com.tivoli.pd.rgy.ldap.LdapRgyRegistryFactory

com.tivoli.pd.rgy.ldap.LdapRgyRegistryFactory

Create instances to manipulate ISAM entities in LDAP registries.

getRgyRegistryInstance()

Obtain RgyRegistry instance for LDAP registries. The caller provides the PDAuthorizationContext instance this API uses for authorization checks. This instance is required if PDAuthorizationContext is shared with other configurations. Only one PDAuthorizationContext can be instantiated per configuration file created by com.tivoli.pd.jcfg.SvrSslCfg .
Prototype:
public class LdapRgyRegistryFactory { public static RgyRegistry getLdapRgyRegistryInstance (Properties properties, Map enhancements) throws RgyException; }

If we use getRgyRegistryInstance() method that requires authorization, then propertiesUrl is referred in the configuration properties file. This propertiesUrl must include both PDAuthorizationContext and RgyRegistry configurations. Typically, the API uses the com.tivoli.pd.jcfg.SvrSslCfg tool to create and manage this combined configuration file. The PD.jar file must be accessible by this API and be using the class path. If API method authorization is not required, specify the RgyRegistry configuration properties in the file. The PD.jar file is not required when com.tivoli.pd.rgy.util.RgyConfig uses this method to create and manage this registry instance.
This method uses authz.enable-authorization to determine whether PDAuthorizationContext must be used to create and authorize the API methods.

getLdapRgyRegistryInstance()

Create an instance that manipulates LDAP registries. Does not automatically enable authorization or auditing. If we pass the registry instance to the appropriate registry, we can perform authorization and auditing operations. These methods are used when the caller wants to provide their own PDAuthorizationContext instance for the RgyRegistry API to authorize its methods.
LdapRgyRegistryFactory.getLdapRgyRegistryInstance(URL propertiesUrl, Map enhancements) closely emulates the LdapRgyRegistry.getRgyRegistryInstance() when combined with

AuthzRgyRegistryFactory.getRgyRegistryInstance(URL propertiesUrl
Map enhancements
RgyRegistry wrappedRgyRegistry
PDAuthorizationContext pdAuthzContext
String adminUserId)

Instead of authz.enable-authorization configuration property enabling authorization of the API, supplying a non-null PDAuthorizationContext enables it.
The Administrator user in the authorization of this API is provided as an argument rather than specifying it in the configuration properties file.
Prototype:
public class LdapRgyRegistryFactory {public static RgyRegistry getLdapRgyRegistryInstance (URL propertiesUrl, Map enhancements) throws RgyException;
public static RgyRegistry getRgyRegistryInstance (URL propertiesUrl, Map enhancements)throws RgyException; }

Parent topic: Published API