com.novell.nidp.common.authority.ldap.jndi
Class LDAPStorePlugin

java.lang.Object
  com.novell.nidp.common.authority.ldap.jndi.LDAPStorePlugin

public abstract class LDAPStorePlugin
extends java.lang.Object

Constructor Summary

LDAPStorePlugin()

Method Summary

abstract java.lang.String	getDirectoryName() Returns the descriptive display name of this directory type.
abstract java.lang.String	getGUIDAttributeName() Returns the schema name of the Globally Unique Identifier attribute for this directory type.
abstract java.lang.String	getMemberAttributeName() Returns the schema name of the Group Member attribute for this directory type.
abstract java.lang.String	getUserClassName() Returns the schema name of the User class for this directory type.
abstract java.lang.String	getUserNamingAttrName() Returns the schema name of the naming attribute of the User class for this directory type.
void	onCreateConnection(java.util.Hashtable environment) Called just before a new JNDI LDAP connection is created.
void	onCreateConnectionException(javax.naming.AuthenticationException ae) Allows customized handling of exceptions thrown during the create JNDI LDAP connection attempt.
void	onCreateConnectionException(javax.naming.OperationNotSupportedException onse) Allows customized handling of exceptions thrown during the create JNDI LDAP connection attempt.
java.util.Hashtable	postUserAccountCreation(java.lang.String strCorrelationId, java.lang.String name, java.lang.String password, java.lang.String context) Some directory types require that attributes be set on the object after it has been created.
abstract javax.naming.directory.Attributes	preUserAccountCreation(java.lang.String strCorrelationId, java.lang.String name, java.lang.String password, java.lang.String context) The plug-in must provide all of the attributes required to create a user object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LDAPStorePlugin

public LDAPStorePlugin()

Method Detail

getDirectoryName

public abstract java.lang.String getDirectoryName()

Returns the descriptive display name of this directory type. For example, for eDirectory, this method might return "Novell eDirectory".

Returns:

The descriptive display name of this directory type.

getGUIDAttributeName

public abstract java.lang.String getGUIDAttributeName()

Returns the schema name of the Globally Unique Identifier attribute for this directory type. For example, for eDirectory, this method might return "GUID".

Returns:

The schema name of the Globally Unique Identifier attribute.

getMemberAttributeName

public abstract java.lang.String getMemberAttributeName()

Returns the schema name of the Group Member attribute for this directory type. For example, for eDirectory, this method might return "member".

Returns:

The schema name of the Globally Unique Identifier attribute.

getUserClassName

public abstract java.lang.String getUserClassName()

Returns the schema name of the User class for this directory type. For example, for eDirectory, this method might return "User".

Returns:

The schema name of the User class.

getUserNamingAttrName

public abstract java.lang.String getUserNamingAttrName()

Returns the schema name of the naming attribute of the User class for this directory type. For example, for eDirectory, this method might return "cn".

Returns:

The schema name of the naming attribute of the User class.

onCreateConnection

public void onCreateConnection(java.util.Hashtable environment)

Called just before a new JNDI LDAP connection is created. Allows the plug-in to view, modify, add, remove connection creation parameters to/from the environment. For example, for directory types where following referrals is desired, code like "environment.put(Context.REFERRAL, "follow");" might be implemented here.

Parameters:

environment - the fully-populated set of parameters that will be used to create

preUserAccountCreation

public abstract javax.naming.directory.Attributes preUserAccountCreation(java.lang.String strCorrelationId,
                                                                         java.lang.String name,
                                                                         java.lang.String password,
                                                                         java.lang.String context)

The plug-in must provide all of the attributes required to create a user object. This method is called during user account provisioning. Optional attributes might also be included in the attribute set.

This method is called by NIDP just before calling the method:

javax.naming.directory.DirContext.createSubcontext(String name, Attributes attrs) throws NamingException

The Attributes object returned from this method is the same object that NIDP will pass to the above referenced call.

Calls to preUserAccountCreation() and postUserAccountCreation() might be matched up using the strCorrelationId parameter.

Parameters:

strCorrelationId - A random unique string used to correlate pre and post account creation method calls.

name - The user account name that will be used to create the new user account.

password - The user account password that will be used to create the new user account.

context - The full directory context where the new user account will be created.

Returns:

An javax.naming.directory.Attributes object containing all of the attributes required to create the user account.

postUserAccountCreation

public java.util.Hashtable postUserAccountCreation(java.lang.String strCorrelationId,
                                                   java.lang.String name,
                                                   java.lang.String password,
                                                   java.lang.String context)

Some directory types require that attributes be set on the object after it has been created. Therefore, this method allows the plug-in to provide the attributes to be set on the user object after creation. For example, a directory type might require that the password be set after the user object is created.

This method is called by NIDP just after calling the method:

javax.naming.directory.DirContext.createSubcontext(String name, Attributes attrs) throws NamingException

This method is called by NIDP just before calling the method:

javax.naming.directory.DirContext.modifyAttributes(String name, ModificationItem[] mods) throws NamingException The name value pairs returned in the Hashtable constitute the values that will be used in the mods parameter of the above referenced call. Calls to preUserAccountCreation() and postUserAccountCreation() might be matched up using the strCorrelationId parameter. If the return value from this method is null, then the modifyAttributes method will not be called by NIDP.

Parameters:

strCorrelationId - A random unique string used to correlate pre and post account creation method calls.

name - The user account name that will be used to create the new user account.

password - The user account password that will be used to create the new user account.

context - The full directory context where the new user account will be created.

Returns:

An java.util.Hashtable object containing name value pairs of attributes to be set on the newly created user account.

onCreateConnectionException

public void onCreateConnectionException(javax.naming.AuthenticationException ae)
                                 throws NIDPException

Allows customized handling of exceptions thrown during the create JNDI LDAP connection attempt. Plug-ins might examine the exception and throw out an NIDPException derived exception.

If the plug-in does nothing, the original exception is re-thrown by NIDP.

Several pre-defined exceptions exist which might be thrown by the plug-in implementation. These are enumerated below in the see-also list.

A general implementation of this method might examine the parameter Exception ae, then based on the findings, specific to a given LDAP server, throw out a more detailed or "correct" exception.

Parameters:

ae - The AuthenticationException thrown during JNDI LDAP connection creation.

Throws:

NIDPException - if the plug-in desires to change the Exception.

See Also:

JNDIExceptionCommunication, JNDIExceptionConnectionTimeout, JNDIExceptionDisabledAccount, JNDIExceptionExpiredPassword, JNDIExceptionExpiringPassword, JNDIExceptionIncorrectPassword, JNDIExceptionIntruderDetection, JNDIExceptionLDAPServiceNotAvailable, JNDIExceptionNameNotFound, JNDIExceptionRestrictedAccount

onCreateConnectionException

public void onCreateConnectionException(javax.naming.OperationNotSupportedException onse)
                                 throws NIDPException

Allows customized handling of exceptions thrown during the create JNDI LDAP connection attempt. Plug-ins might examine the exception and throw out an NIDPException derived exception.

If the plug-in does nothing, the original exception is re-thrown by NIDP.

Several pre-defined exceptions exist which might be thrown by the plug-in implementation. These are enumerated below in the see-also list.

A general implementation of this method might examine the parameter Exception ae, then based on the findings, specific to a given LDAP server, throw out a more detailed or "correct" exception.

Parameters:

ae - The OperationNotSupportedException thrown during JNDI LDAP connection creation.

Throws:

NIDPException - if the plug-in desires to change the Exception.

See Also:

JNDIExceptionCommunication, JNDIExceptionConnectionTimeout, JNDIExceptionDisabledAccount, JNDIExceptionExpiredPassword, JNDIExceptionExpiringPassword, JNDIExceptionIncorrectPassword, JNDIExceptionIntruderDetection, JNDIExceptionLDAPServiceNotAvailable, JNDIExceptionNameNotFound, JNDIExceptionRestrictedAccount