com.waveset.adapter
Class NDSResourceAdapter

java.lang.Object
  extended bycom.waveset.adapter.ResourceAdapterBase
      extended bycom.waveset.adapter.AgentResourceAdapter
          extended bycom.waveset.adapter.NDSResourceAdapter
All Implemented Interfaces:
ActiveSync, RASecureConnection.RASecureConnectionAccessor, ResourceAdapter
Direct Known Subclasses:
NDSActiveSyncAdapter, NDSSecretStoreResourceAdapter

public class NDSResourceAdapter
extends AgentResourceAdapter
implements ActiveSync


Nested Class Summary
static class NDSResourceAdapter.UpdateRowComparator
          Internal class that implenents the Comparator interface for sorting the UpdateRow elements in a list by a named attribute (type is string but really a long).
 
Nested classes inherited from class com.waveset.adapter.AgentResourceAdapter
AgentResourceAdapter.AcctIter, AgentResourceAdapter.AgentAccountSupplier, AgentResourceAdapter.BlockAcctIter, AgentResourceAdapter.BlockObjectIterator
 
Nested classes inherited from class com.waveset.adapter.ResourceAdapterBase
ResourceAdapterBase.SimpleAccountIterator
 
Nested classes inherited from class com.waveset.adapter.ResourceAdapter
ResourceAdapter.ActionResult, ResourceAdapter.Features, ResourceAdapter.ObjectType
 
Field Summary
static java.lang.String code_id
           
static java.lang.String OPT_RUNAS_PASSWORD
           
static java.lang.String OPT_RUNAS_USER
           
static java.lang.String OPT_SEARCH_ATTRS
           
static java.lang.String OPT_SEARCH_FILTER
           
static java.lang.String OPT_SEARCH_SCOPE
           
static java.lang.String RA_BASE_CTX
           
static java.lang.String RA_GW_DOMAINDN
           
static java.lang.String RA_GW_PO_DELETE_PATTERN
           
static java.lang.String RA_MODIFICATION_TIMESTAMP_ATTR
           
static java.lang.String RA_MODIFICATION_TIMESTAMP_FILTER
           
static java.lang.String RA_NDSTREE
           
static java.lang.String RA_OBJCLASS
           
static java.lang.String RA_PASSWORD
           
static java.lang.String RA_TEMPLATE
           
static java.lang.String RA_TEMPLATE_HOMEDIR_ATTR
           
static java.lang.String RA_USERDN
           
static java.lang.String RA_WSNAME
           
 
Fields inherited from class com.waveset.adapter.AgentResourceAdapter
_connection, ATTR_ACTION, CONNECTED_TO_RESOURCE, RA_AUTHTIMEOUT, RA_CONN, RA_HANGTIMEOUT, RA_HOST, RA_PORT, SUPPORTS_ENCRYPTED_TYPE, USER_CLASS
 
Fields inherited from class com.waveset.adapter.ResourceAdapterBase
_cache, _context, _excludedAccountsRule, _excludedAccountsRuleInited, _listAllObjectsAttrParse, _listAllObjectsAttrParseName, _listUserAttrParse, _listUserAttrParseName, _listUserGroupsAttrParse, _listUserGroupsAttrParseName, _resource, _thread, _trace, displayInfoCode, RA_BLOCKCOUNT, RA_LOGIN_ACTION, RA_LOGOFF_ACTION, RA_MULTI_VALUED_ATTRS, RA_TEST_MODE
 
Fields inherited from interface com.waveset.adapter.ActiveSync
ACTIVE_SYNC_EVENT_RES_ATTRS_XML, ACTIVE_SYNC_STD_RES_ATTRS_XML, ATTR_IS_DELETED, DATE_FORMAT, DATE_TIME_FORMAT, RA_APPLY_META_VIEW, RA_ASSIGN_SOURCE_ON_CREATE, RA_CONFIRMATION_RULE, RA_CORRELATION_RULE, RA_CREATE_UNMATCHED, RA_DELETE_RULE, RA_FORM, RA_ID, RA_IDM_NAME_RULE, RA_LEGACY_EVENT_GEN, RA_LOG_LEVEL, RA_LOG_PATH, RA_LOG_SIZE, RA_MAX_AGE_LENGTH, RA_MAX_AGE_UNIT, RA_MAX_ARCHIVES, RA_NAME, RA_PARAMETERIZED_INPUT_FORM, RA_POPULATE_GLOBAL, RA_POSTPOLL_WORKFLOW, RA_PREPOLL_WORKFLOW, RA_PROCESS_RULE, RA_PROXY_ADMINISTRATOR, RA_RESET_TO_TODAY, RA_RESOLVE_PROCESS_RULE, RA_SCHEDULE_INTERVAL, RA_SCHEDULE_INTERVAL_COUNT, RA_SCHEDULE_START_DATE, RA_SCHEDULE_START_TIME, RA_SYNC_CONFIG_MODE, RA_SYNC_POST_PROCESS_FORM, RA_UPDATE_IF_DELETE, RA_USE_INPUT_FORM, TIME_FORMAT, TRACE_LEVEL_DEBUG, TRACE_LEVEL_ERROR, TRACE_LEVEL_INFO, TRACE_LEVEL_NONE, TRACE_LEVEL_WARNING
 
Fields inherited from interface com.waveset.adapter.ResourceAdapter
CHANGE_PASSWORD_LOCATION, DISABLE, ENABLE, EXPIRE_PASSWORD, GUID, IGNORE_ATTR, NEW_ACCOUNT_ID, OP_DAYS_INACTIVE, OP_DISABLED, OP_DORMANT, OP_EXPIRED, OP_EXPIREDPWD, OP_INACTIVE, OP_LOCKED, OP_NO_PASSWORD_SET, OP_NOOWNERSHIP, OP_NOPASSWORDREQ, OP_NUMINACTIVEDAYS, OP_NUMPWDAYS, OP_PWNUMDAYS, RA_DISPLAY_NAME_ATTR, RA_NEW_OBJECT_ID, RA_NEW_OBJECT_NAME, RA_OBJECT_ATTRIBUTES, RA_OBJECT_CLASS, RA_OBJECT_ID, RA_OBJECT_TYPE, RA_OP_TYPE, RA_RENAME_OP, RA_REQUESTOR, RA_SAVEAS_OP, RA_SEARCH_ATTRIBUTE_NAMES, RA_SEARCH_ATTRS_TO_GET, RA_SEARCH_CONTEXT, RA_SEARCH_FILTER, RA_SEARCH_RUN_AS_PASSWORD, RA_SEARCH_RUN_AS_USER, RA_SEARCH_SCOPE, RA_SEARCH_SCOPE_OBJECT, RA_SEARCH_SCOPE_ONE_LEVEL, RA_SEARCH_SCOPE_SUBTREE, RA_SEARCH_TIME_LIMIT, RESET_PASSWORD, SYSTEM_ATTRIBUTES, UNLOCK, WS_USER_PASSWORD
 
Constructor Summary
NDSResourceAdapter()
           
NDSResourceAdapter(Resource res, ObjectCache cache)
           
 
Method Summary
 WavesetResult authenticate(java.util.HashMap loginInfo)
          Authenticates the user against the resource.
protected  com.waveset.adapter.iapi.IAPI buildEvent(com.waveset.adapter.NDSResourceAdapter.UpdateRow row)
          Deprecated. As of IdM 5.5.
 void callCompleted(com.waveset.adapter.iapi.IAPI call)
           
 Resource createPrototypeResource()
           
 AccountIterator getAccountIterator()
          Default implementation just gets all the users and holds them in an array.
 AccountIterator getAccountIterator(java.util.Map params)
          Alternate interface to pass in a map of name/value pairs to control the search.
 java.lang.Object getAttributeValue(java.lang.String name)
          Get or set an attribute value for the ActiveSync.
 java.lang.String getBaseContextAttrName()
          Returns the name, if any, of the attribute used by the resource as the base context or the context to which all operations is bound
 GenericObject getFeatures()
          Expose features supported by the Resource Adapter.
protected  java.lang.String getLoginAttrName(java.lang.String key)
          Get the attribute name to use for the login info key that is passed in.
 void init()
          initialize yourself.
 java.util.List listObjects(java.lang.String objectType, java.util.Map options)
          Returns a list of objects matching the requested objectType and options
protected  void logUpdate(int level, com.waveset.adapter.NDSResourceAdapter.UpdateRow update, WavesetResult result)
          Log whatever we want to from an update.
 boolean namesEqual(java.lang.String name1, java.lang.String name2)
          This method will return true if name1 equals name2.
 int poll()
          The poll method.
protected  int processUpdates(java.util.List list, com.waveset.adapter.iapi.IAPI prox)
          Take a list of Maps that are rows of the audit data and turn them into IAPI calls.
 void setAttributeValue(java.lang.String name, java.lang.Object value)
           
 void shutdown()
          shutdown
static Resource staticCreatePrototypeResource()
           
 boolean supportsAccountDisable()
          Return true if this resource supports some form of native account disable.
 boolean supportsExcludedAccounts()
           
 boolean supportsScanning()
           
 
Methods inherited from class com.waveset.adapter.AgentResourceAdapter
addCmdArgs, addIgnoredAttrs, agentTestConfiguration, augmentListAllObjects, buildGetObjectRequest, checkCreateAccount, checkDeleteAccount, checkUpdateAccount, createAccounts, createObject, createXmlObject, createXmlObject, deleteAccounts, deleteObject, determineGatewayCapabilities, disableAccounts, doCreateOrUpdateObjectRequest, doCreateOrUpdateRequest, doGetGatewayInfo, doGetGatewayInfo, enableAccounts, encryptEncryptedType, encryptEncryptedType, endRequest, extendWSAttributes, getAccountAttributes, getAgentAdapters, getAuthenticationTimeout, getBlockAccountIterator, getBlockAccountIterator, getConnection, getGatewayInfo, getGenericObjectsFromResponse, getHangTimeout, getObject, getObjectFromResponse, getObjectIterator, getObjectListFromResponse, getResInfo, getResponse, getResponse, getResponse, getResponse, getResponseBytes, getResponseBytes, getResponseBytes, getResponseBytes, getResultItemList, getTraceFile, getTraceFile, getUser, getUsersFromResponse, getUsersFromResponse, getWsAttrsString, listAllObjects, loadUsersFromResponse, makeConnection, makeConnection, makeGUID, mapAttributes, mapObjectType, removeUserAttr, returnConnection, returnConnection, returnConnection, returnConnection, reverseMapAttributes, run, runAction, scan, sendRequest, sendRequest, sendRequest, sendRequest, setConnection, setGatewayInfo, startRequest, startRequest, startRequestWithoutConnect, transformGUID, updateAccounts, updateIdFromResource, updateKey, updateObject
 
Methods inherited from class com.waveset.adapter.ResourceAdapterBase
checkForNoPasswordInSchema, checkSyntax, createAccount, createIdentity, deleteAccount, deleteAccount, disableAccount, dnsEqual, dnsEqual, enableAccount, executeResourceAttributeJavascriptAction, fillInResourceInfo, fillInResourceInfo, getAccountIterator, getAction, getActionNotFoundErrorMessage, getActionNotFoundMessage, getActionRunAsPassword, getActionRunAsUser, getActionTimeout, getActionType, getAdapter, getAdapter, getAdapter, getAdapterProxy, getAdapterProxy, getAllAccounts, getAttrNameFromMapName, getAttrNameFromMapName, getAttrParse, getAttrTypeFromMapName, getAttrTypeFromMapName, getAUserName, getBaseContextObject, getBaseContexts, getBlockSize, getContext, getExcludedAccountsRule, getIdentity, getListAllObjectsAttrParse, getListUserAttrParse, getListUserGroupsAttrParse, getOptionalBooleanResAttrVal, getOptionalBooleanResAttrVal, getOptionalEncryptedResAttrVal, getOptionalResAttrVal, getOptionalStringResAttrVal, getRequiredResAttr, getRequiredResAttr, getRequiredResAttrVal, getRequiredResAttrVal, getRequiredResAttrVals, getRequiredUserAttributeNames, getResAttrValActionOnUser, getResAttrVals, getResource, getResourceAccounts, getResourceInfo, getResourceObjectAttrValNameAttr, getResourceObjectClassAttr, getResourceObjectTypePrefix, getSchemaMap, getUser, getWSAttrByMapName, getWSAttrByMapName, getWSAttrFromMap, handleActionResult, handleJavascriptActionResult, isAccountAttributeSecret, isExcludedAccount, isExcludedAccount, isFeatureEnabled, isSupported, isTestMode, listAllObjects, listObjects, listObjectsOfType, lookupAction, lookupAction, lookupActions, objectClassesMatchType, println, realCreate, realDelete, realDisable, realEnable, realUpdate, restoreResourceObjectClassAttr, run, runResourceAttributeJavascriptAction, setCache, setContext, setDisabled, setFromResource, setResource, setResourceObjectClassAttr, setResourceOptionAttrs, startConnection, startConnectionWrapper, stopConnection, supportsAccountActions, supportsActions, supportsCaseInsensitiveAccountIds, supportsContainerObjectTypes, supportsResourceAccount, testConfiguration, updateAccount, updateResourceAccount, updateResourceIdentity, vmStoreBoot, vmStoreGet, vmStoreInit, vmStoreLatch, vmStorePut
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

RA_NDSTREE

public static final java.lang.String RA_NDSTREE
See Also:
Constant Field Values

RA_BASE_CTX

public static final java.lang.String RA_BASE_CTX
See Also:
Constant Field Values

RA_USERDN

public static final java.lang.String RA_USERDN
See Also:
Constant Field Values

RA_PASSWORD

public static final java.lang.String RA_PASSWORD
See Also:
Constant Field Values

RA_OBJCLASS

public static final java.lang.String RA_OBJCLASS
See Also:
Constant Field Values

RA_WSNAME

public static final java.lang.String RA_WSNAME
See Also:
Constant Field Values

RA_TEMPLATE

public static final java.lang.String RA_TEMPLATE
See Also:
Constant Field Values

RA_TEMPLATE_HOMEDIR_ATTR

public static final java.lang.String RA_TEMPLATE_HOMEDIR_ATTR
See Also:
Constant Field Values

RA_MODIFICATION_TIMESTAMP_ATTR

public static final java.lang.String RA_MODIFICATION_TIMESTAMP_ATTR
See Also:
Constant Field Values

RA_MODIFICATION_TIMESTAMP_FILTER

public static final java.lang.String RA_MODIFICATION_TIMESTAMP_FILTER
See Also:
Constant Field Values

RA_GW_DOMAINDN

public static final java.lang.String RA_GW_DOMAINDN
See Also:
Constant Field Values

RA_GW_PO_DELETE_PATTERN

public static final java.lang.String RA_GW_PO_DELETE_PATTERN
See Also:
Constant Field Values

OPT_SEARCH_FILTER

public static final java.lang.String OPT_SEARCH_FILTER
See Also:
Constant Field Values

OPT_SEARCH_ATTRS

public static final java.lang.String OPT_SEARCH_ATTRS
See Also:
Constant Field Values

OPT_SEARCH_SCOPE

public static final java.lang.String OPT_SEARCH_SCOPE
See Also:
Constant Field Values

OPT_RUNAS_USER

public static final java.lang.String OPT_RUNAS_USER
See Also:
Constant Field Values

OPT_RUNAS_PASSWORD

public static final java.lang.String OPT_RUNAS_PASSWORD
See Also:
Constant Field Values
Constructor Detail

NDSResourceAdapter

public NDSResourceAdapter(Resource res,
                          ObjectCache cache)

NDSResourceAdapter

public NDSResourceAdapter()
Method Detail

staticCreatePrototypeResource

public static Resource staticCreatePrototypeResource()
                                              throws WavesetException
Throws:
WavesetException

createPrototypeResource

public Resource createPrototypeResource()
                                 throws WavesetException
Specified by:
createPrototypeResource in interface ResourceAdapter
Specified by:
createPrototypeResource in class AgentResourceAdapter
Throws:
WavesetException

supportsExcludedAccounts

public boolean supportsExcludedAccounts()
Specified by:
supportsExcludedAccounts in interface ResourceAdapter
Overrides:
supportsExcludedAccounts in class ResourceAdapterBase

getLoginAttrName

protected java.lang.String getLoginAttrName(java.lang.String key)
Get the attribute name to use for the login info key that is passed in. This basically maps login info keys to attribute names that will be used by the resource.

Overrides:
getLoginAttrName in class AgentResourceAdapter

getFeatures

public GenericObject getFeatures()
Description copied from class: AgentResourceAdapter
Expose features supported by the Resource Adapter. Note: ActiveSync is considered a facet, not a feature.

Specified by:
getFeatures in interface ResourceAdapter
Overrides:
getFeatures in class AgentResourceAdapter
Returns:
GenericObject containing Features, as both key and value, which are supported by this resource adapter.
See Also:
ResourceAdapter.Features

namesEqual

public boolean namesEqual(java.lang.String name1,
                          java.lang.String name2)
This method will return true if name1 equals name2. It overrides the default implementation which does a straight string compare, since we know we will be comparing two dn names.

We will normalize the names before checking for equality. Normalization will be done using an implementation of RFC2253 which specifies the standard for the string representation of distinguished names handling issue such as capitalization, component ordering, special characters, internationalized characters, trimming spaces, etc.

Specified by:
namesEqual in interface ResourceAdapter
Overrides:
namesEqual in class ResourceAdapterBase

supportsScanning

public boolean supportsScanning()
Specified by:
supportsScanning in interface ResourceAdapter
Overrides:
supportsScanning in class ResourceAdapterBase

getAccountIterator

public AccountIterator getAccountIterator()
                                   throws WavesetException
Description copied from class: AgentResourceAdapter
Default implementation just gets all the users and holds them in an array. May (should) be overriden by the subclass.

Specified by:
getAccountIterator in interface ResourceAdapter
Overrides:
getAccountIterator in class AgentResourceAdapter
Throws:
WavesetException

getAccountIterator

public AccountIterator getAccountIterator(java.util.Map params)
                                   throws WavesetException
Description copied from class: AgentResourceAdapter
Alternate interface to pass in a map of name/value pairs to control the search.

Specified by:
getAccountIterator in interface ResourceAdapter
Overrides:
getAccountIterator in class AgentResourceAdapter
Throws:
WavesetException

supportsAccountDisable

public boolean supportsAccountDisable()
Return true if this resource supports some form of native account disable. When this is true, the provisoining engine will expect a real implementation of the disableAccount and enableAccount methods.

Specified by:
supportsAccountDisable in interface ResourceAdapter
Overrides:
supportsAccountDisable in class ResourceAdapterBase

listObjects

public java.util.List listObjects(java.lang.String objectType,
                                  java.util.Map options)
                           throws WavesetException
Returns a list of objects matching the requested objectType and options

Specified by:
listObjects in interface ResourceAdapter
Overrides:
listObjects in class AgentResourceAdapter
Parameters:
objectType - - the name of a valid object class for this specified "resId".
options - - several options can be specified which control the behavior of the search. They include:
    "searchContext" - the value of this option determines within what context to perform search (ResourceAdapter.RA_SEARCH_CONTEXT). If not specified, will attempt to get a value from RA_BASE_CONTEXT. If no value, will assume search should be done from logical top.
  1. "searchFilter" - optional specification, in LDAP search filter format as specified in RFC 1558, of one or more object tuples either and'ed or or'ed together. If not specified, a filter will be constructed using the specified objectType. (ResourceAdapter.SEARCH_FILTER).
  2. "searchScope" - specifies whether the search should be done on the current object, only within the context of the specified "searchContext", or in all subcontext within the specified "searchContext" (ResourceAdapter.RA_SEARCH_SCOPE). Valid values are "object", "oneLevel", or "subTree" indicates that the search should be performed on all sub contexts within the specified "searchContext".
  3. "searchTimeLimit" - the timelimit in milliseconds a search should not exceed (ResourceAdapter.RA_SEARCH_TIME_LIMIT).
  4. "searchAttrsToGet" - the list of objectType specific attribute names to get per object
  5. "runAsUser" - user name this request is to be run as. If not specified, defaults to resource proxy admin user.
  6. "runAsPassword" - password of runAsUser. Required to authenticate with resource in order to run the list request as the specified user
Throws:
WavesetException

getBaseContextAttrName

public java.lang.String getBaseContextAttrName()
                                        throws WavesetException
Returns the name, if any, of the attribute used by the resource as the base context or the context to which all operations is bound

Specified by:
getBaseContextAttrName in interface ResourceAdapter
Overrides:
getBaseContextAttrName in class ResourceAdapterBase
Returns:
the name, if any, of the attribute used by the resource as the base context or the context to which all operations is bound
Throws:
WavesetException

init

public void init()
          throws java.lang.Exception
Description copied from interface: ActiveSync
initialize yourself. throw exception if initialization failed

Specified by:
init in interface ActiveSync
Throws:
java.lang.Exception

shutdown

public void shutdown()
Description copied from interface: ActiveSync
shutdown

Specified by:
shutdown in interface ActiveSync

getAttributeValue

public java.lang.Object getAttributeValue(java.lang.String name)
                                   throws java.lang.Exception
Description copied from interface: ActiveSync
Get or set an attribute value for the ActiveSync. Setting an attribute value only changes the in-memory copy of the attribute, not the persistent value. Set is typically only used for status or scheduling updates.

Specified by:
getAttributeValue in interface ActiveSync
Throws:
java.lang.Exception

setAttributeValue

public void setAttributeValue(java.lang.String name,
                              java.lang.Object value)
                       throws java.lang.Exception
Specified by:
setAttributeValue in interface ActiveSync
Throws:
java.lang.Exception

callCompleted

public void callCompleted(com.waveset.adapter.iapi.IAPI call)

poll

public int poll()
         throws java.lang.InterruptedException
Description copied from interface: ActiveSync
The poll method. Called at a configurable interval, this
  1. polls the remote resource for changes,
  2. converts them to IAPI calls, and
  3. posts them back to the server.

Specified by:
poll in interface ActiveSync
Returns:
0 if no work done, n if n calls processed.
Throws:
java.lang.InterruptedException

processUpdates

protected int processUpdates(java.util.List list,
                             com.waveset.adapter.iapi.IAPI prox)
                      throws WavesetException,
                             com.waveset.adapter.iapi.IAPIException
Take a list of Maps that are rows of the audit data and turn them into IAPI calls. Since the list is sorted save the modification time so we do re-process rows if interrupted.

Throws:
WavesetException
com.waveset.adapter.iapi.IAPIException

buildEvent

protected com.waveset.adapter.iapi.IAPI buildEvent(com.waveset.adapter.NDSResourceAdapter.UpdateRow row)
                                            throws WavesetException,
                                                   com.waveset.adapter.iapi.IAPIException
Deprecated. As of IdM 5.5.

Extract the user identity information and attributes, create an IAPIUser object to update Lighthouse, and return it.

Parameters:
row - Data to build an event from. @see UpdateRow
Returns:
An IAPI object ready for submit(). Return null if this event should be dropped.
Throws:
WavesetException
com.waveset.adapter.iapi.IAPIException

logUpdate

protected void logUpdate(int level,
                         com.waveset.adapter.NDSResourceAdapter.UpdateRow update,
                         WavesetResult result)
Log whatever we want to from an update.


authenticate

public WavesetResult authenticate(java.util.HashMap loginInfo)
                           throws WavesetException
Description copied from interface: ResourceAdapter
Authenticates the user against the resource. If authentication is successful, the authenticated id will be returned. If more info is required to complete authentication the result will contain the required info

Specified by:
authenticate in interface ResourceAdapter
Overrides:
authenticate in class AgentResourceAdapter
Throws:
WavesetException