Interface GroupAdmin

CORBA Interface IGroupAdmin

The set of services available to view and manipulate a group definition.

Definition

CORBA Module DFAuthServer

IGroupAdmin Description

The set of services available to view and manipulate a group definition.

CORBA Definitions

attribute Description Descriptive text to help identify the group.

attribute Identifier The unique identifier of the group.

attribute Name Display name of the group.

attribute Owner The unique identifier of the subject that owns this group.

method Close Release resources held by this component.

method Refresh Refresh the group information.

method AddMember Add a subject or group as a member of this group.

method RemoveMember Remove a member entry.

method ListMembers Retrieve member information.

method ListPrincipalMaps Retrieve principal map information.

method ListGroups Retrieve group information.

Java Classes

IGroupAdminHelper Used to manipulate the IGroupAdmin type

IGroupAdminHolder Used to process the IGroupAdmin type as an out parameter

Java Interfaces

IGroupAdmin The set of services available to view and manipulate a group definition.

Java Interface IGroupAdmin

The set of services available to view and manipulate a group definition.

Package com.sas.iom.DFAuthServer

IGroupAdmin Description

The set of services available to view and manipulate a group definition.

public interface IGroupAdmin extends org.omg.CORBA.Object

Method Summary

void Close ()
Release resources held by this component.

void Refresh ()
Refresh the group information.

void AddMember ( java.lang.String memberIdentity )
throws ( GenericError );

Add a subject or group as a member of this group.

void RemoveMember ( java.lang.String memberIdentifier )
throws ( GenericError );

Remove a member entry.

void ListMembers ( java.lang.String columns , boolean deep , AnySeqHolder members )
throws ( GenericError );

Retrieve member information.

void ListPrincipalMaps ( java.lang.String columns , java.lang.String filter , AnySeqHolder maps )
throws ( GenericError );

Retrieve principal map information.

void ListGroups ( java.lang.String columns , java.lang.String filter , AnySeqHolder groups )
throws ( GenericError );

Retrieve group information.

Java Class IGroupAdminHelper

public class IGroupAdminHelper

Description
Implementing class for methods (insert, extract, type, id, read, write, narrow) used to manipulate the IGroupAdmin type.

java.lang.Object
  |
  +--com.sas.iom.SAS.IGroupAdminHelper

Java Class IGroupAdminHolder

public class IGroupAdminHolder

Description
Implementing class for methods (_read, _write, _type) used to process the IGroupAdmin type as an out parameter.

java.lang.Object
  |
  +--com.sas.iom.SAS.IGroupAdminHolder

CORBA Attribute Description

Descriptive text to help identify the group.

Description

Descriptive text to help identify the group.

The description may be updated by the owner of the group and an Authentication Server administrator.

Usage

Java Method Description

public java.lang.String Description ();
public void Description ( java.lang.String Description );

CORBA Attribute Identifier (readonly)

The unique identifier of the group.

Description

Unique identifier of the group.

Usage

Java Method Identifier

public java.lang.String Identifier ();

CORBA Attribute Name

Display name of the group.

Description

The display name should not be persisted as the key of the the group since the group name may change. The group identifier should be used when persisting a reference to a group.

The name may be updated by the owner of the group and an Authentication Server administrator. The name shares a namespace with the subject names and may not be empty.

Usage

Java Method Name

public java.lang.String Name ();
public void Name ( java.lang.String Name );

CORBA Attribute Owner

The unique identifier of the subject that owns this group.

Description

The unique identifier of the subject that owns this group. The owner and Authentication Server administrators are allowed to update the group. All other authenticated users are only permitted to view the group membership.

Usage

Java Method Owner

public java.lang.String Owner ();
public void Owner ( java.lang.String Owner );

CORBA Method Close

Release resources held by this component.

Description

Release resources held by this component.

Usage

Java Method Close

voidClose ( )

Example

CORBA Method Refresh

Refresh the group information.

Description

Refresh the group information.

Usage

Java Method Refresh

voidRefresh ( )

Example

CORBA Method AddMember

Add a subject or group as a member of this group.

Description

Add a subject or group as a member of this group.

Usage

Java Method AddMember

voidAddMember (

    java.lang.String memberIdentity 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

memberIdentity in java.lang.String
The unique identifier of a subject or group to associate with the group. The memberIdentity must be valid.

Parameter	Direction	Type	Description
memberIdentity	in	java.lang.String	The unique identifier of a subject or group to associate with the group. The memberIdentity must be valid.

Example

CORBA Method RemoveMember

Remove a member entry.

Description

Remove the member entry that contains the given memberIdentifier.

Usage

Java Method RemoveMember

voidRemoveMember (

    java.lang.String memberIdentifier 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

memberIdentifier in java.lang.String
The unique identifier of the member to remove from the group.

Parameter	Direction	Type	Description
memberIdentifier	in	java.lang.String	The unique identifier of the member to remove from the group.

Example

CORBA Method ListMembers

Retrieve member information.

Description

List the members of the group.

Usage

Java Method ListMembers

voidListMembers (

    java.lang.String columns ,
    boolean deep ,
    AnySeqHolder members 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the member information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are:

identifier: String
The unique identifier of the subject or group.

isGroup: Boolean
TRUE if the row describes a group. Otherwise, FALSE.

name: String
The name of the subject or group.

parentID: String
The unique identifier of the group that immediately contains this member. This becomes useful when a deep member listing is requested.

deep in boolean
Indicates if a deep listing of members is needed.

members out AnySeqHolder
The list of members in the group. The returned array will contain a one dimensional array for each of the selected columns, in their selected order. If no columns were specified, all columns are returned in the order as they appear in ListMembers::columns.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the member information the operation is to return. If the list is empty, all columns, in the order listed, are returned. The set of available columns are: `identifier`: String The unique identifier of the subject or group. `isGroup`: Boolean `TRUE` if the row describes a group. Otherwise, `FALSE`. `name`: String The name of the subject or group. `parentID`: String The unique identifier of the group that immediately contains this member. This becomes useful when a deep member listing is requested.
deep	in	boolean	Indicates if a deep listing of members is needed.
members	out	AnySeqHolder	The list of members in the group. The returned array will contain a one dimensional array for each of the selected columns, in their selected order. If no columns were specified, all columns are returned in the order as they appear in ListMembers::columns.

Example

CORBA Method ListPrincipalMaps

Retrieve principal map information.

Description

Return the requested columns from the selected principal maps in which the group is either a manager or a consumer.

Usage

Java Method ListPrincipalMaps

voidListPrincipalMaps (

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder maps 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the principal map information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

map: String
The name of principal map. Included by default.

identifier: String
The unique principal map identifier. Included by default.

owner: String
The unique identifier used to identify the subject that owns the principal map. Included by default.

description: String
Descriptive text to help identify the principal map. Included by default.

collection: String
The groupingKey string used to collect available principal maps. Included by default.

manage: Boolean
Indicates whether the requester is permitted to adjust the principal map consumer list. Included by default.

own: Boolean
Indicates whether the requester owns the principal map. Will always be FALSE since a group cannot be a principal map owner. Included by default.

consume: Boolean
Indicates whether the requester may have the principals associated with the principal map used on their behalf.

ownerName: String
The name of the subject that owns the principal map.

domain: String
The domain of the principal map's principal. Empty if the principal map has no associated principal.

principal: String
The principal map's principal. Empty if the group is not a manager of the principal map.

filter in java.lang.String
A set of name/value pairs, where the "name" portion cannot be localized, used to select the principal maps to include in the returned maps. If the filter is empty, all principal maps are returned. The supported "name" filters are:

collection=[collectionKey]
Specifies to select principal maps that have a collection key that pass the specified collectionKey pattern. The collection key is used to scope many principal maps to the same server or application name space. For search purposes, the specified collectionKey is compared case insensitive.

consume
When specified, principal maps that the requester may have the principal map principals used on their behalf are selected. For search purposes, the specified consume filter is compared case insensitive.

description=[desc]
Specifies to select principal maps that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.

domain=[domainName]
When specified, principal maps associated with the given domain are selected. For search purposes, the specified domainName is compared case insensitive.

identifier=[id]
Specifies to select principal maps that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.

manage
When specified, principal maps that the requester may manage the permitted consumer list are selected. For search purposes, the specified manage filter is compared case insensitive.

map=[mapName]
Specifies to select principal maps that pass the specified mapName pattern. For search purposes, the specified mapName is compared case sensitive.

own
When specified, principal maps that the requester owns are selected. For search purposes, the specified own filter is compared case insensitive.

owner=[id]
Specifies to select principal maps that have an owner that passes the specified id pattern. For search purposes, the specified id is compared case insensitive.

ownerName=[ownerName]
Specifies to select principal maps that have an owner name that passes the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.

maps out AnySeqHolder
The requested principal maps.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the principal map information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are: `map`: String The name of principal map. Included by default. `identifier`: String The unique principal map identifier. Included by default. `owner`: String The unique identifier used to identify the subject that owns the principal map. Included by default. `description`: String Descriptive text to help identify the principal map. Included by default. `collection`: String The groupingKey string used to collect available principal maps. Included by default. `manage`: Boolean Indicates whether the requester is permitted to adjust the principal map consumer list. Included by default. `own`: Boolean Indicates whether the requester owns the principal map. Will always be `FALSE` since a group cannot be a principal map owner. Included by default. `consume`: Boolean Indicates whether the requester may have the principals associated with the principal map used on their behalf. `ownerName`: String The name of the subject that owns the principal map. `domain`: String The domain of the principal map's principal. Empty if the principal map has no associated principal. `principal`: String The principal map's principal. Empty if the group is not a manager of the principal map.
filter	in	java.lang.String	A set of name/value pairs, where the "name" portion cannot be localized, used to select the principal maps to include in the returned maps. If the filter is empty, all principal maps are returned. The supported "name" filters are: collection=[collectionKey] Specifies to select principal maps that have a collection key that pass the specified collectionKey pattern. The collection key is used to scope many principal maps to the same server or application name space. For search purposes, the specified collectionKey is compared case insensitive. consume When specified, principal maps that the requester may have the principal map principals used on their behalf are selected. For search purposes, the specified consume filter is compared case insensitive. description=[desc] Specifies to select principal maps that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive. domain=[domainName] When specified, principal maps associated with the given domain are selected. For search purposes, the specified domainName is compared case insensitive. identifier=[id] Specifies to select principal maps that pass the specified id pattern. For search purposes, the specified id is compared case insensitive. manage When specified, principal maps that the requester may manage the permitted consumer list are selected. For search purposes, the specified manage filter is compared case insensitive. map=[mapName] Specifies to select principal maps that pass the specified mapName pattern. For search purposes, the specified mapName is compared case sensitive. own When specified, principal maps that the requester owns are selected. For search purposes, the specified own filter is compared case insensitive. owner=[id] Specifies to select principal maps that have an owner that passes the specified id pattern. For search purposes, the specified id is compared case insensitive. ownerName=[ownerName] Specifies to select principal maps that have an owner name that passes the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.
maps	out	AnySeqHolder	The requested principal maps.

Example

CORBA Method ListGroups

Retrieve group information.

Description

Return the requested columns from the selected groups.

Usage

Java Method ListGroups

voidListGroups (

    java.lang.String columns ,
    java.lang.String filter ,
    AnySeqHolder groups 
    )
    throws (
            GenericError
    );

Parameter Details

Parameter Direction Type Description

columns in java.lang.String
The list of the group information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are:

group: String
The name of group. Included by default.

identifier: String
The unique group identifier. Included by default.

owner: String
The unique identifier used to identify the subject that owns the group. Included by default.

description: String
Descriptive text to help identify the group. Included by default.

memberOf: Boolean
Indicates if the requesting subject is a member of the group. Included by default.

own: Boolean
Indicates if the requesting subject owns the group. Included by default.

parentID: String
The unique identifier of the group that immediately contains this member. This becomes useful when a deep member listing is requested. Included by default.

ownerName: String
The name of the subject that owns the group.

parent: String
The name of the group that immediately contains this member. This becomes useful when a deep member listing is requested.

filter in java.lang.String
A set of name/value pairs, where the "name" portion cannot be localized, used to select the groups to include in the returned groups. If the filter is empty, all groups are returned. The supported "name" filters are:

deep
When specified, a deep listing of membership is performed. For search purposes, the specified deep filter is compared case insensitive.

description=[desc]
Specifies to select groups that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive.

group=[groupName]
Specifies to select groups that pass the specified groupName pattern. For search purposes, the specified groupName is compared case insensitive.

identifier=[id]
Specifies to select groups that pass the specified id pattern. For search purposes, the specified id is compared case insensitive.

memberOf
Specifies to generate a listing of groups of which the group is a member. memberOf is implied by default. For search purposes, the specified memberOf filter is compared case insensitive.

ownerName=[ownerName]
Specifies to select groups that pass the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.

groups out AnySeqHolder
The requested groups.

Parameter	Direction	Type	Description
columns	in	java.lang.String	The list of the group information the operation is to return. If the list is empty, all columns marked as "included by default", in the order listed, are returned. The set of available columns are: `group`: String The name of group. Included by default. `identifier`: String The unique group identifier. Included by default. `owner`: String The unique identifier used to identify the subject that owns the group. Included by default. `description`: String Descriptive text to help identify the group. Included by default. `memberOf`: Boolean Indicates if the requesting subject is a member of the group. Included by default. `own`: Boolean Indicates if the requesting subject owns the group. Included by default. `parentID`: String The unique identifier of the group that immediately contains this member. This becomes useful when a deep member listing is requested. Included by default. `ownerName`: String The name of the subject that owns the group. `parent`: String The name of the group that immediately contains this member. This becomes useful when a deep member listing is requested.
filter	in	java.lang.String	A set of name/value pairs, where the "name" portion cannot be localized, used to select the groups to include in the returned groups. If the filter is empty, all groups are returned. The supported "name" filters are: deep When specified, a deep listing of membership is performed. For search purposes, the specified deep filter is compared case insensitive. description=[desc] Specifies to select groups that pass the specified desc pattern. For search purposes, the specified desc is compared case insensitive. group=[groupName] Specifies to select groups that pass the specified groupName pattern. For search purposes, the specified groupName is compared case insensitive. identifier=[id] Specifies to select groups that pass the specified id pattern. For search purposes, the specified id is compared case insensitive. memberOf Specifies to generate a listing of groups of which the group is a member. memberOf is implied by default. For search purposes, the specified memberOf filter is compared case insensitive. ownerName=[ownerName] Specifies to select groups that pass the specified ownerName pattern. For search purposes, the specified ownerName is compared case insensitive.
groups	out	AnySeqHolder	The requested groups.

Example

CORBA Definitions
attribute Description	Descriptive text to help identify the group.
attribute Identifier	The unique identifier of the group.
attribute Name	Display name of the group.
attribute Owner	The unique identifier of the subject that owns this group.
method Close	Release resources held by this component.
method Refresh	Refresh the group information.
method AddMember	Add a subject or group as a member of this group.
method RemoveMember	Remove a member entry.
method ListMembers	Retrieve member information.
method ListPrincipalMaps	Retrieve principal map information.
method ListGroups	Retrieve group information.

Java Classes
IGroupAdminHelper	Used to manipulate the IGroupAdmin type
IGroupAdminHolder	Used to process the IGroupAdmin type as an out parameter

Java Interfaces
IGroupAdmin	The set of services available to view and manipulate a group definition.

void	Close () Release resources held by this component.
void	Refresh () Refresh the group information.
void	AddMember ( java.lang.String memberIdentity ) throws ( GenericError ); Add a subject or group as a member of this group.
void	RemoveMember ( java.lang.String memberIdentifier ) throws ( GenericError ); Remove a member entry.
void	ListMembers ( java.lang.String columns , boolean deep , AnySeqHolder members ) throws ( GenericError ); Retrieve member information.
void	ListPrincipalMaps ( java.lang.String columns , java.lang.String filter , AnySeqHolder maps ) throws ( GenericError ); Retrieve principal map information.
void	ListGroups ( java.lang.String columns , java.lang.String filter , AnySeqHolder groups ) throws ( GenericError ); Retrieve group information.