psdi.security.vmm

Class VMMSynchronizer

java.lang.Object

psdi.security.vmm.Synchronizer

psdi.security.vmm.VMMSynchronizer

public class VMMSynchronizer
extends Synchronizer

A class that implements the VMM synchronization logic needed to retrieve user and group object information from VMM Server runtime. The code written here would retrieve user and group object limited to single configured DN

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CHECKPOINT The ParamName on LdapSyncParams table for storing check point values for the last iteration of VMMSYNC, when ChangePolling was enabled.
protected java.sql.Connection	connection A database connection used for writing the appropriate user and group data to MAXIMO tables.
protected VMMContextSettings	contextSettings VMM Server related settings provided in the configuration file.
protected int	errorCount Number of errors in this cycle.
protected boolean	fullSyncNeeded A boolean flag to indicate whether a full synchronization is needed or not.
static int	GROUP_SEARCH_PAGE_SIZE The default search page result for group searches
protected GroupSettings	groupSettings Group settings provided in the configuration file.
protected java.util.HashMap	lastCheckPoint The last check point during the last iteration of VMMSYNC.
protected MXLogger	logger Logger object used to output any messages to indicate the progress of the synchronization.
protected static int	maxErrors The maximum number of errors allowed per cycle.
protected java.util.HashMap	newCheckPoint The current check point during this iteration of VMMSYNC.
protected int	noGroupsSynchronized A number used to indicate how many group objects are synchronized with respect to MAXIMO tables when a synchronization task is performed.
protected int	noUsersSynchronized A number used to indicate how many user objects are synchronized with respect to MAXIMO tables when a synchronization task is performed.
protected MXLogger	sqlLogger Logger object used to output any SQL messages to indicate the progress of the synchronization.
protected boolean	syncNeeded A boolean flag to indicate whether synchronization is needed or not.
static int	USER_SEARCH_PAGE_SIZE The default search page result for user searches
protected UserSettings	userSettings User settings provided in the configuration file.
protected VMMSynchronizerSettings	vmmSynchronizerSettings Synchronization settings provided in the configuration file.
protected VMMSyncListener	vmmSyncListener Synchronization listener object that will receive notifications for each user or group that need to be synchronized to MAXIMO database tables.
protected VMMSyncParameters	vmmSyncParameters Synchronization parameters.

Constructor Summary

Constructors

Constructor and Description
VMMSynchronizer() A default constructor.

Method Summary

Modifier and Type	Method and Description
protected void	commitGroupChanges() Perform a database commit operation and logs a message.
protected void	commitGroupChanges(int objectsProcessed) Perform a database commit operation based on the number of group objects processed.
protected void	commitUserChanges() Perform a database commit operation and logs a message.
protected void	commitUserChanges(int objectsProcessed) Perform a database commit operation based on the number of user objects processed.
protected java.util.HashMap	getCheckpointFromSearchResults(commonj.sdo.DataObject returnDO) If change polling is supported and this is a partial sync, then get the current checkpoint from the search results, for use in the next sync.
protected java.util.HashMap	getCheckpointFromVMM() If change polling is supported, get the current checkpoint from VMM.
protected java.lang.String[]	getGroupAttributes() Returns list of attributes for which values need to be obtained from the directory server when performing group search.
protected java.lang.String	getGroupDNAttributeName() Returns the attribute used for identifying the distinguished name of a group object ("cn").
protected java.lang.String	getGroupMemberAsGroupAttribute() Returns the attribute name used for indentifying group of a group.
protected java.lang.String	getGroupMemberAsUserAttribute() Returns the attribute name used for indentifying user of a group.
protected java.lang.String	getGroupMembersAttribute() Returns the attribute name of group member
protected java.lang.String	getGroupSearchBase() Returns the base distinguished name of the directory hirerarchy to be used for searching group objects.
protected javax.naming.directory.SearchControls	getGroupSearchControls() Returns the search controls used for group searches.
protected java.lang.String	getGroupSearchFilter() Returns the search filter (VMM query) to be used for performing search for group objects.
protected int	getGroupSearchScope() Returns the sarch scope to be used for group searches.
VMMSynchronizerSettings	getSynchronizerSettings() Returns synchronizer settings configured.
VMMSyncParameters	getSyncParameters() Returns the synchronization parameters used during the synchronization.
protected java.lang.String[]	getUserAttributes() Returns list of attributes for which values need to be obtained from the directory server when performing user search.
protected java.lang.String	getUserSearchBase() Returns the base distinguished name of the directory hirerarchy to be used for searching user objects.
protected javax.naming.directory.SearchControls	getUserSearchControls() Returns the search controls used for user searches.
protected java.lang.String	getUserSearchFilter() Returns the search filter (VMM query) to be used for performing search for user objects.
protected int	getUserSearchPageSize() Returns the maximum numbers of objects to be returned in every page result.
protected int	getUserSearchScope() Returns the sarch scope to be used for user searches.
VMMSyncListener	getVMMSyncListener() Returns the listener object that receives synchronization events.
void	init(VMMSynchronizerInitData initData) Initializes the synchronizer with the initialization data that's obtained from configuration values.
protected void	initSync() Called to let the synchronizer initialize itself before the synchronization work starts.
boolean	isFullSyncNeeded() Returns whether a full synchronizaiton is needed or not.
boolean	isSyncNeeded() Returns whether synchronization is needed or not.
void	performSync(java.sql.Connection con, VMMSyncParameters syncParams, UserInfo userInfo) Performs the synchronization operation based on the synchronization parameters.
protected java.util.Set	retrieveAllGroupMembers(java.lang.String groupDN) Retrieves all the group members of the given group distinguished name.
protected void	setFullSyncNeeded(boolean needed) Sets the flag to indicate whether full synchronization is needed or not.
void	setOwner(VMMSyncTask val) Set reference to the calling class
protected void	setSyncNeeded(boolean needed) Sets the flag to indicate whether synchronization is needed or not.
void	setVMMSyncListener(VMMSyncListener vmmSyncListener) Sets the listener object that gets notification events during synchronization process.
protected void	syncGroupMembers(VMMSyncData groupSyncData, java.util.Set groupMembers) Sends an event to the listener with the list of members of a group to synchronize the data to MAXIMO tables.
protected void	syncVMMGroups() Performs VMM query against the VMM server and retrieves the results page by page and processes each page result.
protected void	syncVMMUsers() Performs VMM query against the VMM server and retrieves the results page by page and processes each page result.
protected void	updateSyncParameters() Called by the controller when the synchronization task is completed successfully, so that the new parameters are used for the next synchronization task.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

USER_SEARCH_PAGE_SIZE

public static final int USER_SEARCH_PAGE_SIZE

The default search page result for user searches

See Also:

Constant Field Values

GROUP_SEARCH_PAGE_SIZE

public static final int GROUP_SEARCH_PAGE_SIZE

The default search page result for group searches

See Also:

Constant Field Values

CHECKPOINT

public static final java.lang.String CHECKPOINT

The ParamName on LdapSyncParams table for storing check point values for the last iteration of VMMSYNC, when ChangePolling was enabled.

See Also:

Constant Field Values

lastCheckPoint

protected java.util.HashMap lastCheckPoint

The last check point during the last iteration of VMMSYNC. Populated by #determineSynchronizationNeed. Key = repository ID, value = number.

newCheckPoint

protected java.util.HashMap newCheckPoint

The current check point during this iteration of VMMSYNC. After the sync, this will be used to update ldapsyncparams. Key = repository ID, value = number.

vmmSyncParameters

protected VMMSyncParameters vmmSyncParameters

Synchronization parameters.

vmmSynchronizerSettings

protected VMMSynchronizerSettings vmmSynchronizerSettings

Synchronization settings provided in the configuration file.

contextSettings

protected VMMContextSettings contextSettings

VMM Server related settings provided in the configuration file.

userSettings

protected UserSettings userSettings

User settings provided in the configuration file. These settings include list of attributes, the search filter to be used and also the appropriate data mappings to MAXIMO tables.

groupSettings

protected GroupSettings groupSettings

Group settings provided in the configuration file. These settings include list of attributes, the search filter to be used and also the appropriate data mappings to MAXIMO tables.

logger

protected MXLogger logger

Logger object used to output any messages to indicate the progress of the synchronization.

sqlLogger

protected MXLogger sqlLogger

Logger object used to output any SQL messages to indicate the progress of the synchronization.

vmmSyncListener

protected VMMSyncListener vmmSyncListener

Synchronization listener object that will receive notifications for each user or group that need to be synchronized to MAXIMO database tables.

fullSyncNeeded

protected boolean fullSyncNeeded

A boolean flag to indicate whether a full synchronization is needed or not. If this setting is false, an incremental synchronization is performed.

syncNeeded

protected boolean syncNeeded

A boolean flag to indicate whether synchronization is needed or not. If a synchronization is performed and when the next scheduled synchronization starts, if data in the VMM Server is not changed, we do not have do do any work. A value of true indicate that synchronization is needed. An additional flag indicates whether a full or incremental synchronization is needed or not.

noUsersSynchronized

protected int noUsersSynchronized

A number used to indicate how many user objects are synchronized with respect to MAXIMO tables when a synchronization task is performed.

noGroupsSynchronized

protected int noGroupsSynchronized

A number used to indicate how many group objects are synchronized with respect to MAXIMO tables when a synchronization task is performed.

connection

protected java.sql.Connection connection

A database connection used for writing the appropriate user and group data to MAXIMO tables.

errorCount

protected int errorCount

Number of errors in this cycle.

maxErrors

protected static int maxErrors

The maximum number of errors allowed per cycle. From property mxe.LDAPMaxErrors.

Constructor Detail

VMMSynchronizer

public VMMSynchronizer()

A default constructor.

Method Detail

init

public void init(VMMSynchronizerInitData initData)
          throws VMMSyncException

Initializes the synchronizer with the initialization data that's obtained from configuration values. Based on the initialization data, instantiates the lsterner object that receives notification events.

Specified by:

init in class Synchronizer

Parameters:

initData - initialization data

Throws:

VMMSyncException - if fail to initialize

getSyncParameters

public VMMSyncParameters getSyncParameters()

Returns the synchronization parameters used during the synchronization.

Returns:

synchronization parameters

getSynchronizerSettings

public VMMSynchronizerSettings getSynchronizerSettings()

Returns synchronizer settings configured.

Returns:

synchronizer settings configured.

performSync

public void performSync(java.sql.Connection con,
                        VMMSyncParameters syncParams,
                        UserInfo userInfo)
                 throws VMMSyncException

Performs the synchronization operation based on the synchronization parameters. The synchronization parameters contain the necessary data required for this operation and also contain the values that are used by the last synchronization operation.

Specified by:

performSync in class Synchronizer

Parameters:

con - database connection to be used for synchronizing VMM data with MAXIMO database tables.

syncParams - synchronization prameters

Throws:

VMMSyncException - if fails to synchronize

See Also:

VMMSynchronizer.getVMMSyncListener(), VMMSynchronizer.determineSynchronizationNeed(), #getInitialCheckpoint, VMMSynchronizer.syncVMMUsers(), VMMSynchronizer.syncVMMGroups(), VMMSynchronizer.updateSyncParameters()

setOwner

public void setOwner(VMMSyncTask val)

Set reference to the calling class

isFullSyncNeeded

public boolean isFullSyncNeeded()

Returns whether a full synchronizaiton is needed or not.

Returns:

true to indicate full synchronization is needed, otherwise false.

isSyncNeeded

public boolean isSyncNeeded()

Returns whether synchronization is needed or not.

Returns:

true to indicate synchronization is needed, otherwise false.

setFullSyncNeeded

protected void setFullSyncNeeded(boolean needed)

Sets the flag to indicate whether full synchronization is needed or not. A true value indicates full synchronization is needed.

Parameters:

needed - true value indicates full synchronization is needed.

setSyncNeeded

protected void setSyncNeeded(boolean needed)

Sets the flag to indicate whether synchronization is needed or not. A true value indicates synchronization is needed.

Parameters:

needed - true value indicates synchronization is needed.

initSync

protected void initSync()
                 throws VMMSyncException

Called to let the synchronizer initialize itself before the synchronization work starts.

Throws:

VMMSyncException - if fails to initialize

getUserSearchBase

protected java.lang.String getUserSearchBase()

Returns the base distinguished name of the directory hirerarchy to be used for searching user objects.

Returns:

the base distinguished name

getUserSearchFilter

protected java.lang.String getUserSearchFilter()

Returns the search filter (VMM query) to be used for performing search for user objects. This method returns the search filter configured. The concrete synchronizer code should override and add additional criteria to be included, if needed.

Returns:

the search filter to be used to find users

getUserSearchControls

protected javax.naming.directory.SearchControls getUserSearchControls()

Returns the search controls used for user searches.

Returns:

the search controls used for user searches.

getUserAttributes

protected java.lang.String[] getUserAttributes()

Returns list of attributes for which values need to be obtained from the directory server when performing user search. This method by default, returns all the configured attributes. The concrete implementations can override this method to include additional attributes, if neeed.

Returns:

a list of attributes to be included in the search.

getUserSearchScope

protected int getUserSearchScope()

Returns the sarch scope to be used for user searches. If invalid search scope is defined, returns SearchControls.SUBTREE_SCOPE

Returns:

the sarch scope to be used for user searches

getUserSearchPageSize

protected int getUserSearchPageSize()

Returns the maximum numbers of objects to be returned in every page result. This number can be tuned depending on the size of data returned and the network speed.

Returns:

the maximum numbers of objects to be returned in every page result for user search

getCheckpointFromVMM

protected java.util.HashMap getCheckpointFromVMM()
                                          throws VMMSyncException

If change polling is supported, get the current checkpoint from VMM. We can use this a) to test if a sync is needed, and also b) to save for the next sync when this is the first (full) sync.

Throws:

VMMSyncException

See Also:

VMMSynchronizerSettings.getChangePolling(), VMMSynchronizer.newCheckPoint, VMMSyncParameters.checkpointObjectToMap(commonj.sdo.DataObject)

getCheckpointFromSearchResults

protected java.util.HashMap getCheckpointFromSearchResults(commonj.sdo.DataObject returnDO)
                                                    throws VMMSyncException

If change polling is supported and this is a partial sync, then get the current checkpoint from the search results, for use in the next sync. Save in newCheckPoint.

Throws:

VMMSyncException

See Also:

VMMSyncParameters.checkpointObjectToMap(commonj.sdo.DataObject)

syncVMMUsers

protected void syncVMMUsers()
                     throws VMMSyncException

Performs VMM query against the VMM server and retrieves the results page by page and processes each page result. For each object that's obtained in the result, a notification event will be fired to the listener to synchronize the changes to MAXIMO database tables. This method also retrieves all the users of each group object processed in the search result.

Throws:

VMMSyncException

See Also:

VMMSyncParameters.checkpointMapToObject(java.util.HashMap, commonj.sdo.DataObject, boolean), DefaultVMMSyncAdapter.syncUser(psdi.security.vmm.VMMSyncEvent), VMMSynchronizer.commitUserChanges()

commitUserChanges

protected void commitUserChanges(int objectsProcessed)
                          throws VMMSyncException

Perform a database commit operation based on the number of user objects processed. The default strategy is to commit every page of result processed. The concrete implementations can override this default strategy.

Parameters:

objectsProcessed - number of user objects processed.

Throws:

VMMSyncException - if fails to commit the changes.

commitUserChanges

protected void commitUserChanges()
                          throws VMMSyncException

Perform a database commit operation and logs a message.

Throws:

VMMSyncException - if fails to commit the changes.

commitGroupChanges

protected void commitGroupChanges(int objectsProcessed)
                           throws VMMSyncException

Perform a database commit operation based on the number of group objects processed. The default strategy is to commit every page of result processed. The concrete implementations can override this default strategy.

Parameters:

objectsProcessed - number of group objects processed.

Throws:

VMMSyncException - if fails to commit the changes.

commitGroupChanges

protected void commitGroupChanges()
                           throws VMMSyncException

Perform a database commit operation and logs a message.

Throws:

VMMSyncException - if fails to commit the changes.

getGroupMembersAttribute

protected java.lang.String getGroupMembersAttribute()

Returns the attribute name of group member

Returns:

getGroupMemberAsUserAttribute

protected java.lang.String getGroupMemberAsUserAttribute()

Returns the attribute name used for indentifying user of a group.

Returns:

the attribute name used for indentifying user of a group.

getGroupMemberAsGroupAttribute

protected java.lang.String getGroupMemberAsGroupAttribute()

Returns the attribute name used for indentifying group of a group.

Returns:

the attribute name used for indentifying group of a group.

getGroupSearchBase

protected java.lang.String getGroupSearchBase()

Returns the base distinguished name of the directory hirerarchy to be used for searching group objects.

Returns:

the base distinguished name for group searches

getGroupSearchFilter

protected java.lang.String getGroupSearchFilter()

Returns the search filter (VMM query) to be used for performing search for group objects. This method returns the search filter configured. The concrete synchronizer code should override and add additional criteria to be included, if needed.

Returns:

the search filter to be used to find groups

getGroupSearchControls

protected javax.naming.directory.SearchControls getGroupSearchControls()

Returns the search controls used for group searches.

Returns:

the search controls used for group searches.

getGroupAttributes

protected java.lang.String[] getGroupAttributes()

Returns list of attributes for which values need to be obtained from the directory server when performing group search. This method by default, returns all the configured attributes. The concrete implementations can override this method to include additional attributes, if neeed.

Returns:

a list of attributes to be included in the search.

getGroupSearchScope

protected int getGroupSearchScope()

Returns the sarch scope to be used for group searches. If invalid search scope is defined, returns SearchControls.SUBTREE_SCOPE

Returns:

the sarch scope to be used for group searches

syncVMMGroups

protected void syncVMMGroups()
                      throws VMMSyncException

Performs VMM query against the VMM server and retrieves the results page by page and processes each page result. For each object that's obtained in the result, a notification event will be fired to the listener to synchronize the changes to MAXIMO database tables. This method also retrieves all the users of each group object processed in the search result.

Throws:

LdapSyncException

VMMSyncException

See Also:

DefaultVMMSyncAdapter.syncGroup(psdi.security.vmm.VMMSyncEvent), VMMSynchronizer.syncGroupMembers(psdi.security.vmm.VMMSyncData, java.util.Set), VMMSynchronizer.commitGroupChanges()

retrieveAllGroupMembers

protected java.util.Set retrieveAllGroupMembers(java.lang.String groupDN)
                                         throws VMMSyncException

Retrieves all the group members of the given group distinguished name. If a group has another group as a member, then this method figures out the users of that nested group. The returned set includes complete list of all the user account names of the given group.

Throws:

VMMSyncException

getGroupDNAttributeName

protected java.lang.String getGroupDNAttributeName()

Returns the attribute used for identifying the distinguished name of a group object ("cn").

syncGroupMembers

protected void syncGroupMembers(VMMSyncData groupSyncData,
                                java.util.Set groupMembers)
                         throws VMMSyncException

Sends an event to the listener with the list of members of a group to synchronize the data to MAXIMO tables.

Parameters:

groupSyncData - data obtained from VMM server for the group

groupMembers - list of user account names

Throws:

LdapSyncException - if fails to synchronize members.

VMMSyncException

See Also:

DefaultVMMSyncAdapter.syncGroupMembers(psdi.security.vmm.VMMSyncEvent)

setVMMSyncListener

public void setVMMSyncListener(VMMSyncListener vmmSyncListener)

Sets the listener object that gets notification events during synchronization process.

Parameters:

vmmSyncListener - a listener object that need to receive synchronization events.

getVMMSyncListener

public VMMSyncListener getVMMSyncListener()

Returns the listener object that receives synchronization events.

Returns:

the listener object that receives synchronization events.

updateSyncParameters

protected void updateSyncParameters()

Called by the controller when the synchronization task is completed successfully, so that the new parameters are used for the next synchronization task.

See Also:

VMMSynchronizer.newCheckPoint, VMMSyncParameters.checkpointMapToString(java.util.HashMap)