Interface AuthServerAdmin

CORBA Interface IAuthServerAdmin

The set of services available to the Authentication Server administrators.

Definition

CORBA Module DFAuthServer

IAuthServerAdmin Description

The set of services available to the Authentication Server administrators.

CORBA Definitions

method AddDomain Add a domain to the set of domains known by the Authentication Server.

method RemoveDomain Remove a domain.

method UpdateDomain Update the domain description.

method AddGroup Add a group.

method RemoveGroup Remove a group.

method AddPrincipalMap Add a mapped credential definition.

method ListPrincipalMaps Retrieve principal map information.

method RemovePrincipalMap Remove a principal map.

method AddSubject Add a subject.

method GetSubjectAdminByID Acquire a SubjectAdmin instance.

method RemoveSubject Remove a subject.

method ListPrincipalsByDomain Retrieve principal information.

Java Classes

IAuthServerAdminHelper Used to manipulate the IAuthServerAdmin type

IAuthServerAdminHolder Used to process the IAuthServerAdmin type as an out parameter

Java Interfaces

IAuthServerAdmin The set of services available to the Authentication Server administrators.

Java Interface IAuthServerAdmin

The set of services available to the Authentication Server administrators.

Package com.sas.iom.DFAuthServer

IAuthServerAdmin Description

The set of services available to the Authentication Server administrators.

public interface IAuthServerAdmin extends org.omg.CORBA.Object

Method Summary

void AddDomain ( java.lang.String domain , boolean partOfLogin , boolean caseSensitivePrincipals , boolean upnPrincipals , java.lang.String description )
throws ( GenericError );

Add a domain to the set of domains known by the Authentication Server.

void RemoveDomain ( java.lang.String domain , boolean cascade )
throws ( GenericError );

Remove a domain.

void UpdateDomain ( java.lang.String domain , java.lang.String description )
throws ( GenericError );

Update the domain description.

IGroupAdmin AddGroup ( java.lang.String name , java.lang.String owner , java.lang.String description )
throws ( GenericError );

Add a group.

void RemoveGroup ( java.lang.String groupIdentifier )
throws ( GenericError );

Remove a group.

IPrincipalMapAdmin AddPrincipalMap ( java.lang.String name , java.lang.String owner , java.lang.String groupingKey , java.lang.String description )
throws ( GenericError );

Add a mapped credential definition.

void ListPrincipalMaps ( java.lang.String columns , java.lang.String filter , AnySeqHolder principalMaps )
throws ( GenericError );

Retrieve principal map information.

void RemovePrincipalMap ( java.lang.String identifier )
throws ( GenericError );

Remove a principal map.

ISubjectAdmin AddSubject ( java.lang.String name , java.lang.String principal , java.lang.String domain , java.lang.String description )
throws ( GenericError );

Add a subject.

ISubjectAdmin GetSubjectAdminByID ( java.lang.String subjectIdentity )
throws ( GenericError );

Acquire a SubjectAdmin instance.

void RemoveSubject ( java.lang.String subjectIdentity , java.lang.String newOwner )
throws ( GenericError );

Remove a subject.

void ListPrincipalsByDomain ( java.lang.String columns , java.lang.String domain , AnySeqHolder principals )
throws ( GenericError );

Retrieve principal information.

Java Class IAuthServerAdminHelper

public class IAuthServerAdminHelper

Description
Implementing class for methods (insert, extract, type, id, read, write, narrow) used to manipulate the IAuthServerAdmin type.

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServerAdminHelper

Java Class IAuthServerAdminHolder

public class IAuthServerAdminHolder

Description
Implementing class for methods (_read, _write, _type) used to process the IAuthServerAdmin type as an out parameter.

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServerAdminHolder

CORBA Method AddDomain

Add a domain to the set of domains known by the Authentication Server.

Description

Domains must be unique and identify the appropriate subject principal to use when connecting on behalf of that subject.

Domains are case insensitive.

Usage

Java Method AddDomain

voidAddDomain (

    java.lang.String domain ,
    boolean partOfLogin ,
    boolean caseSensitivePrincipals ,
    boolean upnPrincipals ,
    java.lang.String description 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

domain in java.lang.String
Unique name that identifies a collection of services in which a credential set (principal and password) is valid. The domain must not be empty.

Domain names are case insensitive.

partOfLogin in boolean
Indicate if the domain is part of the authentication domain principal.

caseSensitivePrincipals in boolean
Indicate if the domain principal identities are case sensitive.

upnPrincipals in boolean
Indicate if the domain principal identities are UPN format (principal@domain) instead of down-level format (domain\principal). The parameter is ignored when partOfLogin=FALSE.

description in java.lang.String
Descriptive text to help identify the domain. The description may be empty.

Parameter	Direction	Type	Description
domain	in	java.lang.String	Unique name that identifies a collection of services in which a credential set (principal and password) is valid. The domain must not be empty. Domain names are case insensitive.
partOfLogin	in	boolean	Indicate if the domain is part of the authentication domain principal.
caseSensitivePrincipals	in	boolean	Indicate if the domain principal identities are case sensitive.
upnPrincipals	in	boolean	Indicate if the domain principal identities are UPN format (principal@domain) instead of down-level format (domain\principal). The parameter is ignored when partOfLogin=FALSE.
description	in	java.lang.String	Descriptive text to help identify the domain. The description may be empty.

Example

CORBA Method RemoveDomain

Remove a domain.

Description

Remove the specified domain from the set of authentication domains.

Usage

Java Method RemoveDomain

voidRemoveDomain (

    java.lang.String domain ,
    boolean cascade 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

domain in java.lang.String
Name of domain to delete. The domain name may not be empty ("").

cascade in boolean
Indicates, when TRUE, the principals associated with this domain should be removed from their subjects. When FALSE, if there are any principals associated with this domain, the remove will fail.

Parameter	Direction	Type	Description
domain	in	java.lang.String	Name of domain to delete. The domain name may not be empty ("").
cascade	in	boolean	Indicates, when `TRUE`, the principals associated with this domain should be removed from their subjects. When `FALSE`, if there are any principals associated with this domain, the remove will fail.

Example

CORBA Method UpdateDomain

Update the domain description.

Description

Update the description associated with the given domain.

Usage

Java Method UpdateDomain

voidUpdateDomain (

    java.lang.String domain ,
    java.lang.String description 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

domain in java.lang.String
Name of the domain in which to update its description. The domain name may not be empty ("").

description in java.lang.String
The description to associate with the domain. The domain description may be empty.

Parameter	Direction	Type	Description
domain	in	java.lang.String	Name of the domain in which to update its description. The domain name may not be empty ("").
description	in	java.lang.String	The description to associate with the domain. The domain description may be empty.

Example

CORBA Method AddGroup

Add a group.

Description

Add a group to the set of groups known by the Authentication Server.

Usage

Java Method AddGroup

public IGroupAdminAddGroup (

    java.lang.String name ,
    java.lang.String owner ,
    java.lang.String description 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

name in java.lang.String
Unique name that identifies a group of related subjects and groups. The name must not be empty.

owner in java.lang.String
The unique identity of the subject that is the owner of the group. Only the owner and an Authentication Server administrator are able to manipulate the members of the group.

description in java.lang.String
Descriptive text to help identify the group. The description may be empty.

Parameter	Direction	Type	Description
name	in	java.lang.String	Unique name that identifies a group of related subjects and groups. The name must not be empty.
owner	in	java.lang.String	The unique identity of the subject that is the owner of the group. Only the owner and an Authentication Server administrator are able to manipulate the members of the group.
description	in	java.lang.String	Descriptive text to help identify the group. The description may be empty.

Example

CORBA Method RemoveGroup

Remove a group.

Description

Remove the specified group from the set of groups. The specified group is also removed from all groups that have the specified group as a member.

Usage

Java Method RemoveGroup

voidRemoveGroup (

    java.lang.String groupIdentifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

groupIdentifier in java.lang.String
Identifier of the group to delete. The groupIdentifier may not be empty.

Parameter	Direction	Type	Description
groupIdentifier	in	java.lang.String	Identifier of the group to delete. The groupIdentifier may not be empty.

Example

CORBA Method AddPrincipalMap

Add a mapped credential definition.

Description

Add a principal map to the set of maps known by the Authentication Server.

Usage

Java Method AddPrincipalMap

public IPrincipalMapAdminAddPrincipalMap (

    java.lang.String name ,
    java.lang.String owner ,
    java.lang.String groupingKey ,
    java.lang.String description 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

name in java.lang.String
The unique name that identifies the principal map. The name must not be empty.

owner in java.lang.String
The unique identity of the subject that is the owner of the map. Only the owner and an Authentication Server administrator are able to modify the principal associated with the principal map and the consumer managing members of the principal map. The owner must not be empty.

groupingKey in java.lang.String
The string that is used to associate principal maps to the applications making use of the principal maps. The groupingKey may be empty.

description in java.lang.String
Descriptive text to help identify the group. The description may be empty.

Parameter	Direction	Type	Description
name	in	java.lang.String	The unique name that identifies the principal map. The name must not be empty.
owner	in	java.lang.String	The unique identity of the subject that is the owner of the map. Only the owner and an Authentication Server administrator are able to modify the principal associated with the principal map and the consumer managing members of the principal map. The owner must not be empty.
groupingKey	in	java.lang.String	The string that is used to associate principal maps to the applications making use of the principal maps. The groupingKey may be empty.
description	in	java.lang.String	Descriptive text to help identify the group. The description may be empty.

Example

CORBA Method ListPrincipalMaps

Retrieve principal map information.

Description

Return the requested columns from the selected principal maps.

Usage

Java Method ListPrincipalMaps

voidListPrincipalMaps (

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder principalMaps 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the principal map information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

map: String
The name of principal map. Included by default.

identifier: String
The unique principal map identifier. Included by default.

owner: String
The unique identifier used to identify the subject that owns the principal map. Included by default.

description: String
Descriptive text to help identify the principal map. Included by default.

collection: String
The groupingKey string used to collect available principal maps. Included by default.

ownerName: String
The name of the subject that owns the principal map.

domain: String
The domain of the principal map's principal.

principal: String
The principal map's principal.

filter in java.lang.String
A set of name/value pairs, where the "name" portion cannot be localized, used to select the principal maps to include in the returned maps. If the filter is empty, all principal maps are returned. The supported "name" filters are:

collection=[collectionKey]
Specifies to select principal maps that have a collection key that pass the specified collectionKey pattern. The collection key is used to scope many principal maps to the same server or application name space. For search purposes, the specified collectionKey is compared case insensitive.

description=[desc]
Specifies to select principal maps that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.

domain=[domainName]
When specified, principal maps associated with the given domain are selected. For search purposes, the specified domainName is compared case insensitive.

identifier=[id]
Specifies to select principal maps that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.

map=[mapName]
Specifies to select principal maps that pass the specified mapName pattern. For search purposes, the specified mapName is compared case sensitive.

owner=[id]
Specifies to select principal maps that have an owner that passes the specified id pattern. For search purposes, the specified id is compared case insensitive.

ownerName=[ownerName]
Specifies to select principal maps that have an owner name that passes the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.

principalMaps out AnySeqHolder
The requested principal maps.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the principal map information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are: `map`: String The name of principal map. Included by default. `identifier`: String The unique principal map identifier. Included by default. `owner`: String The unique identifier used to identify the subject that owns the principal map. Included by default. `description`: String Descriptive text to help identify the principal map. Included by default. `collection`: String The groupingKey string used to collect available principal maps. Included by default. `ownerName`: String The name of the subject that owns the principal map. `domain`: String The domain of the principal map's principal. `principal`: String The principal map's principal.
filter	in	java.lang.String	A set of name/value pairs, where the "name" portion cannot be localized, used to select the principal maps to include in the returned maps. If the filter is empty, all principal maps are returned. The supported "name" filters are: collection=[collectionKey] Specifies to select principal maps that have a collection key that pass the specified collectionKey pattern. The collection key is used to scope many principal maps to the same server or application name space. For search purposes, the specified collectionKey is compared case insensitive. description=[desc] Specifies to select principal maps that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive. domain=[domainName] When specified, principal maps associated with the given domain are selected. For search purposes, the specified domainName is compared case insensitive. identifier=[id] Specifies to select principal maps that pass the specified id pattern. For search purposes, the specified id is compared case insensitive. map=[mapName] Specifies to select principal maps that pass the specified mapName pattern. For search purposes, the specified mapName is compared case sensitive. owner=[id] Specifies to select principal maps that have an owner that passes the specified id pattern. For search purposes, the specified id is compared case insensitive. ownerName=[ownerName] Specifies to select principal maps that have an owner name that passes the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.
principalMaps	out	AnySeqHolder	The requested principal maps.

Example

CORBA Method RemovePrincipalMap

Remove a principal map.

Description

Remove the specified principal map from the set of principal maps.

Usage

Java Method RemovePrincipalMap

voidRemovePrincipalMap (

    java.lang.String identifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

identifier in java.lang.String
Identifier of the principal map to delete. The identifier may not be empty.

Parameter	Direction	Type	Description
identifier	in	java.lang.String	Identifier of the principal map to delete. The identifier may not be empty.

Example

CORBA Method AddSubject

Add a subject.

Description

Add a subject to the set of subjects known by the Authentication Server.

Usage

Java Method AddSubject

public ISubjectAdminAddSubject (

    java.lang.String name ,
    java.lang.String principal ,
    java.lang.String domain ,
    java.lang.String description 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

name in java.lang.String
The display name associated with the subject. Groups and subjects share the same unique, case sensitive, namespaces. The name may not be empty.

principal in java.lang.String
The identity associated with the subject in the specified Authentication Server authentication domain. This must match the identity portion of the subjectIdentity that is returned when the subject connects and authenticates to the Authentication Server. The principal may not be empty.

domain in java.lang.String
The authentication domain in which the Authentication Server authentication authority authenticates connecting clients. This must match the domain portion of the subjectIdentity that is returned when the subject connects and authenticates to the Authentication Server. If the domain is empty, the Authentication Server PRIMARYPROVIDERDOMAIN option value will be used.

description in java.lang.String
Descriptive text to help identify the subject. The description may be empty.

Parameter	Direction	Type	Description
name	in	java.lang.String	The display name associated with the subject. Groups and subjects share the same unique, case sensitive, namespaces. The name may not be empty.
principal	in	java.lang.String	The identity associated with the subject in the specified Authentication Server authentication domain. This must match the identity portion of the `subjectIdentity` that is returned when the subject connects and authenticates to the Authentication Server. The principal may not be empty.
domain	in	java.lang.String	The authentication domain in which the Authentication Server authentication authority authenticates connecting clients. This must match the domain portion of the `subjectIdentity` that is returned when the subject connects and authenticates to the Authentication Server. If the domain is empty, the Authentication Server PRIMARYPROVIDERDOMAIN option value will be used.
description	in	java.lang.String	Descriptive text to help identify the subject. The description may be empty.

Example

CORBA Method GetSubjectAdminByID

Acquire a SubjectAdmin instance.

Description

Call this operation to obtain an instance of the SubjectAdmin to view and manipulate information associated with the subject identifier by the subjectIdentity.

Usage

Java Method GetSubjectAdminByID

public ISubjectAdminGetSubjectAdminByID (

    java.lang.String subjectIdentity 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

subjectIdentity in java.lang.String
The unique subject identifier. The subject identifier may not be empty.

Parameter	Direction	Type	Description
subjectIdentity	in	java.lang.String	The unique subject identifier. The subject identifier may not be empty.

Example

CORBA Method RemoveSubject

Remove a subject.

Description

Deletes the subject. In addition, the subject will be removed from all of the groups and maps with which it is associated. Additionally, if the subject is the owner of any groups and/or maps, the owner specified in the newOwner parameter will be given ownership of those groups and maps.

Usage

Java Method RemoveSubject

voidRemoveSubject (

    java.lang.String subjectIdentity ,
    java.lang.String newOwner 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

subjectIdentity in java.lang.String
The unique identifier of the subject to remove. The subjectIdentity may not be empty.

newOwner in java.lang.String
The subject that is to assume ownership of groups and maps previously owned by the subject being removed.

If newOwner is an empty string and the subjectIdentity is the owner of any groups or maps, the operation will fail.

Parameter	Direction	Type	Description
subjectIdentity	in	java.lang.String	The unique identifier of the subject to remove. The subjectIdentity may not be empty.
newOwner	in	java.lang.String	The subject that is to assume ownership of groups and maps previously owned by the subject being removed. If newOwner is an empty string and the subjectIdentity is the owner of any groups or maps, the operation will fail.

Example

CORBA Method ListPrincipalsByDomain

Retrieve principal information.

Description

Lists the principals found in the given domain.

Usage

Java Method ListPrincipalsByDomain

voidListPrincipalsByDomain (

    java.lang.String columns ,
    java.lang.String domain ,
    AnySeqHolder principals 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The set of principal information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are:

domain: String
The domain in which the principal belongs.

principal: String
The principal associated with the requested domain. If the domain is part of the login, the principal will be domain qualified.

subject: String
The identifier of the subject that contains the returned principal.

domain in java.lang.String
The domain qualifier associated with the principals being retrieved.

principals out AnySeqHolder
The principals associated with the given domain.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The set of principal information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are: `domain`: String The domain in which the principal belongs. `principal`: String The principal associated with the requested domain. If the domain is part of the login, the principal will be domain qualified. `subject`: String The identifier of the subject that contains the returned principal.
domain	in	java.lang.String	The domain qualifier associated with the principals being retrieved.
principals	out	AnySeqHolder	The principals associated with the given domain.

Example

CORBA Definitions
method AddDomain	Add a domain to the set of domains known by the Authentication Server.
method RemoveDomain	Remove a domain.
method UpdateDomain	Update the domain description.
method AddGroup	Add a group.
method RemoveGroup	Remove a group.
method AddPrincipalMap	Add a mapped credential definition.
method ListPrincipalMaps	Retrieve principal map information.
method RemovePrincipalMap	Remove a principal map.
method AddSubject	Add a subject.
method GetSubjectAdminByID	Acquire a SubjectAdmin instance.
method RemoveSubject	Remove a subject.
method ListPrincipalsByDomain	Retrieve principal information.

Java Classes
IAuthServerAdminHelper	Used to manipulate the IAuthServerAdmin type
IAuthServerAdminHolder	Used to process the IAuthServerAdmin type as an out parameter

Java Interfaces
IAuthServerAdmin	The set of services available to the Authentication Server administrators.

void	AddDomain ( java.lang.String domain , boolean partOfLogin , boolean caseSensitivePrincipals , boolean upnPrincipals , java.lang.String description ) throws ( GenericError ); Add a domain to the set of domains known by the Authentication Server.
void	RemoveDomain ( java.lang.String domain , boolean cascade ) throws ( GenericError ); Remove a domain.
void	UpdateDomain ( java.lang.String domain , java.lang.String description ) throws ( GenericError ); Update the domain description.
IGroupAdmin	AddGroup ( java.lang.String name , java.lang.String owner , java.lang.String description ) throws ( GenericError ); Add a group.
void	RemoveGroup ( java.lang.String groupIdentifier ) throws ( GenericError ); Remove a group.
IPrincipalMapAdmin	AddPrincipalMap ( java.lang.String name , java.lang.String owner , java.lang.String groupingKey , java.lang.String description ) throws ( GenericError ); Add a mapped credential definition.
void	ListPrincipalMaps ( java.lang.String columns , java.lang.String filter , AnySeqHolder principalMaps ) throws ( GenericError ); Retrieve principal map information.
void	RemovePrincipalMap ( java.lang.String identifier ) throws ( GenericError ); Remove a principal map.
ISubjectAdmin	AddSubject ( java.lang.String name , java.lang.String principal , java.lang.String domain , java.lang.String description ) throws ( GenericError ); Add a subject.
ISubjectAdmin	GetSubjectAdminByID ( java.lang.String subjectIdentity ) throws ( GenericError ); Acquire a SubjectAdmin instance.
void	RemoveSubject ( java.lang.String subjectIdentity , java.lang.String newOwner ) throws ( GenericError ); Remove a subject.
void	ListPrincipalsByDomain ( java.lang.String columns , java.lang.String domain , AnySeqHolder principals ) throws ( GenericError ); Retrieve principal information.