Examples with EntitlementException com.sun.identity.entitlement.EntitlementException used on opensource projects

Search in sources :

Example 1 with EntitlementException

use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.

the class UpdateApplicationPrivilege method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String name = getStringOptionValue(PARAM_NAME);
    String[] params = { realm, name };
    String description = getStringOptionValue(PARAM_DESCRIPTION);
    boolean hasDescription = (description != null) && description.trim().length() > 0;
    String actions = getStringOptionValue(PARAM_ACTIONS);
    ApplicationPrivilege.PossibleAction action = (actions != null) ? getActions() : null;
    if (!hasDescription && (action == null)) {
        throw new CLIException(getResourceString("update-application-privilege-invalid"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    Subject userSubject = SubjectUtils.createSubject(getAdminSSOToken());
    ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance(realm, userSubject);
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_UPDATE_APPLICATION_PRIVILEGE", params);
    try {
        ApplicationPrivilege appPrivilege = apm.getPrivilege(name);
        if (hasDescription) {
            appPrivilege.setDescription(description);
        }
        if (action != null) {
            appPrivilege.setActionValues(action);
        }
        apm.replacePrivilege(appPrivilege);
        Object[] msgParam = { name };
        getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("update-application-privilege-succeeded"), msgParam));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_UPDATE_APPLICATION_PRIVILEGE", params);
    } catch (EntitlementException ex) {
        String[] paramExs = { realm, name, ex.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_UPDATE_APPLICATION_PRIVILEGE", paramExs);
        throw new CLIException(ex, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege) CLIException(com.sun.identity.cli.CLIException) ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager) Subject(javax.security.auth.Subject)

Example 2 with EntitlementException

use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.

the class RemoveApplicationPrivilegeSubjects method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String name = getStringOptionValue(PARAM_NAME);
    String[] params = { realm, name };
    Set<SubjectImplementation> newSubjects = getSubjects(rc);
    Subject userSubject = SubjectUtils.createSubject(getAdminSSOToken());
    ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance(realm, userSubject);
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_UPDATE_APPLICATION_PRIVILEGE", params);
    try {
        ApplicationPrivilege appPrivilege = apm.getPrivilege(name);
        Set<SubjectImplementation> origSubjects = appPrivilege.getSubjects();
        origSubjects.removeAll(newSubjects);
        if (origSubjects.isEmpty()) {
            throw new CLIException(getResourceString("remove-application-privilege-subjects-emptied-subjects"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        appPrivilege.setSubject(origSubjects);
        apm.replacePrivilege(appPrivilege);
        Object[] msgParam = { name };
        getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("update-application-privilege-succeeded"), msgParam));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_UPDATE_APPLICATION_PRIVILEGE", params);
    } catch (EntitlementException ex) {
        String[] paramExs = { realm, name, ex.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_UPDATE_APPLICATION_PRIVILEGE", paramExs);
        throw new CLIException(ex, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege) CLIException(com.sun.identity.cli.CLIException) SubjectImplementation(com.sun.identity.entitlement.SubjectImplementation) ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager) Subject(javax.security.auth.Subject)

Example 3 with EntitlementException

use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.

the class SetApplication method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String appName = getStringOptionValue(PARAM_APPL_NAME);
    String datafile = getStringOptionValue(IArgument.DATA_FILE);
    List attrValues = rc.getOption(IArgument.ATTRIBUTE_VALUES);
    if ((datafile == null) && (attrValues == null)) {
        throw new CLIException(getResourceString("missing-attributevalues"), ExitCodes.INCORRECT_OPTION, rc.getSubCommand().getName());
    }
    Map<String, Set<String>> attributeValues = AttributeValues.parse(getCommandManager(), datafile, attrValues);
    String[] params = { realm, appName };
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_SET_APPLICATION", params);
    Subject adminSubject = getAdminSubject();
    try {
        Application appl = ApplicationManager.getApplication(adminSubject, realm, appName);
        Object[] param = { appName };
        if (appl == null) {
            throw new CLIException(MessageFormat.format(getResourceString("set-application-not-found"), param), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        setApplicationAttributes(appl, attributeValues, false);
        ApplicationManager.saveApplication(getAdminSubject(), realm, appl);
        getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("set-application-modified"), param));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_SET_APPLICATION", params);
    } catch (EntitlementException e) {
        String[] paramExs = { realm, appName, e.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_SET_APPLICATION", paramExs);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (CLIException e) {
        String[] paramExs = { realm, appName, e.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_SET_APPLICATION", paramExs);
        throw e;
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) Set(java.util.Set) CLIException(com.sun.identity.cli.CLIException) List(java.util.List) Application(com.sun.identity.entitlement.Application) Subject(javax.security.auth.Subject)

Example 4 with EntitlementException

use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.

the class ListXACML method getPolicies.

/**
     * Uses the Realm and Search Filters to identify all Privileges in the Entitlement
     * framework to export.
     *
     * @throws CLIException If there was an unexpected error.
     */
private void getPolicies() throws CLIException {
    FileOutputStream fout = null;
    PrintWriter pwout = null;
    if (outfile != null) {
        try {
            fout = new FileOutputStream(outfile, true);
            pwout = new PrintWriter(fout, true);
        } catch (FileNotFoundException e) {
            debugError("ListXACML.handleXACMLPolicyRequest", e);
            try {
                if (fout != null) {
                    fout.close();
                }
            } catch (IOException ex) {
            //do nothing
            }
            throw new CLIException(e, ExitCodes.IO_EXCEPTION);
        } catch (SecurityException e) {
            debugError("ListXACML.handleXACMLPolicyRequest", e);
            try {
                if (fout != null) {
                    fout.close();
                }
            } catch (IOException ex) {
            //do nothing
            }
            throw new CLIException(e, ExitCodes.IO_EXCEPTION);
        }
    }
    PolicySet policySet = null;
    try {
        PrivilegeValidator privilegeValidator = new PrivilegeValidator(new RealmValidator(new OrganizationConfigManager(adminSSOToken, "/")));
        XACMLExportImport importExport = new XACMLExportImport(new XACMLExportImport.PrivilegeManagerFactory(), new XACMLReaderWriter(), privilegeValidator, new SearchFilterFactory(), PrivilegeManager.debug);
        policySet = importExport.exportXACML(realm, adminSubject, filters);
    } catch (EntitlementException e) {
        String[] args = { realm, e.getMessage() };
        debugError("ListXACML.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SMSException e) {
        String[] args = { realm, e.getMessage() };
        debugError("ListXACML.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    if (policySet == null || policySet.getPolicySetOrPolicyOrPolicySetIdReference().isEmpty()) {
        String[] arg = { realm };
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-no-policies"), (Object[]) arg));
    } else {
        try {
            if (pwout != null) {
                pwout.write(XACMLPrivilegeUtils.toXML(policySet));
            } else {
                outputWriter.printlnMessage(XACMLPrivilegeUtils.toXML(policySet));
            }
        } catch (EntitlementException e) {
            throw new CLIException(e, ExitCodes.IO_EXCEPTION);
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_POLICY_IN_REALM", new String[] { realm });
        String[] arg = { realm };
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-succeed"), (Object[]) arg));
        if (pwout != null) {
            try {
                pwout.close();
                fout.close();
            } catch (IOException e) {
            //do nothing
            }
        }
    }
}
Also used : SearchFilterFactory(com.sun.identity.entitlement.xacml3.SearchFilterFactory) SMSException(com.sun.identity.sm.SMSException) FileNotFoundException(java.io.FileNotFoundException) XACMLExportImport(com.sun.identity.entitlement.xacml3.XACMLExportImport) IOException(java.io.IOException) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) PrivilegeValidator(com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator) EntitlementException(com.sun.identity.entitlement.EntitlementException) FileOutputStream(java.io.FileOutputStream) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) CLIException(com.sun.identity.cli.CLIException) RealmValidator(com.sun.identity.entitlement.xacml3.validation.RealmValidator) XACMLReaderWriter(com.sun.identity.entitlement.xacml3.XACMLReaderWriter) PrintWriter(java.io.PrintWriter)

Example 5 with EntitlementException

use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.

the class RemoveApplicationPrivilegeResources method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String name = getStringOptionValue(PARAM_NAME);
    String[] params = { realm, name };
    try {
        Map<String, Set<String>> mapAppToResources = getApplicationResourcesMap(rc, realm);
        Subject userSubject = SubjectUtils.createSubject(getAdminSSOToken());
        ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance(realm, userSubject);
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_UPDATE_APPLICATION_PRIVILEGE", params);
        ApplicationPrivilege appPrivilege = apm.getPrivilege(name);
        Map<String, Set<String>> origAppToResources = getApplicationToResources(appPrivilege);
        removeFromMap(origAppToResources, mapAppToResources);
        if (origAppToResources.isEmpty()) {
            throw new CLIException(getResourceString("remove-application-privilege-resources-emptied-resources"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        appPrivilege.setApplicationResources(origAppToResources);
        apm.replacePrivilege(appPrivilege);
        Object[] msgParam = { name };
        getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("update-application-privilege-succeeded"), msgParam));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_UPDATE_APPLICATION_PRIVILEGE", params);
    } catch (EntitlementException ex) {
        String[] paramExs = { realm, name, ex.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_UPDATE_APPLICATION_PRIVILEGE", paramExs);
        throw new CLIException(ex, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) Set(java.util.Set) ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege) CLIException(com.sun.identity.cli.CLIException) ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager) Subject(javax.security.auth.Subject)

Aggregations

EntitlementException (com.sun.identity.entitlement.EntitlementException)221 Subject (javax.security.auth.Subject)68 HashSet (java.util.HashSet)58 SSOException (com.iplanet.sso.SSOException)51 Set (java.util.Set)50 SSOToken (com.iplanet.sso.SSOToken)47 SMSException (com.sun.identity.sm.SMSException)45 Application (com.sun.identity.entitlement.Application)37 Test (org.testng.annotations.Test)37 HashMap (java.util.HashMap)34 ResourceException (org.forgerock.json.resource.ResourceException)33 ResourceResponse (org.forgerock.json.resource.ResourceResponse)32 Privilege (com.sun.identity.entitlement.Privilege)22 JsonValue (org.forgerock.json.JsonValue)19 JSONException (org.json.JSONException)19 CLIException (com.sun.identity.cli.CLIException)18 ApplicationPrivilegeManager (com.sun.identity.entitlement.ApplicationPrivilegeManager)17 ServiceConfig (com.sun.identity.sm.ServiceConfig)17 ResourceType (org.forgerock.openam.entitlement.ResourceType)17 PolicyException (com.sun.identity.policy.PolicyException)16
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial