lang.String dataName, int id)
          Return the value associated with specified name in the specified group or the closest supergroup.
 java.lang.String getInheritedDataFromUser(java.lang.String nameOfUser, java.lang.String dataName, int id)
          Return the value associated with specified name in the specified user or the closest group.
 java.lang.String getJDBCDatabase()
          Return the name of the JDBC database.
 java.lang.String getJDBCDriver()
          Return the name of the JDBC driver.
 java.lang.String getJDBCURL()
          Return the name of the JDBC URL.
 Array getLimitsOfUser(java.lang.String userid)
          Returns all limits of the specified user.
static SecurityManagerInterface getManager()
          Return the single instance of the security manager.
 java.lang.String[] getMembersOfGroup(java.lang.String nameOfGroup, int id)
          Return a list of names of users that are direct members of the specified group.
 Dictionary[] getOwnAttributes(int id)
          Return the attributes of the user and context associated with the specified id.
 java.lang.String[] getRights(int id)
          Return a list of the names of the rights.
 java.lang.String[] getRightsOfRole(java.lang.String nameOfRole, int id)
          Return a list of names of rights of the specified role.
 java.lang.String[] getRightsOfService(java.lang.String nameOfService, int id)
          Return a list of names of rights of the specified service.
 java.lang.String[] getRightsOfUser(int id)
          Return a list of names of rights of the specified user.
 java.lang.String[] getRightsOfUser(java.lang.String userId, int id)
          Return a list of names of rights of the specified user.
 Dictionary[] getRightsWithAttributes(int id)
          Return a list of attributes of all the rights.
 Dictionary[] getRightsWithAttributes(java.lang.String[] rights, int id)
          Return a list of right attributes.
 java.lang.String[] getRoles(int id)
          Return a list of the names of the roles.
 java.lang.String[] getRolesOfUser(int id)
          Return a list of names of roles of the specified user.
 java.lang.String[] getRolesOfUser(java.lang.String userId, int id)
          Return a list of names of roles of the specified user.
 Dictionary[] getRolesWithAttributes(int id)
          Return a list of attributes of all the roles.
 Dictionary[] getRolesWithAttributes(java.lang.String[] roles, int id)
          Return a list of role attributes.
 java.lang.String[] getServices(int id)
          Return a list of the names of the services.
 Dictionary[] getServicesWithAttributes(int id)
          Return a list of attributes of all the services.
 Dictionary[] getServicesWithAttributes(java.lang.String[] services, int id)
          Return a list of service attributes.
 int getStatusOfContextId(int id)
          Return the status of the specified context.
 java.lang.String[] getSubGroups(java.lang.String nameOfGroup, int id)
          Return a list of subgroups of the specified group.
 java.lang.String[] getSystemRoles(int id)
          Return a list of the names of the system-wide roles.
 boolean getTrace()
          Return the value of the trace flag.
 Dictionary getTransactionLmt(SecurityLimit aLimit)
          Returns a copy of the transaction limit information of aLimit
 Dictionary getTransactionLmt(java.lang.String userId, java.lang.String curCode, java.lang.String transType)
          Returns a copy of the transaction limit information of the limit that matches the parameters request
 java.lang.String getUser(int id)
          Return the name of the user associated with the specified id.
 java.lang.String[] getUsers(int id)
          Return a list of the ids of all the users.
 Dictionary[] getUsersWithAttributes(int id)
          Return a list of attributes of all the users.
 Dictionary[] getUsersWithAttributes(java.lang.String[] users, int id)
          Return a list of user attributes.
 boolean hasRight(java.lang.String right, int id)
          Check if current user has the specified right (directly or indirectly) and that its active.
 boolean hasRight(java.lang.String userid, java.lang.String right, int id)
          Check if the specified user has the specified right (directly or indirectly) and that its active.
 boolean hasRight(java.lang.String userid, java.lang.String password, java.lang.String right, int id)
          Check if the specified user has the specified right (directly or indirectly) and that its active.
 boolean hasSubgroup(java.lang.String supergroup, java.lang.String subgroup, int id)
          Check if 'supergroup' has 'subgroup' as a subgroup.
 void importSecurity(java.lang.String userId, java.lang.String password, java.lang.String fileName, Dictionary options)
          Import the specified security databases from a text file.
 void initialize(Dictionary config)
          Initialize the security manager.
static void initialize(SecurityManagerInterface aSecurityManager, Dictionary config)
          Initialize the security manager.
 boolean isMemberOfGroup(java.lang.String nameOfGroup, java.lang.String userID, boolean direct, int id)
          Check if the specified user is a direct or indirect member of the specified group.
 void lock(java.lang.String userid, int id)
          Lockout the specified user.
 void logOff(int id)
          Log off the specified user.
 void logOff(java.lang.String userid, java.lang.String password, int options, int[] contexts)
          Logoff the specified contexts of the specified user.
 int logOn(java.lang.String user, java.lang.String password)
          Perform a logon.
 int logOn(java.lang.String userId, java.lang.String password, java.lang.Object object)
          Perform a logon.
 boolean queryForcedSignOff(int id)
          Return forced sign off status of the current context.
 boolean queryLock(java.lang.String userid, int id)
          Query the lock status of the specified user.
 void removeGroup(java.lang.String group, int id)
          Remove a group.
 void removeRight(java.lang.String right, int id)
          Remove a right.
 void removeRightFromRole(java.lang.String nameOfRole, java.lang.String right, int id)
          Remove a right from a role.
 void removeRightFromService(java.lang.String nameOfService, java.lang.String right, int id)
          Remove a right from a service.
 void removeRightFromUser(java.lang.String nameOfUser, java.lang.String right, int id)
          Remove the specified right from the user.
 void removeRightsFromRole(java.lang.String nameOfRole, java.lang.String[] rights, int id)
          Remove rights from a role.
 void removeRightsFromService(java.lang.String nameOfService, java.lang.String[] rights, int id)
          Remove rights from a service.
 void removeRightsFromUser(java.lang.String nameOfUser, java.lang.String[] rights, int id)
          Remove the specified rights from the user.
 void removeRole(java.lang.String role, int id)
          Remove a role.
 void removeRoleFromUser(java.lang.String userId, java.lang.String role, int id)
          Remove the specified role from the user.
 boolean removeRoles(java.lang.String[] rolesToDelete, java.lang.String[] options, int id)
          Delete the named roles subject to the specified options.
 void removeService(java.lang.String service, int id)
          Remove a service.
 void removeSubGroup(java.lang.String superGroup, java.lang.String subGroup, int id)
          Remove a child group from a parent group.
 void removeSubRole(java.lang.String superRole, java.lang.String subRole, int id)
          Remove a child role from a parent role.
 void removeUser(java.lang.String user, int id)
          Remove a user.
 void removeUserFromGroup(java.lang.String nameOfGroup, java.lang.String user, int id)
          Remove a user from a group.
 void save(boolean[] list, int id)
          Force a save of selected databases even if persistence is disabled.
 void setActivationIntervalForUser(java.lang.String userId, long startTime, long duration, boolean limit, int id)
          Set the activation time, duration and enable flag for the specified user.
 void setAllDataForContext(int contextId, Dictionary dictionary, int id)
          Set all data items for the context.
 void setAllDataForGroup(java.lang.String nameOfGroup, Dictionary dictionary, int id)
          Set all data items for the specified group.
 void setAllDataForRight(java.lang.String nameOfRight, Dictionary dictionary, int id)
          Set all data items for the specified right.
 void setAllDataForRole(java.lang.String nameOfRole, Dictionary dictionary, int id)
          Set all data items for the specified role.
 void setAllDataForService(java.lang.String nameOfService, Dictionary dictionary, int id)
          Set all data items for the specified service.
 void setAllDataForUser(java.lang.String userId, Dictionary dictionary, int id)
          Set all data items for the specified user.
 void setAttributesOfUser(java.lang.String userId, Dictionary attributes, boolean set, int id)
          Set the attributes of the specified user.
 void setAudit(boolean auditFlag)
          Set the audit control flag.
 void setConfiguration(Dictionary configurations, int id)
          Set the specified system configurations to the specified values.
 void setDataForContext(int contextId, java.lang.String key, java.lang.String value, int id)
          Add, change or remove the named data item for the specified context.
 void setDataForGroup(java.lang.String nameOfGroup, java.lang.String key, java.lang.String value, int id)
          Add, change or remove the named data item for the specified group.
 void setDataForRight(java.lang.String nameOfRight, java.lang.String key, java.lang.String value, int id)
          Add, change or remove the named data item for the specified right.
 void setDataForRole(java.lang.String nameOfRole, java.lang.String key, java.lang.String value, int id)
          Add, change or remove the named data item for the specified role.
 void setDataForService(java.lang.String nameOfService, java.lang.String key, java.lang.String value, int id)
          Add, change or remove the named data item for the specified service.
 void setDataForUser(java.lang.String userid, java.lang.String key, java.lang.String value, int id)
          Add, change or remove the named data item for the specified user.
 void setExpiryForRights(java.lang.String userid, java.lang.String[] rights, long start, long duration, int id)
          Define the lifetime of a set of rights associated with a user.
 void setExpiryForRoles(java.lang.String userid, java.lang.String[] roles, long start, long duration, int id)
          Define the lifetime of a set of roles associated with a user.
 void setHandler(java.lang.String nameOfRole, java.lang.String handler, int id)
          Set the handler for the named role.
 void setRightsForService(java.lang.String nameOfService, java.lang.String[] rights, int id)
          Set the required rights for a service.
 void setRightsForUser(java.lang.String userid, java.lang.String[] rights, int id)
          Set the rights for a user.
 void setRolesForUser(java.lang.String userid, java.lang.String[] roles, int id)
          Set the roles for a user.
 void setSystemRoles(java.lang.String[] roles, int id)
          Set the names of the system-wide roles.
 void setTrace(boolean tracing)
          Enable or disable tracing.
 void shutdown(int id)
          Shutdown the security component.
 void signOff(int id)
          This method disables the user's current context.
 int signOn(java.lang.String userId, java.lang.String password)
          This method attempts to signon the user - raising an exception if it fails.
 void signOn(java.lang.String userId, java.lang.String password, int id)
          This method attempts to signon the user - raising an exception if it fails.
 java.lang.Object test(int cmd, Dictionary options, int id)
          Perform a test command.
 void unlock(java.lang.String userid, int id)
          Unlock the specified user.
 void verify(int id)
          Verify all security databases for consistency.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

COMPID

public static final java.lang.String COMPID
Constructor Detail

SecurityManager

public SecurityManager()
Constructor for the default security manager.
Method Detail

addRightsToRole

public void addRightsToRole(java.lang.String nameOfRole,
                            java.lang.String[] rights,
                            int id)
                     throws DSESecurityException
Add rights to a role. This operation is atomic.
Specified by:
addRightsToRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to receive the new rights.
rights - String[] - the list of names of rights that are to be added to the role.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - security violation or other error.

addRightsToService

public void addRightsToService(java.lang.String nameOfService,
                               java.lang.String[] rights,
                               int id)
                        throws DSESecurityException
Add rights to a service. This operation is atomic.
Specified by:
addRightsToService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to receive the rights.
rights - String[] - the list of names of rights that are to be added to the service.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addRightsToUser

public void addRightsToUser(java.lang.String nameOfUser,
                            java.lang.String[] rights,
                            int id)
                     throws DSESecurityException
Add rights to a user. This operation is atomic.
Specified by:
addRightsToUser in interface SecurityManagerInterface
Parameters:
nameOfUser - String - the name of the user that is to receive the new rights.
rights - String[] - the list of names of rights that are to be added to the user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addRightToRole

public void addRightToRole(java.lang.String nameOfRole,
                           java.lang.String right,
                           int id)
                    throws DSESecurityException
Add a right to a role.
Specified by:
addRightToRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to modify.
right - String - the name of the right to add to the role.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addRightToService

public void addRightToService(java.lang.String nameOfService,
                              java.lang.String right,
                              int id)
                       throws DSESecurityException
Add a right to a service.
Specified by:
addRightToService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to receive the right.
right - String - the name of the right to add to the service.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addRightToUser

public void addRightToUser(java.lang.String nameOfUser,
                           java.lang.String right,
                           int id)
                    throws DSESecurityException
Add a right to a user.
Specified by:
addRightToUser in interface SecurityManagerInterface
Parameters:
nameOfUser - String - the name of the user that is to receive the new right.
right - String - the name of the right that is to be added to the user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addRoleToUser

public void addRoleToUser(java.lang.String userId,
                          java.lang.String role,
                          int id)
                   throws DSESecurityException
Add a role to a user.
Specified by:
addRoleToUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user that is to receive the new role.
role - String - the name of the role.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addSubGroup

public void addSubGroup(java.lang.String superGroup,
                        java.lang.String subGroup,
                        int id)
                 throws DSESecurityException
Add a child group to a parent group.
Specified by:
addSubGroup in interface SecurityManagerInterface
Parameters:
superGroup - String - the name of the parent group.
subGroup - String - the name of the child group.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addSubRole

public void addSubRole(java.lang.String superRole,
                       java.lang.String subRole,
                       int id)
                throws DSESecurityException
Add a child role to a parent role.
Specified by:
addSubRole in interface SecurityManagerInterface
Parameters:
superRole - String - the name of the parent role.
subRole - String - the name of the child role.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

addUserToGroup

public void addUserToGroup(java.lang.String nameOfGroup,
                           java.lang.String user,
                           int id)
                    throws DSESecurityException
Add a user to a group.
Specified by:
addUserToGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group that is to receive the new user.
user - String - the name of the user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

audit

public void audit(java.lang.String message)
Write a message to the audit log.
Specified by:
audit in interface SecurityManagerInterface
Parameters:
message - String - the message to log.

canLogOn

public boolean canLogOn(java.lang.String user,
                        java.lang.String password)
                 throws DSESecurityException
Check validity of user id and the corresponding password.
Specified by:
canLogOn in interface SecurityManagerInterface
Parameters:
user - String - the user id.
password - String - the password.
Returns:
boolean - true if user id & password are valid else false.
Throws:
DSESecurityException - - error in the request.

changeOwnPassword

public void changeOwnPassword(java.lang.String oldpassword,
                              java.lang.String newpassword,
                              int id)
                       throws DSESecurityException
Change the user's own password.
Specified by:
changeOwnPassword in interface SecurityManagerInterface
Parameters:
oldpassword - String - the old password.
newpassword - String - the new password.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

changePassword

public void changePassword(java.lang.String userid,
                           java.lang.String password,
                           int id)
                    throws DSESecurityException
Change the password of a user.
Specified by:
changePassword in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user.
password - String - the new password to associate with the user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

checkAccess

public boolean checkAccess(java.lang.String nameOfService,
                           int id)
                    throws DSESecurityException
Check the accessability of a service by the specified user.
Specified by:
checkAccess in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to check.
id - int - the context id of the requestor (the specified user).
Returns:
boolean - return true if access is allowed to the service else return false.
Throws:
DSESecurityException - - error in the request.

createGroup

public void createGroup(java.lang.String group,
                        int id)
                 throws DSESecurityException
Create a group.
Specified by:
createGroup in interface SecurityManagerInterface
Parameters:
group - String - the name of the group to create.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRight

public void createRight(java.lang.String right,
                        int id)
                 throws DSESecurityException
Create a right.
Specified by:
createRight in interface SecurityManagerInterface
Parameters:
right - String - the name of the right to create.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRole

public void createRole(java.lang.String role,
                       int id)
                throws DSESecurityException
Create a role.
Specified by:
createRole in interface SecurityManagerInterface
Parameters:
role - String - the name of the role to create.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRole

public void createRole(java.lang.String role,
                       RoleHandlerInterface handler,
                       int id)
                throws DSESecurityException
Create a role with an associated handler.
Specified by:
createRole in interface SecurityManagerInterface
Parameters:
role - String - the name of the role to create.
handler - RoleHandlerInterface - the role handler.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRole

public void createRole(java.lang.String role,
                       java.lang.String handler,
                       int id)
                throws DSESecurityException
Create a role with an associated handler.
Specified by:
createRole in interface SecurityManagerInterface
Parameters:
role - String - the name of the role to create.
handler - String - the name of the class of the role handler.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRoles

public void createRoles(java.lang.String[] roles,
                        RoleHandlerInterface[] handlers,
                        int id)
                 throws DSESecurityException
Create the roles named by the argument. If any of the named roles already exists then return an exception (no further roles are created).
Specified by:
createRoles in interface SecurityManagerInterface
Parameters:
roles - String[] - the names of the roles to create.
handlers - RoleHandlerInterface[] - the role handlers or null if you don't want to associate handlers with the roles.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRoles

public void createRoles(java.lang.String[] roles,
                        java.lang.String[] handlers,
                        int id)
                 throws DSESecurityException
Create the roles named by the argument. If any of the named roles already exists then return an exception (no further roles are created).
Specified by:
createRoles in interface SecurityManagerInterface
Parameters:
roles - String[] - the names of the roles to create.
handlers - String[] - the names of the classes of the role handlers or null if you don't want to associate handlers with the roles.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createRoles

public void createRoles(java.lang.String[] roles,
                        int id)
                 throws DSESecurityException
Create the roles named by the argument. If any of the named roles already exists then return an exception (no further roles are created).
Specified by:
createRoles in interface SecurityManagerInterface
Parameters:
roles - String[] - the names of the roles to create.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createService

public void createService(java.lang.String service,
                          int id)
                   throws DSESecurityException
Create a service.
Specified by:
createService in interface SecurityManagerInterface
Parameters:
service - String - the name of the service to create.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

createUser

public void createUser(java.lang.String user,
                       java.lang.String password,
                       int id)
                throws DSESecurityException
Create a user with the specified password.
Specified by:
createUser in interface SecurityManagerInterface
Parameters:
user - String - the name of the user to create.
password - String - the password to associate with the user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

exportSecurity

public void exportSecurity(java.lang.String userId,
                           java.lang.String password,
                           java.lang.String fileName,
                           Dictionary options)
                    throws DSESecurityException
Export the specified security databases into a text file.
Specified by:
exportSecurity in interface SecurityManagerInterface
Parameters:
userId - String - the user id of the requestor.
password - String - the password of the requestor.
fileName - String - the name of the text file.
options - Dictionary - the list of options for this operation.
Throws:
DSESecurityException - - error in the request.

forcedSignOff

public void forcedSignOff(int signoffContext,
                          int callerContext)
                   throws DSESecurityException
Disables the specified context (which may be owned by another user).
Specified by:
forcedSignOff in interface SecurityManagerInterface
Parameters:
signoffContext - int - the id of the context to sign off.
callerContext - int - the id of the context of the caller.
Throws:
DSESecurityException - - error in the request.

forcedSignOn

public void forcedSignOn(java.lang.String userId,
                         java.lang.String password,
                         int id)
                  throws DSESecurityException
Sign on to another user's context - raising an exception if it fails.
Specified by:
forcedSignOn in interface SecurityManagerInterface
Parameters:
userId - String - your user id.
password - String - your password.
id - int - the context id of the other user.
Throws:
DSESecurityException - - error in the request.

get

public java.lang.String get(java.lang.String key)
Return the value of the named configuration attribute.
Specified by:
get in interface SecurityManagerInterface
Parameters:
key - String - the name of the configuration attribute.
Returns:
String - the value of the named configuration attribute.
Throws:
NullPointerException - - if the key is null.

getActivationIntervalForUser

public java.lang.Object[] getActivationIntervalForUser(java.lang.String userId,
                                                       int id)
                                                throws DSESecurityException
Return the activation time, duration and enable flag for the specified user.
Specified by:
getActivationIntervalForUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
id - int - the context id of the requestor.
Returns:
Object[] - the enable flag, the activation time and the activation duration.
Throws:
DSESecurityException - - error in the request.

getAllDataFromContext

public Dictionary getAllDataFromContext(int queryContext,
                                        int callerContext)
                                 throws DSESecurityException
Return all data items from the specified context.
Specified by:
getAllDataFromContext in interface SecurityManagerInterface
Parameters:
queryContext - int - the context id to query.
callerContext - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllDataFromGroup

public Dictionary getAllDataFromGroup(java.lang.String nameOfGroup,
                                      int id)
                               throws DSESecurityException
Return all data items from the specified group.
Specified by:
getAllDataFromGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
id - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllDataFromRight

public Dictionary getAllDataFromRight(java.lang.String nameOfRight,
                                      int id)
                               throws DSESecurityException
Return all data items from the specified right.
Specified by:
getAllDataFromRight in interface SecurityManagerInterface
Parameters:
nameOfRight - String - the name of the right to access.
id - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllDataFromRole

public Dictionary getAllDataFromRole(java.lang.String nameOfRole,
                                     int id)
                              throws DSESecurityException
Return all data items from the specified role.
Specified by:
getAllDataFromRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
id - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllDataFromService

public Dictionary getAllDataFromService(java.lang.String nameOfService,
                                        int id)
                                 throws DSESecurityException
Return all data items from the specified service.
Specified by:
getAllDataFromService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to access.
id - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllDataFromUser

public Dictionary getAllDataFromUser(java.lang.String userId,
                                     int id)
                              throws DSESecurityException
Return all data items from the specified user.
Specified by:
getAllDataFromUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
id - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllInheritedDataFromUser

public Dictionary getAllInheritedDataFromUser(java.lang.String userId,
                                              int id)
                                       throws DSESecurityException
Return all inherited data items from the specified user.
Specified by:
getAllInheritedDataFromUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
id - int - the context id of the requestor.
Returns:
Dictionary - the dictionary of data items.
Throws:
DSESecurityException - - error in the request.

getAllMembersOfGroup

public java.lang.String[] getAllMembersOfGroup(java.lang.String nameOfGroup,
                                               int id)
                                        throws DSESecurityException
Return a list of all direct or indirect members (users) of the specified group.
Specified by:
getAllMembersOfGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
id - int - the context id of the requestor.
Returns:
String[] - list of all direct or indirect members of the specified group.
Throws:
DSESecurityException - - error in the request.

getAllRightsOfUser

public java.lang.String[] getAllRightsOfUser(java.lang.String userId,
                                             int id)
                                      throws DSESecurityException
Return the list of names of all rights assigned to the specified user either directly or indirectly via roles or subroles thereof.
Specified by:
getAllRightsOfUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of rights.
Throws:
DSESecurityException - - error in the request.

getAllSubgroups

public java.lang.String[] getAllSubgroups(java.lang.String nameOfGroup,
                                          boolean include,
                                          int id)
                                   throws DSESecurityException
Return a list of all the subgroups (direct or indirect) of the specified group.
Specified by:
getAllSubgroups in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
include - boolean - true or false to include or exclude the specified group respectively.
id - int - the context id of the requestor.
Returns:
String[] - the list of groups.
Throws:
DSESecurityException - - error in the request.

getAttributesOfUser

public Dictionary getAttributesOfUser(java.lang.String userId,
                                      int id)
                               throws DSESecurityException
Get the attributes of the specified user.
Specified by:
getAttributesOfUser in interface SecurityManagerInterface
Parameters:
userId - String - the user who's attributes are to be queried.
id - int - the context id of the requestor.
Returns:
Dictionary - the attributes of the specified user.
Throws:
DSESecurityException - - error in the request.

getAudit

public boolean getAudit()
Get the audit control flag.
Specified by:
getAudit in interface SecurityManagerInterface
Returns:
boolean - true if auditing is enabled else false.

getAvailableServices

public java.lang.String[] getAvailableServices(int id)
                                        throws DSESecurityException
Return the list of all services that the specified user is authorized to access.
Specified by:
getAvailableServices in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of services.
Throws:
DSESecurityException - - error in the request.

getChildrenOfRole

public java.lang.String[] getChildrenOfRole(java.lang.String nameOfRole,
                                            int id)
                                     throws DSESecurityException
Return the list of child roles of the specified role.
Specified by:
getChildrenOfRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of children of the specified role.
Throws:
DSESecurityException - - error in the request.

getConfiguration

public Dictionary getConfiguration(int id)
                            throws DSESecurityException
Return a dictionary of the current state of the system configurations.
Specified by:
getConfiguration in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary - dictionary of the current state of the system configurations.
Throws:
DSESecurityException - - error in the request.

getConfigurationAttributes

public Dictionary getConfigurationAttributes()
Return the table of all configuration attributes.
Specified by:
getConfigurationAttributes in interface SecurityManagerInterface
Returns:
Dictionary - the table of all configuration attributes.

getContainerLmt

public Dictionary getContainerLmt(SecurityLimit aLimit)
                           throws DSESecurityException
Returns a copy of the container limit information of aLimit
Specified by:
getContainerLmt in interface SecurityManagerInterface
Parameters:
aLimit - SecurityLimit - The limit to take container information from.
Returns:
com.ibm.dse.applsrv.aa.Dictionary - a copy of the container limit information
Throws:
DSESecurityException - - thrown when a problem occurs while retrieving limit information

getContainerLmt

public Dictionary getContainerLmt(java.lang.String userId,
                                  java.lang.String curCode,
                                  java.lang.String containerType,
                                  java.lang.String containerSubType)
                           throws DSESecurityException
Returns a copy of the container limit information of the limit that matches the parameters in the request
Specified by:
getContainerLmt in interface SecurityManagerInterface
Parameters:
userid - java.lang.String - The user the limit belongs to.
curCode - java.lang.String - The currency Code of the limit.
containerType - java.lang.String - The containerType of the limit
containerSubType - java.lang.String - The containerSubType of the limit
Returns:
com.ibm.dse.applsrv.aa.Dictionary - a copy of the container limit information
Throws:
DSESecurityException - - thrown when a problem occurs while retrieving limit information

getContexts

public int[] getContexts(int id)
                  throws DSESecurityException
Return a list of the ids of all the contexts.
Specified by:
getContexts in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
int[] - the list of ids of contexts.
Throws:
DSESecurityException - - error in the request.

getContexts

public int[] getContexts(java.lang.String userId,
                         java.lang.String password,
                         int type)
                  throws DSESecurityException
Return a list of ids of all the contexts.
Specified by:
getContexts in interface SecurityManagerInterface
Parameters:
userId - String - the user id.
password - String - the password.
type - int - the type of contexts to query: GLOBAL_CONTEXTS, ALL_CONTEXTS, ACTIVE_CONTEXTS or INACTIVE_CONTEXTS (the last 3 apply to the caller's contexts).
Returns:
int[] - the list of context ids.
Throws:
DSESecurityException - - error in the request.

getContextsOfUser

public int[] getContextsOfUser(java.lang.String userId,
                               int type,
                               int id)
                        throws DSESecurityException
Return a list of the ids of the contexts (active or inactive or both) of the specified user.
Specified by:
getContextsOfUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to query.
type - int - type of query: SecurityConstants.ALL_CONTEXTS, SecurityConstants.ACTIVE_CONTEXTS or SecurityConstants.INACTIVE_CONTEXTS.
id - int - the context id of the requestor.
Returns:
int[] - the list of ids of contexts.
Throws:
DSESecurityException - - error in the request.

getContextsWithAttributes

public Dictionary[] getContextsWithAttributes(int[] contexts,
                                              int id)
                                       throws DSESecurityException
Return a list of attributes of the specified contexts.
Specified by:
getContextsWithAttributes in interface SecurityManagerInterface
Parameters:
contexts - int[] - the list of contexts to interrogate (null means all contexts).
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes.
Throws:
DSESecurityException - - error in the request.

getContextsWithAttributes

public Dictionary[] getContextsWithAttributes(int id)
                                       throws DSESecurityException
Return a list of attributes of all the contexts.
Specified by:
getContextsWithAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes of all the contexts.
Throws:
DSESecurityException - - error in the request.

getCreatedRights

public java.lang.String[] getCreatedRights(int id)
                                    throws DSESecurityException
Return a list of the names of the user created rights.
Specified by:
getCreatedRights in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of the user created rights.
Throws:
DSESecurityException - - error in the request.

getDataFromContext

public java.lang.String getDataFromContext(int contextId,
                                           java.lang.String dataName,
                                           int id)
                                    throws DSESecurityException
Return the named data item from the specified context.
Specified by:
getDataFromContext in interface SecurityManagerInterface
Parameters:
contextId - int - the id of the context to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getDataFromGroup

public java.lang.String getDataFromGroup(java.lang.String nameOfGroup,
                                         java.lang.String dataName,
                                         int id)
                                  throws DSESecurityException
Return the named data item from the specified group.
Specified by:
getDataFromGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getDataFromLimit

public Dictionary getDataFromLimit(SecurityLimit aLimit)
                            throws DSESecurityException
Returns the data item from the specified limit.
Specified by:
getDataFromLimit in interface SecurityManagerInterface
Parameters:
aLimit - SecurityLimit- the limit to retrieve information from.
Returns:
Dictionary - the obtained data.
Throws:
DSESecurityException - - error in the request.

getDataFromLimit

public java.lang.String getDataFromLimit(SecurityLimit aLimit,
                                         java.lang.String dataName)
                                  throws DSESecurityException
A security manager must define a method to return the named data item from the specified user.
Specified by:
getDataFromLimit in interface SecurityManagerInterface
Parameters:
aLimit - SecurityLimit - the limit to retrieve information from .
dataName - String - the name of the data item.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getDataFromRight

public java.lang.String getDataFromRight(java.lang.String nameOfRight,
                                         java.lang.String dataName,
                                         int id)
                                  throws DSESecurityException
Return the named data item from the specified right.
Specified by:
getDataFromRight in interface SecurityManagerInterface
Parameters:
nameOfRight - String - the name of the right to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getDataFromRole

public java.lang.String getDataFromRole(java.lang.String nameOfRole,
                                        java.lang.String dataName,
                                        int id)
                                 throws DSESecurityException
Return the named data item from the specified role.
Specified by:
getDataFromRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getDataFromService

public java.lang.String getDataFromService(java.lang.String nameOfService,
                                           java.lang.String dataName,
                                           int id)
                                    throws DSESecurityException
Return the named data item from the specified service.
Specified by:
getDataFromService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getDataFromUser

public java.lang.String getDataFromUser(java.lang.String userId,
                                        java.lang.String dataName,
                                        int id)
                                 throws DSESecurityException
Return the named data item from the specified user.
Specified by:
getDataFromUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getGroups

public java.lang.String[] getGroups(int id)
                             throws DSESecurityException
Return a list of the names of the groups.
Specified by:
getGroups in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of groups.
Throws:
DSESecurityException - - error in the request.

getGroupsWithAttributes

public Dictionary[] getGroupsWithAttributes(java.lang.String[] groups,
                                            int id)
                                     throws DSESecurityException
Return a list of attributes of the specified groups.
Specified by:
getGroupsWithAttributes in interface SecurityManagerInterface
Parameters:
groups - String[] - the list of groups to interrogate.
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of right attribute sets.
Throws:
DSESecurityException - - error in the request.

getGroupsWithAttributes

public Dictionary[] getGroupsWithAttributes(int id)
                                     throws DSESecurityException
Return a list of attributes of all the groups.
Specified by:
getGroupsWithAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes of all the groups.
Throws:
DSESecurityException - - error in the request.

getHandler

public java.lang.String getHandler(java.lang.String nameOfRole,
                                   int id)
                            throws DSESecurityException
Return the name of the handler class associated with the named role.
Specified by:
getHandler in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
id - int - the context id of the requestor.
Returns:
String - the name of the handler class associated with the named role.
Throws:
DSESecurityException - - error in the request.

getInheritedDataFromGroup

public java.lang.String getInheritedDataFromGroup(java.lang.String nameOfGroup,
                                                  java.lang.String dataName,
                                                  int id)
                                           throws DSESecurityException
Return the value associated with specified name in the specified group or the closest supergroup.
Specified by:
getInheritedDataFromGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getInheritedDataFromUser

public java.lang.String getInheritedDataFromUser(java.lang.String nameOfUser,
                                                 java.lang.String dataName,
                                                 int id)
                                          throws DSESecurityException
Return the value associated with specified name in the specified user or the closest group.
Specified by:
getInheritedDataFromUser in interface SecurityManagerInterface
Parameters:
nameOfUser - String - the name of the user to access.
dataName - String - the name of the data item.
id - int - the context id of the requestor.
Returns:
String - the requested data.
Throws:
DSESecurityException - - error in the request.

getJDBCDatabase

public java.lang.String getJDBCDatabase()
Return the name of the JDBC database.
Specified by:
getJDBCDatabase in interface SecurityManagerInterface
Returns:
String - the name of the JDBC database.

getJDBCDriver

public java.lang.String getJDBCDriver()
Return the name of the JDBC driver.
Specified by:
getJDBCDriver in interface SecurityManagerInterface
Returns:
String - the name of the JDBC driver.

getJDBCURL

public java.lang.String getJDBCURL()
Return the name of the JDBC URL.
Specified by:
getJDBCURL in interface SecurityManagerInterface
Returns:
String - the name of the JDBC URL.

getLimitsOfUser

public Array getLimitsOfUser(java.lang.String userid)
                      throws DSESecurityException
Returns all limits of the specified user.
Specified by:
getLimitsOfUser in interface SecurityManagerInterface
Parameters:
userid - java.lang.String - the userid the limits belong to
Returns:
Array - the Array of limits belonging to userid
Throws:
DSESecurityException - - error in the request.

getManager

public static SecurityManagerInterface getManager()
Return the single instance of the security manager.
Returns:
SecurityManagerInterface - the security manager.

getMembersOfGroup

public java.lang.String[] getMembersOfGroup(java.lang.String nameOfGroup,
                                            int id)
                                     throws DSESecurityException
Return a list of names of users that are direct members of the specified group.
Specified by:
getMembersOfGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of names of users that are direct members of the specified group.
Throws:
DSESecurityException - - error in the request.

getOwnAttributes

public Dictionary[] getOwnAttributes(int id)
                              throws DSESecurityException
Return the attributes of the user and context associated with the specified id.
Specified by:
getOwnAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the attributes of the specified context and associated user.
Throws:
DSESecurityException - - error in the request.

getRights

public java.lang.String[] getRights(int id)
                             throws DSESecurityException
Return a list of the names of the rights.
Specified by:
getRights in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of rights.
Throws:
DSESecurityException - - error in the request.

getRightsOfRole

public java.lang.String[] getRightsOfRole(java.lang.String nameOfRole,
                                          int id)
                                   throws DSESecurityException
Return a list of names of rights of the specified role.
Specified by:
getRightsOfRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of names of rights of the specified role.
Throws:
DSESecurityException - - error in the request.

getRightsOfService

public java.lang.String[] getRightsOfService(java.lang.String nameOfService,
                                             int id)
                                      throws DSESecurityException
Return a list of names of rights of the specified service.
Specified by:
getRightsOfService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of names of rights of the specified service.
Throws:
DSESecurityException - - error in the request.

getRightsOfUser

public java.lang.String[] getRightsOfUser(int id)
                                   throws DSESecurityException
Return a list of names of rights of the specified user.
Specified by:
getRightsOfUser in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names rights of the current user.
Throws:
DSESecurityException - - error in the request.

getRightsOfUser

public java.lang.String[] getRightsOfUser(java.lang.String userId,
                                          int id)
                                   throws DSESecurityException
Return a list of names of rights of the specified user.
Specified by:
getRightsOfUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of names of rights of the specified user.
Throws:
DSESecurityException - - error in the request.

getRightsWithAttributes

public Dictionary[] getRightsWithAttributes(java.lang.String[] rights,
                                            int id)
                                     throws DSESecurityException
Return a list of right attributes.
Specified by:
getRightsWithAttributes in interface SecurityManagerInterface
Parameters:
rights - String[] - the list of rights to interrogate.
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of right attribute sets.
Throws:
DSESecurityException - - error in the request.

getRightsWithAttributes

public Dictionary[] getRightsWithAttributes(int id)
                                     throws DSESecurityException
Return a list of attributes of all the rights.
Specified by:
getRightsWithAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes of all the rights.
Throws:
DSESecurityException - - error in the request.

getRoles

public java.lang.String[] getRoles(int id)
                            throws DSESecurityException
Return a list of the names of the roles.
Specified by:
getRoles in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of roles.
Throws:
DSESecurityException - - error in the request.

getRolesOfUser

public java.lang.String[] getRolesOfUser(int id)
                                  throws DSESecurityException
Return a list of names of roles of the specified user.
Specified by:
getRolesOfUser in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of roles of the specified user.
Throws:
DSESecurityException - - error in the request.

getRolesOfUser

public java.lang.String[] getRolesOfUser(java.lang.String userId,
                                         int id)
                                  throws DSESecurityException
Return a list of names of roles of the specified user.
Specified by:
getRolesOfUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of names of roles of the specified user.
Throws:
DSESecurityException - - error in the request.

getRolesWithAttributes

public Dictionary[] getRolesWithAttributes(java.lang.String[] roles,
                                           int id)
                                    throws DSESecurityException
Return a list of role attributes.
Specified by:
getRolesWithAttributes in interface SecurityManagerInterface
Parameters:
roles - String[] - the list of roles to interrogate.
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of role attribute sets.
Throws:
DSESecurityException - - error in the request.

getRolesWithAttributes

public Dictionary[] getRolesWithAttributes(int id)
                                    throws DSESecurityException
Return a list of attributes of all the roles.
Specified by:
getRolesWithAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes of all the roles.
Throws:
DSESecurityException - - error in the request.

getServices

public java.lang.String[] getServices(int id)
                               throws DSESecurityException
Return a list of the names of the services.
Specified by:
getServices in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of names of services.
Throws:
DSESecurityException - - error in the request.

getServicesWithAttributes

public Dictionary[] getServicesWithAttributes(java.lang.String[] services,
                                              int id)
                                       throws DSESecurityException
Return a list of service attributes.
Specified by:
getServicesWithAttributes in interface SecurityManagerInterface
Parameters:
services - String[] - the list of services to interrogate.
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of service attribute sets.
Throws:
DSESecurityException - - error in the request.

getServicesWithAttributes

public Dictionary[] getServicesWithAttributes(int id)
                                       throws DSESecurityException
Return a list of attributes of all the services.
Specified by:
getServicesWithAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes of all the services.
Throws:
DSESecurityException - - error in the request.

getStatusOfContextId

public int getStatusOfContextId(int id)
                         throws DSESecurityException
Return the status of the specified context.
Specified by:
getStatusOfContextId in interface SecurityManagerInterface
Parameters:
id - int - the context id to check.
Returns:
int - return CONTEXT_ACTIVE, CONTEXT_INACTIVE or CONTEXT_INVALID if the context is active, inactive or invalid respectively.
Throws:
DSESecurityException - - error in the request.

getSubGroups

public java.lang.String[] getSubGroups(java.lang.String nameOfGroup,
                                       int id)
                                throws DSESecurityException
Return a list of subgroups of the specified group.
Specified by:
getSubGroups in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
id - int - the context id of the requestor.
Returns:
String[] - the list of subgroups of the specified group.
Throws:
DSESecurityException - - error in the request.

getSystemRoles

public java.lang.String[] getSystemRoles(int id)
                                  throws DSESecurityException
Return a list of the names of the system-wide roles.
Specified by:
getSystemRoles in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the names of the system-wide roles.
Throws:
DSESecurityException - - error in the request.

getTrace

public boolean getTrace()
Return the value of the trace flag.
Specified by:
getTrace in interface SecurityManagerInterface
Returns:
boolean - true if tracing is enabled, false if tracing is disabled.

getTransactionLmt

public Dictionary getTransactionLmt(SecurityLimit aLimit)
                             throws DSESecurityException
Returns a copy of the transaction limit information of aLimit
Specified by:
getTransactionLmt in interface SecurityManagerInterface
Parameters:
aLimit - SecurityLimit - The limit to take transaction information from.
Returns:
com.ibm.dse.applsrv.aa.Dictionary - a copy of the transaction limit information
Throws:
DSESecurityException - - thrown when a problem occurs while retrieving limit information

getTransactionLmt

public Dictionary getTransactionLmt(java.lang.String userId,
                                    java.lang.String curCode,
                                    java.lang.String transType)
                             throws DSESecurityException
Returns a copy of the transaction limit information of the limit that matches the parameters request
Specified by:
getTransactionLmt in interface SecurityManagerInterface
Parameters:
userid - java.lang.String - The user the limit belongs to.
curCode - java.lang.String - The currency Code of the limit.
transactionType - java.lang.String - The transactionType of the limit
Returns:
com.ibm.dse.applsrv.aa.Dictionary - a copy of the transaction limit information
Throws:
DSESecurityException - - thrown when a problem occurs while retrieving limit information

getUser

public java.lang.String getUser(int id)
                         throws DSESecurityException
Return the name of the user associated with the specified id.
Specified by:
getUser in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String - the logon user id.
Throws:
DSESecurityException - - error in the request.

getUsers

public java.lang.String[] getUsers(int id)
                            throws DSESecurityException
Return a list of the ids of all the users.
Specified by:
getUsers in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
String[] - the list of ids of all the users.
Throws:
DSESecurityException - - error in the request.

getUsersWithAttributes

public Dictionary[] getUsersWithAttributes(java.lang.String[] users,
                                           int id)
                                    throws DSESecurityException
Return a list of user attributes.
Specified by:
getUsersWithAttributes in interface SecurityManagerInterface
Parameters:
users - String[] - the list of users to interrogate.
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of user attributes.
Throws:
DSESecurityException - - error in the request.

getUsersWithAttributes

public Dictionary[] getUsersWithAttributes(int id)
                                    throws DSESecurityException
Return a list of attributes of all the users.
Specified by:
getUsersWithAttributes in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
Dictionary[] - the list of attributes of all the users.
Throws:
DSESecurityException - - error in the request.

hasRight

public boolean hasRight(java.lang.String right,
                        int id)
                 throws DSESecurityException
Check if current user has the specified right (directly or indirectly) and that its active.
Specified by:
hasRight in interface SecurityManagerInterface
Parameters:
right - String - the name of the right to check.
id - int - the context id of the requestor.
Returns:
boolean - true if the requestor has the specified right and its active, false otherwise.
Throws:
DSESecurityException - - error in the request.

hasRight

public boolean hasRight(java.lang.String userid,
                        java.lang.String right,
                        int id)
                 throws DSESecurityException
Check if the specified user has the specified right (directly or indirectly) and that its active.
Specified by:
hasRight in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to check.
right - String - the name of the right to check.
id - int - the context id of the requestor.
Returns:
boolean - true if the specified user has the specified right and its active, false otherwise.
Throws:
DSESecurityException - - error in the request.

hasRight

public boolean hasRight(java.lang.String userid,
                        java.lang.String password,
                        java.lang.String right,
                        int id)
                 throws DSESecurityException
Check if the specified user has the specified right (directly or indirectly) and that its active.
Specified by:
hasRight in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to check.
password - String - the password for the specified user.
right - String - the name of the right to check.
id - int - the context id of the requestor.
Returns:
boolean - true if the specified user has the specified right and its active, false otherwise.
Throws:
DSESecurityException - - error in the request.

hasSubgroup

public boolean hasSubgroup(java.lang.String supergroup,
                           java.lang.String subgroup,
                           int id)
                    throws DSESecurityException
Check if 'supergroup' has 'subgroup' as a subgroup.
Specified by:
hasSubgroup in interface SecurityManagerInterface
Parameters:
supergroup - String - the name of the supergroup.
subgroup - String - the name of the subgroup.
id - int - the context id of the requestor.
Returns:
boolean - true if 'supergroup' has 'subgroup' as a subgroup, false otherwise.
Throws:
DSESecurityException - - error in the request.

importSecurity

public void importSecurity(java.lang.String userId,
                           java.lang.String password,
                           java.lang.String fileName,
                           Dictionary options)
                    throws DSESecurityException
Import the specified security databases from a text file.
Specified by:
importSecurity in interface SecurityManagerInterface
Parameters:
userId - String - the user id of the requestor.
password - String - the password of the requestor.
fileName - String - the name of the text file.
options - Dictionary - the list of options for this operation.
Throws:
DSESecurityException - - error in the request.

initialize

public void initialize(Dictionary config)
                throws DSESecurityException
Initialize the security manager. Will throw a DSESecurityException if called more than once.
Specified by:
initialize in interface SecurityManagerInterface
Parameters:
config - Dictionary - the configuration parameters.
Throws:
DSESecurityException - - initialization error.

initialize

public static void initialize(SecurityManagerInterface aSecurityManager,
                              Dictionary config)
                       throws DSESecurityException
Initialize the security manager.
Parameters:
aSecurityManager - SecurityManagerInterface - the security manager.
config - Dictionary - the configuration parameters.
Throws:
DSESecurityException - - initialization error.

isMemberOfGroup

public boolean isMemberOfGroup(java.lang.String nameOfGroup,
                               java.lang.String userID,
                               boolean direct,
                               int id)
                        throws DSESecurityException
Check if the specified user is a direct or indirect member of the specified group. An indirect member of a specified group must be a direct member of a direct or indirect subgroup of that specified group.
Specified by:
isMemberOfGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group.
userID - String - the name of the user.
direct - boolean - if true then check only direct membership, if false then check direct/indirect membership.
id - int - the context id of the requestor.
Returns:
boolean - true of the specified user is a direct/indirect member of the specified group.
Throws:
DSESecurityException - - error in the request.

lock

public void lock(java.lang.String userid,
                 int id)
          throws DSESecurityException
Lockout the specified user. A locked user cannot log on.
Specified by:
lock in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to lock.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

logOff

public void logOff(int id)
            throws DSESecurityException
Log off the specified user.
Specified by:
logOff in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

logOff

public void logOff(java.lang.String userid,
                   java.lang.String password,
                   int options,
                   int[] contexts)
            throws DSESecurityException
Logoff the specified contexts of the specified user. This operation is NOT atomic!
Specified by:
logOff in interface SecurityManagerInterface
Parameters:
userid - String - the user to be affected.
password - String - the password of the specified user.
options - int - the type of contexts to logoff.
contexts - int[] - the list of specified contexts to logoff.
Throws:
DSESecurityException - - error in the request.

logOn

public int logOn(java.lang.String user,
                 java.lang.String password)
          throws DSESecurityException
Perform a logon.
Specified by:
logOn in interface SecurityManagerInterface
Parameters:
user - String - the name of the user to logon.
password - String - the password.
Returns:
int - the new context id.
Throws:
DSESecurityException - - error in the request.

logOn

public int logOn(java.lang.String userId,
                 java.lang.String password,
                 java.lang.Object object)
          throws DSESecurityException
Perform a logon.
Specified by:
logOn in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to logon.
password - String - the password.
object - Object - an arbitrary object which is passed on to the role handlers. The default code ignores it.
Returns:
int - the new context id.
Throws:
DSESecurityException - - error in the request.

queryForcedSignOff

public boolean queryForcedSignOff(int id)
                           throws DSESecurityException
Return forced sign off status of the current context.
Specified by:
queryForcedSignOff in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Returns:
boolean - true if the last signoff of this context was a forced signoff else false.
Throws:
DSESecurityException - - error in the request.

queryLock

public boolean queryLock(java.lang.String userid,
                         int id)
                  throws DSESecurityException
Query the lock status of the specified user.
Specified by:
queryLock in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to query.
id - int - the context id of the requestor.
Returns:
boolean - true if user is locked, false if user is unlocked.
Throws:
DSESecurityException - - error in the request.

removeGroup

public void removeGroup(java.lang.String group,
                        int id)
                 throws DSESecurityException
Remove a group.
Specified by:
removeGroup in interface SecurityManagerInterface
Parameters:
group - String - the name of the group to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRight

public void removeRight(java.lang.String right,
                        int id)
                 throws DSESecurityException
Remove a right.
Specified by:
removeRight in interface SecurityManagerInterface
Parameters:
right - String - the name of the right to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRightFromRole

public void removeRightFromRole(java.lang.String nameOfRole,
                                java.lang.String right,
                                int id)
                         throws DSESecurityException
Remove a right from a role.
Specified by:
removeRightFromRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to modify.
right - String - the name of the right to remove from the role.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRightFromService

public void removeRightFromService(java.lang.String nameOfService,
                                   java.lang.String right,
                                   int id)
                            throws DSESecurityException
Remove a right from a service.
Specified by:
removeRightFromService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to modify.
right - String - the name of the right to remove from the service.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRightFromUser

public void removeRightFromUser(java.lang.String nameOfUser,
                                java.lang.String right,
                                int id)
                         throws DSESecurityException
Remove the specified right from the user.
Specified by:
removeRightFromUser in interface SecurityManagerInterface
Parameters:
nameOfUser - String - the name of the user to change.
right - String - the name of the right to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRightsFromRole

public void removeRightsFromRole(java.lang.String nameOfRole,
                                 java.lang.String[] rights,
                                 int id)
                          throws DSESecurityException
Remove rights from a role.
Specified by:
removeRightsFromRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to modify.
rights - String[] - the list of names of rights that are to be removed from the role.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRightsFromService

public void removeRightsFromService(java.lang.String nameOfService,
                                    java.lang.String[] rights,
                                    int id)
                             throws DSESecurityException
Remove rights from a service.
Specified by:
removeRightsFromService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to modify.
rights - String[] - the list of names of rights that are to be removed from the service.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRightsFromUser

public void removeRightsFromUser(java.lang.String nameOfUser,
                                 java.lang.String[] rights,
                                 int id)
                          throws DSESecurityException
Remove the specified rights from the user.
Specified by:
removeRightsFromUser in interface SecurityManagerInterface
Parameters:
nameOfUser - String - the name of the user to change.
rights - String[] - the list of names of rights to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRole

public void removeRole(java.lang.String role,
                       int id)
                throws DSESecurityException
Remove a role.
Specified by:
removeRole in interface SecurityManagerInterface
Parameters:
role - String - the name of the role to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRoleFromUser

public void removeRoleFromUser(java.lang.String userId,
                               java.lang.String role,
                               int id)
                        throws DSESecurityException
Remove the specified role from the user.
Specified by:
removeRoleFromUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to change.
role - String - the name of the role to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeRoles

public boolean removeRoles(java.lang.String[] rolesToDelete,
                           java.lang.String[] options,
                           int id)
                    throws DSESecurityException
Delete the named roles subject to the specified options. OPTIONS: atomic , exception , local , nosave , references , safe , skip.
Specified by:
removeRoles in interface SecurityManagerInterface
Parameters:
rolesToDelete - String[] - the names of the roles to delete.
options - String[] - the options for this command.
id - int - the context id of the requestor.
Returns:
boolean - true if the deletes succeeded else false.
Throws:
DSESecurityException - - error in the request.

removeService

public void removeService(java.lang.String service,
                          int id)
                   throws DSESecurityException
Remove a service.
Specified by:
removeService in interface SecurityManagerInterface
Parameters:
service - String - the name of the service to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeSubGroup

public void removeSubGroup(java.lang.String superGroup,
                           java.lang.String subGroup,
                           int id)
                    throws DSESecurityException
Remove a child group from a parent group.
Specified by:
removeSubGroup in interface SecurityManagerInterface
Parameters:
superGroup - String - the name of the parent group.
subGroup - String - the name of the child group.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeSubRole

public void removeSubRole(java.lang.String superRole,
                          java.lang.String subRole,
                          int id)
                   throws DSESecurityException
Remove a child role from a parent role.
Specified by:
removeSubRole in interface SecurityManagerInterface
Parameters:
superRole - String - the name of the role to modify.
subRole - String - the name of the role to be removed.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeUser

public void removeUser(java.lang.String user,
                       int id)
                throws DSESecurityException
Remove a user.
Specified by:
removeUser in interface SecurityManagerInterface
Parameters:
user - String - the name of the user to remove.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

removeUserFromGroup

public void removeUserFromGroup(java.lang.String nameOfGroup,
                                java.lang.String user,
                                int id)
                         throws DSESecurityException
Remove a user from a group.
Specified by:
removeUserFromGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group.
user - String - the name of the user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

save

public void save(boolean[] list,
                 int id)
          throws DSESecurityException
Force a save of selected databases even if persistence is disabled.
Specified by:
save in interface SecurityManagerInterface
Parameters:
list - boolean[] - for each true - force a save of the corresponding database.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setActivationIntervalForUser

public void setActivationIntervalForUser(java.lang.String userId,
                                         long startTime,
                                         long duration,
                                         boolean limit,
                                         int id)
                                  throws DSESecurityException
Set the activation time, duration and enable flag for the specified user.
Specified by:
setActivationIntervalForUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
startTime - long - this user's activation time as milliseconds since January 1, 1970, 00:00:00 GMT.
duration - long - this user's duration of activation in milliseconds.
limit - boolean - if true then temporary user else permanent user.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAllDataForContext

public void setAllDataForContext(int contextId,
                                 Dictionary dictionary,
                                 int id)
                          throws DSESecurityException
Set all data items for the context.
Specified by:
setAllDataForContext in interface SecurityManagerInterface
Parameters:
contextId - int - the id of the context to access.
dictionary - Dictionary - the data dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAllDataForGroup

public void setAllDataForGroup(java.lang.String nameOfGroup,
                               Dictionary dictionary,
                               int id)
                        throws DSESecurityException
Set all data items for the specified group.
Specified by:
setAllDataForGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
dictionary - Dictionary - the data dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAllDataForRight

public void setAllDataForRight(java.lang.String nameOfRight,
                               Dictionary dictionary,
                               int id)
                        throws DSESecurityException
Set all data items for the specified right.
Specified by:
setAllDataForRight in interface SecurityManagerInterface
Parameters:
nameOfRight - String - the name of the right to access.
dictionary - Dictionary - the data dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAllDataForRole

public void setAllDataForRole(java.lang.String nameOfRole,
                              Dictionary dictionary,
                              int id)
                       throws DSESecurityException
Set all data items for the specified role.
Specified by:
setAllDataForRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
dictionary - Dictionary - the data dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAllDataForService

public void setAllDataForService(java.lang.String nameOfService,
                                 Dictionary dictionary,
                                 int id)
                          throws DSESecurityException
Set all data items for the specified service.
Specified by:
setAllDataForService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to access.
dictionary - Dictionary - the data dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAllDataForUser

public void setAllDataForUser(java.lang.String userId,
                              Dictionary dictionary,
                              int id)
                       throws DSESecurityException
Set all data items for the specified user.
Specified by:
setAllDataForUser in interface SecurityManagerInterface
Parameters:
userId - String - the name of the user to access.
dictionary - Dictionary - the data dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAttributesOfUser

public void setAttributesOfUser(java.lang.String userId,
                                Dictionary attributes,
                                boolean set,
                                int id)
                         throws DSESecurityException
Set the attributes of the specified user.
Specified by:
setAttributesOfUser in interface SecurityManagerInterface
Parameters:
userId - String - the user who's attributes are to be changed.
attributes - Dictionary - the new attributes.
set - boolean - if true then set all the attributes else change the specified attributes only.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setAudit

public void setAudit(boolean auditFlag)
Set the audit control flag. Note - the audit file must be open otherwise this call is ignored.
Specified by:
setAudit in interface SecurityManagerInterface
Parameters:
auditFlag - boolean - the audit flag.

setConfiguration

public void setConfiguration(Dictionary configurations,
                             int id)
                      throws DSESecurityException
Set the specified system configurations to the specified values. Currently invalid keys or values are ignored [this may change].
Specified by:
setConfiguration in interface SecurityManagerInterface
Parameters:
configurations - Dictionary - the configuration dictionary.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setDataForContext

public void setDataForContext(int contextId,
                              java.lang.String key,
                              java.lang.String value,
                              int id)
                       throws DSESecurityException
Add, change or remove the named data item for the specified context.
Specified by:
setDataForContext in interface SecurityManagerInterface
Parameters:
contextId - int - the id of the context to access.
key - String - the name of the data item.
value - String - the data item (null removes the item).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setDataForGroup

public void setDataForGroup(java.lang.String nameOfGroup,
                            java.lang.String key,
                            java.lang.String value,
                            int id)
                     throws DSESecurityException
Add, change or remove the named data item for the specified group.
Specified by:
setDataForGroup in interface SecurityManagerInterface
Parameters:
nameOfGroup - String - the name of the group to access.
key - String - the name of the data item.
value - String - the data item (null removes the item).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setDataForRight

public void setDataForRight(java.lang.String nameOfRight,
                            java.lang.String key,
                            java.lang.String value,
                            int id)
                     throws DSESecurityException
Add, change or remove the named data item for the specified right.
Specified by:
setDataForRight in interface SecurityManagerInterface
Parameters:
nameOfRight - String - the name of the right to access.
key - String - the name of the data item.
value - String - the data item (null removes the item).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setDataForRole

public void setDataForRole(java.lang.String nameOfRole,
                           java.lang.String key,
                           java.lang.String value,
                           int id)
                    throws DSESecurityException
Add, change or remove the named data item for the specified role.
Specified by:
setDataForRole in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to access.
key - String - the name of the data item.
value - String - the data item (null removes the item).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setDataForService

public void setDataForService(java.lang.String nameOfService,
                              java.lang.String key,
                              java.lang.String value,
                              int id)
                       throws DSESecurityException
Add, change or remove the named data item for the specified service.
Specified by:
setDataForService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to access.
key - String - the name of the data item.
value - String - the data item (null removes the item).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setDataForUser

public void setDataForUser(java.lang.String userid,
                           java.lang.String key,
                           java.lang.String value,
                           int id)
                    throws DSESecurityException
Add, change or remove the named data item for the specified user.
Specified by:
setDataForUser in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to access.
key - String - the name of the data item.
value - String - the data item (null removes the item).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setExpiryForRights

public void setExpiryForRights(java.lang.String userid,
                               java.lang.String[] rights,
                               long start,
                               long duration,
                               int id)
                        throws DSESecurityException
Define the lifetime of a set of rights associated with a user. If the duration is not positive then remove these attributes.
Specified by:
setExpiryForRights in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to change.
rights - String[] - the set of names of rights to affect.
start - long - the enable time for the rights (milliseconds since epoch).
duration - long - the duration of validity for the rights (in milliseconds).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setExpiryForRoles

public void setExpiryForRoles(java.lang.String userid,
                              java.lang.String[] roles,
                              long start,
                              long duration,
                              int id)
                       throws DSESecurityException
Define the lifetime of a set of roles associated with a user. If the duration is not positive then remove these attributes.
Specified by:
setExpiryForRoles in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to change.
roles - String[] - the set of names of roles to affect.
start - long - the enable time for the roles (milliseconds since epoch).
duration - long - the duration of validity for the roles (in milliseconds).
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setHandler

public void setHandler(java.lang.String nameOfRole,
                       java.lang.String handler,
                       int id)
                throws DSESecurityException
Set the handler for the named role.
Specified by:
setHandler in interface SecurityManagerInterface
Parameters:
nameOfRole - String - the name of the role to modify.
handler - String - the name of the class of the handler.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setRightsForService

public void setRightsForService(java.lang.String nameOfService,
                                java.lang.String[] rights,
                                int id)
                         throws DSESecurityException
Set the required rights for a service.
Specified by:
setRightsForService in interface SecurityManagerInterface
Parameters:
nameOfService - String - the name of the service to change.
rights - String[] - the list of names of rights to set.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setRightsForUser

public void setRightsForUser(java.lang.String userid,
                             java.lang.String[] rights,
                             int id)
                      throws DSESecurityException
Set the rights for a user.
Specified by:
setRightsForUser in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user that is to receive the new rights.
rights - String[] - the list of names of rights that the user is now to have.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setRolesForUser

public void setRolesForUser(java.lang.String userid,
                            java.lang.String[] roles,
                            int id)
                     throws DSESecurityException
Set the roles for a user.
Specified by:
setRolesForUser in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user that is to receive the new roles.
roles - String[] - the list of names of roles that the user is now to have.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setSystemRoles

public void setSystemRoles(java.lang.String[] roles,
                           int id)
                    throws DSESecurityException
Set the names of the system-wide roles.
Specified by:
setSystemRoles in interface SecurityManagerInterface
Parameters:
roles - String[] - the names of the system-wide roles.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

setTrace

public void setTrace(boolean tracing)
Enable or disable tracing. Note - this only applies to API tracing.
Specified by:
setTrace in interface SecurityManagerInterface
Parameters:
tracing - boolean - if true then enable tracing, if false then disable tracing.

shutdown

public void shutdown(int id)
              throws DSESecurityException
Shutdown the security component.
Specified by:
shutdown in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

signOff

public void signOff(int id)
             throws DSESecurityException
This method disables the user's current context.
Specified by:
signOff in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

signOn

public int signOn(java.lang.String userId,
                  java.lang.String password)
           throws DSESecurityException
This method attempts to signon the user - raising an exception if it fails. A unique context must exist for this user.
Specified by:
signOn in interface SecurityManagerInterface
Parameters:
userId - String - the user id.
password - String - the password.
Returns:
int - the id of the context that was signon on.
Throws:
DSESecurityException - - error in the request.

signOn

public void signOn(java.lang.String userId,
                   java.lang.String password,
                   int id)
            throws DSESecurityException
This method attempts to signon the user - raising an exception if it fails.
Specified by:
signOn in interface SecurityManagerInterface
Parameters:
userId - String - the user id.
password - String - the password.
id - int - the id of the context to signon.
Throws:
DSESecurityException - - error in the request.

test

public java.lang.Object test(int cmd,
                             Dictionary options,
                             int id)
                      throws DSESecurityException
Perform a test command.
Specified by:
test in interface SecurityManagerInterface
Parameters:
cmd - int - the command id.
options - Dictionary - the options to the command.
id - int - the context id of the requestor.
Returns:
Object - the return value.
Throws:
DSESecurityException - - error in the request.

unlock

public void unlock(java.lang.String userid,
                   int id)
            throws DSESecurityException
Unlock the specified user. An unlocked user can log in.
Specified by:
unlock in interface SecurityManagerInterface
Parameters:
userid - String - the name of the user to unlock.
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.

verify

public void verify(int id)
            throws DSESecurityException
Verify all security databases for consistency.
Specified by:
verify in interface SecurityManagerInterface
Parameters:
id - int - the context id of the requestor.
Throws:
DSESecurityException - - error in the request.