Managing access lists
The access list methods create and manage access list entries from the Java™ API. Vendor-supplied applications can manage identities using these methods.
The following tasks can be completed using these API methods:
- Create and delete the access list entry
- You can create and delete the access list entry to maintain them automatically.
- Update the properties of the access list entry
- You can update the properties of the access list entry. The API can be used to change the password.
- Get the properties of the access list entry
- You can get the particular properties of the access list entry shown in Access List window of the Discovery Management Console. The API cannot be used to retrieve the password.
- Verify the property value of the access list entry
- You can verify whether the given property value matches the property value in the existing access list entry. This API can be used to verify the password of the access list entry.
Table 1 describes the access list methods you can use.
Note: Access list
entries registered in the discovery profile are not supported by the
API provided.
| Method | Description |
|---|---|
| deleteDiscoveryAccessEntry(String authClassName, String name) |
Delete the access entry with the specified class and name. |
| getAllDiscoveryAccessEntries() |
Get all the discovery access entries. |
| getDiscoveryAccessEntry (String authClassName, String name) |
Get the discovery access entry with the specified class and name. |
| updateDiscoveryAccessEntry(DiscoveryAccessEntry discoveryAccess) |
Update the properties of the access entry with the specified class and name. |
| verifyDiscoveryAccessEntry(DiscoveryAccessEntry discoveryAccess) |
Verify whether the given properties match the current properties of the access entry with the specified class and name. |
Example Java code
- The following example Java code shows how to create the connection, session, and API instance:
CMDBApi api; try { ApiConnection conn_ = ApiFactory.getInstance().getApiConnection("localhost", -1,null,false); ApiSession session_ = ApiFactory.getInstance().getSession(conn_, user, password, CMDB_DEFAULT); api = session_.createCMDBApi(); } catch (ApiException ex) { ex.printStackTrace(); } catch (Exception ex) { ex.printStackTrace(); } - The following example Java code shows how to programmatically create discovery access entries:
try { // WebSphere access entry DiscoveryAccessEntry entry = new DiscoveryAccessEntry (DiscoveryAccessEntry.AUTHCLASS_WEBSPHERE, "user3-websphere"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope3"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 3); entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "wasadmin"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); entry.setProperty(DiscoveryAccessEntry. PROPERTY_TRUSTSTOREFILECONTENTS, new byte[] { 0x10, 0x20, 0x30 }); entry.setProperty(DiscoveryAccessEntry.PROPERTY_TRUSTSTOREPASSPHRASE, "password"); entry = api.updateDiscoveryAccessEntry(entry); // SNMP access entry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_SNMP, "user4-snmp"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope4"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 4); entry.setProperty(DiscoveryAccessEntry.PROPERTY_COMMUNITYSTRING, "public"); entry = api.updateDiscoveryAccessEntry(entry); // SNMPv3 access entry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_SNMPV3, "user5-snmpv3"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope5"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 5); entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "snmp"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_AUTHPROTOCOL, "MD5"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PRIVPASSWORD, "privpassword"); entry = api.updateDiscoveryAccessEntry(entry); // Cisco access entry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_CISCO, "user6-cisco"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope6"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 6); entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "cisco"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); entry.setProperty("enablepassword", "enablepassword"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ENABLEPASSWORD, "enablepassword"); entry = api.updateDiscoveryAccessEntry(entry); // ccmsserver access entry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_ CCMSSERVER, "user7-sapccms"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope7"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 7); entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "ccms"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_CLIENTID, "clientid"); entry = api.updateDiscoveryAccessEntry(entry); // Computer system access entry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_HOST, "user1-host"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope1"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 1); entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "root"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); entry = api.updateDiscoveryAccessEntry(entry); // Windows computer system access entry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_ WINDOWSHOST, "user2-winhost"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope2"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 2); entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "Administrator"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); entry.setProperty(DiscoveryAccessEntry.PROPERTY_AUTHTYPE, "authType_default"); entry = api.updateDiscoveryAccessEntry(entry); } catch (ApiException ae) { System.err.println("api exception:" + ae); } catch (Exception ex) { System.err.println("exception:" + ex); } - The following example Java code shows how to get all discovery access entries:
try { DiscoveryAccessEntry entry; DiscoveryAccessEntry[] entries = api.getAllDiscoveryAccessEntries(); for (int i = 0; i < entries.length; i++) { entry = entries[i]; String authClassName = (String) entry.getAuthClassName(); Integer order = (Integer) entry.getProperty(DiscoveryAccessEntry. PROPERTY_ORDER); switch (order.intValue()) { case 1: // DiscoveryAccessEntry.AUTHCLASS_HOST.equals(authClassName)); break; case 2: // DiscoveryAccessEntry.AUTHCLASS_WINDOWSHOST.equals(authClassName)); break; case 3: // DiscoveryAccessEntry.AUTHCLASS_WEBSPHERE.equals(authClassName)); break; case 4: // DiscoveryAccessEntry.AUTHCLASS_SNMP.equals(authClassName)); break; case 5: // DiscoveryAccessEntry.AUTHCLASS_SNMPV3.equals(authClassName)); break; case 6: // DiscoveryAccessEntry.AUTHCLASS_CISCO.equals(authClassName)); break; case 7: // DiscoveryAccessEntry.AUTHCLASS_CCMSSERVER.equals(authClassName)); break; default: break; } } catch (ApiException ae) { System.err.println("api exception:" + ae); } catch (Exception ex) { System.err.println("exception:" + ex); } - The following example Java code shows how to get a specific discovery access entry:
try { DiscoveryAccessEntry entry = api.getDiscoveryAccessEntry (DiscoveryAccessEntry.AUTHCLASS_SNMP, "user4-snmp"); String authClassName = (String) entry.getAuthClassName(); String name = (String) entry.getName(); } catch (ApiException ae) { System.err.println("api exception:" + ae); } catch (Exception ex) { System.err.println("exception:" + ex); } - The following example Java code shows how to update a specific discovery access entry:
try { // Create an entry with the same name as an existing entry DiscoveryAccessEntry entry = new DiscoveryAccessEntry (DiscoveryAccessEntry.AUTHCLASS_HOST, "user1-host"); // Change the scope entry.setProperty(DiscoveryAccessEntry.PROPERTY_SCOPENAME, "scope1c"); // Change the order entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 2); // Change the username entry.setProperty(DiscoveryAccessEntry.PROPERTY_USERNAME, "rootc"); // Change the password entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "passwordc"); // Update the entry entry = api.updateDiscoveryAccessEntry(entry); } catch (ApiException ae) { System.err.println("api exception:" + ae); } catch (Exception ex) { System.err.println("exception:" + ex); } - The following example Java code shows how to verify a discovery access entry:
try { // Create an entry with the same name as the existing entry to verify DiscoveryAccessEntry entry = new DiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_HOST, "user1-host"); // Set the order property to the wrong number entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 1); // This result should be false boolean result = api.verifyDiscoveryAccessEntry(entry)); // Set the order property to the correct number entry.setProperty(DiscoveryAccessEntry.PROPERTY_ORDER, 2); // This result should be true result = api.verifyDiscoveryAccessEntry(entry)); // Set the password property to the wrong value entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "password"); // This result should be false result = api.verifyDiscoveryAccessEntry(entry)); // Set the password property to the correct value entry.setProperty(DiscoveryAccessEntry.PROPERTY_PASSWORD, "passwordc"); // This result should be true result = api.verifyDiscoveryAccessEntry(entry)); } catch (ApiException ae) { System.err.println("api exception:" + ae); } catch (Exception ex) { System.err.println("exception:" + ex); } - The following example Java code shows how to delete a discovery access entry:
try { api.deleteDiscoveryAccessEntry(DiscoveryAccessEntry.AUTHCLASS_HOST, "user1-host"); } catch (ApiException ae) { System.err.println("api exception:" + ae); } catch (Exception ex) { System.err.println("exception:" + ex); }