Class AMIdentity
- All Implemented Interfaces:
Identity
AMIdentity
objects by using
AMIdentityRepository
interfaces. For example:
AMIdentityRepository idrepo = new AMIdentityRepository(org); AMIdentity id = idrepo.getRealmIdentity();
The id
returned above is the AMIdentity object of the user's
single sign-on token passed above. The results obtained from search performed
using AMIdentityRepository also return AMIdentity objects. The type of an
object can be determined by doing the following:
IdType type = identity.getType();
The name of an object can be determined by:
String name = identity.getName();
-
Constructor Summary
ConstructorDescriptionAMIdentity
(SSOToken token) Constructs a newAMIdentity
instance from the passed token.AMIdentity
(SSOToken token, String universalId) Constructs a newAMIdentity
instance from the passed universal ID. -
Method Summary
Modifier and TypeMethodDescriptionvoid
addMember
(AMIdentity identity) Adds the passed identity as a member of this identity.void
addMembers
(Set<AMIdentity> identities) Adds the passed identities as members of this identity.void
assignService
(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attributes) Assigns the service and service related attributes to the identity.void
changePassword
(String oldPassword, String newPassword) Changes password for the identity.boolean
Returns all services which can be assigned to this entity.Returns the set of services already assigned to this identity.getAttribute
(String attrName) Returns the values of the requested attribute.Returns all attributes and values of this identity.getAttributes
(Set<String> attrNames) Returns requested attributes and values of this object.getBinaryAttributes
(Set attrNames) Returns requested attributes and values of this object.getMembers
(IdType mtype) Return all members of a given identity type of this identity as a Set of AMIdentity objects.getMemberships
(IdType mtype) Returns the set of identities that this identity belongs to.getName()
Returns the name of the identity.getRealm()
Returns the realm for this identity.getServiceAttributes
(String serviceName) Returns attributes related to a service, if the service is assigned to the identity.getServiceAttributesAscending
(String serviceName) Returns attributes related to a service, if the service is assigned to the identity.getType()
Returns the Type of the Identity.Returns the universal identifier of this object.boolean
isActive()
If there is a status attribute configured, then verifies if the identity is active and returns true.boolean
isExists()
This method determines if the identity exists and returns true or false.boolean
isMember
(UniversalId universalId) Verifies if this identity is a member of the identity being passed.void
modifyService
(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attrMap) Set attributes related to a specific service.void
removeAttributes
(Set<String> attrNames) Removes the attributes from the identity entry.void
removeMember
(AMIdentity identity) Removes the passed identity as a member of this identity.void
removeMembers
(Set<AMIdentity> identities) Removes the passed identities as members of this identity.void
removeServiceAttributes
(String serviceName, Set<String> attrNames) Removes attributes value related to a specific service by setting it to empty.void
setActiveStatus
(boolean active) If there is a status attribute configured, then set its status to true or activated state if the parameter active is true.void
setAttributes
(Map attrMap) Sets the values of attributes.void
setBinaryAttributes
(Map attrMap) Set the values of binary attributes.void
store()
Stores the attributes of the object.void
unassignService
(String serviceName) Removes a service from the identity.Methods inherited from class org.forgerock.am.identity.domain.UniversalId
hashCode, isUniversalIdOrSpecialUserDn, of, of, of, of, toString
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.forgerock.am.identity.domain.Identity
getNamingAttributeValue
-
Constructor Details
-
AMIdentity
Constructs a newAMIdentity
instance from the passed token.- Parameters:
token
- non-null token from which to create an identity instance- Throws:
SSOException
- should an error occur handling the tokenIdRepoException
- should an identity repo error occur
-
AMIdentity
Constructs a newAMIdentity
instance from the passed universal ID.- Parameters:
token
- token used to authenticate the use of any service callsuniversalId
- the universal ID from which to create an identity instance- Throws:
IdRepoException
- should an identity repo error occur
-
-
Method Details
-
getName
Returns the name of the identity.- Overrides:
getName
in classUniversalId
- Returns:
- Name of the identity
-
getType
Returns the Type of the Identity.- Overrides:
getType
in classUniversalId
- Returns:
IdType
representing the type of this object.
-
getRealm
Returns the realm for this identity.- Returns:
- String representing realm name.
-
getUniversalId
Returns the universal identifier of this object.- Overrides:
getUniversalId
in classUniversalId
- Returns:
- String representing the universal identifier of this object.
-
isActive
If there is a status attribute configured, then verifies if the identity is active and returns true. This method is only valid for AMIdentity objects of type User and Agent.- Returns:
- true if the identity is active or if it is not configured for a status attribute, false otherwise.
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
setActiveStatus
If there is a status attribute configured, then set its status to true or activated state if the parameter active is true. This method is only valid for AMIdentity objects of type User and Agent.- Parameters:
active
- The state value to assign to status attribute. The actual value assigned to the status attribute will depend on what is configured for that particular plugin. If active is true, the status will be assigned the value corresponding to activated.- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getAttributes
Returns all attributes and values of this identity. This method is only valid for AMIdentity objects of type User, Agent, Group, and Role.- Specified by:
getAttributes
in interfaceIdentity
- Returns:
- Map of attribute-values
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getAttributes
Returns requested attributes and values of this object.This method is only valid for AMIdentity object of type User, Agent, Group, and Role.
- Specified by:
getAttributes
in interfaceIdentity
- Parameters:
attrNames
- Set of attribute names to be read- Returns:
- Map of attribute-values.
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getBinaryAttributes
Returns requested attributes and values of this object.This method is only valid for AMIdentity objects of type User, Agent, Group, and Role.
- Parameters:
attrNames
- Set of attribute names to be read- Returns:
- Map of attribute-values.
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getAttribute
Returns the values of the requested attribute. Returns an empty set, if the attribute is not set in the object.This method is only valid for AMIdentity objects of type User, Agent, Group, and Role.
- Specified by:
getAttribute
in interfaceIdentity
- Parameters:
attrName
- Name of attribute- Returns:
- Set of attribute values.
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
setAttributes
Sets the values of attributes. This method should be followed by the method "store" to commit the changes to the Repository. This method is only valid forAMIdentity
objects of type User and Agent.- Parameters:
attrMap
- is a map of attribute name(String)
to aSet
of attribute values(String)
. It is arranged as: Map::attrMap --> Key: String::AttributeName Value: Set::AttributeValues (Set of String)- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
changePassword
@Supported public void changePassword(String oldPassword, String newPassword) throws IdRepoException, SSOException Changes password for the identity.- Parameters:
oldPassword
- old passwordnewPassword
- new password- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
setBinaryAttributes
Set the values of binary attributes. This method should be followed by the method "store" to commit the changes to the RepositoryThis method is only valid for AMIdentity objects of type User and Agent.
- Parameters:
attrMap
- Map of attribute-values to be set in the repository or repositories (if multiple plugins are configured for "edit").- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
removeAttributes
Removes the attributes from the identity entry. This method should be followed by a "store" to commit the changes to the Repository.This method is only valid for AMIdentity objects of type User and Agent.
- Parameters:
attrNames
- Set of attribute names to be removed- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If the user's single sign on token is invalid
-
store
Stores the attributes of the object.This method is only valid for AMIdentity objects of type User and Agent.
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getAssignedServices
Returns the set of services already assigned to this identity.This method is only valid for AMIdentity object of type User.
- Returns:
- Set of serviceNames
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getAssignableServices
Returns all services which can be assigned to this entity.This method is only valid for AMIdentity object of type User.
- Returns:
- Set of service names
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
assignService
@Supported public void assignService(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attributes) throws IdRepoException, SSOException Assigns the service and service related attributes to the identity.This method is only valid for AMIdentity object of type User.
- Parameters:
serviceName
- Name of service to be assigned.attributes
- Map of attribute-values- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
unassignService
Removes a service from the identity.This method is only valid for AMIdentity object of type User.
- Parameters:
serviceName
- Name of service to be removed.- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getServiceAttributes
@Supported public Map<String,Set<String>> getServiceAttributes(String serviceName) throws IdRepoException, SSOException Returns attributes related to a service, if the service is assigned to the identity.This method is only valid for AMIdentity object of type User.
- Parameters:
serviceName
- Name of the service.- Returns:
- Map of attribute-values.
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
getServiceAttributesAscending
@Supported public Map getServiceAttributesAscending(String serviceName) throws IdRepoException, SSOException Returns attributes related to a service, if the service is assigned to the identity.This method is only valid for AMIdentity object of type User.
- Parameters:
serviceName
- Name of the service.- Returns:
- Map of attribute-values.
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
modifyService
@Supported public void modifyService(String serviceName, org.forgerock.openam.sm.ConfigurationAttributes attrMap) throws IdRepoException, SSOException Set attributes related to a specific service. The assumption is that the service is already assigned to the identity. The attributes for the service are validated against the service schema.This method is only valid for AMIdentity object of type User.
- Parameters:
serviceName
- Name of the service.attrMap
- Map of attribute-values.- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
removeServiceAttributes
@Supported public void removeServiceAttributes(String serviceName, Set<String> attrNames) throws IdRepoException, SSOException Removes attributes value related to a specific service by setting it to empty. The assumption is that the service is already assigned to the identity. The attributes for the service are validated against the service schema.This method is only valid for
AMIdentity
object of type User.- Parameters:
serviceName
- Name of the service.attrNames
- Set of attributes name.- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
isMember
Verifies if this identity is a member of the identity being passed.This method is only valid for AMIdentity objects of type Role, Group and User.
- Parameters:
universalId
-AMIdentity
to check membership with- Returns:
- true if this Identity is a member of the given Identity
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
addMember
Adds the passed identity as a member of this identity.- Parameters:
identity
- the identity to be added- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
addMembers
Adds the passed identities as members of this identity.- Parameters:
identities
- the identities to be added- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
removeMember
Removes the passed identity as a member of this identity.- Parameters:
identity
- the identity to be removed- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
removeMembers
@Supported public void removeMembers(Set<AMIdentity> identities) throws IdRepoException, SSOException Removes the passed identities as members of this identity.- Parameters:
identities
- the identities to be removed- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
getMembers
Return all members of a given identity type of this identity as a Set of AMIdentity objects.This method is only valid for AMIdentity objects of type Group and User.
- Parameters:
mtype
- Type of identity objects- Returns:
- Set of AMIdentity objects that are members of this object.
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
getMemberships
Returns the set of identities that this identity belongs to.This method is only valid for AMIdentity objects of type User and Role.
- Parameters:
mtype
- Type of member identity.- Returns:
- Set of AMIdentity objects of the given type that this identity belongs to.
- Throws:
IdRepoException
- if there are repository related error conditions.SSOException
- if user's single sign on token is invalid.
-
isExists
This method determines if the identity exists and returns true or false.This method is only valid for AMIdentity objects of type User and Agent.
- Specified by:
isExists
in interfaceIdentity
- Returns:
- true if the identity exists or false otherwise.
- Throws:
IdRepoException
- If there are repository related error conditions.SSOException
- If user's single sign on token is invalid.
-
equals
- Overrides:
equals
in classUniversalId
-