Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.lightdev.app.trec.server.sam
Class SAMAdministrator

java.lang.Object
  extended by com.lightdev.app.trec.server.Agent
      extended by com.lightdev.app.trec.server.sam.SAMAdministrator
All Implemented Interfaces:
SAMApplication
public class SAMAdministrator
extends Agent

SAMAdministrator is the class to manage users and roles and to associate users to roles within the Light Development Simple Access Model. SAMAdministrator basically uses methods of a user data store administrator object and adds role information to method names as required by interface SAMApplication. This enables a TREC Server object to automatically apply appropriate authentication and authorization.

When a JDBC user data store supporting transactions is used, SAMAdministrator automatically keeps referential integrity, e.g. when deleting a role, all associations to the deleted role are deleted too.

Version:
2, 23.12.2005
Author:
Ulrich Hilger, Light Development, http://www.lightdev.com, info@lightdev.com, published under the terms and conditions of the BSD License, for details see file license.txt in the distribution package of this software

Field Summary
static String DEFAULT_NAME
           
 
Fields inherited from class com.lightdev.app.trec.server.Agent
communicator
 
Constructor Summary
SAMAdministrator()
          construct a SAMAdministrator
 
Method Summary
 boolean backupSAM(String backupDirectory)
          Make a backup of the SAM data store to a given directory.
 boolean changeRole(byte[] roleBytes)
          change an existing role
 boolean changeUser(byte[] user)
          change a user in the UserDataStore this adapter maps to
 boolean createRole(byte[] role)
          create a new role
 boolean createUser(byte[] user, String pw)
          create a user in the UserDataStore this adapter maps to
 boolean deleteRole(byte[] role)
          delete an existing role
 boolean deleteUser(byte[] user)
          delete a user from the UserDataStore this adapter maps to
 void destroy()
          required by abstract Agent class but unsused here
 Vector getAvailableBackups()
          get the names of all SAM backups currently available on the server
 String[] getRequiredRoleIds()
          get id of all roles required by this agent
 byte[] getRoleForId(String roleId)
          get the role with the given id
 byte[] getRolesForName(String namePart)
          get all users whose name contains a given string
 byte[] getRolesForUser(byte[] user)
          get the roles that are granted to a given user
 byte[] getUsersForName(String namePart)
          get all users whose last name contains a given string
 byte[] getUsersForRole(byte[] role)
          get the users that are granted a given role
 boolean grantRole(String userId, String roleId)
          grant the given user a given role
 void init()
          required by abstract Agent class but unsused here
protected  void initMethodRoleMappings()
          initialize the mapping between method names, that require a role and respective role id This method is called automatically upon construction but the developer must implement it individually for all methods that are to be guarded by SAM.
protected  void initRoleNames()
          initialize names of the roles required by this agent This method is called automatically upon construction but the developer must implement it individually for roles that are required by this agent.
 boolean newPassword(String userId, String newPw)
          set a given password for a given user
 boolean restoreSAM(String backupDirectory)
          Restore the SAM data store from a given directory.
 boolean revokeRole(String userId, String roleId)
          revoke a given role from a given user
 void setUserDataStoreAdministrator(UserDataStoreAdministrator admin)
           
 
Methods inherited from class com.lightdev.app.trec.server.Agent
getNameForRole, getRoleForMethod, mapRoleToMethod, setCommunicator, setNameForRoleId
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_NAME

public static final String DEFAULT_NAME
See Also:
Constant Field Values
Constructor Detail

SAMAdministrator

public SAMAdministrator()
construct a SAMAdministrator

Method Detail

setUserDataStoreAdministrator

public void setUserDataStoreAdministrator(UserDataStoreAdministrator admin)

init

public void init()
required by abstract Agent class but unsused here

Specified by:
init in class Agent

destroy

public void destroy()
required by abstract Agent class but unsused here

Specified by:
destroy in class Agent

backupSAM

public boolean backupSAM(String backupDirectory)
                  throws Exception

Make a backup of the SAM data store to a given directory.

As the SAM user data store not necessarily needs to be a database, this method is implemented only for the case that the standard Light Development implementation of a JDBCStoreAdministrator using an EmbeddedDerbyAdapter is running.

Parameters:
backupDirectory - the directory to backup to; the EmbeddedDerbyAdapter automatically backs up into the base directory it was constructed with and build a subdirectory named as the given backupDirectory
Returns:
true when backup operation was successful, false, when backup did not commence because of an adapter other than EmbeddedDerbyAdapter is used or an Exception is thrown, when something else goes wrong
Throws:
Exception

restoreSAM

public boolean restoreSAM(String backupDirectory)
                   throws Exception

Restore the SAM data store from a given directory.

As the SAM user data store not necessarily needs to be a database, this method is implemented only for the case that the standard Light Development implementation of a JDBCStoreAdministrator using an EmbeddedDerbyAdapter is running.

Parameters:
backupDirectory - the directory to restore from; the EmbeddedDerbyAdapter automatically restores from the base directory it was constructed with and looks for the backup to restore inside a subdirectory named as the given backupDirectory
Returns:
true when restore operation was successful, false, when restore did not commence because of an adapter other than EmbeddedDerbyAdapter is used or an Exception is thrown, when something else goes wrong
Throws:
Exception

getAvailableBackups

public Vector getAvailableBackups()
                           throws Exception
get the names of all SAM backups currently available on the server

Returns:
the backup names
Throws:
Exception

getRoleForId

public byte[] getRoleForId(String roleId)
                    throws Exception
get the role with the given id

Parameters:
roleId - the id to get the role for
Returns:
the role object with the given id as a byte array or null if none was found
Throws:
Exception

getUsersForRole

public byte[] getUsersForRole(byte[] role)
                       throws Exception
get the users that are granted a given role

Parameters:
role - the role to get the users for
Returns:
an array of users having the given role
Throws:
Exception

getRolesForUser

public byte[] getRolesForUser(byte[] user)
                       throws Exception
get the roles that are granted to a given user

Parameters:
user - the user to get roles for
Returns:
all roles granted to that user
Throws:
Exception

getRolesForName

public byte[] getRolesForName(String namePart)
                       throws Exception
get all users whose name contains a given string

Parameters:
namePart - the name part to contain
Returns:
an array of roles having the given string in their name
Throws:
Exception

getUsersForName

public byte[] getUsersForName(String namePart)
                       throws Exception
get all users whose last name contains a given string

Parameters:
namePart - the name part to contain
Returns:
byte array of an array of users having the given string in their last name
Throws:
Exception

createUser

public boolean createUser(byte[] user,
                          String pw)
                   throws Exception
create a user in the UserDataStore this adapter maps to

Parameters:
user - the user to create
pw - the password of the user
Throws:
Exception - if something went wrong during user creation

changeUser

public boolean changeUser(byte[] user)
                   throws Exception
change a user in the UserDataStore this adapter maps to

Parameters:
user - the user to change
Throws:
Exception - if something went wrong

deleteUser

public boolean deleteUser(byte[] user)
                   throws Exception
delete a user from the UserDataStore this adapter maps to

Parameters:
user - the user to delete
Throws:
Exception - if something went wrong

createRole

public boolean createRole(byte[] role)
                   throws Exception
create a new role

Parameters:
role - the role to create
Throws:
Exception - if something went wrong

changeRole

public boolean changeRole(byte[] roleBytes)
                   throws Exception
change an existing role

Parameters:
roleBytes - the changes to apply
Throws:
Exception - if something went wrong

deleteRole

public boolean deleteRole(byte[] role)
                   throws Exception
delete an existing role

Parameters:
role - the role to delete
Throws:
Exception - if something went wrong

grantRole

public boolean grantRole(String userId,
                         String roleId)
                  throws Exception
grant the given user a given role

Parameters:
userId - id of the user to grant a role
roleId - id of role to grant to given user
Throws:
Exception - if something went wrong

revokeRole

public boolean revokeRole(String userId,
                          String roleId)
                   throws Exception
revoke a given role from a given user

Parameters:
userId - id of user to revoke a role from
roleId - id of role to revoke from given user
Throws:
Exception - if something went wrong

newPassword

public boolean newPassword(String userId,
                           String newPw)
                    throws Exception
set a given password for a given user

Parameters:
userId - id of the user to set the password for
newPw - password to set for the given user
Throws:
Exception - if something went wrong during password change

getRequiredRoleIds

public String[] getRequiredRoleIds()
get id of all roles required by this agent

Specified by:
getRequiredRoleIds in interface SAMApplication
Specified by:
getRequiredRoleIds in class Agent
Returns:
an array for id strings

initMethodRoleMappings

protected void initMethodRoleMappings()
initialize the mapping between method names, that require a role and respective role id

This method is called automatically upon construction but the developer must implement it individually for all methods that are to be guarded by SAM.

Specified by:
initMethodRoleMappings in class Agent

initRoleNames

protected void initRoleNames()
initialize names of the roles required by this agent

This method is called automatically upon construction but the developer must implement it individually for roles that are required by this agent.

Specified by:
initRoleNames in class Agent
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD