com.tivoli.pd.rgy.ldap.AuthzRgyRegistryFactory

com.tivoli.pd.rgy.ldap.AuthzRgyRegistryFactory

This factory creates instances of the RgyRegistry API interface that authorizes and audits other RgyRegistry API instances.

getRgyRegistryInstance()

If authz.enable-authorization is enabled, the required PDAuthorizationContext. The getRgyRegistryInstance() uses authz.pdauthorizatoncontext-user as the administrative user for authorization decisions when granting access to methods. The com.tivoli.pd.rgy.ldap.RgyRegistryFactory.getRgyRegistryInstance() instance uses this method for authorization and auditing. The wrappedRgyRegistry is owned by this method, and the instance is automatically closed when appropriate. The caller or calling method must not use or close the instance.
Prototype:
public static RgyRegistry getRgyRegistryInstance(URL propertiesUrl, Map enhancements, RgyRegistry wrappedRgyRegistry) throws RgyException;

getRgyRegistryInstance()

Supply PDAuthorizationContext context, rather than creating it. These methods ignore authz.enable-authorization and authz.pdauthorizatoncontext-user configuration settings and use PDAuthorizationContext and adminUserId. If the PDAuthorizationContext is null, it enables auditing and disables authorization.
Prototype:
public static RgyRegistry getRgyRegistryInstance (Properties properties, Map enhancements, RgyRegistry wrappedRgyRegistry, PDAuthorizationContext pdAuthzContext, String adminUserId) throws RgyException;
public static RgyRegistry getRgyRegistryInstance (URL propertiesUrl, Map enhancements, RgyRegistry wrappedRgyRegistry, PDAuthorizationContext pdAuthzContext, String adminUserId) throws RgyException;

updateAdminId()

Update the administrative user ID used in authorization decisions. If the specified rgyRegistry instance is not an instance of AuthzRgyRegistry, the method does not perform any action. If authorization is not enabled for AuthzRgyRegistry instance, this method does not perform any action.
Prototype:
public static void updateAdminId(RgyRegistry rgyRegistry, String adminUserId) throws ConfigurationErrorRgyException;

getPdAuthzContext()

Return the PDAuthorizationContext used by the AuthzRgyRegistry instance.
This method returns a null value if:

The specified rgyRegistry instance is not an instance of AuthzRgyRegistry.
Authorization is not enabled for the AuthzRgyRegistry instance.

Prototype:
public static PDAuthorizationContext getPdAuthzContext(RgyRegistry rgyRegistry);

Parent topic: Published API