Administering domains
A Verify Identity Access domain consists of all the physical resources that require protection along with the associated security policy used to protect those resources.
The initial domain is the management domain and is created when the Policy Server is configured. Multiple domains can exist simultaneously within a Verify Identity Access environment.
Data is securely partitioned between domains. A user or process must authenticate to a specific domain to access data contained within it.
Each Verify Identity Access environment contains a single management domain. A user must be authenticated to the management domain to create, delete, list, or modify additional domains.
To specify the management domain in methods that take a domain argument, use the PDDomain.getMgmtDomainName method.
Each Java™ Runtime
Environment (JRE) can optionally be configured to use a specific domain.
This domain is called the local domain. To specify the local domain
in methods that take a domain argument, use the PDDomain.getLocalDomainName method.
If a JRE is not configured to use a specific domain, the local domain
defaults to the management domain.
The authorization API provides functions that can be used to manage domains.
The Java classes provide methods that can be used to manage domains.
For more information about the management of domains, see the IBM Verify Identity Access for Web: Administration Guide. Table 1 lists the methods for administering domains.
| FunctionsMethods | Description |
|---|---|
| ivadmin_domain_create() PDDomain.createDomain |
Creates new Verify Identity Access domain. |
| ivadmin_domain_delete() PDDomain.deleteDomain |
Deletes the specified Verify Identity Access domain. |
| ivadmin_domain_get() PDDomain constructor |
Gets the specified Verify Identity Access domain object. Instantiates the specified domain object. |
| ivadmin_domain_getdescription() PDDomain object.getDescription |
Gets the description for the specified Verify Identity Access domain. |
| ivadmin_domain_getid() PDDomain object.getId |
Gets the name of the specified Verify Identity Access domain. |
| ivadmin_domain_list() PDDomain.listDomains |
Lists the names of all the Verify Identity Access domains, except for the management domain. |
| PDDomain.getLocalDomainName | Gets the name of the local domain. |
| PDDomain.getMgmtDomainName | Gets the name of the management domain. |
| ivadmin_domain_setdescription() PDDomain.setDescription |
Changes the description for the specified Verify Identity Access domain. |
For detailed reference information about these methods, see the Javadoc HTML documentation.