InfoCenter Home >
5: Securing applications -- special topics >
5.2: Introduction to custom registries >
5.2.4: Custom-registry source code >
5.2.4.2: Source code for the custom-registry component >
5.2.4.2.1: The CustomRegistry.java file

5.2.4.2.1: The CustomRegistry.java file

// IBM Confidential OCO Source Material
// 5648-C83, 5648-C84 (C) COPYRIGHT International Business Machines Corp. 2001
// The source code for this program is not published or otherwise divested
// of its trade secrets, irrespective of what has been deposited with the
// U.S. Copyright Office.

package com.ibm.websphere.security;

import java.util.*;
import java.security.cert.X509Certificate;

/**
* The CustomRegistry interface provides an API that supports the following registry entry types:
*
* user
* group
*
* Implementation of this interface must provide implementations for:
*
* initialize
* checkPassword
* mapCertificate
* getRealm
* getUsers
* getUsers(String)
* getUsersForGroup
* getUserDisplayName
* getUniqueUserId
* getUniqueUserIds
* getUserSecurityName
* isValidUser
* getGroups
* getGroups(String)
* getGroupsForUser
* getGroupDisplayName
* getUniqueGroupId
* getUniqueGroupIds
* getGroupSecurityName
* isValidGroup
*
**/

public interface CustomRegistry
{

/**
* Initializes the registry.
* @param props the registry-specific properties with which to initialize the
* registry object.
* @exception CustomRegistryException if there are any other problems.
**/
public void initialize(java.util.Properties props)
throws CustomRegistryException;

/**
* Checks the password of the user.
* @param userId is the username whose password needs to be checked.
* @param password is the password of the userId.
* @return a valid username (this can be the same userId whose password
* was checked or it could be some other userId in the registry if the
* implementation required it).
* @exception CheckPasswordFailedException if userId/password
* combination does not exist in the registry.
* @exception CustomRegistryException if there are any other problems.
**/
public String checkPassword(String userId, String password)
throws PasswordCheckFailedException,
CustomRegistryException;

/**
* Maps a Certificate (of X509 format) to a valid userId in the Registry.
* @param cert is the certificate that must be mapped.
* @return the mapped name of the user (userId).
* @exception CertificateMapNotSupportedException if the particular
* certificate is not supported.
* @exception CertificateMapFailedException if the mapping of the
* certificate fails.
* @exception CustomRegistryException if there are any other problems.
**/
public String mapCertificate(X509Certificate cert)
throws CertificateMapNotSupportedException,
CertificateMapFailedException,
CustomRegistryException;

/**
* Returns the realm of the registry.
* @return the realm. The realm is a registry-specific string indicating the
* realm or domain for which this registry applies. For example, for
* OS400 or AIX this would be the host name of the system whose user registry this object represents.
* If null is returned by this method, realm defaults to the value of
* "customRealm".
* @exception CustomRegistryException if there are any other problems.
**/
public String getRealm()
throws CustomRegistryException;

/**
* Returns names of all the users in the registry.
* @return a List of the names of all the users.
* @exception CustomRegistryException if there is any other problem.
**/
public List getUsers()
throws CustomRegistryException;

/**
* Returns names of the users in the registry that match a pattern.
* @param pattern is the pattern to match. (For example, a* will match all
* userNames starting with a).
* @return a List of the names of all the users that match the pattern.
* @exception CustomRegistryException if there are any other problems.
**/
public List getUsers(String pattern)
throws CustomRegistryException;

/**
* Returns the names of all the users in a group.
* @param groupName is the name of the group.
* @return a List of all the names of the users in the group.
* @exception EntryNotFoundException if groupName does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public List getUsersForGroup(String groupName)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the display name for the user specified by userName.
* @param userName is the name of the user.
* @return the display name for the user. The display name
* is a registry-specific string that represents a descriptive, not
* necessarily a unique, name for a user. If a display name does not exist
* return null.
* @exception EntryNotFoundException if userName does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public String getUserDisplayName(String userName)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the UniqueId for a userName.
* @param userName is the name of the user.
* @return the UniqueId of the user. The UniqueId for an user is
* the stringified form of some unique, registry-specific, data that
* serves to represent the user.  For example, for the UNIX user registry, the
* UniqueId for a user can be the UID.
* @exception EntryNotFoundException if userName does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public String getUniqueUserId(String userName)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the UniqueIds for all the users that belong to a group.
* @param uniqueGroupId is the uniqueId of the group.
* @return a List of all the user Unique ids that are contained in the
* group whose Unique id matches the uniqueGroupId.
* The Unique id for an entry is the stringified form of some unique,
* registry-specific, data that serves to represent the entry.  For example, for the
* Unix user registry, the Unique id for a group could be the GID and the
* Unique Id for the user could be the UID.
* @exception EntryNotFoundException if uniqueGroupId does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public List getUniqueUserIds(String uniqueGroupId)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the name for a user given its uniqueId.
* @param uniqueUserId is the UniqueId of the user.
* @return the name of the user.
* @exception EntryNotFoundException if the uniqueUserId does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public String getUserSecurityName(String uniqueUserId)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Determines if a user exists.
* @param userName is the name of the user.
* @return true if the user exists; false otherwise.
* @exception CustomRegistryException if there are any other problems.
**/
public boolean isValidUser(String userName)
throws CustomRegistryException;

/**
* Returns names of all the groups in the registry.
* @return a List of the names of all the groups.
* @exception CustomRegistryException if there are any other problems.
**/
public List getGroups()
throws CustomRegistryException;

/**
* Returns names of the groups in the registry that match a pattern.
* @param pattern is the pattern to match.
* @return a List of the names of the groups.
* @exception CustomRegistryException if there are any other problems.
**/
public List getGroups(String pattern)
throws CustomRegistryException;

/**
* Returns the names of the groups to which userName belongs.
* @param userName is the username of the user.
* @return a List of the names of all the groups to which the user belongs.
* @exception EntryNotFoundException if userName does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public List getGroupsForUser(String userName)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the display name for a group.
* @param groupName is the name of the group.
* @return the display name for the group. The display name
* is a registry-specific string that represents a descriptive, not
* necessarily a unique, name for a group.
* @exception EntryNotFoundException if the groupName does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public String getGroupDisplayName(String groupName)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the Unique id for a group.
* @param groupName is the name of the group.
* @return the Unique id of the group. The Unique id for
* a group is the stringified form of some unique, registry-specific,
* data that serves to represent the entry.  For example, for the
* Unix user registry, the Unique id could be the GID for the entry.
* @exception EntryNotFoundException if groupName does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public String getUniqueGroupId(String groupName)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the Unique ids for all the groups that contain the UniqueId of
* a user.
* @param uniqueUserId is the uniqueId of the user.
* @return a List of all the group Unique ids to which the uniqueUserId belongs.
* The Unique id for an entry is the stringified form of some unique,
* registry-specific, data that serves to represent the entry.  For example, for the
* Unix user registry, the Unique id for a group could be the GID and the
* Unique Id for the user could be the UID.
* @exception EntryNotFoundException if uniqueUserId does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public List getUniqueGroupIds(String uniqueUserId)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Returns the name for a group given its uniqueId.
* @param uniqueGroupId is the UniqueId of the group.
* @return the name of the group.
* @exception EntryNotFoundException if the uniqueGroupId does not exist.
* @exception CustomRegistryException if there are any other problems.
**/
public String getGroupSecurityName(String uniqueGroupId)
throws EntryNotFoundException,
CustomRegistryException;

/**
* Determines if a group exists.
* @param groupName is the name of the group.
* @return true if the group exists; false otherwise.
* @exception CustomRegistryException if there are any other problems.
**/
public boolean isValidGroup(String groupName)
throws CustomRegistryException;

}
Go to previous article: Custom registry source code Go to next article: CustomRegistryException.java source code

 

 
Go to previous article: Custom registry source code Go to next article: CustomRegistryException.java source code