com.waveset.session
Interface UserViewConstants

All Superinterfaces:
ViewConstants
All Known Implementing Classes:
WorkflowServices

public interface UserViewConstants
extends ViewConstants


Field Summary
static java.lang.String ATT_ACCOUNTS_LIGHTHOUSE
          The set of extended attributes in the read/write area.
static java.lang.String ATT_ALT_FORM
          Alternative form to be use.
static java.lang.String ATT_ASSIGNED_RESOURCES
          Where the list of assigned resource names is.
static java.lang.String ATT_AUTHENTICATED_ID
          The name of an attribute in a credential object on the ATT_SELF_DISCOVERY_CREDENTIALS list, that contains the name of the resource identity after successful authentication.
static java.lang.String ATT_AVAILABLE_RESOURCES
          The list of available resources.
static java.lang.String ATT_BACKGROUND_SAVE
          This non-persistent attribute will be recognized by UserViewer as a signal to launch the workflow process for a new user in the background rather than the usual foreground.
static java.lang.String ATT_EVENT_TYPE
          The type of event the UserView is servicing - valid values are create and update.
static java.lang.String ATT_FORM
          Maintained by the view handler, the name of the form we're using with this view.
static java.lang.String ATT_NO_FETCH
          Maintined by the view handler.
static java.lang.String ATT_PAGE
          Attribute holding the current view page.
static java.lang.String ATT_REGENERATE
          A special attribute that can be left in the accounts[].waveset view to indicate that the presence of an "accountId" attribute is not to be considered the full identity, but rather a attribute for the identity template.
static java.lang.String ATT_RESOURCE_SPEC
          Where the resource spec is.
static java.lang.String ATT_SYSTEM
          The name of an attribute in an accounts[] object where we store extended system information.
static java.lang.String ATT_SYSTEM_GENERATE
          A special attribute that can be left in the accounts[].waveset view to indicate that the presence of an "accountId" attribute is not to be considered the full identity, but rather a attribute for the identity template.
static java.lang.String ATT_SYSTEM_LINK
          The name of an attribute in an account view that when set explicitly to true indiciates that the system is allowed to link to an existing account rather than create a new one.
static java.lang.String ATT_SYSTEM_REGENERATE
           
static java.lang.String EVENT_TYPE_CREATE
           
static java.lang.String EVENT_TYPE_UPDATE
           
static java.lang.String FAKE_PASSWORD
          The "fake" password we send out in views to represent the presence of a password, without actually including it in the view.
static java.lang.String OP_ALLOW_LOCAL_SOURCES
          Option to indicate whether to allow using attributes in the accounts[Lighthouse] namespace for meta view attribute sources.
static java.lang.String OP_ALLOW_PASSWORD_GENERATION
          Allow passwords to be generated by the provision() operation even if the Role says they're supposed to be supplied by the user.
static java.lang.String OP_APPLY_META_VIEW
          Option to indicate whether the MetaView should be applied to the UserView.
static java.lang.String OP_AUDIT_ACTION
          Allow override of the default audit action in a given view.
static java.lang.String OP_BUILD_APPROVER_LISTS
          Option to build the approvers lists so that the select list on the user forms will be populated.
static java.lang.String OP_BULK_LOAD
          Kludge, set when the view converter is being used by the bulk loader.
static java.lang.String OP_CALL_VIEW_VALIDATORS
          Option to indicate to the view handler that it should call the registered ViewValidators.
static java.lang.String OP_CHECK_ADDITIONAL_RIGHTS
          Option indicating to the view handler that it should check the comma seperated list of rights in addition to the normal right checked (e.g.
static java.lang.String OP_CLONE
          Recognized by refreshView.
static java.lang.String OP_CREDENTIALS
          Used only with LoginChangeViewer.
static java.lang.String OP_FORWARDING_APPROVER_STYLE
          Option to expose control of who is in the approver list.
static java.lang.String OP_FULL_VIEW
          When true, indicates that this is a "full" user view.
static java.lang.String OP_GET_NEW_QUESTIONS
          Used to request the user view to return a new set of questions in addition to the current questions for a given user
static java.lang.String OP_INCLUDE_AVAILABLE
          Used with the end-user GUI to include information about other objects available to the user inlcuding launchable processes, work items, and active tasks.
static java.lang.String OP_INCLUDE_DIFFERENCES
          Recognized by checkoutView and refreshView.
static java.lang.String OP_INCLUDE_DISCOVERY
          Used with the end-user GUI to include the "discovery" view to support self-discovery of existing accounts.
static java.lang.String OP_INTERACTIVE_LINKING
          Option to enable "conservative linking" mode.
static java.lang.String OP_LOAD
          Deprecated: use OP_CLONE.
static java.lang.String OP_NO_AUTO_EXPIRE
          Option set to true to disable "auto expire" processing in UserViewer/NewPasswordViewer.
static java.lang.String OP_NO_LINKING
          Option to enable "conservative linking" mode.
static java.lang.String OP_NO_MISSING_FIELDS
          When set, requests that dynamic generation of fields for resource account attributes not in the base form should NOT be performed, even though the baseForm uses the special FormRef that triggers the assembly.
static java.lang.String OP_NO_REPROVISION
          Recognized by checkinView.
static java.lang.String OP_NO_SYNC_WAVESET_PASSWORD
          When true, indicates that the Waveset user password should NOT appear in the password synchronization widget as if it were a resource.
static java.lang.String OP_OBFUSCATE_ANSWERS
          When false, lets authentication questions be displayed in clear text form fields.
static java.lang.String OP_PARENT_CAPABILITY
          Recognized by createView.
static java.lang.String OP_PARTIAL_META_VIEW
          Option to indicate that only a partial MetaView should be applied to the UserView.
static java.lang.String OP_REFRESH
          Recognized by refreshView.
static java.lang.String OP_REQUIRES_CHALLENGE
          Option indicating to the view handler that the admin requesting the change should be challenged first for the password they logged in with before the request is allowed to process.
static java.lang.String OP_RESULT
          Special for convertView, allows an existing result object to be passed in rather than creating a new one.
static java.lang.String OP_SELECT_RESOURCES
          Recognized by checkoutView.
static java.lang.String OP_SOURCE_RESOURCE
          Option to indicate the name of the resource from which a partial application of the MetaView is being requested.
static java.lang.String OP_TARGET_RESOURCES
           
static java.lang.String OP_TARGETS
          When set during checkoutView, restricts the view to the a set of accounts.
static java.lang.String OP_TEST
          Recognized by refreshView.
static java.lang.String PAGE_EDIT
           
static java.lang.String PAGE_SELECT
           
static java.lang.String VIEW_READ_ONLY
          Is the view read only: true or false
static java.lang.String VIEW_TYPE
          The "type" of the view.
 
Fields inherited from interface com.waveset.object.ViewConstants
ATT_COMMAND, ATT_DERIVED_FORM, ATT_ERRORS, ATT_FORCE_VALIDATION, ATT_NO_VALIDATION, ATT_PROCESS_INPUTS, ATT_REQUEST_STATE, ATT_RETURNING_FROM_REDIRECT, ATT_SESSION, ATT_SPE_CONTEXT, IDM_RESOURCE, LIGHTHOUSE_RESOURCE, OP_ALLOWED_WORK_ITEM_TRANSITIONS, OP_BACKGROUND, OP_DEFER_COMMIT, OP_FORM, OP_INTERACTIVE, OP_NEED_SPE_CONTEXT, OP_NO_DISABLE_HINT, OP_NO_FETCH, OP_OBJECT_ID, OP_OBJECT_TYPE, OP_ORGANIZATION, OP_PROCESS, OP_RAW, OP_TASK_RESULT, RESULT_ALLOWED_WORK_ITEM_TRANSITIONS, RESULT_CONTINUE, RESULT_KEEP_VIEW, RESULT_REQUIRES_CHALLENGE, RESULT_TASK_STATUS, RESULT_USER, TASK_STATUS_ERROR
 

Field Detail

FAKE_PASSWORD

public static final java.lang.String FAKE_PASSWORD
The "fake" password we send out in views to represent the presence of a password, without actually including it in the view. This should be strange enough that it wouldn't be a real password. If we see this on the way in, it is a signal to leave the current password unchanged.

See Also:
Constant Field Values

VIEW_TYPE

public static final java.lang.String VIEW_TYPE
The "type" of the view.

See Also:
Constant Field Values

VIEW_READ_ONLY

public static final java.lang.String VIEW_READ_ONLY
Is the view read only: true or false

See Also:
Constant Field Values

OP_SELECT_RESOURCES

public static final java.lang.String OP_SELECT_RESOURCES
Recognized by checkoutView. This option is set by the interactive editing pages to cause a secondary form to be displayed that allows the selection of which resources should be updated after an edit. In effect, the Save of the user will be converted into a Refresh with a different form. Something similar could be accomplished with multi-page forms, but since we always want this in the user editing GUI, the view can help encapsulate the machinery. Think about generalizing this for use in other views?

See Also:
Constant Field Values

OP_INCLUDE_DIFFERENCES

public static final java.lang.String OP_INCLUDE_DIFFERENCES
Recognized by checkoutView and refreshView. Causes a complete set of attribute differences to be calculated and left in the "update" view. This is normally done only for the granular resource selection page, but you might want it on for testing, or to show old/new values in the edit form.

See Also:
Constant Field Values

OP_NO_REPROVISION

public static final java.lang.String OP_NO_REPROVISION
Recognized by checkinView. Indicates that reprovisioning should not be performed as a side effect of the checkin. When this is on the view WILL BE saved and no approvals will be requested. This is used by a few of the focused interfaces like IVR and an end-user form for changing authentication answers.

See Also:
Constant Field Values

OP_REFRESH

public static final java.lang.String OP_REFRESH
Recognized by refreshView. Causes attributes from the resources to be reloaded and merged with the attribute currently in the view. It will not overwrite existing attributes, only add new ones.

See Also:
Constant Field Values

OP_TEST

public static final java.lang.String OP_TEST
Recognized by refreshView. Causes each resource currently assigned to the user to be tested. The refreshed view will not contain any updated attributes, but it may contain messages describing the status of each resource.

See Also:
Constant Field Values

OP_CLONE

public static final java.lang.String OP_CLONE
Recognized by refreshView. Causes a restricted set of attributes from a Lighthouse user and resource accounts to be fetched and merged with the view. This is used to implement "template" accounts where you want to popuplate a new user with attribute from a template but not assume the identity of the template user or establish links to any of the template accounts.

See Also:
Constant Field Values

OP_LOAD

public static final java.lang.String OP_LOAD
Deprecated: use OP_CLONE. This is provided for backward compatibility in case there are customizations that set this option programatically. Historically this is been exposed as "Load" but I'm changing it internall to be "clone" which is more accurate.

See Also:
Constant Field Values

OP_OBFUSCATE_ANSWERS

public static final java.lang.String OP_OBFUSCATE_ANSWERS
When false, lets authentication questions be displayed in clear text form fields.

See Also:
Constant Field Values

OP_FULL_VIEW

public static final java.lang.String OP_FULL_VIEW
When true, indicates that this is a "full" user view. Not usually set by applications, set internally by the UserViewer to control the behavior of some sub-views like PasswordViewer.

See Also:
Constant Field Values

OP_NO_SYNC_WAVESET_PASSWORD

public static final java.lang.String OP_NO_SYNC_WAVESET_PASSWORD
When true, indicates that the Waveset user password should NOT appear in the password synchronization widget as if it were a resource.

See Also:
Constant Field Values

OP_CREDENTIALS

public static final java.lang.String OP_CREDENTIALS
Used only with LoginChangeViewer. This is used to pass down the map of login credentials when creating the view.

See Also:
Constant Field Values

OP_INCLUDE_AVAILABLE

public static final java.lang.String OP_INCLUDE_AVAILABLE
Used with the end-user GUI to include information about other objects available to the user inlcuding launchable processes, work items, and active tasks.

See Also:
Constant Field Values

OP_INCLUDE_DISCOVERY

public static final java.lang.String OP_INCLUDE_DISCOVERY
Used with the end-user GUI to include the "discovery" view to support self-discovery of existing accounts.

See Also:
Constant Field Values

OP_TARGETS

public static final java.lang.String OP_TARGETS
When set during checkoutView, restricts the view to the a set of accounts. This will restrict the resource accounts that are fetched, and will also in turn restrict the resources that are reprovisioned on checkin, if the OP_REPROVISION option is on.

When set for checkinView, this becomes the list of target resources for reprovisioning. // Though we're trying to use "account" rather than "resource" // leaving the option name the same to avoid having to // recompile customizations.

See Also:
Constant Field Values

OP_TARGET_RESOURCES

public static final java.lang.String OP_TARGET_RESOURCES
See Also:
Constant Field Values

OP_GET_NEW_QUESTIONS

public static final java.lang.String OP_GET_NEW_QUESTIONS
Used to request the user view to return a new set of questions in addition to the current questions for a given user

See Also:
Constant Field Values

OP_NO_MISSING_FIELDS

public static final java.lang.String OP_NO_MISSING_FIELDS
When set, requests that dynamic generation of fields for resource account attributes not in the base form should NOT be performed, even though the baseForm uses the special FormRef that triggers the assembly. This can be used in cases where you want to use the same for for both foreground and background operation, but need to disable assembly in the background.

See Also:
Constant Field Values

OP_PARENT_CAPABILITY

public static final java.lang.String OP_PARENT_CAPABILITY
Recognized by createView. When set, specifies the initial value for the capability.memberCapabilities attribute.

See Also:
Constant Field Values

OP_BULK_LOAD

public static final java.lang.String OP_BULK_LOAD
Kludge, set when the view converter is being used by the bulk loader. When true, any attribute in the WSUser is treated as a "global" attribute when the view is constructed. We also allow any attribute in the accounts[Lighthouse] namespace, even if it isn't on the list of registered extended attributes.

Might want to push this logic up into the Loader, more like the way authoritative feeds do it?

See Also:
Constant Field Values

OP_ALLOW_PASSWORD_GENERATION

public static final java.lang.String OP_ALLOW_PASSWORD_GENERATION
Allow passwords to be generated by the provision() operation even if the Role says they're supposed to be supplied by the user.

See Also:
Constant Field Values

OP_AUDIT_ACTION

public static final java.lang.String OP_AUDIT_ACTION
Allow override of the default audit action in a given view.

See Also:
Constant Field Values

OP_RESULT

public static final java.lang.String OP_RESULT
Special for convertView, allows an existing result object to be passed in rather than creating a new one. This is used when we're called from WorkflowServices, since the view has typically been converted once and we already have a result table with Lighthouse results. UserViewConverter will overwrite the existing result rather than adding a duplicate one.

Need to sort this out. We either need to stop calling setView() twice in the workflow cases, or assimilation of named results in a WavesetResult should overwrite existing items, probably both.

See Also:
Constant Field Values

OP_NO_AUTO_EXPIRE

public static final java.lang.String OP_NO_AUTO_EXPIRE
Option set to true to disable "auto expire" processing in UserViewer/NewPasswordViewer. When auto expire is enabled and a user password is changed, if it is being changed by someone other than the user themselves, the password is also automatically expired. This needs to be turned off for SOAP since proxy administrators are often used. // I would prefer that this be off by default and the specific // JSPs that want this turn it on. But that's a more intrusive // change than I want to do right now.

See Also:
Constant Field Values

OP_NO_LINKING

public static final java.lang.String OP_NO_LINKING
Option to enable "conservative linking" mode. For more information on this delightful option see Bug #65. When this is true, we will set the noLink option in ProvisioningOptions when the user is eventually provisioned. This will prevent the provisioner from discovering and linking existing accounts. This is generally set only when the view is used programatically. If you are interacting with the view in a form, you probably want to be using OP_INTERACTIVE_LINK.

See Also:
Constant Field Values

OP_INTERACTIVE_LINKING

public static final java.lang.String OP_INTERACTIVE_LINKING
Option to enable "conservative linking" mode. For more information on this delightful option see Bug #65. When this is true, the view handler will always check to see if newly assigned accounts already exist on the resources when the view is checked in. If existing accounts are found, the checkin is rejected and the user must make explicit entries in the view to determine what action should be taken for these accounts. Unlike OP_NO_LINKING, control is returned to the application without launching the workflow so the application has a chance to fix the account identities, or explicltly state whether linking is allowed.

See Also:
Constant Field Values

OP_BUILD_APPROVER_LISTS

public static final java.lang.String OP_BUILD_APPROVER_LISTS
Option to build the approvers lists so that the select list on the user forms will be populated. This option is off by default. Only the 'Default User Form' and the 'Tabbed User Form' have this option set.

See Also:
Constant Field Values

OP_FORWARDING_APPROVER_STYLE

public static final java.lang.String OP_FORWARDING_APPROVER_STYLE
Option to expose control of who is in the approver list. When set to "peers" the forwarding approver list will be a list of administrators that control at least one of the same organizations that the given administrator controls. When set to "controlled", the list of forwarding approvers will contain any administrator that the current administrator controls. The last option is to set the style to "all" which include the union of the "peers" and "controlled" lists. The default option is "peers". If "BuildApproverLists" is set to "false" then this option is ignored.

See Also:
Constant Field Values

OP_REQUIRES_CHALLENGE

public static final java.lang.String OP_REQUIRES_CHALLENGE
Option indicating to the view handler that the admin requesting the change should be challenged first for the password they logged in with before the request is allowed to process. The value of this option is a list of simple view attribute names that if their value changes, then a challenge should be required (e.g. password)

See Also:
Constant Field Values

OP_CHECK_ADDITIONAL_RIGHTS

public static final java.lang.String OP_CHECK_ADDITIONAL_RIGHTS
Option indicating to the view handler that it should check the comma seperated list of rights in addition to the normal right checked (e.g. "Bulk,Import,Execute")

See Also:
Constant Field Values

OP_CALL_VIEW_VALIDATORS

public static final java.lang.String OP_CALL_VIEW_VALIDATORS
Option to indicate to the view handler that it should call the registered ViewValidators. Auditor uses the view validator to integrate idm and auditor. If this option is set to true the view validators (if any ) will be called.

See Also:
Constant Field Values

OP_APPLY_META_VIEW

public static final java.lang.String OP_APPLY_META_VIEW
Option to indicate whether the MetaView should be applied to the UserView. The MetaView is not applied if this option is not present or is set to false.

See Also:
Constant Field Values

OP_PARTIAL_META_VIEW

public static final java.lang.String OP_PARTIAL_META_VIEW
Option to indicate that only a partial MetaView should be applied to the UserView. A partial MetaView requires OP_SOURCE_RESOURCE to specify the name of the resource from which the change is coming (e.g. - the Active Sync source, Load from Resource resource, etc...). When this is set, only attributes that come from the specified source resource and that are set on the identity user are flowed. Defaults to false if not present. Only consulted if OP_APPLY_META_VIEW is true.

See Also:
Constant Field Values

OP_SOURCE_RESOURCE

public static final java.lang.String OP_SOURCE_RESOURCE
Option to indicate the name of the resource from which a partial application of the MetaView is being requested. Required if OP_PARTIAL_META_VIEW is true.

See Also:
Constant Field Values

OP_ALLOW_LOCAL_SOURCES

public static final java.lang.String OP_ALLOW_LOCAL_SOURCES
Option to indicate whether to allow using attributes in the accounts[Lighthouse] namespace for meta view attribute sources. This is used internally for applications that create identity users that are not read from the resource (e.g. - Load from File). Defaults to false if not present. Only consulted if OP_PARTIAL_META_VIEW is true.

See Also:
Constant Field Values

ATT_BACKGROUND_SAVE

public static final java.lang.String ATT_BACKGROUND_SAVE
This non-persistent attribute will be recognized by UserViewer as a signal to launch the workflow process for a new user in the background rather than the usual foreground.

See Also:
Constant Field Values

ATT_FORM

public static final java.lang.String ATT_FORM
Maintained by the view handler, the name of the form we're using with this view. This should generally not be set dynamically as it controls how we propagate and build globals. The last form used will also be the one that performs a final refresh under workflow after approvals.

See Also:
Constant Field Values

ATT_NO_FETCH

public static final java.lang.String ATT_NO_FETCH
Maintined by the view handler. Set when the "no fetch" option was used. We need to remember this so we're careful when the view is checked back in. This should never be modified.

See Also:
Constant Field Values

ATT_RESOURCE_SPEC

public static final java.lang.String ATT_RESOURCE_SPEC
Where the resource spec is.

See Also:
Constant Field Values

ATT_ASSIGNED_RESOURCES

public static final java.lang.String ATT_ASSIGNED_RESOURCES
Where the list of assigned resource names is.

See Also:
Constant Field Values

ATT_AVAILABLE_RESOURCES

public static final java.lang.String ATT_AVAILABLE_RESOURCES
The list of available resources. Set by the view handler if the OP_INCLUDE_AVAILABLE option is on. The value normally comes from the "End User Resources" Configuration object. It will be filtered to exclude resources already assigned to the user.

See Also:
Constant Field Values

ATT_ACCOUNTS_LIGHTHOUSE

public static final java.lang.String ATT_ACCOUNTS_LIGHTHOUSE
The set of extended attributes in the read/write area.

See Also:
Constant Field Values

ATT_AUTHENTICATED_ID

public static final java.lang.String ATT_AUTHENTICATED_ID
The name of an attribute in a credential object on the ATT_SELF_DISCOVERY_CREDENTIALS list, that contains the name of the resource identity after successful authentication. This is also normally one of the credentials.

See Also:
Constant Field Values

ATT_SYSTEM

public static final java.lang.String ATT_SYSTEM
The name of an attribute in an accounts[] object where we store extended system information. This started out as "waveset" but we need to soon change this to "system" to be vendor/product neutral.

See Also:
Constant Field Values

ATT_SYSTEM_LINK

public static final java.lang.String ATT_SYSTEM_LINK
The name of an attribute in an account view that when set explicitly to true indiciates that the system is allowed to link to an existing account rather than create a new one. This is relevant only when the OP_NO_AUTO_LINK view option is enabled.

See Also:
Constant Field Values

ATT_SYSTEM_GENERATE

public static final java.lang.String ATT_SYSTEM_GENERATE
A special attribute that can be left in the accounts[].waveset view to indicate that the presence of an "accountId" attribute is not to be considered the full identity, but rather a attribute for the identity template. If the accounts[].identity attribute is not set, we will generate an identity using the template.

See Also:
Constant Field Values

ATT_REGENERATE

public static final java.lang.String ATT_REGENERATE
A special attribute that can be left in the accounts[].waveset view to indicate that the presence of an "accountId" attribute is not to be considered the full identity, but rather a attribute for the identity template. The accounts[].identity field will be unconditionally regenerated from the identity template during view refresh. This is necessary if you wish to regenerate an identity that was generated on a previous edit of this user, but the resource account has not yet been created. Normally once An identity is generated and saved in the WSUser object, it will remain even if the identity template attributes change. This is to allow a form to bypass the identity template and hard code the identity. If the account fails to be created for some reason the first time, the identity will remain in the WSUser. On the next edit of the user, it is possible that the identity template attributes of the user may change again, but we do not want to lose the previously generated identity unless there is explicit logic in the form to do so. In some cases though, you may want to throw away the previously generated identity and regenerate it based on new values for the identity template attributes, one application of this is to replace the identity of an account that was discovered during editing. Setting this flag to true will cause us to always regenerate the identity of this account.

See Also:
Constant Field Values

ATT_SYSTEM_REGENERATE

public static final java.lang.String ATT_SYSTEM_REGENERATE
See Also:
Constant Field Values

ATT_EVENT_TYPE

public static final java.lang.String ATT_EVENT_TYPE
The type of event the UserView is servicing - valid values are create and update. Create signifies a new user is being created, update signifies an existing user is being updated.

See Also:
Constant Field Values

EVENT_TYPE_CREATE

public static final java.lang.String EVENT_TYPE_CREATE
See Also:
Constant Field Values

EVENT_TYPE_UPDATE

public static final java.lang.String EVENT_TYPE_UPDATE
See Also:
Constant Field Values

ATT_PAGE

public static final java.lang.String ATT_PAGE
Attribute holding the current view page.

See Also:
Constant Field Values

PAGE_EDIT

public static final java.lang.String PAGE_EDIT
See Also:
Constant Field Values

PAGE_SELECT

public static final java.lang.String PAGE_SELECT
See Also:
Constant Field Values

ATT_ALT_FORM

public static final java.lang.String ATT_ALT_FORM
Alternative form to be use. Set only when displaying the select page. Avoid trashing ATT_FORM since we need to reliably remember the original form. We can't use ATT_PAGE to determine the form because the select form currently posts to ATT_PAGE for the "Return to Edit" button but we need to the use the previous form to process the refresh. Could also address this by requiring you post to "newPage" rather than "viewPage" then letting the view handler decide when to swap. Still, having explicit form names feels like it might be more flexible.

See Also:
Constant Field Values