CORBA Interface IAuthServer

Top-level support provided by the Authentication Server.

Definition

CORBA Module DFAuthServer

IAuthServer Description

The Authentication Server provides subject authentication, subject principal/credential set management, and group management.

CORBA Definitions
 method GetGroupAdmin  Acquire a GroupAdmin instance.
 method GetGroupAdminByID  Acquire a GroupAdmin instance.
 method GetPrincipalMapAdmin  Acquire a PrincipalMapAdmin instance.
 method GetPrincipalMapAdminByID  Acquire a PrincipalMapAdmin instance.
 method GetResolvedIdentity  Return authenticated principal.
 method GetSubjectAdmin  Acquire a SubjectAdmin instance.
 method ListDomains  Retrieve domain information.
 method ListGroups  

Retrieve group information.

 method ListSubjects  Retrieve subject information.

Java Classes
 IAuthServerHelper  Used to manipulate the IAuthServer type
 IAuthServerHolder  Used to process the IAuthServer type as an out parameter

Java Interfaces
 IAuthServer  Top-level support provided by the Authentication Server.

Java Interface IAuthServer

Top-level support provided by the Authentication Server.

Package com.sas.iom.DFAuthServer

IAuthServer Description

The Authentication Server provides subject authentication, subject principal/credential set management, and group management.

public interface IAuthServer
extends org.omg.CORBA.Object

Method Summary

 IGroupAdmin GetGroupAdmin ( java.lang.String groupName )
throws ( GenericError );

Acquire a GroupAdmin instance.

 IGroupAdmin GetGroupAdminByID ( java.lang.String groupIdentifier )
throws ( GenericError );

Acquire a GroupAdmin instance.

 IPrincipalMapAdmin GetPrincipalMapAdmin ( java.lang.String mapName )
throws ( GenericError );

Acquire a PrincipalMapAdmin instance.

 IPrincipalMapAdmin GetPrincipalMapAdminByID ( java.lang.String mapIdentifier )
throws ( GenericError );

Acquire a PrincipalMapAdmin instance.

 void GetResolvedIdentity ( org.omg.CORBA.StringHolder resolvedPrincipal , org.omg.CORBA.StringHolder subjectIdentity )
throws ( GenericError );

Return authenticated principal.

 ISubjectAdmin GetSubjectAdmin ( )
throws ( GenericError );

Acquire a SubjectAdmin instance.

 void ListDomains ( java.lang.String columns , java.lang.String filter , AnySeqHolder domains )
throws ( GenericError );

Retrieve domain information.

 void ListGroups ( java.lang.String columns , java.lang.String filter , AnySeqHolder groups )
throws ( GenericError );

Retrieve group information.

 void ListSubjects ( java.lang.String columns , java.lang.String filter , AnySeqHolder subjects )
throws ( GenericError );

Retrieve subject information.

Java Class IAuthServerHelper

public class IAuthServerHelper

Description
Implementing class for methods (insert, extract, type, id, read, write, narrow) used to manipulate the IAuthServer type. 

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServerHelper

Java Class IAuthServerHolder

public class IAuthServerHolder

Description
Implementing class for methods (_read, _write, _type) used to process the IAuthServer type as an out parameter. 

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServerHolder

CORBA Method GetGroupAdmin

Acquire a GroupAdmin instance.

Description

Call this operation to obtain an instance of the GroupAdmin which may be used to view and manage the group identified by the given groupName.

Any subject or administrator may call operation. Only an administrator or owner will be permitted to modify the group through the returned GroupAdmin.

Usage

Java Method GetGroupAdmin

public IGroupAdmin GetGroupAdmin ( 

    java.lang.String groupName 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
groupName  in  java.lang.String 

The name of the group to view and/or manage. Group and Subject names share a namespace and are required to be unique.

 

Example

CORBA Method GetGroupAdminByID

Acquire a GroupAdmin instance.

Description

Call this operation to obtain an instance of the GroupAdmin which may be used to view and manage the group identified by the given groupIdentifier.

Any subject or administrator may call operation. Only an administrator or owner will be permitted to modify the group through the returned GroupAdmin.

Usage

Java Method GetGroupAdminByID

public IGroupAdmin GetGroupAdminByID ( 

    java.lang.String groupIdentifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
groupIdentifier  in  java.lang.String 

The unique identifier of the group to view and/or manage. be unique.

 

Example

CORBA Method GetPrincipalMapAdmin

Acquire a PrincipalMapAdmin instance.

Description

Call this operation to obtain an instance of the PrincipalMapAdmin which may be used to view and manage the mapped credential identified by the given mapName.

Any subject or administrator may call operation.

Usage

Java Method GetPrincipalMapAdmin

public IPrincipalMapAdmin GetPrincipalMapAdmin ( 

    java.lang.String mapName 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
mapName  in  java.lang.String 

The name of the mapped credential to view and/or manage.

 

Example

CORBA Method GetPrincipalMapAdminByID

Acquire a PrincipalMapAdmin instance.

Description

Call this operation to obtain an instance of the PrincipalMapAdmin which may be used to view and manage the mapped credential identified by the given mapIdentifier.

Any subject or administrator may call operation.

Usage

Java Method GetPrincipalMapAdminByID

public IPrincipalMapAdmin GetPrincipalMapAdminByID ( 

    java.lang.String mapIdentifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
mapIdentifier  in  java.lang.String 

The unique identifier of the mapped credential definition to view and/or manage.

 

Example

CORBA Method GetResolvedIdentity

Return authenticated principal.

Description

Return the fully qualified "principal@domain", when domain is part of the login, principal that was presented to the authentication server at connection.

Usage

Java Method GetResolvedIdentity

void GetResolvedIdentity ( 

    org.omg.CORBA.StringHolder resolvedPrincipal ,
    org.omg.CORBA.StringHolder subjectIdentity 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
resolvedPrincipal  out  org.omg.CORBA.StringHolder 

The fully qualified principal.

 
subjectIdentity  out  org.omg.CORBA.StringHolder 

The unique subject identifier associated with the authenticated principal. This will be empty when the authenticated principal is not associated with a subject.

 

Example

CORBA Method GetSubjectAdmin

Acquire a SubjectAdmin instance.

Description

Call this operation to obtain an instance of the SubjectAdmin to view and manipulate information associated with the currently connected client.

If the connected client is not associated with a known subject, this call will fail.

Usage

Java Method GetSubjectAdmin

public ISubjectAdmin GetSubjectAdmin ( 

    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

Example

CORBA Method ListDomains

Retrieve domain information.

Description

Return the set of requested domains.

Usage

Java Method ListDomains

void ListDomains ( 

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder domains 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
columns  in  java.lang.String 

The list of the domain information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are:

domain: String
The name of domain.
partOfLogin: Boolean
The domain is part of the authentication.
caseSensitivity: Boolean
The principals are case sensitive.
description: String
Descriptive text to help identify the domain.
isUPN: String
The principals are UPN format (principal@domain) -vs- down-level (domain\principal).

 
filter  in  java.lang.String 

A set of name/value pairs, where the "name" portion cannot be localized, used to select the domains to include in the returned domains. If the filter is empty, all domains are returned. The supported "name" filters are:

caseSensitivity=[boolean]
Specifies to select domains with principal identities matching the specified case sensitivity boolean. For search purposes, the specified boolean is compared case insensitive.
description=[desc]
Specifies to select domains that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.
domain=[domainName]
Specifies to select domains that meet the specified domainName pattern. For search purposes, the specified domainName is compared case insensitive.
partOfLogin=[boolean]
Specifies to select domains that match the specified part of login boolean. For search purposes, the specified boolean is compared case insensitive.
isUPN=[boolean]
Specifies to select domains that match the specified is UPN boolean. For search purposes, the specified boolean is compared case insensitive.
 
domains  out  AnySeqHolder 

The list of domains. The returned array will contain a one dimensional array for each of the selected columns, in their selected order. If no columns were specified, all columns are returned in the order as they appear in <<##LINK FAIL: iasai >>.

 

Example

CORBA Method ListGroups

Retrieve group information.

Description

Return the requested columns from the selected groups.

Usage

Java Method ListGroups

void ListGroups ( 

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder groups 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
columns  in  java.lang.String 

The list of the group information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

group: String
The name of group. Included by default.
identifier: String
The unique group identifier. Included by default.
owner: String
The unique identifier used to identify the subject that owns the group. Included by default.
description: String
Descriptive text to help identify the group. Included by default.
ownerName: String
The name of the subject that owns the group. Included by default.
parentID: String
The unique identifier of the group that immediately contains this group as a member. The parentID column is useful in conjunction with the memberOf filter.
parent: String
The name of the group that immediately contains this member. This becomes useful when a deep member listing is requested.

 
filter  in  java.lang.String 

A set of name/value pairs, where the "name" portion cannot be localized, used to select the groups to include in the returned groups. If the filter is empty, all groups are returned. The supported "name" filters are:

description=[desc]
Specifies to select groups that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.
group=[groupName]
Specifies to select groups that pass the specified groupName pattern. For search purposes, the specified groupName is compared case insensitive.
identifier=[id]
Specifies to select groups that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.
memberOf
Specifies to generate a listing of groups of which the group is a member. A deep listing is not supported. The parentID or parent column should be used with this filter. For search purposes, the specified memberOf is compared case insensitive.
ownerName=[ownerName]
Specifies to select groups that pass the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.
 
groups  out  AnySeqHolder 

The requested groups.

 

Example

CORBA Method ListSubjects

Retrieve subject information.

Description

Return the requested columns from the selected subjects.

Usage

Java Method ListSubjects

void ListSubjects ( 

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder subjects 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description
columns  in  java.lang.String 

The list of the subject information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

subject: String
The display name of subject. Included by default.
identifier: String
The unique subject identifier. Included by default.
description: String
Descriptive text to help identify the subject. Included by default.
enabled: Boolean
TRUE if the subject is enabled. Otherwise, FALSE. Included by default.
parentID: String
The unique identifier of the group that immediately contains this subject as a member. The parentID column is useful in conjunction with the memberOf filter.

 
filter  in  java.lang.String 

A set of name/value pairs, where the "name" portion cannot be localized, used to select the subjects to include in the returned subjects. If the filter is empty, all subjects are returned. The supported "name" filters are:

description=[desc]
Specifies to select subjects that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.
enabled
Specifies to select subjects that are enabled. For search purposes, the specified enabled filter is compared case insensitive.
identifier=[id]
Specifies to select subjects that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.
memberOf
Specifies to generate a listing of groups of which the subject is a member. A deep listing is not supported. The parentID column should be used with this filter. For search purposes, the specified memberOf filter is compared case insensitive.
subject=[subjectName]
Specifies to select subjects that pass the specified subjectName pattern. For search purposes, the specified subjectName is compared case insensitive.
 
subjects  out  AnySeqHolder 

The requested subjects.

 

Example