Search in sources :

Example 16 with IdRepoUnsupportedOpException

use of com.sun.identity.idm.IdRepoUnsupportedOpException in project OpenAM by OpenRock.

the class FilesRepo method assignService.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#assignService(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String, java.lang.String,
     *      com.sun.identity.sm.SchemaType, java.util.Map)
     */
public void assignService(SSOToken token, IdType type, String name, String serviceName, SchemaType stype, Map attrMap) throws IdRepoException, SSOException {
    if (debug.messageEnabled()) {
        debug.message("Assign service called for: " + type.getName() + ":" + name + "\n\t" + serviceName + "=" + attrMap + "\n\tSchema=" + stype);
    }
    if (initializationException != null) {
        debug.error("FilesRepo: throwing initialization exception");
        throw (initializationException);
    }
    if (type.equals(IdType.USER) || type.equals(IdType.ROLE) || type.equals(IdType.REALM)) {
        // Update the objectclass and set attributes
        Set set = new HashSet();
        set.add(OC);
        Map attrs = getAttributes(token, type, name, set);
        Set objectclasses = (Set) attrs.get(OC);
        CaseInsensitiveHashMap sAttrs = new CaseInsensitiveHashMap();
        sAttrs.putAll(attrMap);
        Set serviceOcs = (Set) sAttrs.get(OC);
        if (objectclasses != null && !objectclasses.isEmpty() && serviceOcs != null) {
            // Update objectclasses
            serviceOcs.addAll(objectclasses);
        }
        setAttributes(token, type, name, attrMap, false);
    } else {
        Object[] args = { NAME, IdOperation.SERVICE.getName() };
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) Map(java.util.Map) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)

Example 17 with IdRepoUnsupportedOpException

use of com.sun.identity.idm.IdRepoUnsupportedOpException in project OpenAM by OpenRock.

the class FilesRepo method create.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#create(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String, java.util.Map)
     */
public String create(SSOToken token, IdType type, String name, Map attrMap) throws IdRepoException, SSOException {
    if (initializationException != null) {
        debug.error("FilesRepo: throwing initialization exception");
        throw (initializationException);
    }
    if (supportedOps.keySet().contains(type)) {
        // Check if identity exists
        File file = constructFile(directory, type, name);
        if (!file.exists()) {
            // If type is user, add the configured object classes
            CaseInsensitiveHashMap nAttrs = new CaseInsensitiveHashMap(attrMap);
            Set ocs = (Set) nAttrs.get(OC);
            if (ocs == null) {
                nAttrs.put(OC, userOCs);
            } else {
                CaseInsensitiveHashSet ocv = new CaseInsensitiveHashSet(ocs);
                ocv.addAll(userOCs);
            }
            // Create the identity
            attrMap = processAttributes(nAttrs, hashAttributes, encryptAttributes);
            writeFile(file, attrMap);
            // %%% Send notification (must be via a different thread)
            if (repoListener != null) {
                repoListener.objectChanged(name, type, AMEvent.OBJECT_ADDED, repoListener.getConfigMap());
            }
        } else {
            // throw exception
            throw IdRepoDuplicateObjectException.nameAlreadyExists(file.getAbsolutePath());
        }
    } else {
        Object[] args = { NAME, IdOperation.SERVICE.getName(), type.getName() };
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
    }
    return (name);
}
Also used : CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) Set(java.util.Set) File(java.io.File) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)

Example 18 with IdRepoUnsupportedOpException

use of com.sun.identity.idm.IdRepoUnsupportedOpException in project OpenAM by OpenRock.

the class FilesRepo method getMembers.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#getMembers(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String,
     *      com.sun.identity.idm.IdType)
     */
public Set getMembers(SSOToken token, IdType type, String name, IdType membersType) throws IdRepoException, SSOException {
    if (debug.messageEnabled()) {
        debug.message("FilesRepo.getMembers called" + type + ": " + name + ": " + membersType);
    }
    if (initializationException != null) {
        debug.error("FilesRepo.getMembers: throwing initialization exception");
        throw (initializationException);
    }
    // Memers can be returned for roles and groups
    if (!type.equals(IdType.ROLE) && !type.equals(IdType.GROUP)) {
        debug.message("FilesRepo.getMembers supported for roles and groups");
        throw new IdRepoException(IdRepoBundle.getString(IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED), IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED);
    }
    // Set to maintain the members
    Set results = new HashSet();
    // Process group members
    if (type.equals(IdType.GROUP)) {
        // Read the group files and return the membership attribute
        File file = constructFile(directory, type, name);
        Map attrs = decodeAttributes(readFile(file), encryptAttributes);
        Set members = (Set) attrs.get(groupMembersAttribute);
        // matches
        if (members != null && !members.isEmpty()) {
            String mtype = membersType.getName();
            int mtypeLen = mtype.length();
            for (Iterator items = members.iterator(); items.hasNext(); ) {
                String sname = (String) items.next();
                if (sname.startsWith(mtype)) {
                    results.add(sname.substring(mtypeLen));
                }
            }
        }
    } else if (type.equals(IdType.ROLE)) {
        // Get the list of all "membersType" and check if they belong
        // to the group
        Set returnAttrs = new HashSet();
        returnAttrs.add(roleMembershipAttribute);
        RepoSearchResults allUsers = search(token, membersType, "*", 0, 0, returnAttrs, false, IdRepo.OR_MOD, null, false);
        Map userAttributes = null;
        if ((allUsers != null) && ((userAttributes = allUsers.getResultAttributes()) != null)) {
            for (Iterator i = userAttributes.keySet().iterator(); i.hasNext(); ) {
                String sname = (String) i.next();
                Map attrs = (Map) userAttributes.get(sname);
                // Check if user belongs to the role
                Set roles = (Set) attrs.get(roleMembershipAttribute);
                if (roles != null && roles.contains(name)) {
                    results.add(sname);
                }
            }
        }
    } else {
        // throw unsupported operation exception
        Object[] args = { NAME, IdOperation.READ.getName(), type.getName() };
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
    }
    return (results);
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) Set(java.util.Set) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) RepoSearchResults(com.sun.identity.idm.RepoSearchResults) File(java.io.File) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) Map(java.util.Map) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 19 with IdRepoUnsupportedOpException

use of com.sun.identity.idm.IdRepoUnsupportedOpException in project OpenAM by OpenRock.

the class AgentsRepo method setAttributes.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#setAttributes(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String, java.util.Map,
     *      boolean)
     */
public void setAttributes(SSOToken token, IdType type, String name, Map attributes, boolean isAdd) throws IdRepoException, SSOException {
    if (debug.messageEnabled()) {
        debug.message("AgentsRepo.setAttributes() called: " + type + ": " + name);
    }
    if (initializationException != null) {
        debug.error("AgentsRepo.setAttributes: " + "Realm " + realmName + " does not exist.");
        throw (initializationException);
    }
    if (attributes == null || attributes.isEmpty()) {
        if (debug.messageEnabled()) {
            debug.message("AgentsRepo.setAttributes(): Attributes " + "are empty");
        }
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ILLEGAL_ARGUMENTS, null);
    }
    ServiceConfig aCfg = null;
    try {
        if (type.equals(IdType.AGENTONLY) || type.equals(IdType.AGENT)) {
            ServiceConfig orgConfig = getOrgConfig(token);
            aCfg = orgConfig.getSubConfig(name);
        } else if (type.equals(IdType.AGENTGROUP)) {
            ServiceConfig agentGroupConfig = getAgentGroupConfig(token);
            if (agentGroupConfig == null) {
                Object[] args = { NAME, IdOperation.READ.getName() };
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
            }
            aCfg = agentGroupConfig.getSubConfig(name);
        } else {
            Object[] args = { NAME, IdOperation.READ.getName() };
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
        }
        Set vals = (Set) attributes.get("userpassword");
        if (vals != null && !AgentConfiguration.AGENT_TYPE_OAUTH2.equals(aCfg.getSchemaID())) {
            Set hashedVals = new HashSet();
            Iterator it = vals.iterator();
            while (it.hasNext()) {
                String val = (String) it.next();
                if (!val.startsWith(hashAlgStr)) {
                    hashedVals.add(hashAlgStr + Hash.hash(val));
                    attributes.remove("userpassword");
                    attributes.put("userpassword", hashedVals);
                }
            }
        }
        if (aCfg != null) {
            aCfg.setAttributes(attributes);
        } else {
            // Agent not found, throw an exception
            Object[] args = { name, type.getName() };
            throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
        }
    } catch (SMSException smse) {
        debug.error("AgentsRepo.setAttributes(): Unable to set agent" + " attributes ", smse);
        Object[] args = { NAME, type.getName(), name };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) NotificationSet(com.iplanet.services.comm.share.NotificationSet) Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 20 with IdRepoUnsupportedOpException

use of com.sun.identity.idm.IdRepoUnsupportedOpException in project OpenAM by OpenRock.

the class AgentsRepo method getMembers.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#getMembers(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String,
     *      com.sun.identity.idm.IdType)
     */
public Set getMembers(SSOToken token, IdType type, String name, IdType membersType) throws IdRepoException, SSOException {
    /*
         * name would be the name of the agentgroup.
         * membersType would be the IdType of the agent to be retrieved.
         * type would be the IdType of the agentgroup.
         */
    if (debug.messageEnabled()) {
        debug.message("AgentsRepo.getMembers called" + type + ": " + name + ": " + membersType);
    }
    if (initializationException != null) {
        debug.error("AgentsRepo.getMembers: " + "Realm " + realmName + " does not exist.");
        throw (initializationException);
    }
    Set results = new HashSet();
    if (type.equals(IdType.USER) || type.equals(IdType.AGENT)) {
        debug.error("AgentsRepo.getMembers: Membership operation is " + "not supported for Users or Agents");
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED, null);
    }
    if (!membersType.equals(IdType.AGENTONLY) && !membersType.equals(IdType.AGENT)) {
        debug.error("AgentsRepo.getMembers: Cannot get member from a " + "non-agent type " + membersType.getName());
        Object[] args = { NAME };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIPS_FOR_NOT_USERS_NOT_ALLOWED, args);
    }
    if (type.equals(IdType.AGENTGROUP)) {
        try {
            // Search and get the serviceconfig of the agents and get the value of the attribute 'agentgroup' and
            // if the agent belongs to the agentgroup, add the agent/member to the result set.
            ServiceConfig orgConfig = getOrgConfig(token);
            for (String agent : orgConfig.getSubConfigNames()) {
                ServiceConfig agentConfig;
                agentConfig = orgConfig.getSubConfig(agent);
                if (agentConfig != null) {
                    String group = CollectionHelper.getMapAttr(agentConfig.getAttributes(), AGENT_GROUP);
                    if (name.equalsIgnoreCase(group)) {
                        results.add(agent);
                    }
                }
            }
        } catch (SMSException sme) {
            debug.error("AgentsRepo.getMembers: Caught " + "exception while getting agents" + " from groups", sme);
            Object[] args = { NAME, type.getName(), name };
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
        }
    } else {
        Object[] args = { NAME, IdOperation.READ.getName() };
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
    }
    return (results);
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) NotificationSet(com.iplanet.services.comm.share.NotificationSet) Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Aggregations

IdRepoUnsupportedOpException (com.sun.identity.idm.IdRepoUnsupportedOpException)43 HashSet (java.util.HashSet)37 Set (java.util.Set)36 IdRepoException (com.sun.identity.idm.IdRepoException)33 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)32 CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)26 HashMap (java.util.HashMap)24 Iterator (java.util.Iterator)24 Map (java.util.Map)24 IdRepoFatalException (com.sun.identity.idm.IdRepoFatalException)20 IdRepo (com.sun.identity.idm.IdRepo)18 OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)17 SMSException (com.sun.identity.sm.SMSException)12 AMHashMap (com.iplanet.am.sdk.AMHashMap)11 SSOException (com.iplanet.sso.SSOException)7 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)7 ServiceConfig (com.sun.identity.sm.ServiceConfig)6 ByteString (org.forgerock.opendj.ldap.ByteString)6 DelegationException (com.sun.identity.delegation.DelegationException)5 LinkedHashSet (java.util.LinkedHashSet)5