com.netscape.certsrv.usrgrp
Interface IUGSubsystem

All Superinterfaces:
IIdEvaluator, ISubsystem, IUsrGrp

public interface IUGSubsystem
extends ISubsystem, IUsrGrp

This class defines low-level LDAP usr/grp management usr/grp information is located remotely on another LDAP server.

Version:
$Revision: 1211 $, $Date: 2010-08-18 10:15:37 -0700 (Wed, 18 Aug 2010) $

Field Summary
static java.lang.String ID
          Constant for ID
static java.lang.String SUPER_CERT_ADMINS
          Constant for super administrators
 
Method Summary
 void addGroup(IGroup group)
          Adds a group of identities.
 void addUser(IUser identity)
          Adds the given user to the internal database
 void addUserCert(IUser identity)
          Adds a user certificate to user
 IGroup createGroup(java.lang.String id)
          Create group with the given id.
 IUser createUser(java.lang.String id)
          Create user with the given id.
 IGroup findGroup(java.lang.String name)
          Find a group for the given name
 java.util.Enumeration findGroups(java.lang.String filter)
          Finds groups that match the filter.
 IUser findUsersByCert(java.lang.String filter)
          Searchs for identities that matches the certificate locater generated filter.
 java.lang.String getCertificateString(java.security.cert.X509Certificate cert)
          Get string representation of the given certificate
 ICertUserLocator getCertUserLocator()
          Get user locator which does the mapping between the user and the certificate.
 IGroup getGroup(java.lang.String DN)
          Retrieves a group from LDAP for the given DN.
 IGroup getGroupFromName(java.lang.String name)
          Retrieves a group from LDAP for the given group name
 IUser getUser(java.lang.String userid)
          Retrieves a user from LDAP
 boolean isGroupPresent(java.lang.String name)
          Checks if the given group exists.
 boolean isMemberOf(IUser id, java.lang.String name)
           
 boolean isMemberOf(java.lang.String uid, java.lang.String name)
          Checks if the given context is a member of the given group
 java.util.Enumeration listGroups(java.lang.String filter)
          List groups.
 java.util.Enumeration listUsers(java.lang.String filter)
          Searches for users that matches the filter.
 void modifyGroup(IGroup group)
          Modifies a group.
 void modifyUser(IUser identity)
          Modifies user attributes.
 void removeGroup(java.lang.String name)
          Removes a group.
 void removeUser(java.lang.String userid)
          Removes identity.
 void removeUserCert(IUser identity)
          Removes a user certificate for a user entry given a user certificate DN (actually, a combination of version, serialNumber, issuerDN, and SubjectDN), and it gets removed
 void removeUserFromGroup(IGroup grp, java.lang.String userid)
          Removes the user with the given id from the given group
 
Methods inherited from interface com.netscape.certsrv.base.ISubsystem
getConfigStore, getId, init, setId, shutdown, startup
 
Methods inherited from interface com.netscape.certsrv.usrgrp.IUsrGrp
getDescription, getId
 
Methods inherited from interface com.netscape.certsrv.usrgrp.IIdEvaluator
evaluate
 

Field Detail

ID

static final java.lang.String ID
Constant for ID

See Also:
Constant Field Values

SUPER_CERT_ADMINS

static final java.lang.String SUPER_CERT_ADMINS
Constant for super administrators

See Also:
Constant Field Values
Method Detail

getUser

IUser getUser(java.lang.String userid)
              throws EUsrGrpException
Retrieves a user from LDAP

Specified by:
getUser in interface IUsrGrp
Parameters:
userid - the given user id
Returns:
user interface
Throws:
EUsrGrpException - thrown when failed to find the user

listUsers

java.util.Enumeration listUsers(java.lang.String filter)
                                throws EUsrGrpException
Searches for users that matches the filter.

Parameters:
filter - search filter for efficiency
Returns:
list of users
Throws:
EUsrGrpException - thrown when any internal error occurs

addUser

void addUser(IUser identity)
             throws EUsrGrpException,
                    netscape.ldap.LDAPException
Adds the given user to the internal database

Specified by:
addUser in interface IUsrGrp
Parameters:
identity - the given user
Throws:
EUsrGrpException - thrown when failed to add user to the group
netscape.ldap.LDAPException - thrown when the LDAP internal database is not available

addUserCert

void addUserCert(IUser identity)
                 throws EUsrGrpException,
                        netscape.ldap.LDAPException
Adds a user certificate to user

Parameters:
identity - user interface
Throws:
EUsrGrpException - thrown when failed to add the user certificate to the given user
netscape.ldap.LDAPException - thrown when the LDAP internal database is not available

removeUserCert

void removeUserCert(IUser identity)
                    throws EUsrGrpException
Removes a user certificate for a user entry given a user certificate DN (actually, a combination of version, serialNumber, issuerDN, and SubjectDN), and it gets removed

Parameters:
identity - the given user whose user certificate is going to be be removed.
Throws:
EUsrGrpException - thrown when failed to remove user certificate

removeUser

void removeUser(java.lang.String userid)
                throws EUsrGrpException
Removes identity.

Specified by:
removeUser in interface IUsrGrp
Parameters:
userid - the given user id
Throws:
EUsrGrpException - thrown when failed to remove user

modifyUser

void modifyUser(IUser identity)
                throws EUsrGrpException
Modifies user attributes. Certs are handled separately

Specified by:
modifyUser in interface IUsrGrp
Parameters:
identity - the given identity which contains all the user attributes being modified
Throws:
EUsrGrpException - thrown when modification failed

findGroups

java.util.Enumeration findGroups(java.lang.String filter)
Finds groups that match the filter.

Parameters:
filter - the search filter
Returns:
a list of groups that match the given search filter

findGroup

IGroup findGroup(java.lang.String name)
Find a group for the given name

Parameters:
name - the given name
Returns:
a group that matched the given name

listGroups

java.util.Enumeration listGroups(java.lang.String filter)
                                 throws EUsrGrpException
List groups. This method is more efficient than findGroups because this method retrieves group names and description only. Each retrieved group just contains group name and description.

Parameters:
filter - the search filter
Returns:
a list of groups, each group just contains group name and its description.
Throws:
EUsrGrpException - thrown when failed to list groups

getGroupFromName

IGroup getGroupFromName(java.lang.String name)
Retrieves a group from LDAP for the given group name

Parameters:
name - the given group name
Returns:
a group interface

getGroup

IGroup getGroup(java.lang.String DN)
Retrieves a group from LDAP for the given DN.

Specified by:
getGroup in interface IUsrGrp
Parameters:
DN - the given DN
Returns:
a group interface for the given DN.

isGroupPresent

boolean isGroupPresent(java.lang.String name)
Checks if the given group exists.

Parameters:
name - the given group name
Returns:
true if the given group exists in the internal database; otherwise false.

isMemberOf

boolean isMemberOf(java.lang.String uid,
                   java.lang.String name)
Checks if the given context is a member of the given group

Parameters:
uid - the given user id
name - the given group name
Returns:
true if the user with the given user id is a member of the given group

isMemberOf

boolean isMemberOf(IUser id,
                   java.lang.String name)

addGroup

void addGroup(IGroup group)
              throws EUsrGrpException
Adds a group of identities.

Specified by:
addGroup in interface IUsrGrp
Parameters:
group - the given group
Throws:
EUsrGrpException - thrown when failed to add group.

removeGroup

void removeGroup(java.lang.String name)
                 throws EUsrGrpException
Removes a group. Can't remove SUPER_CERT_ADMINS

Specified by:
removeGroup in interface IUsrGrp
Parameters:
name - the given group name
Throws:
EUsrGrpException - thrown when the given group failed to remove

modifyGroup

void modifyGroup(IGroup group)
                 throws EUsrGrpException
Modifies a group.

Specified by:
modifyGroup in interface IUsrGrp
Parameters:
group - the given group which contain all group attributes being modified.
Throws:
EUsrGrpException - thrown when failed to modify group.

removeUserFromGroup

void removeUserFromGroup(IGroup grp,
                         java.lang.String userid)
                         throws EUsrGrpException
Removes the user with the given id from the given group

Parameters:
grp - the given group
userid - the given user id
Throws:
EUsrGrpException - thrown when failed to remove the user from the given group

createUser

IUser createUser(java.lang.String id)
Create user with the given id.

Parameters:
id - the user with the given id.
Returns:
a new user

createGroup

IGroup createGroup(java.lang.String id)
Create group with the given id.

Parameters:
id - the group with the given id.
Returns:
a new group

getCertificateString

java.lang.String getCertificateString(java.security.cert.X509Certificate cert)
Get string representation of the given certificate

Parameters:
cert - given certificate
Returns:
the string representation of the given certificate

findUsersByCert

IUser findUsersByCert(java.lang.String filter)
                      throws EUsrGrpException,
                             netscape.ldap.LDAPException
Searchs for identities that matches the certificate locater generated filter.

Parameters:
filter - search filter
Returns:
an user
Throws:
EUsrGrpException - thrown when failed to find user
netscape.ldap.LDAPException - thrown when the internal database is not available

getCertUserLocator

ICertUserLocator getCertUserLocator()
Get user locator which does the mapping between the user and the certificate.

Returns:
CertUserLocator