com.cafesoft.cams.service
Interface ActiveDirectoryGroupNameService

All Superinterfaces:

Debuggable, Lifecycle, LifecycleService, Service

public interface ActiveDirectoryGroupNameService

extends LifecycleService

ActiveDirectoryGroupNameService defines the interface that enables lookup of Active Directory group names via their unique object security identifier (sid).

NOTE:Every Windows group is assigned a unique SID. The Windows user attribute, "tokenGroups", dynamically returns the SIDs for all groups for which the user is a member (including the "primaryGroup" and nested groups, which are NOT returned by the "memberOf" attribute"). This service queries all group SIDs and names at startup to avoid an expensive search for each user during authentication. The list of group SIDs and group names should be cached.

Since:

9/20/05

Field Summary

Fields inherited from interface com.cafesoft.core.lifecycle.Lifecycle

START_EVENT, STOP_EVENT

Method Summary

String

getGroupNameBySid(String sid) Get an Active Directory group name by its SID.

Methods inherited from interface com.cafesoft.core.service.Service

destroy, getServiceConfig, initialize

Methods inherited from interface com.cafesoft.core.util.Debuggable

setDebug

Methods inherited from interface com.cafesoft.core.lifecycle.Lifecycle

addLifecycleListener, isStarted, removeLifecycleListener, start, stop

Method Detail

getGroupNameBySid

public String getGroupNameBySid(String sid)
                         throws ServiceException

Get an Active Directory group name by its SID.

Parameters:

sid - the group SID.

Returns:

the group name or null if a group was not found for the specified identifier.

ServiceException