Package com.sun.identity.sm

Class OrganizationConfigManager

java.lang.Object
com.sun.identity.sm.OrganizationConfigManager
@SupportedAll public class OrganizationConfigManager extends Object
The class OrganizationConfigManager provides interfaces to manage an organization's configuration data. It provides interfaces to create and delete organizations, service attributes for organizations and service configuration parameters.

The organization configuration can be managed in a hierarchical manner, and a forward slash "/" will be used to separate the name hierarchy. Hence the root of the organization hierarchy will be represented by a single forward slash "/", and sub-organizations will be separated by "/". For example "/a/b/c" would represent a "c" sub-organization within "b" which would be a sub-organization of "a".

  • Field Details

  • Constructor Details

    • OrganizationConfigManager

      @Inject public OrganizationConfigManager(SSOToken token, String orgName) throws SMSException
      Constructor to obtain an instance of OrganizationConfigManager for an organization by providing an authenticated identity of the user. The organization name would be "/" seperated to represent organization hierarchy.
      Parameters:
      token - single sign on token of authenticated user identity.
      orgName - name of the organization. The value of null or "/" would represent the root organization.
      Throws:
      SMSException - if an error has occurred while getting the instance of OrganizationConfigManager .

  • Method Details

    • getOrganizationName

      public String getOrganizationName()
      Returns the fully qualified name of the organization from the root
      Returns:
      the name of the organization

    • getConfiguredServices

      @Deprecated public Set<String> getConfiguredServices() throws SMSException
      Deprecated.
      This method has been deprecated, use getAssignedServices() instead.
      Returns the services configured for the organization.
      Returns:
      service names configured for the organization.
      Throws:
      SMSException - if there is an error accessing the data store to read the configured services.

    • getServiceSchemas

      public Set<ServiceSchema> getServiceSchemas() throws SMSException
      Returns a set of service schemas to be used for creation of an organization. The service schemas contain a list of attributes and their schema, and will be provided as ServiceSchema.
      Returns:
      Set of ServiceSchema to be used for creation of an organization.
      Throws:
      SMSException - if there is an error accessing the data store to read the service schemas.

    • createSubOrganization

      public OrganizationConfigManager createSubOrganization(String subOrgName, Map<String,?> attributes) throws SMSException
      Creates a sub-organization under the current organization and sets the specified attributes. The sub-organization created can be only one level below the current organization. For multiple levels this method must be called recursively with the corresponding OrganizationConfigManager . The organization name must not have forward slash ("/"). For eg., the actual organization name 'iplanet' cannot be 'iplan/et' because we are using '/' as the seperator here. The attributes for the organization can be null; else would contain service name as the key and another Map as the value that would contain the key-values pair for the services.
      Parameters:
      subOrgName - the name of the sub-organization.
      attributes - Map of attributes for the organization per service. The parameter Map attributes contains another Map as its value, which then has attribute names and values. The way it is arranged is: Map::attributes --> Key: String::ServiceName Value: Map::svcAttributes Map::svcAttributes --> Key: String::AttributeName Value: Set::AttributeValues
      Returns:
      organization config manager of the newly created sub-organization.
      Throws:
      SMSException - if creation of sub-organization failed, or if creation of sub-organization is attempted when configuration is not migrated to realms.

    • createSubOrganization

      public OrganizationConfigManager createSubOrganization(String subOrgName, org.forgerock.openam.services.datastore.DataStoreId dataStoreId) throws SMSException

      Creates a sub-organization under the current organization, without any child entries. The sub-organization created can only be one level below the current organization. For multiple levels, this method must be called recursively with the corresponding OrganizationConfigManager.

      The organization name must not contain a forward slash ("/") because this character is used as a separator, e.g. "abc/def" means "def" is a sub-realm of "abc".

      Parameters:
      subOrgName - the name of the sub-organization.
      dataStoreId - the data store ID within which to create the sub-organization.
      Returns:
      the OrganizationConfigManager of the newly created sub-organization.
      Throws:
      SMSException - if the creation of the sub-organization failed or is attempted when configuration is not migrated to realms.

    • validateOrgAliasCollision

      public void validateOrgAliasCollision(Collection<String> aliases) throws SMSException
      Checks org alias name for collisions
      Parameters:
      aliases - The realms aliases
      Throws:
      SMSException - if org alias collision is found

    • getSubOrganizationNames

      public Set<String> getSubOrganizationNames() throws SMSException
      Returns the names of all sub-organizations.
      Returns:
      set of names of all sub-organizations.
      Throws:
      SMSException - if there is an error accessing the data store to read the sub-organization names.

    • getPeerOrganizationNames

      public Set<String> getPeerOrganizationNames() throws SMSException
      Returns the names of all peer-organizations.
      Returns:
      set of names of all peer-organizations.
      Throws:
      SMSException - if there is an error accessing the data store to read the peer-organization names.

    • getSubOrganizationNames

      public Set<String> getSubOrganizationNames(String pattern, boolean recursive) throws SMSException
      Returns names of sub-organizations matching the given pattern. If the parameter recursive is set to true, search will be performed for the entire sub-tree. The pattern can contain "*" as the wildcard to represent zero or more characters.
      Parameters:
      pattern - pattern that will be used for searching, where "*" will be the wildcard.
      recursive - if set to true the entire sub-tree will be searched for the organization names.
      Returns:
      names of sub-organizations matching the pattern.
      Throws:
      SMSException - if there is an error accessing the data store to read the sub-organization names.

    • getSubOrganizationNames

      public Set<String> getSubOrganizationNames(String pattern, boolean recursive, org.forgerock.openam.services.datastore.DataStoreId dataStoreId) throws SMSException
      Returns names of sub-organizations matching the given pattern. If the parameter recursive is set to true, search will be performed for the entire sub-tree. The pattern can contain "*" as the wildcard to represent zero or more characters.
      Parameters:
      pattern - pattern that will be used for searching, where "*" will be the wildcard.
      recursive - if set to true the entire sub-tree will be searched for the organization names.
      dataStoreId - the ID for the data store within which to search.
      Returns:
      names of sub-organizations matching the pattern.
      Throws:
      SMSException - if there is an error accessing the data store to read the sub-organization names.

    • deleteSubOrganization

      public void deleteSubOrganization(String subOrgName, boolean recursive) throws SMSException
      Deletes the given sub-organization. If the parameter recursive is set to true, then the suborganization and the sub-tree will be deleted. If the parameter recursive is set to false then the sub-organization shall be deleted provided it is the leaf node. If there are entries beneath the sub-organization and if the parameter recursive is set to false, then an exception is thrown that this sub-organization cannot be deleted.
      Parameters:
      subOrgName - sub-organization name to be deleted.
      recursive - if set to true the entire sub-tree will be deleted.
      Throws:
      SMSException - if the sub-organization name cannot be found, or if there are entries beneath the sub-organization and if the parameter recursive is set to false.

    • getSubOrgConfigManager

      public OrganizationConfigManager getSubOrgConfigManager(String subOrgName) throws SMSException
      Returns the OrganizationConfigManager for the given organization name.
      Parameters:
      subOrgName - the name of the organization.
      Returns:
      the configuration manager for the given organization.
      Throws:
      SMSException - if the organization name cannot be found or user doesn't have access to that organization.

    • getAttributes

      public Map<String,Set<String>> getAttributes(String serviceName) throws SMSException
      Returns the organization creation attributes for the service.
      Parameters:
      serviceName - name of the service.
      Returns:
      map of organization creation attribute values for service
      Throws:
      SMSException - if there is an error accessing the data store to read the attributes of the service.

    • addAttributeValues

      public void addAttributeValues(String serviceName, String attrName, Set<String> values) throws SMSException
      Adds organization attributes for the service. If the attribute already exists, the values will be appended to it, provided it is a multi-valued attribute. It will throw exception if we try to add a value to an attribute which has the same value already.
      Parameters:
      serviceName - name of the service.
      attrName - name of the attribute.
      values - values for the attribute.
      Throws:
      SMSException - if we try to add a value to an attribute which has the same value already.

    • setAttributes

      public void setAttributes(String serviceName, Map<String,Set<String>> attributes) throws SMSException
      Sets/Creates organization attributes for the service. If the attributes already exists, the given attribute values will replace them.
      Parameters:
      serviceName - name of the service.
      attributes - attribute-values pairs.
      Throws:
      SMSException - if the serviceName cannot be found.

    • removeAttribute

      public void removeAttribute(String serviceName, String attrName) throws SMSException
      Removes the given organization creation attribute for the service.
      Parameters:
      serviceName - name of service.
      attrName - name of attribute.
      Throws:
      SMSException - if the organization attribute for the service to be removed cannot be found, or if the service name cannot be found.

    • removeAttributeValues

      public void removeAttributeValues(String serviceName, String attrName, Set<String> values) throws SMSException
      Removes the given organization creation attribute values for the service.
      Parameters:
      serviceName - name of service.
      attrName - name of attribute.
      values - attribute values to be removed.
      Throws:
      SMSException - if the organization attribute for the service to be removed cannot be found, or if the service name cannot be found, or if the value cannot be removed.

    • getServiceConfig

      public ServiceConfig getServiceConfig(String serviceName) throws SMSException
      Returns the service configuration object for the given service name.
      Parameters:
      serviceName - name of a service.
      Returns:
      service configuration object for the service.
      Throws:
      SMSException - if there is an error accessing the data store to read the service configuration, or if the service name cannot be found.

    • addServiceConfig

      public ServiceConfig addServiceConfig(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attributes) throws SMSException
      Adds a service configuration object for the given service name for this organization. If the service has been already added a SMSException will be thrown.
      Parameters:
      serviceName - name of the service.
      attributes - service configuration attributes.
      Returns:
      service configuration object.
      Throws:
      SMSException - if the service configuration has been added already.

    • removeServiceConfig

      public void removeServiceConfig(String serviceName) throws SMSException
      Removes the service configuration object for the given service name for this organization.
      Parameters:
      serviceName - name of the service.
      Throws:
      SMSException - if the service name cannot be found, or not added to the organization.

    • addListener

      @Deprecated public String addListener(ServiceListener listener)
      Deprecated.
      Use ServiceConfigManager.addListener(ServiceListener) instead.
      Registers for changes to organization's configuration. The object will be called when configuration for this organization is changed.
      Parameters:
      listener - callback object that will be invoked when organization configuration has changed
      Returns:
      an ID of the registered listener.

    • removeListener

      @Deprecated public void removeListener(String listenerID)
      Deprecated.
      Use ServiceConfigManager.removeListener(String) instead.
      Removes the listener from the organization for the given listener ID. The ID was issued when the listener was registered.
      Parameters:
      listenerID - the listener ID issued when the listener was registered

    • getAssignableServices

      public Set<String> getAssignableServices() throws SMSException
      Returns a set of service names that can be assigned to a realm. This set excludes name of services that are already assigned to the realm and services that are required for the existence of a realm.
      Returns:
      a set of service names that can be assigned to a realm.
      Throws:
      SMSException - if there is an error accessing the data store to read the service configuration

    • getAssignedServices

      public Set<String> getAssignedServices() throws SMSException
      Returns a set of service names that are assigned to a realm.
      Returns:
      a set of service names that are assigned to a realm.
      Throws:
      SMSException - if there is an error accessing the data store to read the service configuration

    • getAssignedServices

      public Set<String> getAssignedServices(boolean includeMandatory) throws SMSException
      Returns a set of service names that are assigned to a realm.
      Parameters:
      includeMandatory - true to include mandatory service names.
      Returns:
      a set of service names that are assigned to a realm.
      Throws:
      SMSException - if there is an error accessing the data store to read the service configuration

    • assignService

      public void assignService(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attributes) throws SMSException
      Assigns the given service to the orgnization with the respective attributes. If the service has been already added a SMSException will be thrown.
      Parameters:
      serviceName - name of the service
      attributes - service configuration attributes
      Throws:
      SMSException - if the service configuration has been added already.

    • getServiceAttributes

      public Map<String,Set<String>> getServiceAttributes(String serviceName) throws SMSException
      Returns attributes configured for the service.
      Parameters:
      serviceName - name of the service
      Returns:
      a map of attributes for the service
      Throws:
      SMSException - if there is an error accessing the data store to read the service configuration, or if the service name cannot be found.

    • unassignService

      public void unassignService(String serviceName) throws SMSException
      Unassigns the service from the organization.
      Parameters:
      serviceName - name of the service
      Throws:
      SMSException - if the service name cannot be found or assigned, or if the service is a mandatory service.

    • modifyService

      public void modifyService(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attributes) throws SMSException
      Sets the attributes related to provided service. The assumption is that the service is already assigned to the organization. The attributes for the service are validated against the service schema.
      Parameters:
      serviceName - name of the service
      attributes - attributes of the service
      Throws:
      SMSException - if the service name cannot be found or not assigned to the organization.

    • getParentOrgConfigManager

      public OrganizationConfigManager getParentOrgConfigManager() throws SMSException
      Returns the OrganizationConfigManager of the parent for the given organization name.
      Returns:
      the configuration manager of the parent for the given organization.
      Throws:
      SMSException - if user doesn't have access to that organization.

    • loadDefaultServices

      public static void loadDefaultServices(OrganizationConfigManager ocm) throws SMSException
      Loads default services to a newly created realm
      Throws:
      SMSException