psdi.security.ldap.nds

Class NovellDirectorySynchronizer

java.lang.Object

psdi.security.ldap.LdapSynchronizer

psdi.security.ldap.AbstractLdapSynchronizer

psdi.security.ldap.nds.NovellDirectorySynchronizer

public class NovellDirectorySynchronizer
extends AbstractLdapSynchronizer

This class synchronizes the required data from Novell eDirectory LDAP server to MAXIMO Database tables. The Synchronization process is one way only i.e from Novell eDirectory to MAXIMO. Any changes made to the MAXIMO tables in this process by external means will be overwritten when this synchronizer runs depending on the changes that are made to the same data in Novell eDirectory. Any data that's not coming from Novell eDirectory, i.e default data that's not available in Novell eDirectory will not be overwritten when data is updated in MAXIMO tables.

Field Summary

Fields

Modifier and Type	Field and Description
protected java.lang.String	currentModifyTimeStamp
static java.lang.String	MODIFYTIMESTAMP

Fields inherited from class psdi.security.ldap.AbstractLdapSynchronizer

connection, contextSettings, errorCount, fullSyncNeeded, GROUP_SEARCH_PAGE_SIZE, groupSettings, ldapSyncListener, logger, maxErrors, noGroupsSynchronized, noUsersSynchronized, sqlLogger, synchronizerSettings, syncNeeded, syncParameters, USER_SEARCH_PAGE_SIZE, userSettings

Constructor Summary

Constructors

Constructor and Description
NovellDirectorySynchronizer()

Method Summary

Modifier and Type	Method and Description
protected void	determineSynchronizationNeed() Determines whether synchronization is needed or not based on some parameters obtained from the Novell eDirectory.
protected java.lang.String	getGroupDNAttributeName() Returns the attribute used for identifying the distinguished name of a group object.In Novell "dn" is for distinguishedname.
protected java.lang.String	getGroupObjectClass() Returns the object class used to indentify group objects in Novell eDirectory.
protected java.lang.String	getGroupSearchFilter() Determines the search filter to be used for full and incremental synchronization.
protected java.lang.String	getMemberUserAccountName(java.lang.String memberDN) Returns the user or group member account name, for the given distinguished name of the user or group.
protected java.lang.String	getModifyTimeStamp(java.lang.String attributeName) THis method returns the last modifytimestamp.
protected java.util.Hashtable	getSearchLdapContextEnvironment() Returns the search context environment to be used for performing the directory searches.
protected java.lang.String	getUserDNAttributeName() Returns the attribute used for identifying the distinguished name of a user object.In Novell "dn" is for distinguishedname.
protected java.lang.String	getUserObjectClass() Returns the object class used to indentify user objects in Novell eDirectory.
protected java.lang.String	getUserSearchFilter() Determines the search filter to be used for full and incremental synchronization.
protected void	initSync() Initializes the synchronization task with the necessary information needed for performing the synchronization work.
protected java.util.Set	retrieveAllGroupMembers(java.lang.String groupDN) Retrieves all the group members of the given group distinguished name.
protected void	retrieveGroupMembers(java.lang.String groupDN, java.util.Set memberUsers, java.util.Set memberGroups) Retrieves group members and fills the users and groups that are members of the given group into the passed in sets.
protected void	syncGroups() Performs LDAP query against the LDAP Directory server and retrieves the results , a notification event will be fired to the listener to synchronize the changes to MAXIMO database tables.
protected void	syncUsers() Performs LDAP query against the LDAP Directory server and retrieves the results .
protected void	updateSyncParameters() Called by the controller when the synchronization task is completed successfully, so that the new parameters are used for the next synchronization task.

Methods inherited from class psdi.security.ldap.AbstractLdapSynchronizer

buildURL, closeContext, commitGroupChanges, commitGroupChanges, commitUserChanges, commitUserChanges, createDefaultLdapContext, createSearchLdapContext, getDefaultLdapContextEnvironment, getGroupAttributes, getGroupMemberAsGroupAttribute, getGroupMemberAsUserAttribute, getGroupMembersAttribute, getGroupSearchBase, getGroupSearchControls, getGroupSearchPageSize, getGroupSearchScope, getLDAPSyncListener, getSynchronizerSettings, getSyncParameters, getUserAttributes, getUserSearchBase, getUserSearchControls, getUserSearchPageSize, getUserSearchScope, init, isFullSyncNeeded, isSyncNeeded, performSync, setFullSyncNeeded, setLDAPSyncListener, setOwner, setSyncNeeded, syncGroupMembers

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

MODIFYTIMESTAMP

public static final java.lang.String MODIFYTIMESTAMP

See Also:

Constant Field Values

currentModifyTimeStamp

protected java.lang.String currentModifyTimeStamp

Constructor Detail

NovellDirectorySynchronizer

public NovellDirectorySynchronizer()

Method Detail

initSync

protected void initSync()
                 throws LdapSyncException

Initializes the synchronization task with the necessary information needed for performing the synchronization work.

Overrides:

initSync in class AbstractLdapSynchronizer

Throws:

LdapSyncException - if fails to initialize

See Also:

AbstractLdapSynchronizer.initSync()

updateSyncParameters

protected void updateSyncParameters()

Called by the controller when the synchronization task is completed successfully, so that the new parameters are used for the next synchronization task.

Overrides:

updateSyncParameters in class AbstractLdapSynchronizer

See Also:

AbstractLdapSynchronizer.updateSyncParameters()

getUserSearchFilter

protected java.lang.String getUserSearchFilter()

Determines the search filter to be used for full and incremental synchronization. The user filter specified in the configuration is altered to include an additional query to get the list of changed objects from Directory Server since the last synchronization task.

Overrides:

getUserSearchFilter in class AbstractLdapSynchronizer

Returns:

the search filter to be used to find users

See Also:

AbstractLdapSynchronizer.getUserSearchFilter()

getGroupSearchFilter

protected java.lang.String getGroupSearchFilter()

Determines the search filter to be used for full and incremental synchronization. The group filter specified in the configuration is altered to include an additional query to get the list of changed objects from Directory Server since the last synchronization task.

Overrides:

getGroupSearchFilter in class AbstractLdapSynchronizer

Returns:

the search filter to be used to find groups

See Also:

AbstractLdapSynchronizer.getGroupSearchFilter()

getSearchLdapContextEnvironment

protected java.util.Hashtable getSearchLdapContextEnvironment()

Returns the search context environment to be used for performing the directory searches.

Overrides:

getSearchLdapContextEnvironment in class AbstractLdapSynchronizer

See Also:

AbstractLdapSynchronizer.getSearchLdapContextEnvironment()

retrieveAllGroupMembers

protected java.util.Set retrieveAllGroupMembers(java.lang.String groupDN)
                                         throws LdapSyncException

Retrieves all the group members of the given group distinguished name. If a group has another group as a member, then this method figures out the users of that nested group. The returned set includes complete list of all the user account names of the given group.

Specified by:

retrieveAllGroupMembers in class AbstractLdapSynchronizer

Parameters:

groupDN - group distinguished name for which users need to be retrieved.

Returns:

A set of all users that are members of the given group.

Throws:

LdapSyncException - if fails to retrieve members.

See Also:

AbstractLdapSynchronizer.retrieveAllGroupMembers(java.lang.String)

retrieveGroupMembers

protected void retrieveGroupMembers(java.lang.String groupDN,
                                    java.util.Set memberUsers,
                                    java.util.Set memberGroups)
                             throws LdapSyncException

Retrieves group members and fills the users and groups that are members of the given group into the passed in sets.

Parameters:

groupDN - distinguished name of the group for which members need to be retrieved.

memberUsers - returns the set of member users of the group.

memberGroups - returns the set of member groups of the group.

Throws:

LdapSyncException - if fails to retrieve members of the group.

getMemberUserAccountName

protected java.lang.String getMemberUserAccountName(java.lang.String memberDN)
                                             throws LdapSyncException

Returns the user or group member account name, for the given distinguished name of the user or group. The code also determines whether the member distinguished name passed in is for a user or a group depending on the class name of the retrieved object based on the member distinguished name.

Parameters:

memberDN - user or group distinguished name

Returns:

user or group account name based on the distinguished name

Throws:

LdapSyncException - if fails to retrieve the account name.

determineSynchronizationNeed

protected void determineSynchronizationNeed()
                                     throws LdapSyncException

Determines whether synchronization is needed or not based on some parameters obtained from the Novell eDirectory. If some of the critical parameters are changed, then a full synchronization is needed. If synchronization is needed, this method also determines whether a full or incremental synchronization is needed.

Specified by:

determineSynchronizationNeed in class AbstractLdapSynchronizer

Throws:

LdapSyncException - if fails to determine the need

getUserObjectClass

protected java.lang.String getUserObjectClass()

Returns the object class used to indentify user objects in Novell eDirectory.

Specified by:

getUserObjectClass in class AbstractLdapSynchronizer

See Also:

AbstractLdapSynchronizer.getUserObjectClass()

getGroupObjectClass

protected java.lang.String getGroupObjectClass()

Returns the object class used to indentify group objects in Novell eDirectory.

Specified by:

getGroupObjectClass in class AbstractLdapSynchronizer

See Also:

AbstractLdapSynchronizer.getGroupObjectClass()

getUserDNAttributeName

protected java.lang.String getUserDNAttributeName()

Returns the attribute used for identifying the distinguished name of a user object.In Novell "dn" is for distinguishedname. But dn doesn't return any value. So just added cn for now.

Specified by:

getUserDNAttributeName in class AbstractLdapSynchronizer

See Also:

AbstractLdapSynchronizer.getUserDNAttributeName()

getGroupDNAttributeName

protected java.lang.String getGroupDNAttributeName()

Returns the attribute used for identifying the distinguished name of a group object.In Novell "dn" is for distinguishedname. But dn doesn't return any value. So just added cn for now.

Specified by:

getGroupDNAttributeName in class AbstractLdapSynchronizer

See Also:

AbstractLdapSynchronizer.getGroupDNAttributeName()

getModifyTimeStamp

protected java.lang.String getModifyTimeStamp(java.lang.String attributeName)
                                       throws LdapSyncException

THis method returns the last modifytimestamp. For everychange to Novell object modifytimestamp is changed. So we loop through all the modifytimestamp and return the latest one. When sync is again done, it comapres the last modifytimestamp and current modifytimestamp and determine if any change is done or not.

Parameters:

attributeName -

Returns:

Throws:

LdapSyncException

syncUsers

protected void syncUsers()
                  throws LdapSyncException

Performs LDAP query against the LDAP Directory server and retrieves the results . For each object that's obtained in the result, a notification event will be fired to the listener to synchronize the changes to MAXIMO database tables.Novell doesn't support pagedReultControls, so has to override this method.

Overrides:

syncUsers in class AbstractLdapSynchronizer

Throws:

LdapSyncException

syncGroups

protected void syncGroups()
                   throws LdapSyncException

Performs LDAP query against the LDAP Directory server and retrieves the results , a notification event will be fired to the listener to synchronize the changes to MAXIMO database tables. This method also retrieves all the users of each group object processed in the search result.There is no way to read the distingushedname as an attribute. So used Novell classes to do search and getDN.

Overrides:

syncGroups in class AbstractLdapSynchronizer

Throws:

LdapSyncException