ISAM Administration objects

Administration objects

Each ISAM administration object that can be manipulated directly from a Java™ application is represented by a corresponding Java class. This section describes the administration objects. The following objects are supported in this version of ISAM:

Class Description
PDAuthzRule ISAM authorization rule.
PDContext Encapsulate the information needed to establish a communication session between the Java application and the ISAM policy server. Both user ID and password-based and certificate-based authentication are supported by this class. Multiple PDContext objects can be created and used within the same Java JVM. PDContext creation is a resource exhaustive operation. Although there is no upper limit to creating multiple PDContext objects, system resource limitation eventually determines how many can be successfully created and used. Create and pool only few PDContext objects in the application environment. Reuse the small number of created PDContext objects whenever possible within the same application. Because each user application needs are different, pooling PDContext objects is not mandatory. Pool PDContext objects if you have a server application that makes numerous calls. If you have an application that makes only an occasional call, or if you have various stand-alone applications which make calls, pooling is not necessary. The close() method provided in the PDContext class cleans up only the logger data associated with the context, the close() method does not delete the context.

PDDomain ISAM policy server domain.
PDUser User in the ISAM policy server.
PDGroup Group in the ISAM policy server.
PDPolicy Policy information associated with a particular ISAM user or, in the case of the global policy, associated with all users. The PDPolicy class is used to set and retrieve account policy information from the user registry on a global or per-user basis.
PDAcl Access control list (ACL), which in turn consists of a list of ACL entries.
PDAclEntry Entry in an ACL.
PDAclEntryUser User ACL entry and controls access for a particular user.
PDAclEntryGroup Group ACL entry and controls access for all members in a group.
PDAclEntryAnyOther The any-other, or any-other authenticated, entry in an ACL. This ACL entry applies to any user who is authenticated into the ISAM secure domain but is not included in a separate user or group ACL entry.
PDAclEntryUnAuth Unauthenticated user ACL entry. This ACL entry is applied to any user who was not authenticated by ISAM.
PDProtObject Protected object. A protected object represents a resource that is to be protected, and it has an ACL associated with it. Each protected object is uniquely identified by an ID.
PDProtObjectSpace Protected object space object. An object space is a logical grouping of protected objects which represents a set of related resources to be protected. Each object space is uniquely identified by an ID.
PDPop Protected object policy (POP), which can be attached to a PDProtObject object.
PDAdmSvcPobj Value of a ISAM administration service protected object.
PDAction Permission.
PDActionGroup Collection of PDAction objects.
PDRgyGroupName Name of a ISAM group in the underlying user registry.
PDRgyUserName Name of a ISAM user in the underlying user registry.
PDRgyName Name of a ISAM object in the underlying user registry. This object is either a ISAM user name or group name.
PDAppSvrSpecLocal Configuration information for a local Java application server.
PDAppSvrSpecRemote Configuration information for a remote Java application server.
PDSvrInfo ISAM policy server or authorization server and is used when creating or changing the configuration for a Java application server.
PDAppSvrInfo Read-only view of a Java application server configuration information.
PDServer ISAM policy server, authorization server, or other application server.
PDSSOResource Single sign-on (SSO) resource.
PDSSOResourceGroup Single sign-on (SSO) resource group.
PDSSOCred.CredID Credential identification information for each member of the list returned by the PDSSOCred.listSSOCreds method.
PDSSOCred.CredInfo Credential information for each member of the list returned by the PDSSOCred.listAndShowSSOCreds method.
PDException Exception to reflect that an error or other exceptional condition occurred.
PDMessage Single ISAM message and includes the message code, severity, and the localized message text.
PDMessages List of one or more ISAM messages.

The methods associated with these classes are threadsafe.
Parent topic: Use the administration API

Class	Description
PDAuthzRule	ISAM authorization rule.
PDContext	Encapsulate the information needed to establish a communication session between the Java application and the ISAM policy server. Both user ID and password-based and certificate-based authentication are supported by this class. Multiple PDContext objects can be created and used within the same Java JVM. PDContext creation is a resource exhaustive operation. Although there is no upper limit to creating multiple PDContext objects, system resource limitation eventually determines how many can be successfully created and used. Create and pool only few PDContext objects in the application environment. Reuse the small number of created PDContext objects whenever possible within the same application. Because each user application needs are different, pooling PDContext objects is not mandatory. Pool PDContext objects if you have a server application that makes numerous calls. If you have an application that makes only an occasional call, or if you have various stand-alone applications which make calls, pooling is not necessary. The close() method provided in the PDContext class cleans up only the logger data associated with the context, the close() method does not delete the context.
PDDomain	ISAM policy server domain.
PDUser	User in the ISAM policy server.
PDGroup	Group in the ISAM policy server.
PDPolicy	Policy information associated with a particular ISAM user or, in the case of the global policy, associated with all users. The PDPolicy class is used to set and retrieve account policy information from the user registry on a global or per-user basis.
PDAcl	Access control list (ACL), which in turn consists of a list of ACL entries.
PDAclEntry	Entry in an ACL.
PDAclEntryUser	User ACL entry and controls access for a particular user.
PDAclEntryGroup	Group ACL entry and controls access for all members in a group.
PDAclEntryAnyOther	The any-other, or any-other authenticated, entry in an ACL. This ACL entry applies to any user who is authenticated into the ISAM secure domain but is not included in a separate user or group ACL entry.
PDAclEntryUnAuth	Unauthenticated user ACL entry. This ACL entry is applied to any user who was not authenticated by ISAM.
PDProtObject	Protected object. A protected object represents a resource that is to be protected, and it has an ACL associated with it. Each protected object is uniquely identified by an ID.
PDProtObjectSpace	Protected object space object. An object space is a logical grouping of protected objects which represents a set of related resources to be protected. Each object space is uniquely identified by an ID.
PDPop	Protected object policy (POP), which can be attached to a PDProtObject object.
PDAdmSvcPobj	Value of a ISAM administration service protected object.
PDAction	Permission.
PDActionGroup	Collection of PDAction objects.
PDRgyGroupName	Name of a ISAM group in the underlying user registry.
PDRgyUserName	Name of a ISAM user in the underlying user registry.
PDRgyName	Name of a ISAM object in the underlying user registry. This object is either a ISAM user name or group name.
PDAppSvrSpecLocal	Configuration information for a local Java application server.
PDAppSvrSpecRemote	Configuration information for a remote Java application server.
PDSvrInfo	ISAM policy server or authorization server and is used when creating or changing the configuration for a Java application server.
PDAppSvrInfo	Read-only view of a Java application server configuration information.
PDServer	ISAM policy server, authorization server, or other application server.
PDSSOResource	Single sign-on (SSO) resource.
PDSSOResourceGroup	Single sign-on (SSO) resource group.
PDSSOCred.CredID	Credential identification information for each member of the list returned by the PDSSOCred.listSSOCreds method.
PDSSOCred.CredInfo	Credential information for each member of the list returned by the PDSSOCred.listAndShowSSOCreds method.
PDException	Exception to reflect that an error or other exceptional condition occurred.
PDMessage	Single ISAM message and includes the message code, severity, and the localized message text.
PDMessages	List of one or more ISAM messages.