com.nitido.nim
Class ProvisionService

java.lang.Object
  com.nitido.nim.NiMKernelService
      com.nitido.nim.ProvisionService

All Implemented Interfaces:

NiMConstants

Direct Known Subclasses:

ProvisionServiceImpl

public abstract class ProvisionService
extends NiMKernelService

The ProvisionService is the NiMKernel module responsible for provisioning and de-provisioning entities.

Field Summary

Fields inherited from interface com.nitido.nim.NiMConstants

ACTION_CREATE_NUGGET, ACTION_CREATE_NUGGET_BY_NAME, ACTION_CRED_SPACE_ADD, ACTION_CRED_SPACE_GET_KEYS, ACTION_CRED_SPACE_GET_KEYS_START_WITH, ACTION_CRED_SPACE_GET_VALUE, ACTION_CRED_SPACE_GET_VALUES, ACTION_CRED_SPACE_MODIFY, ACTION_CRED_SPACE_REMOVE_VALUE, ACTION_CRED_SPACE_REMOVE_VALUES, ACTION_CRED_SPACE_REPLACE, ACTION_DEPROVISION_ENTITY, ACTION_ENTITY_CHANGE_CRED, ACTION_LOG_EVENT, ACTION_PROVISION_ENTITY, ACTION_USER_SPACE_ADD, ACTION_USER_SPACE_GET_KEYS, ACTION_USER_SPACE_GET_KEYS_START_WITH, ACTION_USER_SPACE_GET_VALUE, ACTION_USER_SPACE_GET_VALUES, ACTION_USER_SPACE_MODIFY, ACTION_USER_SPACE_REMOVE_VALUE, ACTION_USER_SPACE_REMOVE_VALUES, ACTION_USER_SPACE_REPLACE, CONF_PREFIX_SECURITY_ACCESS, CONF_PREFIX_SECURITY_ALLOW, CONF_PREFIX_SECURITY_ASSIGN, CONF_PREFIX_SECURITY_RESOURCE, PARAM_CHANGE_CRED, PARAM_DEPROVISION_CREDENTIAL, PARAM_EVENT_NAME, PARAM_MODIFIER_CONTAINER, PARAM_NUGGET_CREATE_CRED, PARAM_NUGGET_NAME, PARAM_NUGGET_SETTINGS, PARAM_NUGGET_TYPE, PARAM_PROVISION_DESCRIPTOR, PARAM_SPACE_KEY, PARAM_SPACE_KEYS_START_WITH, PARAM_SPACE_VALUE, PREFIX_ACCESS_CLASS_IN_PACKAGE

Constructor Summary

ProvisionService(NiMKernelServiceVisa visa)
This class constructor is used by NiMKernel to instantiate a new ProvisionService.

Method Summary

abstract void	changeProvisionCredential(Credential oldCred, Credential newCred) Change the provision credential.
abstract void	deprovisionEntity(Credential targetCred, Entity adminEntity) This method will de-provision the entity associated to the given target credential.
protected abstract void	init(NiMKernel kernel, ConfigurationService confService) This method is used to initialize the kernel service.
protected abstract boolean	isProvisioned(Credential targetCred) This method will check if the specified targetCred represents an entity that has been provisioned in the backend.
abstract void	provisionEntity(EntityProvisionDescriptor descriptor, Entity adminEntity) This method is used to provision a new entity.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ProvisionService

public ProvisionService(NiMKernelServiceVisa visa)

This class constructor is used by NiMKernel to instantiate a new ProvisionService.

Parameters:

visa - Reference to the NiMKernelServiceVisa object required to instantiate the service. This parameter is required to ensure that only the NiMkernel can instantiate a reference to this service.

Method Detail

init

protected abstract void init(NiMKernel kernel,
                             ConfigurationService confService)
                      throws InitializationFailedException,
                             NiMException

Description copied from class: NiMKernelService

This method is used to initialize the kernel service. Extenders of this class must implement this method.

Specified by:

init in class NiMKernelService

Parameters:

kernel - Reference to the NiMKernel object that instantiated the service.

confService - A reference to the configuration service. All the service implementations (except ConfigurationService) should retrieve the setting information from it.

Throws:

InitializationFailedException - If unable to initialize the kernel service.

NiMException - If service initialization can not be done due to failure in establish a connection to the back-end service. Not all service implementation will throw this exception.

provisionEntity

public abstract void provisionEntity(EntityProvisionDescriptor descriptor,
                                     Entity adminEntity)
                              throws java.lang.IllegalArgumentException,
                                     EntityProvisionException,
                                     PermissionDeniedException,
                                     NiMException

This method is used to provision a new entity.

If this method failed to provision the entity on one of the back-end service, it must undo the task on the other services that it has provisioned the user. In other words, this method must provide an atomic "user provisioning process".

Parameters:

descriptor - The entity descriptor is data container that holds all the information necessary to provision the required Entity

adminEntity - The entity object of the administrator. The identifying credential of this entity object should have enough privilege for provisioning a new entity

Throws:

java.lang.IllegalArgumentException - If any of the given arguments are null.

EntityProvisionException - If unable to cprovision the entity due to inconsistencies on the data in the EntityProvisionDescriptor and the back-end requirements.

PermissionDeniedException - If given Credential does not have permission to perform the required action.

NiMException - If unable to establish a connection with the back-end provisioning service.

deprovisionEntity

public abstract void deprovisionEntity(Credential targetCred,
                                       Entity adminEntity)
                                throws java.lang.IllegalArgumentException,
                                       PermissionDeniedException,
                                       NiMException

This method will de-provision the entity associated to the given target credential.

Parameters:

targetCred - The identifying credential of the entity being de-provisioned.

adminEntity - The entity object of the administrator. The identifying credential of this administrator entity object should have enough privilege for provisioning a new entity

Throws:

java.lang.IllegalArgumentException - If any of the given arguments are null.

PermissionDeniedException - If the given credential does not have permission for the action.

NiMException - If unable to establish a connection with the back-end de-provisioning service.

changeProvisionCredential

public abstract void changeProvisionCredential(Credential oldCred,
                                               Credential newCred)
                                        throws IllegalCredentialException,
                                               NiMException

Change the provision credential. This method is called by the EntityService implementation if it is configured to change the provision credential when the application calls the method Entity.changeIdentifyingCredential().

Parameters:

oldCred - The original credential.

newCred - The new credential.

Throws:

IllegalCredentialException - If the credentials are incorrect.

NiMException - If some other unexpected error has occured.

isProvisioned

protected abstract boolean isProvisioned(Credential targetCred)
                                  throws java.lang.IllegalArgumentException,
                                         NiMException

This method will check if the specified targetCred represents an entity that has been provisioned in the backend.

Parameters:

targetCred - The identifying credential of the entity to be checked.

Returns:

true if the user has been provisioned successfully. false otherwise.

Throws:

java.lang.IllegalArgumentException - If any of the given arguments are null.

NiMException - If unable to establish a connection with the back-end provisioning service.