Interface AuthServer

CORBA Interface IAuthServer

Top-level support provided by the Authentication Server.

Definition

CORBA Module DFAuthServer

IAuthServer Description

The Authentication Server provides subject authentication, subject principal/credential set management, and group management.

CORBA Definitions

method GetGroupAdmin Acquire a GroupAdmin instance.

method GetGroupAdminByID Acquire a GroupAdmin instance.

method GetPrincipalMapAdmin Acquire a PrincipalMapAdmin instance.

method GetPrincipalMapAdminByID Acquire a PrincipalMapAdmin instance.

method GetResolvedIdentity Return authenticated principal.

method GetSubjectAdmin Acquire a SubjectAdmin instance.

method ListDomains Retrieve domain information.

method ListGroups
Retrieve group information.

method ListSubjects Retrieve subject information.

Java Classes

IAuthServerHelper Used to manipulate the IAuthServer type

IAuthServerHolder Used to process the IAuthServer type as an out parameter

Java Interfaces

IAuthServer Top-level support provided by the Authentication Server.

IAuthServer_1_1 Description

Java Classes

IAuthServer_1_1Helper Used to manipulate the IAuthServer_1_1 type

IAuthServer_1_1Holder Used to process the IAuthServer_1_1 type as an out parameter

Java Interfaces

IAuthServer_1_1 Top-level support provided by the Authentication Server.

Java Interface IAuthServer

Top-level support provided by the Authentication Server.

Package com.sas.iom.DFAuthServer

IAuthServer Description

The Authentication Server provides subject authentication, subject principal/credential set management, and group management.

public interface IAuthServer extends org.omg.CORBA.Object

Method Summary

IGroupAdmin GetGroupAdmin ( java.lang.String groupName )
throws ( GenericError );

Acquire a GroupAdmin instance.

IGroupAdmin GetGroupAdminByID ( java.lang.String groupIdentifier )
throws ( GenericError );

Acquire a GroupAdmin instance.

IPrincipalMapAdmin GetPrincipalMapAdmin ( java.lang.String mapName )
throws ( GenericError );

Acquire a PrincipalMapAdmin instance.

IPrincipalMapAdmin GetPrincipalMapAdminByID ( java.lang.String mapIdentifier )
throws ( GenericError );

Acquire a PrincipalMapAdmin instance.

void GetResolvedIdentity ( org.omg.CORBA.StringHolder resolvedPrincipal , org.omg.CORBA.StringHolder subjectIdentity )
throws ( GenericError );

Return authenticated principal.

ISubjectAdmin GetSubjectAdmin ( )
throws ( GenericError );

Acquire a SubjectAdmin instance.

void ListDomains ( java.lang.String columns , java.lang.String filter , AnySeqHolder domains )
throws ( GenericError );

Retrieve domain information.

void ListGroups ( java.lang.String columns , java.lang.String filter , AnySeqHolder groups )
throws ( GenericError );

Retrieve group information.

void ListSubjects ( java.lang.String columns , java.lang.String filter , AnySeqHolder subjects )
throws ( GenericError );

Retrieve subject information.

Java Class IAuthServerHelper

public class IAuthServerHelper

Description
Implementing class for methods (insert, extract, type, id, read, write, narrow) used to manipulate the IAuthServer type.

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServerHelper

Java Class IAuthServerHolder

public class IAuthServerHolder

Description
Implementing class for methods (_read, _write, _type) used to process the IAuthServer type as an out parameter.

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServerHolder

CORBA Method GetGroupAdmin

Acquire a GroupAdmin instance.

Description

Call this operation to obtain an instance of the GroupAdmin which may be used to view and manage the group identified by the given groupName.

Any subject or administrator may call operation. Only an administrator or owner will be permitted to modify the group through the returned GroupAdmin.

Usage

Java Method GetGroupAdmin

public IGroupAdminGetGroupAdmin (

    java.lang.String groupName 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

groupName in java.lang.String
The name of the group to view and/or manage. Group and Subject names share a namespace and are required to be unique.

Parameter	Direction	Type	Description
groupName	in	java.lang.String	The name of the group to view and/or manage. Group and Subject names share a namespace and are required to be unique.

Example

CORBA Method GetGroupAdminByID

Acquire a GroupAdmin instance.

Description

Call this operation to obtain an instance of the GroupAdmin which may be used to view and manage the group identified by the given groupIdentifier.

Any subject or administrator may call operation. Only an administrator or owner will be permitted to modify the group through the returned GroupAdmin.

Usage

Java Method GetGroupAdminByID

public IGroupAdminGetGroupAdminByID (

    java.lang.String groupIdentifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

groupIdentifier in java.lang.String
The unique identifier of the group to view and/or manage. be unique.

Parameter	Direction	Type	Description
groupIdentifier	in	java.lang.String	The unique identifier of the group to view and/or manage. be unique.

Example

CORBA Method GetPrincipalMapAdmin

Acquire a PrincipalMapAdmin instance.

Description

Call this operation to obtain an instance of the PrincipalMapAdmin which may be used to view and manage the mapped credential identified by the given mapName.

Any subject or administrator may call operation.

Usage

Java Method GetPrincipalMapAdmin

public IPrincipalMapAdminGetPrincipalMapAdmin (

    java.lang.String mapName 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

mapName in java.lang.String
The name of the mapped credential to view and/or manage.

Parameter	Direction	Type	Description
mapName	in	java.lang.String	The name of the mapped credential to view and/or manage.

Example

CORBA Method GetPrincipalMapAdminByID

Acquire a PrincipalMapAdmin instance.

Description

Call this operation to obtain an instance of the PrincipalMapAdmin which may be used to view and manage the mapped credential identified by the given mapIdentifier.

Any subject or administrator may call operation.

Usage

Java Method GetPrincipalMapAdminByID

public IPrincipalMapAdminGetPrincipalMapAdminByID (

    java.lang.String mapIdentifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

mapIdentifier in java.lang.String
The unique identifier of the mapped credential definition to view and/or manage.

Parameter	Direction	Type	Description
mapIdentifier	in	java.lang.String	The unique identifier of the mapped credential definition to view and/or manage.

Example

CORBA Method GetResolvedIdentity

Return authenticated principal.

Description

Return the fully qualified "principal@domain", when domain is part of the login, principal that was presented to the authentication server at connection.

Usage

Java Method GetResolvedIdentity

voidGetResolvedIdentity (

    org.omg.CORBA.StringHolder resolvedPrincipal ,
    org.omg.CORBA.StringHolder subjectIdentity 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

resolvedPrincipal out org.omg.CORBA.StringHolder
The fully qualified principal.

subjectIdentity out org.omg.CORBA.StringHolder
The unique subject identifier associated with the authenticated principal. This will be empty when the authenticated principal is not associated with a subject.

Parameter	Direction	Type	Description
resolvedPrincipal	out	org.omg.CORBA.StringHolder	The fully qualified principal.
subjectIdentity	out	org.omg.CORBA.StringHolder	The unique subject identifier associated with the authenticated principal. This will be empty when the authenticated principal is not associated with a subject.

Example

CORBA Method GetSubjectAdmin

Acquire a SubjectAdmin instance.

Description

Call this operation to obtain an instance of the SubjectAdmin to view and manipulate information associated with the currently connected client.

If the connected client is not associated with a known subject, this call will fail.

Usage

Java Method GetSubjectAdmin

public ISubjectAdminGetSubjectAdmin (

    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

Example

CORBA Method ListDomains

Retrieve domain information.

Description

Return the set of requested domains.

Usage

Java Method ListDomains

voidListDomains (

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder domains 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the domain information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are:

domain: String
The name of domain.

partOfLogin: Boolean
The domain is part of the authentication.

caseSensitivity: Boolean
The principals are case sensitive.

description: String
Descriptive text to help identify the domain.

isUPN: String
The principals are UPN format (principal@domain) -vs- down-level (domain\principal).

filter in java.lang.String
A set of name/value pairs, where the "name" portion cannot be localized, used to select the domains to include in the returned domains. If the filter is empty, all domains are returned. The supported "name" filters are:

caseSensitivity=[boolean]
Specifies to select domains with principal identities matching the specified case sensitivity boolean. For search purposes, the specified boolean is compared case insensitive.

description=[desc]
Specifies to select domains that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.

domain=[domainName]
Specifies to select domains that meet the specified domainName pattern. For search purposes, the specified domainName is compared case insensitive.

partOfLogin=[boolean]
Specifies to select domains that match the specified part of login boolean. For search purposes, the specified boolean is compared case insensitive.

isUPN=[boolean]
Specifies to select domains that match the specified is UPN boolean. For search purposes, the specified boolean is compared case insensitive.

domains out AnySeqHolder
The list of domains. The returned array will contain a one dimensional array for each of the selected columns, in their selected order. If no columns were specified, all columns are returned in the order as they appear in <<##LINK FAIL: iasai >>.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the domain information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are: `domain`: String The name of domain. `partOfLogin`: Boolean The domain is part of the authentication. `caseSensitivity`: Boolean The principals are case sensitive. `description`: String Descriptive text to help identify the domain. `isUPN`: String The principals are UPN format (principal@domain) -vs- down-level (domain\principal).
filter	in	java.lang.String	A set of name/value pairs, where the "name" portion cannot be localized, used to select the domains to include in the returned domains. If the filter is empty, all domains are returned. The supported "name" filters are: caseSensitivity=[boolean] Specifies to select domains with principal identities matching the specified case sensitivity boolean. For search purposes, the specified boolean is compared case insensitive. description=[desc] Specifies to select domains that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive. domain=[domainName] Specifies to select domains that meet the specified domainName pattern. For search purposes, the specified domainName is compared case insensitive. partOfLogin=[boolean] Specifies to select domains that match the specified part of login boolean. For search purposes, the specified boolean is compared case insensitive. isUPN=[boolean] Specifies to select domains that match the specified is UPN boolean. For search purposes, the specified boolean is compared case insensitive.
domains	out	AnySeqHolder	The list of domains. The returned array will contain a one dimensional array for each of the selected columns, in their selected order. If no columns were specified, all columns are returned in the order as they appear in <<##LINK FAIL: iasai >>.

Example

CORBA Method ListGroups

Retrieve group information.

Description

Return the requested columns from the selected groups.

Usage

Java Method ListGroups

voidListGroups (

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder groups 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the group information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

group: String
The name of group. Included by default.

identifier: String
The unique group identifier. Included by default.

owner: String
The unique identifier used to identify the subject that owns the group. Included by default.

description: String
Descriptive text to help identify the group. Included by default.

ownerName: String
The name of the subject that owns the group. Included by default.

parentID: String
The unique identifier of the group that immediately contains this group as a member. The parentID column is useful in conjunction with the memberOf filter.

parent: String
The name of the group that immediately contains this member. This becomes useful when a deep member listing is requested.

filter in java.lang.String
A set of name/value pairs, where the "name" portion cannot be localized, used to select the groups to include in the returned groups. If the filter is empty, all groups are returned. The supported "name" filters are:

description=[desc]
Specifies to select groups that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.

group=[groupName]
Specifies to select groups that pass the specified groupName pattern. For search purposes, the specified groupName is compared case insensitive.

identifier=[id]
Specifies to select groups that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.

memberOf
Specifies to generate a listing of groups of which the group is a member. A deep listing is not supported. The parentID or parent column should be used with this filter. For search purposes, the specified memberOf is compared case insensitive.

ownerName=[ownerName]
Specifies to select groups that pass the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.

groups out AnySeqHolder
The requested groups.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the group information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are: `group`: String The name of group. Included by default. `identifier`: String The unique group identifier. Included by default. `owner`: String The unique identifier used to identify the subject that owns the group. Included by default. `description`: String Descriptive text to help identify the group. Included by default. `ownerName`: String The name of the subject that owns the group. Included by default. `parentID`: String The unique identifier of the group that immediately contains this group as a member. The parentID column is useful in conjunction with the memberOf filter. `parent`: String The name of the group that immediately contains this member. This becomes useful when a deep member listing is requested.
filter	in	java.lang.String	A set of name/value pairs, where the "name" portion cannot be localized, used to select the groups to include in the returned groups. If the filter is empty, all groups are returned. The supported "name" filters are: description=[desc] Specifies to select groups that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive. group=[groupName] Specifies to select groups that pass the specified groupName pattern. For search purposes, the specified groupName is compared case insensitive. identifier=[id] Specifies to select groups that pass the specified id pattern. For search purposes, the specified id is compared case insensitive. memberOf Specifies to generate a listing of groups of which the group is a member. A deep listing is not supported. The parentID or parent column should be used with this filter. For search purposes, the specified memberOf is compared case insensitive. `ownerName=[ownerName]` `Specifies to select groups that pass the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.`
groups	out	AnySeqHolder	The requested groups.

Example

CORBA Method ListSubjects

Retrieve subject information.

Description

Return the requested columns from the selected subjects.

Usage

Java Method ListSubjects

voidListSubjects (

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder subjects 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the subject information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

subject: String
The display name of subject. Included by default.

identifier: String
The unique subject identifier. Included by default.

description: String
Descriptive text to help identify the subject. Included by default.

enabled: Boolean
TRUE if the subject is enabled. Otherwise, FALSE. Included by default.

parentID: String
The unique identifier of the group that immediately contains this subject as a member. The parentID column is useful in conjunction with the memberOf filter.

filter in java.lang.String
A set of name/value pairs, where the "name" portion cannot be localized, used to select the subjects to include in the returned subjects. If the filter is empty, all subjects are returned. The supported "name" filters are:

description=[desc]
Specifies to select subjects that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.

enabled
Specifies to select subjects that are enabled. For search purposes, the specified enabled filter is compared case insensitive.

identifier=[id]
Specifies to select subjects that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.

memberOf
Specifies to generate a listing of groups of which the subject is a member. A deep listing is not supported. The parentID column should be used with this filter. For search purposes, the specified memberOf filter is compared case insensitive.

subject=[subjectName]
Specifies to select subjects that pass the specified subjectName pattern. For search purposes, the specified subjectName is compared case insensitive.

subjects out AnySeqHolder
The requested subjects.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the subject information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are: `subject`: String The display name of subject. Included by default. `identifier`: String The unique subject identifier. Included by default. `description`: String Descriptive text to help identify the subject. Included by default. `enabled`: Boolean `TRUE` if the subject is enabled. Otherwise, `FALSE`. Included by default. `parentID`: String The unique identifier of the group that immediately contains this subject as a member. The parentID column is useful in conjunction with the memberOf filter.
filter	in	java.lang.String	A set of name/value pairs, where the "name" portion cannot be localized, used to select the subjects to include in the returned subjects. If the filter is empty, all subjects are returned. The supported "name" filters are: description=[desc] Specifies to select subjects that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive. enabled Specifies to select subjects that are enabled. For search purposes, the specified enabled filter is compared case insensitive. identifier=[id] Specifies to select subjects that pass the specified id pattern. For search purposes, the specified id is compared case insensitive. memberOf Specifies to generate a listing of groups of which the subject is a member. A deep listing is not supported. The parentID column should be used with this filter. For search purposes, the specified memberOf filter is compared case insensitive. subject=[subjectName] Specifies to select subjects that pass the specified subjectName pattern. For search purposes, the specified subjectName is compared case insensitive.
subjects	out	AnySeqHolder	The requested subjects.

Example

IAuthServer_1_1 Description

public interface IAuthServer_1_1 Extends IAuthServer

Method Summary

ISubjectAdmin GetSubjectAdminByID_2 ( java.lang.String subjectIdentity )
throws ( GenericError );

Java Class IAuthServer_1_1Helper

public class IAuthServer_1_1Helper

Description
Implementing class for methods (insert, extract, type, id, read, write, narrow) used to manipulate the IAuthServer_1_1 type.

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServer_1_1Helper

Java Class IAuthServer_1_1Holder

public class IAuthServer_1_1Holder

Description
Implementing class for methods (_read, _write, _type) used to process the IAuthServer_1_1 type as an out parameter.

java.lang.Object
  |
  +--com.sas.iom.SAS.IAuthServer_1_1Holder

CORBA Method GetSubjectAdminByID_2

Description

Usage

Java Method GetSubjectAdminByID_2

public ISubjectAdminGetSubjectAdminByID_2 (

    java.lang.String subjectIdentity 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

subjectIdentity in java.lang.String

Parameter	Direction	Type	Description
subjectIdentity	in	java.lang.String

Example

CORBA Definitions
method GetGroupAdmin	Acquire a GroupAdmin instance.
method GetGroupAdminByID	Acquire a GroupAdmin instance.
method GetPrincipalMapAdmin	Acquire a PrincipalMapAdmin instance.
method GetPrincipalMapAdminByID	Acquire a PrincipalMapAdmin instance.
method GetResolvedIdentity	Return authenticated principal.
method GetSubjectAdmin	Acquire a SubjectAdmin instance.
method ListDomains	Retrieve domain information.
method ListGroups	Retrieve group information.
method ListSubjects	Retrieve subject information.

Java Classes
IAuthServerHelper	Used to manipulate the IAuthServer type
IAuthServerHolder	Used to process the IAuthServer type as an out parameter

Java Interfaces
IAuthServer	Top-level support provided by the Authentication Server.

Java Classes
IAuthServer_1_1Helper	Used to manipulate the IAuthServer_1_1 type
IAuthServer_1_1Holder	Used to process the IAuthServer_1_1 type as an out parameter

Java Interfaces
IAuthServer_1_1	Top-level support provided by the Authentication Server.

IGroupAdmin	GetGroupAdmin ( java.lang.String groupName ) throws ( GenericError ); Acquire a GroupAdmin instance.
IGroupAdmin	GetGroupAdminByID ( java.lang.String groupIdentifier ) throws ( GenericError ); Acquire a GroupAdmin instance.
IPrincipalMapAdmin	GetPrincipalMapAdmin ( java.lang.String mapName ) throws ( GenericError ); Acquire a PrincipalMapAdmin instance.
IPrincipalMapAdmin	GetPrincipalMapAdminByID ( java.lang.String mapIdentifier ) throws ( GenericError ); Acquire a PrincipalMapAdmin instance.
void	GetResolvedIdentity ( org.omg.CORBA.StringHolder resolvedPrincipal , org.omg.CORBA.StringHolder subjectIdentity ) throws ( GenericError ); Return authenticated principal.
ISubjectAdmin	GetSubjectAdmin ( ) throws ( GenericError ); Acquire a SubjectAdmin instance.
void	ListDomains ( java.lang.String columns , java.lang.String filter , AnySeqHolder domains ) throws ( GenericError ); Retrieve domain information.
void	ListGroups ( java.lang.String columns , java.lang.String filter , AnySeqHolder groups ) throws ( GenericError ); Retrieve group information.
void	ListSubjects ( java.lang.String columns , java.lang.String filter , AnySeqHolder subjects ) throws ( GenericError ); Retrieve subject information.