Example 1 with ValidValues
use of com.sun.identity.policy.ValidValues in project OpenAM by OpenRock.
the class ReferralOpViewBeanBase method setPossibleValues.
private void setPossibleValues(CCSelect selectView) {
String filter = (String) propertySheetModel.getValue(FILTER);
String realmName = (String) getPageSessionAttribute(AMAdminConstants.CURRENT_REALM);
String referralType = (String) propertySheetModel.getValue(REFERRAL_TYPE);
PolicyModel model = (PolicyModel) getModel();
ValidValues validValues = model.getReferralPossibleValues(realmName, referralType, filter);
if (validValues != null) {
int errCode = validValues.getErrorCode();
if (errCode == ValidValues.SIZE_LIMIT_EXCEEDED) {
setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", "policy.referral.sizelimit.exceeded.message");
} else if (errCode == ValidValues.SIZE_LIMIT_EXCEEDED) {
setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", "policy.referral.timelimit.exceeded.message");
}
OptionList optList = createOptionList(validValues.getSearchResults());
selectView.setOptions(optList);
}
}
Also used :
ValidValues(com.sun.identity.policy.ValidValues)
PolicyModel(com.sun.identity.console.policy.model.PolicyModel)
OptionList(com.iplanet.jato.view.html.OptionList)
Example 2 with ValidValues
use of com.sun.identity.policy.ValidValues in project OpenAM by OpenRock.
the class PolicyModelImpl method getReferralPossibleValues.
/**
* Returns a set of possible values for a referral type.
*
* @param realmName Name of Realm.
* @param referralType Name of Referral Type.
* @param filter wildcards for filtering the results.
* @return a set of possible values for a referral type.
*/
public ValidValues getReferralPossibleValues(String realmName, String referralType, String filter) {
ValidValues values = null;
try {
PolicyManager policyMgr = getPolicyManager(realmName);
if (policyMgr != null) {
ReferralTypeManager referralTypeMgr = policyMgr.getReferralTypeManager();
Referral referral = referralTypeMgr.getReferral(referralType);
values = referral.getValidValues(getUserSSOToken(), filter);
}
} catch (AMConsoleException e) {
debug.warning("PolicyModelImpl.getReferralPossibleValues", e);
} catch (NameNotFoundException e) {
debug.warning("PolicyModelImpl.getReferralPossibleValues", e);
} catch (SSOException e) {
debug.warning("PolicyModelImpl.getReferralPossibleValues", e);
} catch (PolicyException e) {
debug.warning("PolicyModelImpl.getReferralPossibleValues", e);
}
return values;
}
Also used :
ReferralTypeManager(com.sun.identity.policy.ReferralTypeManager)
PolicyManager(com.sun.identity.policy.PolicyManager)
ValidValues(com.sun.identity.policy.ValidValues)
Referral(com.sun.identity.policy.interfaces.Referral)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 3 with ValidValues
use of com.sun.identity.policy.ValidValues in project OpenAM by OpenRock.
the class LDAPUsers method getValidEntries.
/**
* Returns a set of possible values that satisfy the <code>pattern</code>.
* The returned <code>ValidValues</code> object contains a set of
* map of user DN to a map of user's attribute name to a string array of
* attribute values.
*
* @param token Single Sign On token for fetching the possible values.
* @param pattern Search pattern of which possible values are matched to.
* @param attributeNames Array of attribute names to be to returned.
* @return a set of possible values that satify the <code>pattern</code>.
* @throws SSOException if <code>SSOToken</code> is invalid.
* @throws PolicyException if there are problems getting these values.
*/
public ValidValues getValidEntries(SSOToken token, String pattern, String[] attributeNames) throws SSOException, PolicyException {
if (!initialized) {
throw (new PolicyException(ResBundleUtils.rbName, "ldapusers_subject_not_yet_initialized", null, null));
}
Set<Map<String, Map<String, String[]>>> results = new HashSet<>();
String searchFilter = getSearchFilter(pattern);
int status = ValidValues.SUCCESS;
try (Connection ld = connPool.getConnection()) {
ConnectionEntryReader res = search(searchFilter, ld, attributeNames);
Map<String, Map<String, String[]>> map = new HashMap<>();
results.add(map);
while (res.hasNext()) {
try {
SearchResultEntry entry = res.readEntry();
if (entry != null) {
String userDN = entry.getName().toString();
map.put(userDN, getUserAttributeValues(entry, attributeNames));
}
} catch (SearchResultReferenceIOException lre) {
// ignore referrals
continue;
} catch (LdapException e) {
ResultCode resultCode = e.getResult().getResultCode();
if (resultCode.equals(ResultCode.SIZE_LIMIT_EXCEEDED)) {
debug.warning("LDAPUsers.getValidEntries(): exceeded the size limit");
status = ValidValues.SIZE_LIMIT_EXCEEDED;
} else if (resultCode.equals(ResultCode.TIME_LIMIT_EXCEEDED)) {
debug.warning("LDAPUsers.getValidEntries(): exceeded the time limit");
status = ValidValues.TIME_LIMIT_EXCEEDED;
} else {
throw new PolicyException(e);
}
}
}
} catch (LdapException e) {
throw handleResultException(e);
} catch (Exception e) {
throw new PolicyException(e);
}
return new ValidValues(status, results);
}
Also used :
HashMap(java.util.HashMap)
ValidValues(com.sun.identity.policy.ValidValues)
Connection(org.forgerock.opendj.ldap.Connection)
ByteString(org.forgerock.opendj.ldap.ByteString)
SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException)
LdapException(org.forgerock.opendj.ldap.LdapException)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
InvalidNameException(com.sun.identity.policy.InvalidNameException)
SSOException(com.iplanet.sso.SSOException)
SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException)
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
PolicyException(com.sun.identity.policy.PolicyException)
HashMap(java.util.HashMap)
Map(java.util.Map)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
HashSet(java.util.HashSet)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 4 with ValidValues
use of com.sun.identity.policy.ValidValues in project OpenAM by OpenRock.
the class Organization method getValidValues.
/**
* Returns a list of possible values for the <code>Organization
* </code> that satisfy the given <code>pattern</code>.
*
* @param token the <code>SSOToken</code> that will be used
* to determine the possible values
* @param pattern search pattern that will be used to narrow
* the list of valid names.
*
* @return <code>ValidValues</code>
*
* @exception SSOException if <code>SSOToken</code> is not valid
* @exception PolicyException if unable to get the list of valid
* names.
*/
public ValidValues getValidValues(SSOToken token, String pattern) throws SSOException, PolicyException {
if (!initialized) {
throw (new PolicyException(ResBundleUtils.rbName, "org_subject_not_yet_initialized", null, null));
}
String searchFilter = null;
if ((pattern != null) && !(pattern.trim().length() == 0)) {
searchFilter = "(&" + orgSearchFilter + "(" + orgRDNAttrName + "=" + pattern + "))";
} else {
searchFilter = orgSearchFilter;
}
if (debug.messageEnabled()) {
debug.message("Organization.getValidValues(): organization search filter is: " + searchFilter);
}
String[] attrs = { orgRDNAttrName };
Set<String> validOrgDNs = new HashSet<>();
int status = ValidValues.SUCCESS;
try {
SearchRequest request = LDAPRequests.newSearchRequest(baseDN, orgSearchScope, searchFilter, attrs);
try (Connection conn = connPool.getConnection()) {
// connect to the server to authenticate
ConnectionEntryReader reader = conn.search(request);
while (reader.hasNext()) {
if (reader.isReference()) {
//ignore
reader.readReference();
} else {
SearchResultEntry entry = reader.readEntry();
validOrgDNs.add(entry.getName().toString());
debug.message("Organization.getValidValues(): found org name = {}", entry.getName().toString());
}
}
}
} catch (LdapException le) {
ResultCode resultCode = le.getResult().getResultCode();
if (ResultCode.SIZE_LIMIT_EXCEEDED.equals(resultCode)) {
debug.warning("Organization.getValidValues(): exceeded the size limit");
status = ValidValues.SIZE_LIMIT_EXCEEDED;
} else if (ResultCode.TIME_LIMIT_EXCEEDED.equals(resultCode)) {
debug.warning("Organization.getValidValues(): exceeded the time limit");
status = ValidValues.TIME_LIMIT_EXCEEDED;
} else {
if (ResultCode.INVALID_CREDENTIALS.equals(resultCode)) {
throw new PolicyException(ResBundleUtils.rbName, "ldap_invalid_password", null, null);
} else if (ResultCode.NO_SUCH_OBJECT.equals(resultCode)) {
String[] objs = { baseDN };
throw new PolicyException(ResBundleUtils.rbName, "no_such_ldap_base_dn", objs, null);
}
String errorMsg = le.getMessage();
String additionalMsg = le.getResult().getDiagnosticMessage();
if (additionalMsg != null) {
throw new PolicyException(errorMsg + ": " + additionalMsg);
} else {
throw new PolicyException(errorMsg);
}
}
} catch (Exception e) {
throw new PolicyException(e);
}
if (debug.messageEnabled()) {
debug.message("Organization.getValidValues(): return set= {}", validOrgDNs.toString());
}
return new ValidValues(status, validOrgDNs);
}
Also used :
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
ValidValues(com.sun.identity.policy.ValidValues)
Connection(org.forgerock.opendj.ldap.Connection)
LdapException(org.forgerock.opendj.ldap.LdapException)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
InvalidNameException(com.sun.identity.policy.InvalidNameException)
SSOException(com.iplanet.sso.SSOException)
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
PolicyException(com.sun.identity.policy.PolicyException)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
HashSet(java.util.HashSet)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 5 with ValidValues
use of com.sun.identity.policy.ValidValues in project OpenAM by OpenRock.
the class LDAPGroups method getValidValues.
/**
* Returns a list of possible values for the <code>LDAPGroups
* </code> that satisfy the given <code>pattern</code>.
*
* @param token the <code>SSOToken</code> that will be used
* to determine the possible values
* @param pattern search pattern that will be used to narrow
* the list of valid names.
*
* @return <code>ValidValues</code> object
*
* @exception SSOException if <code>SSOToken</code> is not valid
* @exception PolicyException if unable to get the list of valid
* names.
*/
public ValidValues getValidValues(SSOToken token, String pattern) throws SSOException, PolicyException {
if (!initialized) {
throw new PolicyException(ResBundleUtils.rbName, "ldapgroups_subject_not_yet_initialized", null, null);
}
Set<String> validGroupDNs = new HashSet<>();
String searchFilter;
if (pattern != null && !pattern.trim().isEmpty()) {
searchFilter = "(&" + groupSearchFilter + "(" + groupRDNAttrName + "=" + pattern + "))";
} else {
searchFilter = groupSearchFilter;
}
debug.message("LDAPGroups.getValidValues(): group search filter is: {}", searchFilter);
String[] attrs = { groupRDNAttrName };
Connection ld = null;
int status = ValidValues.SUCCESS;
try (Connection conn = connPool.getConnection()) {
SearchRequest searchRequest = LDAPRequests.newSearchRequest(baseDN, groupSearchScope, searchFilter, attrs);
ConnectionEntryReader reader = conn.search(searchRequest);
while (reader.hasNext()) {
if (reader.isReference()) {
//Ignore
reader.readReference();
} else {
SearchResultEntry entry = reader.readEntry();
if (entry != null) {
validGroupDNs.add(entry.getName().toString());
debug.message("LDAPGroups.getValidValues(): found group name={}", entry.getName().toString());
}
}
}
} catch (LdapException lde) {
ResultCode resultCode = lde.getResult().getResultCode();
if (ResultCode.SIZE_LIMIT_EXCEEDED.equals(resultCode)) {
debug.warning("LDAPGroups.getValidValues(): exceeded the size limit");
return new ValidValues(ValidValues.SIZE_LIMIT_EXCEEDED, validGroupDNs);
} else if (ResultCode.TIME_LIMIT_EXCEEDED.equals(resultCode)) {
debug.warning("LDAPGroups.getValidValues(): exceeded the time limit");
return new ValidValues(ValidValues.TIME_LIMIT_EXCEEDED, validGroupDNs);
} else if (ResultCode.INVALID_CREDENTIALS.equals(resultCode)) {
throw new PolicyException(ResBundleUtils.rbName, "ldap_invalid_password", null, null);
} else if (ResultCode.NO_SUCH_OBJECT.equals(resultCode)) {
String[] objs = { baseDN };
throw new PolicyException(ResBundleUtils.rbName, "no_such_ldap_base_dn", objs, null);
}
String errorMsg = lde.getMessage();
String additionalMsg = lde.getResult().getDiagnosticMessage();
if (additionalMsg != null) {
throw new PolicyException(errorMsg + ": " + additionalMsg);
} else {
throw new PolicyException(errorMsg);
}
} catch (Exception e) {
throw new PolicyException(e);
}
return new ValidValues(status, validGroupDNs);
}
Also used :
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
ValidValues(com.sun.identity.policy.ValidValues)
Connection(org.forgerock.opendj.ldap.Connection)
ByteString(org.forgerock.opendj.ldap.ByteString)
LdapException(org.forgerock.opendj.ldap.LdapException)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
InvalidNameException(com.sun.identity.policy.InvalidNameException)
SSOException(com.iplanet.sso.SSOException)
LocalizedIllegalArgumentException(org.forgerock.i18n.LocalizedIllegalArgumentException)
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
PolicyException(com.sun.identity.policy.PolicyException)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
HashSet(java.util.HashSet)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Aggregations
ValidValues (com.sun.identity.policy.ValidValues)13
PolicyException (com.sun.identity.policy.PolicyException)11
HashSet (java.util.HashSet)8
SSOException (com.iplanet.sso.SSOException)6
NameNotFoundException (com.sun.identity.policy.NameNotFoundException)6
LdapException (org.forgerock.opendj.ldap.LdapException)6
ResultCode (org.forgerock.opendj.ldap.ResultCode)6
Connection (org.forgerock.opendj.ldap.Connection)5
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)5
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)5
InvalidNameException (com.sun.identity.policy.InvalidNameException)4
Set (java.util.Set)4
ByteString (org.forgerock.opendj.ldap.ByteString)4
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)3
SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)3
PolicyModel (com.sun.identity.console.policy.model.PolicyModel)2
PolicyManager (com.sun.identity.policy.PolicyManager)2
OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)2
SMSException (com.sun.identity.sm.SMSException)2
Iterator (java.util.Iterator)2
