com.ibm.dse.applsrv.aa
Class SecurityController

java.lang.Object
  |
  +--com.ibm.dse.applsrv.aa.SecurityController

public class SecurityController
extends java.lang.Object
implements SecurityConstants

This class represents the default controller for the security objects.


Fields inherited from interface com.ibm.dse.applsrv.aa.SecurityConstants
ACTIVE_CONTEXTS, ALL_CONTEXTS, AUDIT_FILE, CBTF_TRACING, CONFIGURATION, CONFIGURATIONS_DATABASE, CONTEXT_ACTIVE, CONTEXT_DATABASE, CONTEXT_INACTIVE, CONTEXT_INVALID, CONTEXTS, CONTROLLER, DEFAULT_CONFIGURATIONS_DATABASE, DEFAULT_CONTEXT_DATABASE, DEFAULT_GROUPS_DATABASE, DEFAULT_RIGHTS_DATABASE, DEFAULT_ROLES_DATABASE, DEFAULT_SERVICES_DATABASE, DEFAULT_USER_DATABASE, ENCRYPTION, GLOBAL_CONTEXTS, GROUPS, GROUPS_DATABASE, INACTIVE_CONTEXTS, JDBC_DATABASE, JDBC_DRIVER, JDBC_MAX_DATA, JDBC_MAX_GROUPS, JDBC_MAX_HANDLER, JDBC_MAX_ID, JDBC_MAX_PASSWORD, JDBC_MAX_RIGHT_TIMES, JDBC_MAX_RIGHTS, JDBC_MAX_ROLE_TIMES, JDBC_MAX_ROLES, JDBC_MAX_USER_ID, JDBC_MAX_USERS, JDBC_PASSWORD, JDBC_URL, JDBC_USER_ID, LIMIT_DATABASE, LIMITS, LOGGING_HANDLER, LOGGING_OPTIONS, PERSIST_CONTEXTS, PERSISTENCE, QUERY_PASSWORDS, RIGHTS, RIGHTS_DATABASE, ROLES, ROLES_DATABASE, SECURITY_DIRECTORY, SECURITY_MANAGER, SERVICES, SERVICES_DATABASE, SPECIFIC_CONTEXTS, TEST_ADD_RIGHT_TO_USER, TEST_ADD_RIGHTS_TO_USER, TEST_AUDIT, TEST_CONTEXT_IDS, TEST_DISABLE_PERSISTENCE, TEST_EXPORT, TEST_GET_CONFIGURATION, TEST_GET_CONTEXTS, TEST_GET_GROUPS, TEST_GET_PASSWORD_ACCESS, TEST_GET_PERSISTENCE, TEST_GET_RIGHTS, TEST_GET_ROLES, TEST_GET_SERVICES, TEST_GET_UNIQUE_LOGON, TEST_GET_USERS, TEST_GROUP_IDS, TEST_IMPORT, TEST_IMPORT2, TEST_LOAD_CONFIGURATIONS, TEST_LOAD_CONTEXTS, TEST_LOAD_GROUPS, TEST_LOAD_RIGHTS, TEST_LOAD_ROLES, TEST_LOAD_SERVICES, TEST_LOAD_USERS, TEST_PERSISTENCE, TEST_QUERY_SM, TEST_REMOVE_ALL_RIGHTS_FROM_USER, TEST_RESET, TEST_RIGHT_IDS, TEST_ROLE_IDS, TEST_SAVE, TEST_SERVICE_IDS, TEST_SET_CONFIGURATION, TEST_SET_PASSWORD_ACCESS, TEST_SET_PERSISTENCE, TEST_SET_UNIQUE_LOGON, TEST_TEST1, TEST_TEST2, TEST_TEST3, TEST_TRACE, TEST_USER_IDS, TRACE_EXCEPTIONS, TRACE_FILE, TRACE_LOGGER, UNIQUE_LOGONS, USE_LIMITS, USER_DATABASE, USERS
 
Constructor Summary
SecurityController()
           
 
Method Summary
 void checkRights(java.lang.String[] rightsToCheck)
          Verify that all of the named rights actually exist.
 SecurityContext createContext(java.lang.String user)
          Create a new instance of a context with the specified id.
 SecurityContext createContext(java.lang.String user, int contextId)
          Create a new instance of a context with the specified data.
 SecurityGroup createGroup(java.lang.String group)
          Create a new instance of a Group with the specified name.
 SecurityLimit createLimit(java.lang.String userid, java.lang.String curcode)
          Creates a new instance of a limit with the specified userid and curcode.
 SecurityRight createRight(java.lang.String right)
          Create a new instance of a Right with the specified name.
 SecurityRole createRole(java.lang.String role)
          Create a new instance of a Role with the specified name.
 SecurityRole createRole(java.lang.String role, RoleHandlerInterface roleHandler)
          Create a new instance of a Role with the specified name & role interface.
 SecurityRole createRole(java.lang.String role, java.lang.String roleHandler)
          Create a new instance of a Role with the specified name & role interface.
 SecurityService createService(java.lang.String service)
          Create a new instance of a Service with the specified name.
 SecurityUser createUser(java.lang.String user, java.lang.String password)
          Create a new instance of a user with the specified name and password.
 boolean deleteContext(int contextID)
          Delete the specified context.
 boolean deleteGroup(java.lang.String group)
          Delete the named group.
 boolean deleteRight(java.lang.String right)
          Delete the named right.
 boolean deleteRole(java.lang.String role)
          Delete the named role.
 boolean deleteRoles(java.lang.String[] rolesToDelete, java.lang.String[] options)
          Delete the named roles subject to the specified options.
 boolean deleteService(java.lang.String service)
          Delete the named service.
 boolean deleteUser(java.lang.String user)
          Delete the named user.
 boolean disableConfigurationPersistence()
          Disable system configuration persistence and return the former persistence state.
 boolean disableContextPersistence()
          Disable context persistence and return the former persistence state.
 boolean disableGroupPersistence()
          Disable group persistence and return the former persistence state.
 boolean disableLimitPersistence()
          Disable limit persistence and return the former persistence state.
 boolean[] disablePersistence()
          Disable the persistence for all security objects and return the former persistence states.
 boolean disableRightPersistence()
          Disable right persistence and return the former persistence state.
 boolean disableRolePersistence()
          Disable role persistence and return the former persistence state.
 boolean disableServicePersistence()
          Disable service persistence and return the former persistence state.
 boolean disableUserPersistence()
          Disable user persistence and return the former persistence state.
 java.util.Enumeration enumerationOverContexts()
          Return an enumeration over the contexts.
 java.util.Enumeration enumerationOverGroups()
          Return an enumeration over the groups.
 java.util.Enumeration enumerationOverRights()
          Return an enumeration over the rights.
 java.util.Enumeration enumerationOverRoles()
          Return an enumeration over the roles.
 java.util.Enumeration enumerationOverServices()
          Return an enumeration over the services.
 java.util.Enumeration enumerationOverUsers()
          Return an enumeration over the users.
 Dictionary getConfiguration()
          Return a dictionary of the current state of the system configurations.
 boolean getConfigurationPersistence()
          Return the state of configuration persistence.
 Dictionary getContainerLmt(SecurityLimit aLimit)
          Returns a copy of the container limit information of aLimit
 SecurityContext getContext(int id)
          Return the context with the specified context id or null if it does not exist.
 SecurityContext getContext(int id, java.lang.String user)
          Return the context with the specified id.
 int[] getContextIds()
          Return a array of the integer ids of all the contexts.
 boolean getContextPersistence()
          Return the state of context persistence.
 Dictionary getContexts()
          Return the dictionary of contexts.
static SecurityController getController()
          Return the current security controller to be used by the system.
 java.lang.String[] getCreatedRights()
          Return the list of the names of the user created rights.
 SecurityGroup getGroup(java.lang.String group)
          Return the group with the specified name or null if it does not exist.
 SecurityGroup getGroup(java.lang.String group, boolean create)
          Return the group with the specified name.
 java.lang.String[] getGroupIds()
          Return the list of names of the groups.
 boolean getGroupPersistence()
          Return the state of group persistence.
 Dictionary getGroups()
          Return the dictionary of groups.
 boolean getPasswordAccess()
          Return the password access control flag.
 java.lang.String getPathNameOfConfigurationDatabase()
          Return the pathname of the database of system configurations.
 java.lang.String getPathNameOfContextDatabase()
          Return the pathname of the database of contexts.
 java.lang.String getPathNameOfGroupDatabase()
          Return the pathname of the database of groups.
 java.lang.String getPathNameOfLimitDatabase()
          Return the pathname of the database of limits.
 java.lang.String getPathNameOfRightDatabase()
          Return the pathname of the database of rights.
 java.lang.String getPathNameOfRoleDatabase()
          Return the pathname of the database of roles.
 java.lang.String getPathNameOfServiceDatabase()
          Return the pathname of the database of services.
 java.lang.String getPathNameOfUserDatabase()
          Return the pathname of the database of users.
 boolean[] getPersistence()
          Return the persistence enablement states for each of the security objects.
 SecurityRight getRight(java.lang.String right)
          Return the right with the specified name or null if it does not exist.
 SecurityRight getRight(java.lang.String right, boolean create)
          Return the right with the specified name.
 java.lang.String[] getRightIds()
          Return the list of names of the rights.
 boolean getRightPersistence()
          Return the state of right persistence.
 Dictionary getRights()
          Return the dictionary of rights.
 SecurityRole getRole(java.lang.String role)
          Return the role with the specified name or null if it does not exist.
 SecurityRole getRole(java.lang.String role, boolean create)
          Return the role with the specified name.
 java.lang.String[] getRoleIds()
          Return the list of names of the roles.
 boolean getRolePersistence()
          Return the state of role persistence.
 Dictionary getRoles()
          Return the dictionary of roles.
 SecurityService getService(java.lang.String service)
          Return the service with the specified name or null if it does not exist.
 SecurityService getService(java.lang.String service, boolean create)
          Return the service with the specified name.
 java.lang.String[] getServiceIds()
          Return the list of names of the services.
 boolean getServicePersistence()
          Return the state of service persistence.
 Dictionary getServices()
          Return the dictionary of services.
 java.lang.String[] getSystemRoles()
          Return the names of the system-wide roles.
 Dictionary getTransactionLmt(SecurityLimit aLimit)
          Returns a copy of the transaction limit information of aLimit
 boolean getUniqueLogons()
          Return the unique logon control flag.
 SecurityUser getUser(java.lang.String user)
          Return the user with the specified name or null if it does not exist.
 SecurityUser getUser(java.lang.String user, java.lang.String password)
          Return the user with the specified name.
 java.lang.String[] getUserIds()
          Return the list of names of the users.
 boolean getUserPersistence()
          Return the state of user persistence.
 Dictionary getUsers()
          Return the dictionary of configured users.
 java.lang.String[] initializeRights()
          Insure that all of the intrinsic rights exists and return this list.
 java.lang.String[] initialRights()
          Return a copy of the list of initial rights for the default user.
 void loadConfiguration()
          Load the current state of the system configuration from the database.
 void loadContexts()
          Load the current state of the contexts from the database.
 void loadGroups()
          Load the current state of the groups from the database.
 void loadLimits()
          Load the current state of the LIMITS from the database.
 void loadRights()
          Load the current state of the rights from the database.
 void loadRoles()
          Load the current state of the roles from the database.
 void loadServices()
          Load the current state of the services from the database.
 void loadUsers()
          Load the current state of the users from the database.
 Array membership(java.lang.String user)
          Return the list of groups of which user is a direct member.
 int numberOfGroups()
          Return the number of groups that are currently defined.
 int numberOfRights()
          Return the number of rights that are currently defined.
 int numberOfRoles()
          Return the number of roles that are currently defined.
 int numberOfServices()
          Return the number of services that are currently defined.
 int numberOfUsers()
          Return the number of users that are currently defined.
 Dictionary readConfiguration()
          Load and return the current state of the system configurations from the database.
 IntegerKeyDictionary readContexts()
          Load and return the current state of the contexts from the database.
 Dictionary readGroups()
          Load and return the current state of the groups from the database.
 Dictionary readRights()
          Load and return the current state of the rights from the database.
 Dictionary readRoles()
          Load and return the current state of the roles from the database.
 Dictionary readServices()
          Load and return the current state of the services from the database.
 Dictionary readUsers()
          Load and return the current state of the configured users from the database.
 void recreateDefaultUser()
          Recreate the default user with all of its default attributes.
 void reset()
          Reset the state of all the security objects.
 void resetConfiguration()
          Reset the system configurations.
 void resetContexts()
          Reset the contexts.
 void resetGroups()
          Reset the groups.
 void resetLimits()
          Reset the limits.
 void resetRights()
          Reset the rights.
 void resetRoles()
          Reset the roles.
 void resetServices()
          Reset the services.
 void resetUsers()
          Reset the users.
 void resetUsersWithoutDefaultUser()
          Reset the users without the default user.
 void save()
          Save the current state of all the security objects to the database.
 void save(boolean[] v)
          Force a save of selected databases even if persistence is disabled.
 void saveConfiguration()
          Save the current state of the system configurations to the database.
 void saveContexts()
          Save the current state of the contexts to the database.
 void saveGroups()
          Save the current state of the groups to the database.
 void saveRights()
          Save the current state of the rights to the database.
 void saveRoles()
          Save the current state of the roles to the database.
 void saveServices()
          Save the current state of the services to the database.
 void saveUsers()
          Save the current state of the configured users to the database.
 void setAuditFile(java.lang.String fileName)
          Set the pathname of the audit file.
 void setConfiguration(Dictionary config)
          Set the specified system configurations to the specified values.
 void setConfigurationDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for system configurations.
 void setConfigurationPersistence(boolean persist)
          Enable or disable system configuration persistence.
 void setContextDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for contexts.
 void setContextPersistence(boolean persist)
          Enable or disable context persistence.
static void setController(SecurityController securityController)
          Set the security controller to be used by the system.
 void setGroupDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for groups.
 void setGroupPersistence(boolean persist)
          Enable or disable group persistence.
 void setLimitDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for limits.
 void setLimitPersistence(boolean persist)
          Enable or disable limits persistence.
 void setPasswordAccess(boolean access)
          Enable or disable password access for users.
 void setPersistence(boolean[] v)
          Set the persistence enablement states for each of the security objects.
 void setRightDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for rights.
 void setRightPersistence(boolean persist)
          Enable or disable right persistence.
 void setRoleDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for roles.
 void setRolePersistence(boolean persist)
          Enable or disable role persistence.
 void setServiceDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for services.
 void setServicePersistence(boolean persist)
          Enable or disable service persistence.
 void setSystemRoles(java.lang.String[] roles)
          Set the names of the system-wide roles.
 void setUniqueLogons(boolean uniqueLogons)
          Enable or disable unique logons by users.
 void setUserDatabase(SecurityPersistence securityPersistence)
          Set the persistence controller for users.
 void setUserPersistence(boolean persist)
          Enable or disable user persistence.
 void shutdown()
          Shutdown the security component.
 void verify()
          Verify the integrity of all security databases.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityController

public SecurityController()
Method Detail

checkRights

public void checkRights(java.lang.String[] rightsToCheck)
                 throws DSESecurityException
Verify that all of the named rights actually exist. Throw an AdmException if at least one of these doesn't.
Parameters:
rightsToCheck - String[] - the names of the rights to delete.
Throws:
DSESecurityException - - error in the request.

createContext

public SecurityContext createContext(java.lang.String user)
                              throws DSESecurityException
Create a new instance of a context with the specified id.
Parameters:
user - String - the user id.
Returns:
SecurityContext - the context.
Throws:
DSESecurityException - - error in the request.

createContext

public SecurityContext createContext(java.lang.String user,
                                     int contextId)
                              throws DSESecurityException
Create a new instance of a context with the specified data.
Parameters:
user - String - the name of this user.
contextId - int - the id of this new context.
Returns:
SecurityContext - the context.
Throws:
DSESecurityException - - error in the request.

createGroup

public SecurityGroup createGroup(java.lang.String group)
                          throws DSESecurityException
Create a new instance of a Group with the specified name.
Parameters:
service - String - the name of the group.
Returns:
SecurityGroup - the group.
Throws:
DSESecurityException - - error in the request.

createLimit

public SecurityLimit createLimit(java.lang.String userid,
                                 java.lang.String curcode)
                          throws DSESecurityException
Creates a new instance of a limit with the specified userid and curcode.
Parameters:
userid - java.lang.String . The owner user of the limit
curcode - java.lang.String .The currency code of the limit
Throws:
DSESecurityException - - error in the request.

createRight

public SecurityRight createRight(java.lang.String right)
                          throws DSESecurityException
Create a new instance of a Right with the specified name.
Parameters:
right - String - the name of the right.
Returns:
SecurityRight - the right.
Throws:
DSESecurityException - - error in the request.

createRole

public SecurityRole createRole(java.lang.String role)
                        throws DSESecurityException
Create a new instance of a Role with the specified name.
Parameters:
role - String - the name of the role.
Returns:
SecurityRole - the role.
Throws:
DSESecurityException - - error in the request.

createRole

public SecurityRole createRole(java.lang.String role,
                               RoleHandlerInterface roleHandler)
                        throws DSESecurityException
Create a new instance of a Role with the specified name & role interface.
Parameters:
role - String - the name of the role.
roleHandler - RoleHandlerInterface - the role handler.
Returns:
SecurityRole - the role.
Throws:
DSESecurityException - - error in the request.

createRole

public SecurityRole createRole(java.lang.String role,
                               java.lang.String roleHandler)
                        throws DSESecurityException
Create a new instance of a Role with the specified name & role interface.
Parameters:
role - String - the name of the role.
roleHandler - String - the name of the class of the role handler.
Returns:
SecurityRole - the role.
Throws:
DSESecurityException - - error in the request.

createService

public SecurityService createService(java.lang.String service)
                              throws DSESecurityException
Create a new instance of a Service with the specified name.
Parameters:
service - String - the name of the service.
Returns:
SecurityService - the service.
Throws:
DSESecurityException - - error in the request.

createUser

public SecurityUser createUser(java.lang.String user,
                               java.lang.String password)
                        throws DSESecurityException
Create a new instance of a user with the specified name and password.
Parameters:
user - String - the name of the user.
password - String - the password.
Returns:
SecurityUser - the user.
Throws:
DSESecurityException - - error in the request.

deleteContext

public boolean deleteContext(int contextID)
                      throws DSESecurityException
Delete the specified context.
Parameters:
contextID - int - the id of the context to delete.
Returns:
boolean - true if the delete succeeded else false.
Throws:
DSESecurityException - - database error.

deleteGroup

public boolean deleteGroup(java.lang.String group)
                    throws DSESecurityException
Delete the named group.
Parameters:
group - String - the name of the group to delete.
Returns:
boolean - true if the delete succeeded else false.
Throws:
DSESecurityException - - database error.

deleteRight

public boolean deleteRight(java.lang.String right)
                    throws DSESecurityException
Delete the named right.
Parameters:
right - String - the name of the right to delete.
Returns:
boolean - true if the delete succeeded else false.
Throws:
DSESecurityException - - database error.

deleteRole

public boolean deleteRole(java.lang.String role)
                   throws DSESecurityException
Delete the named role.
Parameters:
role - String - the name of the role to delete.
Returns:
boolean - true if the delete succeeded else false.
Throws:
DSESecurityException - - database error.

deleteRoles

public boolean deleteRoles(java.lang.String[] rolesToDelete,
                           java.lang.String[] options)
                    throws DSESecurityException
Delete the named roles subject to the specified options. OPTIONS: atomic , child , exception , nosave , references , safe , skip.
Parameters:
rolesToDelete - String[] - the names of the roles to delete.
options - String[] - the options for this command.
Returns:
boolean - true if the deletes succeeded else false.
Throws:
DSESecurityException - - error in the request.

deleteService

public boolean deleteService(java.lang.String service)
                      throws DSESecurityException
Delete the named service.
Parameters:
service - String - the name of the service to delete.
Returns:
boolean - true if the delete succeeded else false.
Throws:
DSESecurityException - - database error.

deleteUser

public boolean deleteUser(java.lang.String user)
                   throws DSESecurityException
Delete the named user.
Parameters:
user - String - the name of the user to delete.
Returns:
boolean - true if the delete succeeded else false.
Throws:
DSESecurityException - - database error.

disableConfigurationPersistence

public boolean disableConfigurationPersistence()
Disable system configuration persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disableContextPersistence

public boolean disableContextPersistence()
Disable context persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disableGroupPersistence

public boolean disableGroupPersistence()
Disable group persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disableLimitPersistence

public boolean disableLimitPersistence()
Disable limit persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disablePersistence

public boolean[] disablePersistence()
Disable the persistence for all security objects and return the former persistence states.
Returns:
boolean[] - old persistence flags for users, contexts, rights, roles, services, groups , system configurations.

disableRightPersistence

public boolean disableRightPersistence()
Disable right persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disableRolePersistence

public boolean disableRolePersistence()
Disable role persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disableServicePersistence

public boolean disableServicePersistence()
Disable service persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

disableUserPersistence

public boolean disableUserPersistence()
Disable user persistence and return the former persistence state.
Returns:
boolean - the former persistence state.

enumerationOverContexts

public java.util.Enumeration enumerationOverContexts()
Return an enumeration over the contexts.
Returns:
Enumeration - the enumeration over the contexts.

enumerationOverGroups

public java.util.Enumeration enumerationOverGroups()
Return an enumeration over the groups.
Returns:
Enumeration - the enumeration over the groups.

enumerationOverRights

public java.util.Enumeration enumerationOverRights()
Return an enumeration over the rights.
Returns:
Enumeration - the enumeration over the rights.

enumerationOverRoles

public java.util.Enumeration enumerationOverRoles()
Return an enumeration over the roles.
Returns:
Enumeration - the enumeration over the roles.

enumerationOverServices

public java.util.Enumeration enumerationOverServices()
Return an enumeration over the services.
Returns:
Enumeration - the enumeration over the services.

enumerationOverUsers

public java.util.Enumeration enumerationOverUsers()
Return an enumeration over the users.
Returns:
Enumeration - the enumeration over the users.

getConfiguration

public Dictionary getConfiguration()
                            throws DSESecurityException
Return a dictionary of the current state of the system configurations.
Returns:
Dictionary - dictionary of the current state of the system configurations.
Throws:
DSESecurityException - - database error.

getConfigurationPersistence

public boolean getConfigurationPersistence()
Return the state of configuration persistence.
Returns:
boolean - the state of configuration persistence.

getContainerLmt

public Dictionary getContainerLmt(SecurityLimit aLimit)
                           throws DSESecurityException
Returns a copy of the container limit information of aLimit
Parameters:
aLimit - SecurityLimit - The limit to take container information from.
Returns:
com.ibm.dse.applsrv.aa.Dictionary - a copy of the container limit information
Throws:
DSESecurityException - - thrown when a problem occurs while retrieving limit information

getContext

public SecurityContext getContext(int id)
Return the context with the specified context id or null if it does not exist.
Parameters:
id - int - the context id.
Returns:
SecurityContext - the context or null if it does not exist.

getContext

public SecurityContext getContext(int id,
                                  java.lang.String user)
                           throws DSESecurityException
Return the context with the specified id. If the context doesn't exist & the user is null then return null else create & return a new context with the specified id.
Parameters:
id - int - the context id.
user - String - if the context does not exist then if user is specified then create it else just return null.
Returns:
SecurityContext - the context.
Throws:
DSESecurityException - - error in the request.

getContextIds

public int[] getContextIds()
Return a array of the integer ids of all the contexts.
Returns:
int[] - the array of the integer ids of all the contexts.

getContextPersistence

public boolean getContextPersistence()
Return the state of context persistence.
Returns:
boolean - the state of context persistence.

getContexts

public Dictionary getContexts()
Return the dictionary of contexts.
Returns:
Dictionary - the contexts.

getController

public static SecurityController getController()
Return the current security controller to be used by the system. The default controller is an instance of this class.
Returns:
SecurityController - the security object controller.

getCreatedRights

public java.lang.String[] getCreatedRights()
                                    throws DSESecurityException
Return the list of the names of the user created rights.
Returns:
String[] - the list of names of all the rights.
Throws:
DSESecurityException - - database error.

getGroup

public SecurityGroup getGroup(java.lang.String group)
Return the group with the specified name or null if it does not exist.
Parameters:
group - String - the name of the group.
Returns:
SecurityGroup - the group or null if it does not exist.

getGroup

public SecurityGroup getGroup(java.lang.String group,
                              boolean create)
                       throws DSESecurityException
Return the group with the specified name. If the group doesn't exist & the create option is false then return null else create & return a new group with the specified name.
Parameters:
group - String - the name of the group.
create - boolean - if the group does not exist then if true then create it else just return null.
Returns:
SecurityGroup - the group.
Throws:
DSESecurityException - - error in the request.

getGroupIds

public java.lang.String[] getGroupIds()
Return the list of names of the groups.
Returns:
String[] - the list of names of the groups.

getGroupPersistence

public boolean getGroupPersistence()
Return the state of group persistence.
Returns:
boolean - the state of group persistence.

getGroups

public Dictionary getGroups()
Return the dictionary of groups.
Returns:
Dictionary - the groups.

getPasswordAccess

public boolean getPasswordAccess()
Return the password access control flag.
Returns:
boolean - true if the password is accessible else false.

getPathNameOfConfigurationDatabase

public java.lang.String getPathNameOfConfigurationDatabase()
                                                    throws DSESecurityException
Return the pathname of the database of system configurations.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or CONFIGURATIONS_DATABASE in the configuration).

getPathNameOfContextDatabase

public java.lang.String getPathNameOfContextDatabase()
                                              throws DSESecurityException
Return the pathname of the database of contexts.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or CONTEXT_DATABASE in the configuration).

getPathNameOfGroupDatabase

public java.lang.String getPathNameOfGroupDatabase()
                                            throws DSESecurityException
Return the pathname of the database of groups.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or GROUPS_DATABASE in the configuration).

getPathNameOfLimitDatabase

public java.lang.String getPathNameOfLimitDatabase()
                                            throws DSESecurityException
Return the pathname of the database of limits.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or LIMIT_DATABASE in the configuration).

getPathNameOfRightDatabase

public java.lang.String getPathNameOfRightDatabase()
                                            throws DSESecurityException
Return the pathname of the database of rights.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or RIGHTS_DATABASE in the configuration).

getPathNameOfRoleDatabase

public java.lang.String getPathNameOfRoleDatabase()
                                           throws DSESecurityException
Return the pathname of the database of roles.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or ROLES_DATABASE in the configuration).

getPathNameOfServiceDatabase

public java.lang.String getPathNameOfServiceDatabase()
                                              throws DSESecurityException
Return the pathname of the database of services.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or SERVICES_DATABASE in the configuration).

getPathNameOfUserDatabase

public java.lang.String getPathNameOfUserDatabase()
                                           throws DSESecurityException
Return the pathname of the database of users.
Returns:
String - the pathname of this database.
Throws:
DSESecurityException - - if the pathname is null (usually caused by missing SECURITY_DIRECTORY or USER_DATABASE in the configuration).

getPersistence

public boolean[] getPersistence()
Return the persistence enablement states for each of the security objects.
Returns:
boolean[] - persistence flags for users, contexts, rights, roles, services, groups and system configuration.

getRight

public SecurityRight getRight(java.lang.String right)
Return the right with the specified name or null if it does not exist.
Parameters:
right - String - the name of the right.
Returns:
SecurityRight - the right or null if it does not exist.

getRight

public SecurityRight getRight(java.lang.String right,
                              boolean create)
                       throws DSESecurityException
Return the right with the specified name. If the right doesn't exist & the create option is false then return null else create & return a new right with the specified name.
Parameters:
right - String - the name of the right.
create - boolean - if the right does not exist then if true then create it else just return null.
Returns:
SecurityRight - the right.
Throws:
DSESecurityException - - error in the request.

getRightIds

public java.lang.String[] getRightIds()
Return the list of names of the rights.
Returns:
String[] - the list of names of the rights.

getRightPersistence

public boolean getRightPersistence()
Return the state of right persistence.
Returns:
boolean - the state of right persistence.

getRights

public Dictionary getRights()
Return the dictionary of rights.
Returns:
Dictionary - the rights.

getRole

public SecurityRole getRole(java.lang.String role)
Return the role with the specified name or null if it does not exist.
Parameters:
role - String - the name of the role.
Returns:
SecurityRole - the role or null if it does not exist.

getRole

public SecurityRole getRole(java.lang.String role,
                            boolean create)
                     throws DSESecurityException
Return the role with the specified name. If the role doesn't exist & the create option is false then return null else create & return a new role with the specified name.
Parameters:
role - String - the name of the role.
create - boolean - if the role does not exist then if true then create it else just return null.
Returns:
SecurityRole - the role.
Throws:
DSESecurityException - - error in the request.

getRoleIds

public java.lang.String[] getRoleIds()
Return the list of names of the roles.
Returns:
String[] - the list of names of the roles.

getRolePersistence

public boolean getRolePersistence()
Return the state of role persistence.
Returns:
boolean - the state of role persistence.

getRoles

public Dictionary getRoles()
Return the dictionary of roles.
Returns:
Dictionary - the roles.

getService

public SecurityService getService(java.lang.String service)
Return the service with the specified name or null if it does not exist.
Parameters:
service - String - the name of the service.
Returns:
SecurityService - the service or null if it does not exist.

getService

public SecurityService getService(java.lang.String service,
                                  boolean create)
                           throws DSESecurityException
Return the service with the specified name. If the service doesn't exist & the create option is false then return null else create & return a new service with the specified name.
Parameters:
service - String - the name of the service.
create - boolean - if the service does not exist then if true then create it else just return null.
Returns:
SecurityService - the service.
Throws:
DSESecurityException - - error in the request.

getServiceIds

public java.lang.String[] getServiceIds()
Return the list of names of the services.
Returns:
String[] - the list of names of the services.

getServicePersistence

public boolean getServicePersistence()
Return the state of service persistence.
Returns:
boolean - the state of service persistence.

getServices

public Dictionary getServices()
Return the dictionary of services.
Returns:
Dictionary - the services.

getSystemRoles

public java.lang.String[] getSystemRoles()
Return the names of the system-wide roles.
Returns:
String[] - the names of the system-wide roles.

getTransactionLmt

public Dictionary getTransactionLmt(SecurityLimit aLimit)
                             throws DSESecurityException
Returns a copy of the transaction limit information of aLimit
Parameters:
aLimit - SecurityLimit - The limit to take transaction information from.
Returns:
com.ibm.dse.applsrv.aa.Dictionary - a copy of the transaction limit information
Throws:
DSESecurityException - - thrown when a problem occurs while retrieving limit information

getUniqueLogons

public boolean getUniqueLogons()
Return the unique logon control flag.
Returns:
boolean - true if user logons must be unique else false.

getUser

public SecurityUser getUser(java.lang.String user)
Return the user with the specified name or null if it does not exist.
Parameters:
user - String - the name of the user.
Returns:
SecurityUser - the user or null if it does not exist.

getUser

public SecurityUser getUser(java.lang.String user,
                            java.lang.String password)
                     throws DSESecurityException
Return the user with the specified name. If the user doesn't exist & the password is null then return null else create & return a new user with the specified name & password.
Parameters:
user - String - the name of the user.
password - String - if not null then this will be the password of the newly created user.
Returns:
SecurityUser - the user.
Throws:
DSESecurityException - - error in the request.

getUserIds

public java.lang.String[] getUserIds()
Return the list of names of the users.
Returns:
String[] - the list of names of the users.

getUserPersistence

public boolean getUserPersistence()
Return the state of user persistence.
Returns:
boolean - the state of user persistence.

getUsers

public Dictionary getUsers()
Return the dictionary of configured users.
Returns:
Dictionary - the users.

initializeRights

public java.lang.String[] initializeRights()
Insure that all of the intrinsic rights exists and return this list.
Returns:
String[] - the copy of the list of initial rights.

initialRights

public java.lang.String[] initialRights()
Return a copy of the list of initial rights for the default user.
Returns:
String[] - the copy of the list of initial rights.

loadConfiguration

public void loadConfiguration()
                       throws DSESecurityException
Load the current state of the system configuration from the database.
Throws:
DSESecurityException - - database error.

loadContexts

public void loadContexts()
                  throws DSESecurityException
Load the current state of the contexts from the database.
Throws:
DSESecurityException - - database error.

loadGroups

public void loadGroups()
                throws DSESecurityException
Load the current state of the groups from the database.
Throws:
DSESecurityException - - database error.

loadLimits

public void loadLimits()
                throws DSESecurityException
Load the current state of the LIMITS from the database.
Throws:
DSESecurityException - - database error.

loadRights

public void loadRights()
                throws DSESecurityException
Load the current state of the rights from the database.
Throws:
DSESecurityException - - database error.

loadRoles

public void loadRoles()
               throws DSESecurityException
Load the current state of the roles from the database.
Throws:
DSESecurityException - - database error.

loadServices

public void loadServices()
                  throws DSESecurityException
Load the current state of the services from the database.
Throws:
DSESecurityException - - database error.

loadUsers

public void loadUsers()
               throws DSESecurityException
Load the current state of the users from the database.
Throws:
DSESecurityException - - database error.

membership

public Array membership(java.lang.String user)
Return the list of groups of which user is a direct member.
Parameters:
user - String - the user id.
Returns:
Array - the list of names of groups.

numberOfGroups

public int numberOfGroups()
Return the number of groups that are currently defined.
Returns:
int - the number of groups that are currently defined.

numberOfRights

public int numberOfRights()
Return the number of rights that are currently defined.
Returns:
int - the number of rights that are currently defined.

numberOfRoles

public int numberOfRoles()
Return the number of roles that are currently defined.
Returns:
int - the number of roles that are currently defined.

numberOfServices

public int numberOfServices()
Return the number of services that are currently defined.
Returns:
int - the number of services that are currently defined.

numberOfUsers

public int numberOfUsers()
Return the number of users that are currently defined.
Returns:
int - the number of users that are currently defined.

readConfiguration

public Dictionary readConfiguration()
                             throws DSESecurityException
Load and return the current state of the system configurations from the database.
Returns:
Dictionary - the database.
Throws:
DSESecurityException - - database error.

readContexts

public IntegerKeyDictionary readContexts()
                                  throws DSESecurityException
Load and return the current state of the contexts from the database.
Returns:
IntegerKeyDictionary - the database.
Throws:
DSESecurityException - - database error.

readGroups

public Dictionary readGroups()
                      throws DSESecurityException
Load and return the current state of the groups from the database.
Returns:
Dictionary - the database.
Throws:
DSESecurityException - - database error.

readRights

public Dictionary readRights()
                      throws DSESecurityException
Load and return the current state of the rights from the database.
Returns:
Dictionary - the database.
Throws:
DSESecurityException - - database error.

readRoles

public Dictionary readRoles()
                     throws DSESecurityException
Load and return the current state of the roles from the database.
Returns:
Dictionary - the database.
Throws:
DSESecurityException - - database error.

readServices

public Dictionary readServices()
                        throws DSESecurityException
Load and return the current state of the services from the database.
Returns:
Dictionary - the database.
Throws:
DSESecurityException - - database error.

readUsers

public Dictionary readUsers()
                     throws DSESecurityException
Load and return the current state of the configured users from the database.
Returns:
Dictionary - the database.
Throws:
DSESecurityException - - database error.

recreateDefaultUser

public void recreateDefaultUser()
                         throws DSESecurityException
Recreate the default user with all of its default attributes.
Throws:
DSESecurityException - - database error.

reset

public void reset()
           throws DSESecurityException
Reset the state of all the security objects.
Throws:
DSESecurityException - - database error.

resetConfiguration

public void resetConfiguration()
                        throws DSESecurityException
Reset the system configurations.
Throws:
DSESecurityException - - database error.

resetContexts

public void resetContexts()
                   throws DSESecurityException
Reset the contexts.
Throws:
DSESecurityException - - database error.

resetGroups

public void resetGroups()
                 throws DSESecurityException
Reset the groups.
Throws:
DSESecurityException - - database error.

resetLimits

public void resetLimits()
                 throws DSESecurityException
Reset the limits.
Throws:
DSESecurityException - - database error.

resetRights

public void resetRights()
                 throws DSESecurityException
Reset the rights.
Throws:
DSESecurityException - - database error.

resetRoles

public void resetRoles()
                throws DSESecurityException
Reset the roles.
Throws:
DSESecurityException - - database error.

resetServices

public void resetServices()
                   throws DSESecurityException
Reset the services.
Throws:
DSESecurityException - - database error.

resetUsers

public void resetUsers()
                throws DSESecurityException
Reset the users.
Throws:
DSESecurityException - - database error.

resetUsersWithoutDefaultUser

public void resetUsersWithoutDefaultUser()
                                  throws DSESecurityException
Reset the users without the default user.
Throws:
DSESecurityException - - database error.

save

public void save()
          throws DSESecurityException
Save the current state of all the security objects to the database.
Throws:
DSESecurityException - - database error.

save

public void save(boolean[] v)
          throws DSESecurityException
Force a save of selected databases even if persistence is disabled.
Parameters:
list - boolean[] - for each true - force a save of the corresponding database.
Throws:
DSESecurityException - - error in the request.

saveConfiguration

public void saveConfiguration()
                       throws DSESecurityException
Save the current state of the system configurations to the database.
Throws:
DSESecurityException - - database error.

saveContexts

public void saveContexts()
                  throws DSESecurityException
Save the current state of the contexts to the database.
Throws:
DSESecurityException - - database error.

saveGroups

public void saveGroups()
                throws DSESecurityException
Save the current state of the groups to the database.
Throws:
DSESecurityException - - database error.

saveRights

public void saveRights()
                throws DSESecurityException
Save the current state of the rights to the database.
Throws:
DSESecurityException - - database error.

saveRoles

public void saveRoles()
               throws DSESecurityException
Save the current state of the roles to the database.
Throws:
DSESecurityException - - database error.

saveServices

public void saveServices()
                  throws DSESecurityException
Save the current state of the services to the database.
Throws:
DSESecurityException - - database error.

saveUsers

public void saveUsers()
               throws DSESecurityException
Save the current state of the configured users to the database.
Throws:
DSESecurityException - - database error.

setAuditFile

public void setAuditFile(java.lang.String fileName)
                  throws DSESecurityException
Set the pathname of the audit file.
Parameters:
fileName - String - dictionary of system configurations to be set.
Throws:
DSESecurityException - - database error.

setConfiguration

public void setConfiguration(Dictionary config)
                      throws DSESecurityException
Set the specified system configurations to the specified values. Invalid keys or values are ignored.
Parameters:
config - Dictionary - dictionary of system configurations to be set.
Throws:
DSESecurityException - - database error.

setConfigurationDatabase

public void setConfigurationDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for system configurations.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setConfigurationPersistence

public void setConfigurationPersistence(boolean persist)
Enable or disable system configuration persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setContextDatabase

public void setContextDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for contexts.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setContextPersistence

public void setContextPersistence(boolean persist)
Enable or disable context persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setController

public static void setController(SecurityController securityController)
Set the security controller to be used by the system.
Parameters:
securityController - SecurityController - the new security controller.

setGroupDatabase

public void setGroupDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for groups.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setGroupPersistence

public void setGroupPersistence(boolean persist)
Enable or disable group persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setLimitDatabase

public void setLimitDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for limits.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setLimitPersistence

public void setLimitPersistence(boolean persist)
Enable or disable limits persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setPasswordAccess

public void setPasswordAccess(boolean access)
Enable or disable password access for users.
Parameters:
access - boolean - true to enable access, false to disable it.

setPersistence

public void setPersistence(boolean[] v)
Set the persistence enablement states for each of the security objects.
Parameters:
v - boolean[] - persistence flags for users, contexts, rights, roles, services, groups and system configuration.
Throws:
NullPointerException - - if the argument is null.
java.lang.IndexOutOfBoundsException - - if there are less than seven elements in the argument array.

setRightDatabase

public void setRightDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for rights.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setRightPersistence

public void setRightPersistence(boolean persist)
Enable or disable right persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setRoleDatabase

public void setRoleDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for roles.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setRolePersistence

public void setRolePersistence(boolean persist)
Enable or disable role persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setServiceDatabase

public void setServiceDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for services.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setServicePersistence

public void setServicePersistence(boolean persist)
Enable or disable service persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

setSystemRoles

public void setSystemRoles(java.lang.String[] roles)
                    throws DSESecurityException
Set the names of the system-wide roles.
Parameters:
roles - String[] - the names of the system-wide roles.
Throws:
DSESecurityException - - one or more of the named roles does not exist.

setUniqueLogons

public void setUniqueLogons(boolean uniqueLogons)
                     throws DSESecurityException
Enable or disable unique logons by users.
Parameters:
uniqueLogons - boolean - true to enable unique logons, false to disable it.
Throws:
DSESecurityException - - database error.

setUserDatabase

public void setUserDatabase(SecurityPersistence securityPersistence)
Set the persistence controller for users.
Parameters:
securityPersistence - SecurityPersistence - the persistence controller.

setUserPersistence

public void setUserPersistence(boolean persist)
Enable or disable user persistence.
Parameters:
persist - boolean - true to enable persistence, false to disable it.

shutdown

public void shutdown()
              throws DSESecurityException
Shutdown the security component.
Throws:
DSESecurityException - - error in the request.

verify

public void verify()
            throws DSESecurityException
Verify the integrity of all security databases.
Throws:
DSESecurityException - - error in the request.