Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.service.soap.client
Class SecurityServerClientImpl

java.lang.Object
  extended by com.atlassian.crowd.service.soap.client.SecurityServerClientImpl
All Implemented Interfaces:
SecurityServerClient
public class SecurityServerClientImpl
extends java.lang.Object
implements SecurityServerClient

An implementation of the SecurityServerClient interface.

This class with establish a connection with the Crowd security server, authenticate the application client and store the authentication token for the client for server operations. If the token becomes invalid, a new authentication token will be obtained and the request will run again. If the request fails a InvalidAuthorizationTokenException exception will be thrown.

This bean should be used in a singleton fashion.

See Also:
for a singleton factory implementation.

Field Summary
protected  AuthenticatedToken applicationToken
           
protected  org.codehaus.xfire.client.XFireProxyFactory factory
           
protected  org.codehaus.xfire.service.Service service
           
 
Constructor Summary
SecurityServerClientImpl(SoapClientProperties clientProperties)
           
 
Method Summary
 void addAllPrincipals(java.util.Collection<SOAPPrincipalWithCredential> principals)
          Adds principals to the application's assigned directory.
 void addAttributeToGroup(java.lang.String group, SOAPAttribute attribute)
          Adds an attribute to a group that is in the application's assigned directory.
 void addAttributeToPrincipal(java.lang.String principal, SOAPAttribute attribute)
          Adds an attribute to a principal who is in the application's assigned directory.
 SOAPGroup addGroup(SOAPGroup group)
          Adds a group to the application's assigned directory.
 SOAPPrincipal addPrincipal(SOAPPrincipal principal, PasswordCredential credential)
          Adds a principal to the application's assigned directory.
 void addPrincipalToGroup(java.lang.String principal, java.lang.String group)
          Adds a principal to a group for the application's assigned directory.
 void addPrincipalToRole(java.lang.String principal, java.lang.String role)
          Adds the principal to a role for the application's assigned directory.
 SOAPRole addRole(SOAPRole role)
          Adds a role to the application's assigned directory.
 void authenticate()
          Authenticate the client using the application name and password from crowd.properties.
 java.lang.String authenticatePrincipal(UserAuthenticationContext userAuthenticationContext)
          Authenticates a principal verses the calling who is in the application's assigned directory.
 java.lang.String authenticatePrincipalSimple(java.lang.String username, java.lang.String password)
          Authenticates a principal without SSO details utilizing centralized authentication only.
 java.lang.String createPrincipalToken(java.lang.String username, ValidationFactor[] validationFactors)
          Authenticates a principal without validating a password.
 java.lang.String[] findAllGroupNames()
          Finds all of the groups who are visible in the application's assigned directory.
 SOAPNestableGroup[] findAllGroupRelationships()
          Finds all of the groups who are visible in the application's assigned directory.
 SOAPGroup[] findAllGroups()
          Retrives all groups in the application's assigned directories.
 java.lang.String[] findAllPrincipalNames()
          Finds all of the principals who are visable in the application's assigned directory.
 SOAPPrincipal[] findAllPrincipals()
          Retrives all principals in the application's assigned directories.
 java.lang.String[] findAllRoleNames()
          Finds all of the roles who are visible in the application's assigned directory.
 SOAPRole[] findAllRoles()
          Retrives all roles in the application's assigned directories.
 SOAPGroup findGroupByName(java.lang.String name)
          Find a group by name for the application's assigned directory.
 java.lang.String[] findGroupMemberships(java.lang.String principalName)
          Finds all the groups the principal is a member of.
 SOAPGroup findGroupWithAttributesByName(java.lang.String name)
          Find a group by name for the application's assigned directory.
 SOAPPrincipal findPrincipalByName(java.lang.String name)
          Finds a principal by name who is in the application's assigned directory.
 SOAPPrincipal findPrincipalByToken(java.lang.String key)
          Finds a principal by token.
 SOAPPrincipal findPrincipalWithAttributesByName(java.lang.String name)
          Finds a principal by name who is in the application's assigned directory.
 SOAPRole findRoleByName(java.lang.String name)
          Finds a role by name for the application's assigned directory.
 java.lang.String[] findRoleMemberships(java.lang.String principalName)
          Finds all the roles the principal is a member of.
 AuthenticatedToken getApplicationToken()
          Retrieve the current application token.
 long getCacheTime()
          Deprecated. This method is now implemented by the crowd-ehache.xml configuration file.
 SOAPCookieInfo getCookieInfo()
          Returns information needed to set the SSO cookie correctly.
 java.lang.String getDomain()
          This will return the domain configured in Crowd or null if no domain has been set.
 java.lang.String[] getGrantedAuthorities()
          Will return the List of group names that have been given access to connect to the application
protected  SecurityServer getSecurityServer()
          Create and return an instance to the Crowd SecurityServer.
 SoapClientProperties getSoapClientProperties()
          Retrieve the client properties used to connect to the Crowd Security Server.
 void invalidateToken(java.lang.String token)
          Invalidates a principal token for all integrated applications.
 boolean isCacheEnabled()
          Checks if the client application should cache security information from the Crowd server.
 boolean isGroupMember(java.lang.String group, java.lang.String principal)
          Checks if a prinicipal is a member of a group for the application's assigned directory.
 boolean isRoleMember(java.lang.String role, java.lang.String principal)
          Checks if a principal is a member of a role for the application's assigned directory.
 boolean isValidToken(java.lang.String principalToken, ValidationFactor[] validationFactors)
          Checks if the principal's current token is still valid.
 void removeAttributeFromGroup(java.lang.String group, java.lang.String attribute)
          Removes an attribute from a group that is in the application's assigned directory.
 void removeAttributeFromPrincipal(java.lang.String principal, java.lang.String attribute)
          Removes an attribute from a principal who is in the application's assigned directory.
 void removeGroup(java.lang.String group)
          Removes a group from the applciation's assigned directory.
 void removePrincipal(java.lang.String principal)
          Removes a principal from the application's assigned directory.
 void removePrincipalFromGroup(java.lang.String principal, java.lang.String group)
          Removes a principal from a group for the application's assigned directory.
 void removePrincipalFromRole(java.lang.String principal, java.lang.String role)
          Removes a principal from a role for the application's assigned directory.
 void removeRole(java.lang.String role)
          Removes a role from the application's assigned directory.
 void resetPrincipalCredential(java.lang.String principal)
          Resets a principal's password credential to a random password and emails the new password who is in the application's assigned directory.
 SOAPGroup[] searchGroups(SearchRestriction[] searchRestrictions)
          Searches for groups that are in the application's assigned directory.
 SOAPPrincipal[] searchPrincipals(SearchRestriction[] searchRestrictions)
          Searches for prnicipals that are in the application's assigned directory.
 SOAPRole[] searchRoles(SearchRestriction[] searchRestrictions)
          Searches for roles that are in the application's assigned directory.
 void updateGroup(java.lang.String group, java.lang.String description, boolean active)
          Updates the first group located from the list of directories assigned to an application Available fields that can be updated are description and active
 void updateGroupAttribute(java.lang.String name, SOAPAttribute attribute)
          Updates an attribute for a group that is in the application's assigned directory.
 void updatePrincipalAttribute(java.lang.String name, SOAPAttribute attribute)
          Updates an attribute for a principal who is in the application's assigned directory.
 void updatePrincipalCredential(java.lang.String principal, PasswordCredential credential)
          Updates the password credential for a principal who is in the application's assigned directory.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

applicationToken

protected AuthenticatedToken applicationToken

service

protected org.codehaus.xfire.service.Service service

factory

protected org.codehaus.xfire.client.XFireProxyFactory factory
Constructor Detail

SecurityServerClientImpl

public SecurityServerClientImpl(SoapClientProperties clientProperties)
Parameters:
clientProperties - properties used to configure the client.
Method Detail

getSecurityServer

protected SecurityServer getSecurityServer()
                                    throws java.rmi.RemoteException
Create and return an instance to the Crowd SecurityServer.

Returns:
SecurityServer instance.
Throws:
java.rmi.RemoteException - there is a problem connecting to the Crowd Security Server.

getApplicationToken

public AuthenticatedToken getApplicationToken()
                                       throws java.rmi.RemoteException,
                                              InvalidAuthorizationTokenException,
                                              InvalidAuthenticationException
Retrieve the current application token.

If this client is not authenticated, then authenticate prior to returning the token.

Returns:
current application token.
Throws:
java.rmi.RemoteException - there was a problem communicating with the Crowd Security Server.
InvalidAuthorizationTokenException - incorrect credentials were used to authenticate the client. Ensure the application.password in crowd.properties matches the one defined in the Crowd Console.
InvalidAuthenticationException - if the application name/password combination is invalid

authenticate

public void authenticate()
                  throws java.rmi.RemoteException,
                         InvalidAuthorizationTokenException,
                         InvalidAuthenticationException
Authenticate the client using the application name and password from crowd.properties.

Specified by:
authenticate in interface SecurityServerClient
Throws:
java.rmi.RemoteException - there was a problem communicating with the Crowd Security Server.
InvalidAuthorizationTokenException - incorrect credentials were used to authenticate the client. Ensure the application.password in crowd.properties matches the one defined in the Crowd Console.
InvalidAuthenticationException - application authentication are not valid

authenticatePrincipal

public java.lang.String authenticatePrincipal(UserAuthenticationContext userAuthenticationContext)
                                       throws java.rmi.RemoteException,
                                              InvalidAuthorizationTokenException,
                                              InvalidAuthenticationException,
                                              InactiveAccountException,
                                              ApplicationAccessDeniedException,
                                              ExpiredCredentialException
Authenticates a principal verses the calling who is in the application's assigned directory.

Specified by:
authenticatePrincipal in interface SecurityServerClient
Parameters:
userAuthenticationContext - The principal's authentication details.
Returns:
The principal's authenticated token.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException - The principal's authentication details were invalid.
InactiveAccountException - The principal's account is not active.
ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.
ApplicationAccessDeniedException - if the user does not have access to this application.

isValidToken

public boolean isValidToken(java.lang.String principalToken,
                            ValidationFactor[] validationFactors)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            ApplicationAccessDeniedException,
                            InvalidAuthenticationException
Checks if the principal's current token is still valid.

Specified by:
isValidToken in interface SecurityServerClient
Parameters:
principalToken - The token to check.
validationFactors - The known identity factors used when creating the principal's token.
Returns:
true if and only if the token is active, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationAccessDeniedException - if the user does not have access to this application.
InvalidAuthenticationException - application authentication are not valid

invalidateToken

public void invalidateToken(java.lang.String token)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            InvalidAuthenticationException
Invalidates a principal token for all integrated applications. If the token is later validated, the token will not be found valid.

Specified by:
invalidateToken in interface SecurityServerClient
Parameters:
token - The token to invalidate.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException - application authentication are not valid

searchGroups

public SOAPGroup[] searchGroups(SearchRestriction[] searchRestrictions)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                InvalidAuthenticationException
Searches for groups that are in the application's assigned directory.

Specified by:
searchGroups in interface SecurityServerClient
Parameters:
searchRestrictions - The search restrictions to use when performing this search.
Returns:
The search results.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException - application authentication are not valid

searchPrincipals

public SOAPPrincipal[] searchPrincipals(SearchRestriction[] searchRestrictions)
                                 throws java.rmi.RemoteException,
                                        InvalidAuthorizationTokenException,
                                        InvalidAuthenticationException
Searches for prnicipals that are in the application's assigned directory.

Specified by:
searchPrincipals in interface SecurityServerClient
Parameters:
searchRestrictions - The search restrictions to use when performing this search.
Returns:
The search results.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException - application authentication are not valid

searchRoles

public SOAPRole[] searchRoles(SearchRestriction[] searchRestrictions)
                       throws java.rmi.RemoteException,
                              InvalidAuthorizationTokenException,
                              InvalidAuthenticationException
Searches for roles that are in the application's assigned directory.

Specified by:
searchRoles in interface SecurityServerClient
Parameters:
searchRestrictions - The search restrictions to use when performing this search.
Returns:
The search results.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException - application authentication are not valid

findAllGroups

public SOAPGroup[] findAllGroups()
                          throws java.rmi.RemoteException,
                                 InvalidAuthorizationTokenException,
                                 InvalidAuthenticationException
Retrives all groups in the application's assigned directories.

Specified by:
findAllGroups in interface SecurityServerClient
Returns:
all groups in the application's assigned directories.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findAllRoles

public SOAPRole[] findAllRoles()
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               InvalidAuthenticationException
Retrives all roles in the application's assigned directories.

Specified by:
findAllRoles in interface SecurityServerClient
Returns:
all roles in the application's assigned directories.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findAllPrincipals

public SOAPPrincipal[] findAllPrincipals()
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         InvalidAuthenticationException
Retrives all principals in the application's assigned directories.

Specified by:
findAllPrincipals in interface SecurityServerClient
Returns:
all principals in the application's assigned directories.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

addGroup

public SOAPGroup addGroup(SOAPGroup group)
                   throws java.rmi.RemoteException,
                          InvalidGroupException,
                          InvalidAuthorizationTokenException,
                          ApplicationPermissionException,
                          InvalidAuthenticationException
Adds a group to the application's assigned directory.

Specified by:
addGroup in interface SecurityServerClient
Parameters:
group - The group to add.
Returns:
The populated details after the add of the group to the directory server.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidGroupException - An error occured adding the group to the directory server.
ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.
InvalidAuthenticationException

updateGroup

public void updateGroup(java.lang.String group,
                        java.lang.String description,
                        boolean active)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        GroupNotFoundException,
                        ApplicationPermissionException,
                        InvalidAuthenticationException
Updates the first group located from the list of directories assigned to an application Available fields that can be updated are description and active

Specified by:
updateGroup in interface SecurityServerClient
Parameters:
group - The name of the group to update.
description - the new description of the group.
active - the new active flag for the group.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity to the directory server.
GroupNotFoundException - no groups matching the supplied name is found.
InvalidAuthenticationException

findGroupByName

public SOAPGroup findGroupByName(java.lang.String name)
                          throws java.rmi.RemoteException,
                                 InvalidAuthorizationTokenException,
                                 GroupNotFoundException,
                                 InvalidAuthenticationException
Find a group by name for the application's assigned directory.

Specified by:
findGroupByName in interface SecurityServerClient
Parameters:
name - The name of the group.
Returns:
The group object.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - Unable to find the specific group.
InvalidAuthenticationException

findGroupWithAttributesByName

public SOAPGroup findGroupWithAttributesByName(java.lang.String name)
                                        throws java.rmi.RemoteException,
                                               InvalidAuthorizationTokenException,
                                               GroupNotFoundException,
                                               InvalidAuthenticationException
Find a group by name for the application's assigned directory.

This will retrive the group and all its attributes.

Specified by:
findGroupWithAttributesByName in interface SecurityServerClient
Parameters:
name - The name of the group.
Returns:
The group object.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - Unable to find the specific group.
InvalidAuthenticationException

addRole

public SOAPRole addRole(SOAPRole role)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        InvalidRoleException,
                        ApplicationPermissionException,
                        InvalidAuthenticationException
Adds a role to the application's assigned directory.

Specified by:
addRole in interface SecurityServerClient
Parameters:
role - The name of the role.
Returns:
The role object.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidRoleException - An error occured adding the role to the directory server.
ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.
InvalidAuthenticationException

findRoleByName

public SOAPRole findRoleByName(java.lang.String name)
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               GroupNotFoundException,
                               InvalidAuthenticationException
Finds a role by name for the application's assigned directory.

Specified by:
findRoleByName in interface SecurityServerClient
Parameters:
name - The name of the role.
Returns:
The role object.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - Unable to find the specified group of type role.
InvalidAuthenticationException

findPrincipalByToken

public SOAPPrincipal findPrincipalByToken(java.lang.String key)
                                   throws java.rmi.RemoteException,
                                          InvalidTokenException,
                                          InvalidAuthorizationTokenException,
                                          InvalidAuthenticationException
Finds a principal by token.

Specified by:
findPrincipalByToken in interface SecurityServerClient
Parameters:
key - The principal's token.
Returns:
The principal object.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occured.
InvalidTokenException - Unable to find the specified token.
InvalidAuthenticationException

updatePrincipalAttribute

public void updatePrincipalAttribute(java.lang.String name,
                                     SOAPAttribute attribute)
                              throws java.rmi.RemoteException,
                                     ApplicationPermissionException,
                                     InvalidAuthorizationTokenException,
                                     UserNotFoundException,
                                     InvalidAuthenticationException
Updates an attribute for a principal who is in the application's assigned directory.

Note: This is the same as calling addAttributeToPrincipal

Specified by:
updatePrincipalAttribute in interface SecurityServerClient
Parameters:
name - The name of the principal.
attribute - The name of the attribute to update.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - Unable to find the specified principal.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidAuthenticationException

updateGroupAttribute

public void updateGroupAttribute(java.lang.String name,
                                 SOAPAttribute attribute)
                          throws java.rmi.RemoteException,
                                 ApplicationPermissionException,
                                 InvalidAuthorizationTokenException,
                                 GroupNotFoundException,
                                 InvalidAuthenticationException
Updates an attribute for a group that is in the application's assigned directory.

Note: This is the same as calling addAttributeToGroup

Specified by:
updateGroupAttribute in interface SecurityServerClient
Parameters:
name - The name of the principal.
attribute - The name of the attribute to update.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - Unable to find the specified group.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidAuthenticationException

findPrincipalByName

public SOAPPrincipal findPrincipalByName(java.lang.String name)
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         UserNotFoundException,
                                         InvalidAuthenticationException
Finds a principal by name who is in the application's assigned directory.

Specified by:
findPrincipalByName in interface SecurityServerClient
Parameters:
name - The name of the principal.
Returns:
The principal object.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - Unable to find the specified principal.
InvalidAuthenticationException

findPrincipalWithAttributesByName

public SOAPPrincipal findPrincipalWithAttributesByName(java.lang.String name)
                                                throws java.rmi.RemoteException,
                                                       InvalidAuthorizationTokenException,
                                                       UserNotFoundException,
                                                       InvalidAuthenticationException
Finds a principal by name who is in the application's assigned directory.

This will retrive the principal and all its attributes.

Specified by:
findPrincipalWithAttributesByName in interface SecurityServerClient
Parameters:
name - The name of the principal.
Returns:
The principal object.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - Unable to find the specified principal.
InvalidAuthenticationException

addPrincipal

public SOAPPrincipal addPrincipal(SOAPPrincipal principal,
                                  PasswordCredential credential)
                           throws java.rmi.RemoteException,
                                  InvalidAuthorizationTokenException,
                                  InvalidCredentialException,
                                  InvalidUserException,
                                  ApplicationPermissionException,
                                  InvalidAuthenticationException
Adds a principal to the application's assigned directory.

Specified by:
addPrincipal in interface SecurityServerClient
Parameters:
principal - The populated principal object to added.
credential - The password for the principal.
Returns:
The principal object.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occured.
InvalidCredentialException - The supplied password is invalid.
InvalidUserException - The supplied principal is invalid.
ApplicationPermissionException - The application does not have the proper permissions to add the entity to the directory server.
InvalidAuthenticationException

addAllPrincipals

public void addAllPrincipals(java.util.Collection<SOAPPrincipalWithCredential> principals)
                      throws InvalidAuthorizationTokenException,
                             java.rmi.RemoteException,
                             ApplicationPermissionException,
                             BulkAddFailedException,
                             InvalidAuthenticationException
Description copied from interface: SecurityServerClient
Adds principals to the application's assigned directory.

Specified by:
addAllPrincipals in interface SecurityServerClient
Parameters:
principals - Array of SOAPPrincipalWithCredential
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occurred.
ApplicationPermissionException - thrown when no Create User Permission for any of the directories.
BulkAddFailedException - throw when it failed to create a user in of the directories.
InvalidAuthenticationException

addPrincipalToGroup

public void addPrincipalToGroup(java.lang.String principal,
                                java.lang.String group)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                ApplicationPermissionException,
                                GroupNotFoundException,
                                UserNotFoundException,
                                InvalidAuthenticationException
Adds a principal to a group for the application's assigned directory.

Specified by:
addPrincipalToGroup in interface SecurityServerClient
Parameters:
principal - The name of the principal.
group - The name of the group.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - the group could not be found
UserNotFoundException - the user could not be found
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidAuthenticationException

updatePrincipalCredential

public void updatePrincipalCredential(java.lang.String principal,
                                      PasswordCredential credential)
                               throws java.rmi.RemoteException,
                                      InvalidAuthorizationTokenException,
                                      InvalidCredentialException,
                                      ApplicationPermissionException,
                                      UserNotFoundException,
                                      InvalidAuthenticationException
Updates the password credential for a principal who is in the application's assigned directory.

Specified by:
updatePrincipalCredential in interface SecurityServerClient
Parameters:
principal - The name of the principal.
credential - The password.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - Unable to find the specified principal.
InvalidCredentialException - The supplied password is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidAuthenticationException

resetPrincipalCredential

public void resetPrincipalCredential(java.lang.String principal)
                              throws java.rmi.RemoteException,
                                     InvalidEmailAddressException,
                                     InvalidCredentialException,
                                     ApplicationPermissionException,
                                     InvalidAuthorizationTokenException,
                                     UserNotFoundException,
                                     InvalidAuthenticationException
Resets a principal's password credential to a random password and emails the new password who is in the application's assigned directory.

Specified by:
resetPrincipalCredential in interface SecurityServerClient
Parameters:
principal - The name of the principal.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidCredentialException - Unable to reset the principal's password.
UserNotFoundException - Unable to find the specified principal.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidEmailAddressException
InvalidAuthenticationException

removeGroup

public void removeGroup(java.lang.String group)
                 throws java.rmi.RemoteException,
                        InvalidAuthorizationTokenException,
                        ApplicationPermissionException,
                        GroupNotFoundException,
                        InvalidAuthenticationException
Removes a group from the applciation's assigned directory.

Specified by:
removeGroup in interface SecurityServerClient
Parameters:
group - The name of the group.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - Unable to find the specified group.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
InvalidAuthenticationException

removeRole

public void removeRole(java.lang.String role)
                throws java.rmi.RemoteException,
                       InvalidAuthorizationTokenException,
                       ApplicationPermissionException,
                       GroupNotFoundException,
                       InvalidAuthenticationException
Removes a role from the application's assigned directory.

Specified by:
removeRole in interface SecurityServerClient
Parameters:
role - The name of the role.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - The specified role is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
InvalidAuthenticationException

removePrincipal

public void removePrincipal(java.lang.String principal)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            ApplicationPermissionException,
                            UserNotFoundException,
                            InvalidAuthenticationException
Removes a principal from the application's assigned directory.

Specified by:
removePrincipal in interface SecurityServerClient
Parameters:
principal - The name of the principal.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - The specified principal is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
InvalidAuthenticationException

addPrincipalToRole

public void addPrincipalToRole(java.lang.String principal,
                               java.lang.String role)
                        throws java.rmi.RemoteException,
                               InvalidAuthorizationTokenException,
                               ApplicationPermissionException,
                               UserNotFoundException,
                               GroupNotFoundException,
                               InvalidAuthenticationException
Adds the principal to a role for the application's assigned directory.

Specified by:
addPrincipalToRole in interface SecurityServerClient
Parameters:
principal - The name of the principal.
role - The name of the role.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - Unable to user by name
GroupNotFoundException - Unable to group (of type Role) by name.
ApplicationPermissionException - The application does not have the proper permissions to update the entity to the directory server.
InvalidAuthenticationException

isGroupMember

public boolean isGroupMember(java.lang.String group,
                             java.lang.String principal)
                      throws java.rmi.RemoteException,
                             InvalidAuthorizationTokenException,
                             InvalidAuthenticationException
Checks if a prinicipal is a member of a group for the application's assigned directory.

Specified by:
isGroupMember in interface SecurityServerClient
Parameters:
group - The name of the group.
principal - The name of the principal.
Returns:
true if and only if the principal is a group member, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

isRoleMember

public boolean isRoleMember(java.lang.String role,
                            java.lang.String principal)
                     throws java.rmi.RemoteException,
                            InvalidAuthorizationTokenException,
                            InvalidAuthenticationException
Checks if a principal is a member of a role for the application's assigned directory.

Specified by:
isRoleMember in interface SecurityServerClient
Parameters:
role - The name of the role.
principal - The name of the principal.
Returns:
true if and only if the principal is a role member, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

removePrincipalFromGroup

public void removePrincipalFromGroup(java.lang.String principal,
                                     java.lang.String group)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationPermissionException,
                                     UserNotFoundException,
                                     GroupNotFoundException,
                                     MembershipNotFoundException,
                                     InvalidAuthenticationException
Removes a principal from a group for the application's assigned directory.

Specified by:
removePrincipalFromGroup in interface SecurityServerClient
Parameters:
principal - The name of the principal.
group - The name of the group.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occured.
GroupNotFoundException - the group could not be found
UserNotFoundException - the user could not be found
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
MembershipNotFoundException
InvalidAuthenticationException

removePrincipalFromRole

public void removePrincipalFromRole(java.lang.String principal,
                                    java.lang.String role)
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    ApplicationPermissionException,
                                    UserNotFoundException,
                                    GroupNotFoundException,
                                    MembershipNotFoundException,
                                    InvalidAuthenticationException
Removes a principal from a role for the application's assigned directory.

Specified by:
removePrincipalFromRole in interface SecurityServerClient
Parameters:
principal - The name of the principal.
role - The name of the role.
Throws:
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
java.rmi.RemoteException - An unknown remote exception occured.
UserNotFoundException - Unable to user by name
GroupNotFoundException - Unable to group (of type Role) by name.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
MembershipNotFoundException
InvalidAuthenticationException

addAttributeToPrincipal

public void addAttributeToPrincipal(java.lang.String principal,
                                    SOAPAttribute attribute)
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    ApplicationPermissionException,
                                    UserNotFoundException,
                                    InvalidAuthenticationException
Adds an attribute to a principal who is in the application's assigned directory.

Note: This is the same as calling updatePrincipalAttribute

Specified by:
addAttributeToPrincipal in interface SecurityServerClient
Parameters:
principal - The name of the principal.
attribute - The name attribute to add.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - The specified user is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidAuthenticationException

removeAttributeFromPrincipal

public void removeAttributeFromPrincipal(java.lang.String principal,
                                         java.lang.String attribute)
                                  throws java.rmi.RemoteException,
                                         InvalidAuthorizationTokenException,
                                         ApplicationPermissionException,
                                         UserNotFoundException,
                                         InvalidAuthenticationException
Removes an attribute from a principal who is in the application's assigned directory.

Specified by:
removeAttributeFromPrincipal in interface SecurityServerClient
Parameters:
principal - The name of the principal.
attribute - The name of the attribute.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - The specified principal is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
InvalidAuthenticationException

addAttributeToGroup

public void addAttributeToGroup(java.lang.String group,
                                SOAPAttribute attribute)
                         throws java.rmi.RemoteException,
                                InvalidAuthorizationTokenException,
                                ApplicationPermissionException,
                                GroupNotFoundException,
                                InvalidAuthenticationException
Adds an attribute to a group that is in the application's assigned directory.

Note: This is the same as calling updateGroupAttribute

Specified by:
addAttributeToGroup in interface SecurityServerClient
Parameters:
group - The name of the group.
attribute - The name attribute to add.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - The specified group is invalid.
ApplicationPermissionException - The application does not have the proper permissions to update the entity in the directory server.
InvalidAuthenticationException

removeAttributeFromGroup

public void removeAttributeFromGroup(java.lang.String group,
                                     java.lang.String attribute)
                              throws java.rmi.RemoteException,
                                     InvalidAuthorizationTokenException,
                                     ApplicationPermissionException,
                                     GroupNotFoundException,
                                     InvalidAuthenticationException
Removes an attribute from a group that is in the application's assigned directory.

Specified by:
removeAttributeFromGroup in interface SecurityServerClient
Parameters:
group - The name of the group.
attribute - The name of the attribute.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
GroupNotFoundException - The specified group is invalid.
ApplicationPermissionException - The application does not have the proper permissions to remove the entity from the directory server.
InvalidAuthenticationException

getCacheTime

public long getCacheTime()
                  throws java.rmi.RemoteException,
                         InvalidAuthorizationTokenException,
                         InvalidAuthenticationException
Deprecated. This method is now implemented by the crowd-ehache.xml configuration file.

Gets the amount of time a client should cache security information from the Crowd server.

Specified by:
getCacheTime in interface SecurityServerClient
Returns:
The cache time in minutes.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

isCacheEnabled

public boolean isCacheEnabled()
                       throws java.rmi.RemoteException,
                              InvalidAuthorizationTokenException,
                              InvalidAuthenticationException
Checks if the client application should cache security information from the Crowd server.

Specified by:
isCacheEnabled in interface SecurityServerClient
Returns:
true if and only if the cache is enabled, otherwise false.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

getDomain

public java.lang.String getDomain()
                           throws java.rmi.RemoteException,
                                  InvalidAuthorizationTokenException,
                                  InvalidAuthenticationException
This will return the domain configured in Crowd or null if no domain has been set.

Specified by:
getDomain in interface SecurityServerClient
Returns:
the domain to set the SSO cookie for, or null
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findAllPrincipalNames

public java.lang.String[] findAllPrincipalNames()
                                         throws java.rmi.RemoteException,
                                                InvalidAuthorizationTokenException,
                                                InvalidAuthenticationException
Finds all of the principals who are visable in the application's assigned directory.

Specified by:
findAllPrincipalNames in interface SecurityServerClient
Returns:
The names of all known principals.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findAllGroupNames

public java.lang.String[] findAllGroupNames()
                                     throws java.rmi.RemoteException,
                                            InvalidAuthorizationTokenException,
                                            InvalidAuthenticationException
Finds all of the groups who are visible in the application's assigned directory.

Specified by:
findAllGroupNames in interface SecurityServerClient
Returns:
A String listing of the group names.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findAllGroupRelationships

public SOAPNestableGroup[] findAllGroupRelationships()
                                              throws java.rmi.RemoteException,
                                                     InvalidAuthorizationTokenException,
                                                     InvalidAuthenticationException
Finds all of the groups who are visible in the application's assigned directory. The groups will have their application's direct sub-groups populated. Principals will not be populated.

Specified by:
findAllGroupRelationships in interface SecurityServerClient
Returns:
A SOAPNestableGroup listing of the groups, plus any direct sub-groups.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findAllRoleNames

public java.lang.String[] findAllRoleNames()
                                    throws java.rmi.RemoteException,
                                           InvalidAuthorizationTokenException,
                                           InvalidAuthenticationException
Finds all of the roles who are visible in the application's assigned directory.

Specified by:
findAllRoleNames in interface SecurityServerClient
Returns:
A String listing of the role names.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

findGroupMemberships

public java.lang.String[] findGroupMemberships(java.lang.String principalName)
                                        throws java.rmi.RemoteException,
                                               InvalidAuthorizationTokenException,
                                               UserNotFoundException,
                                               InvalidAuthenticationException
Finds all the groups the principal is a member of.

Specified by:
findGroupMemberships in interface SecurityServerClient
Parameters:
principalName - The name of the principal to use when performing the lookup.
Returns:
A String listing of the principal's group memberships.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - The principal was not found
InvalidAuthenticationException

findRoleMemberships

public java.lang.String[] findRoleMemberships(java.lang.String principalName)
                                       throws java.rmi.RemoteException,
                                              InvalidAuthorizationTokenException,
                                              UserNotFoundException,
                                              InvalidAuthenticationException
Finds all the roles the principal is a member of.

Specified by:
findRoleMemberships in interface SecurityServerClient
Parameters:
principalName - The name of the principal to use role performing the lookup.
Returns:
A String listing of the principal's group memberships.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
UserNotFoundException - The principal was not found
InvalidAuthenticationException

authenticatePrincipalSimple

public java.lang.String authenticatePrincipalSimple(java.lang.String username,
                                                    java.lang.String password)
                                             throws java.rmi.RemoteException,
                                                    InvalidAuthorizationTokenException,
                                                    InvalidAuthenticationException,
                                                    InactiveAccountException,
                                                    ApplicationAccessDeniedException,
                                                    ExpiredCredentialException
Authenticates a principal without SSO details utilizing centralized authentication only.

Specified by:
authenticatePrincipalSimple in interface SecurityServerClient
Parameters:
username - The username of the principal.
password - The password credential.
Returns:
The principal's authentication token.
Throws:
java.rmi.RemoteException - An unknown remote exception occured.
InvalidAuthenticationException - An invalid authentication occured.
InvalidAuthorizationTokenException - An invalid authentication occured.
InactiveAccountException - The principal's account is inactive.
ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.
ApplicationAccessDeniedException - user does not have access to the application.

createPrincipalToken

public java.lang.String createPrincipalToken(java.lang.String username,
                                             ValidationFactor[] validationFactors)
                                      throws java.rmi.RemoteException,
                                             InvalidAuthorizationTokenException,
                                             InvalidAuthenticationException,
                                             InactiveAccountException,
                                             ApplicationAccessDeniedException
Authenticates a principal without validating a password.

Specified by:
createPrincipalToken in interface SecurityServerClient
Parameters:
username - The username to create an authenticate token for.
validationFactors - The known attributes of the user to use when creating a token, such as their remote IP address and user-agent.
Returns:
The principal's authentication token.
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthenticationException - An invalid authentication occurred.
InvalidAuthorizationTokenException - An invalid authentication occurred.
InactiveAccountException - The principal's account is inactive.
ApplicationAccessDeniedException

getGrantedAuthorities

public java.lang.String[] getGrantedAuthorities()
                                         throws InvalidAuthorizationTokenException,
                                                java.rmi.RemoteException,
                                                InvalidAuthenticationException
Description copied from interface: SecurityServerClient
Will return the List of group names that have been given access to connect to the application

Specified by:
getGrantedAuthorities in interface SecurityServerClient
Returns:
a String[] of group names
Throws:
InvalidAuthorizationTokenException
java.rmi.RemoteException
InvalidAuthenticationException

getCookieInfo

public SOAPCookieInfo getCookieInfo()
                             throws java.rmi.RemoteException,
                                    InvalidAuthorizationTokenException,
                                    InvalidAuthenticationException
Returns information needed to set the SSO cookie correctly.

Specified by:
getCookieInfo in interface SecurityServerClient
Returns:
An object with lots of tasty configuration information
Throws:
java.rmi.RemoteException - An unknown remote exception occurred.
InvalidAuthorizationTokenException - The calling application's applicationToken is invalid.
InvalidAuthenticationException

getSoapClientProperties

public SoapClientProperties getSoapClientProperties()
Retrieve the client properties used to connect to the Crowd Security Server.

Specified by:
getSoapClientProperties in interface SecurityServerClient
Returns:
client properties used.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 Atlassian. All Rights Reserved.