Package com.ibm.di.api.security

Class Registry

  • public class Registry
extends java.lang.Object
    The Registry class is used by the Server API to parse the User Registry file and hold all the user identities with their corresponding permissions. After initialization of the Registry the Identites are accessed through the getIdentity(String aUserID) method. From 7.0 this method also returns Identities for userIDs which are members of groups specified in the registry.

    • Constructor Summary

      Constructors 
      Constructor Description
      Registry()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      Identity getIdentity​(java.lang.String aUserID)
      The method searches for Identities with userId corresponding to the supplied parameter.
      void initialize​(java.lang.String aRegistryFileName, RS.ConfigInstanceNamingPolicy configInstanceNamingPolicy)
      Parses the User Registry file and creates a vector with all Identities found in it with their corresponding permissions.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • Registry

        public Registry()

    • Method Detail

      • initialize

        public void initialize​(java.lang.String aRegistryFileName,
                       RS.ConfigInstanceNamingPolicy configInstanceNamingPolicy)
                throws DIException
        Parses the User Registry file and creates a vector with all Identities found in it with their corresponding permissions. If the server API user registry encryption is turned on the file is decrypted using the CryptoUtils class. All the tags are read line by line. This parsing traverses the Registry tags tree in depth and all authorization elements found are added as corresponding vectors to their parent object.
        Parameters:
        aRegistryFileName - the full path to the user registry file name
        configInstanceNamingPolicy - this policy is used when parsing the tags that define which configurations the user is authorized access to
        Throws:
        DIException - if an Exception occurs during the reading, decrypting or parsing the file

      • getIdentity

        public Identity getIdentity​(java.lang.String aUserID)
        The method searches for Identities with userId corresponding to the supplied parameter. It distinguishes two cases: simple - when only user name is supplied. In this case the Identity with matching userId is returned. In the other case, when the LDAP authentication with group support is performed, as parameter is supplied not only the user, but also the users' groups separated by ";".The first in this sequience must be the authenticating user. In this case new Identity is created, which posseses all the roles assigned to the user as well to the groups in the user registry.
        Parameters:
        aUserID - String object containing the authenticating user or the user and the users' groups each one separated by ";" by the others.
        Returns:
        Identity object
        Since:
        7.0