Search in sources :

Example 51 with AMException

use of com.iplanet.am.sdk.AMException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createUser.

/**
     * Method to create a user entry
     */
private void createUser(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    // Invoke the Pre Processing plugin
    String entryDN = getNamingAttribute(AMObject.USER) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.USER), profileName);
    // Invoke the user password validation plugin
    UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
    try {
        pluginImpl.validate(CommonUtils.attrSetToMap(attrSet));
    } catch (AMException ame) {
        debug.error("DirectoryServicesImpl.createUser(): Invalid " + "characters for user", ame);
        throw ame;
    }
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicUser", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    // User user = new User(creationTemp, attrSet);
    PersistentObject user = new PersistentObject(creationTemp, attrSet);
    try {
        parentObj.addChild(user);
    } catch (AccessRightsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createUser(): Insufficient " + "Access rights to create user", e);
        }
        throw new AMException(token, "460");
    } catch (EntryAlreadyExistsException ee) {
        if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
            // COMPLIANCE
            // If the existing entry is marked for deletion, then
            // the error message should be different.
            complianceImpl.checkIfDeletedUser(token, user.getDN());
        }
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createUser() User " + "already exists: ", ee);
        }
        throw new AMEntryExistsException(token, "328", ee);
    } catch (UMSException ue) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createUser(): Internal " + "Error occurred. Unable to create User Entry", ue);
        }
        processInternalException(token, ue, "324");
    }
    // Invoke Post processing impls
    callBackHelper.postProcess(token, user.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
    // TODO: REMOVE after Portal moves to new API's
    AMUserEntryProcessed postPlugin = getUserPostPlugin();
    if (postPlugin != null) {
        Map attrMap = CommonUtils.attrSetToMap(attrSet);
        postPlugin.processUserAdd(token, user.getDN(), attrMap);
    }
    EmailNotificationHelper mailerObj = new EmailNotificationHelper(user.getDN());
    mailerObj.setUserCreateNotificationList();
    mailerObj.sendUserCreateNotification(attributes);
}
Also used : AccessRightsException(com.iplanet.ums.AccessRightsException) UMSException(com.iplanet.ums.UMSException) AMException(com.iplanet.am.sdk.AMException) PersistentObject(com.iplanet.ums.PersistentObject) Guid(com.iplanet.ums.Guid) EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException) AttrSet(com.iplanet.services.ldap.AttrSet) AMEntryExistsException(com.iplanet.am.sdk.AMEntryExistsException) CreationTemplate(com.iplanet.ums.CreationTemplate) TemplateManager(com.iplanet.ums.TemplateManager) AMUserEntryProcessed(com.iplanet.am.sdk.AMUserEntryProcessed) Map(java.util.Map) AMHashMap(com.iplanet.am.sdk.AMHashMap) HashMap(java.util.HashMap) TreeMap(java.util.TreeMap)

Example 52 with AMException

use of com.iplanet.am.sdk.AMException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createEntity.

/**
     * Method to create a user entry
     */
private void createEntity(SSOToken token, PersistentObject parentObj, int objectType, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    // Invoke the Pre Processing plugin
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(objectType), profileName);
    String ctName = getCreationTemplateName(objectType);
    if (ctName == null) {
        // Create a user if no CT defined.
        ctName = "BasicUser";
    }
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate(ctName, new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    PersistentObject user = new PersistentObject(creationTemp, attrSet);
    try {
        parentObj.addChild(user);
    } catch (AccessRightsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createEntity():" + " Insufficient Access rights to create entity", e);
        }
        throw new AMException(token, "460");
    } catch (EntryAlreadyExistsException ee) {
        if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
            // COMPLIANCE
            // If the existing entry is marked for deletion, then
            // the error message should be different.
            complianceImpl.checkIfDeletedUser(token, user.getDN());
        }
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createEntity() Entity " + "already exists: ", ee);
        }
        throw new AMEntryExistsException(token, "462", ee);
    } catch (UMSException ue) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createEntity(): Internal " + "Error occurred. Unable to create User Entry", ue);
        }
        processInternalException(token, ue, "324");
    }
}
Also used : CreationTemplate(com.iplanet.ums.CreationTemplate) AccessRightsException(com.iplanet.ums.AccessRightsException) UMSException(com.iplanet.ums.UMSException) TemplateManager(com.iplanet.ums.TemplateManager) PersistentObject(com.iplanet.ums.PersistentObject) AMException(com.iplanet.am.sdk.AMException) Guid(com.iplanet.ums.Guid) EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException) AttrSet(com.iplanet.services.ldap.AttrSet) AMEntryExistsException(com.iplanet.am.sdk.AMEntryExistsException)

Example 53 with AMException

use of com.iplanet.am.sdk.AMException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method registerService.

/**
     * Register a service for an org or org unit policy to a profile
     * 
     * @param token
     *            token
     * @param orgDN
     *            DN of the org
     * @param serviceName
     *            Service Name
     */
public void registerService(SSOToken token, String orgDN, String serviceName) throws AMException, SSOException {
    try {
        // This returns a valid set only if the service has
        // Dynamic attributes
        Set attrNames = getServiceAttributesWithQualifier(token, serviceName);
        if ((attrNames != null) && !attrNames.isEmpty()) {
            PersistentObject po = UMSObject.getObjectHandle(token, new Guid(orgDN));
            DirectCOSDefinition dcos = createCOSDefinition(serviceName, attrNames);
            COSManager cm = COSManager.getCOSManager(token, po.getGuid());
            cm.addDefinition(dcos);
        }
    } catch (AccessRightsException e) {
        debug.error("DirectoryServicesImpl.registerService() " + "Insufficient access rights to register service: " + serviceName, e);
        throw new AMException(token, "460");
    } catch (EntryAlreadyExistsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.registerService() " + "Service " + serviceName + " already registered", e);
        }
        Object[] args = { serviceName };
        String locale = CommonUtils.getUserLocale(token);
        throw new AMException(AMSDKBundle.getString("464", args, locale), "464", args);
    } catch (SMSException e) {
        debug.error("DirectoryServicesImpl.registerService() Unable to " + "register service: " + serviceName, e);
        throw new AMException(token, "914");
    } catch (UMSException e) {
        debug.error("DirectoryServicesImpl.registerService() Unable to " + "register service: " + serviceName, e);
        throw new AMException(token, "914", e);
    }
}
Also used : DirectCOSDefinition(com.iplanet.ums.cos.DirectCOSDefinition) AccessRightsException(com.iplanet.ums.AccessRightsException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) TreeSet(java.util.TreeSet) HashSet(java.util.HashSet) AttrSet(com.iplanet.services.ldap.AttrSet) UMSException(com.iplanet.ums.UMSException) SMSException(com.sun.identity.sm.SMSException) PersistentObject(com.iplanet.ums.PersistentObject) AMException(com.iplanet.am.sdk.AMException) Guid(com.iplanet.ums.Guid) COSManager(com.iplanet.ums.cos.COSManager) EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException)

Example 54 with AMException

use of com.iplanet.am.sdk.AMException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method generateMemberShipException.

private AMException generateMemberShipException(SSOToken token, String target, int objectType, EntryNotFoundException e) {
    DN errorDN = getExceptionDN(e);
    DN targetDN = DN.valueOf(target);
    if (errorDN == null) {
        debug.error("DirectoryServicesImpl.modMemberShip", e);
        Object[] args = { target };
        String locale = CommonUtils.getUserLocale(token);
        return new AMException(AMSDKBundle.getString("461", args, locale), "461", args);
    }
    String entryName = LDAPUtils.rdnValueFromDn(errorDN);
    String errorCode = null;
    if (errorDN.equals(targetDN)) {
        switch(objectType) {
            case AMObject.ROLE:
            case AMObject.MANAGED_ROLE:
                errorCode = "465";
                break;
            case AMObject.GROUP:
            case AMObject.STATIC_GROUP:
            case AMObject.ASSIGNABLE_DYNAMIC_GROUP:
                errorCode = "466";
                break;
        }
    } else {
        errorCode = "468";
    }
    debug.error("DirectoryServicesImpl.modMemberShip() - Entry not found " + target, e);
    Object[] args = { entryName };
    return new AMException(AMSDKBundle.getString(errorCode, args), errorCode, args);
}
Also used : AMException(com.iplanet.am.sdk.AMException) RDN(org.forgerock.opendj.ldap.RDN) DN(org.forgerock.opendj.ldap.DN) AMObject(com.iplanet.am.sdk.AMObject) UMSObject(com.iplanet.ums.UMSObject) PersistentObject(com.iplanet.ums.PersistentObject)

Example 55 with AMException

use of com.iplanet.am.sdk.AMException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndDeleteObject.

/**
     * Method which checks if the entry corresponding to DN represents a user
     * entry. If so, it sets the inetuserstatus attribute of the user to
     * deleted. Otherwise, it simply deletes the entry corresponding to the DN
     * 
     * @param token
     *            a SSOToken object
     * @param profileDN
     *            a String representing a DN
     * 
     * @exception AMException
     *                if an error is encountered while setting the
     *                intetuserstatus attribute or if an error was encountered
     *                while performing a delete.
     */
public void verifyAndDeleteObject(SSOToken token, String profileDN) throws AMException {
    try {
        EmailNotificationHelper mailer = null;
        Map attributes = null;
        Guid guid = new Guid(profileDN);
        PersistentObject po = UMSObject.getObject(token, guid);
        if (po instanceof com.iplanet.ums.User) {
            Attr attr = new Attr(USER_STATUS_ATTRIBUTE, "deleted");
            if (debug.messageEnabled()) {
                debug.message("Compliance:verifyAndDeleteObject: " + "Soft-delete mode, setting inetuserstatus " + "to deleted. " + "profileDN=" + profileDN);
            }
            po.modify(attr, ModificationType.REPLACE);
            po.save();
            mailer = new EmailNotificationHelper(profileDN);
            if (mailer != null) {
                mailer.setUserDeleteNotificationList();
                attributes = DirectoryServicesFactory.getInstance().getAttributes(token, profileDN, AMObject.USER);
                if (mailer.isPresentUserDeleteNotificationList()) {
                    mailer.sendUserDeleteNotification(attributes);
                }
            }
            return;
        }
        if (po instanceof com.iplanet.ums.Resource) {
            Attr attr = new Attr(RESOURCE_STATUS_ATTRIBUTE, "deleted");
            if (debug.messageEnabled()) {
                debug.message("Compliance:verifyAndDeleteObject: " + "Soft-delete mode, setting icsstatus " + "to deleted");
            }
            po.modify(attr, ModificationType.REPLACE);
            po.save();
            return;
        }
        if (po instanceof com.iplanet.ums.StaticGroup || po instanceof com.iplanet.ums.AssignableDynamicGroup || po instanceof com.iplanet.ums.DynamicGroup) {
            Attr attr = new Attr(GROUP_STATUS_ATTRIBUTE, "deleted");
            if (debug.messageEnabled()) {
                debug.message("Compliance:verifyAndDeleteObject: " + "Soft-delete mode, setting inetgroupstatus " + "to deleted");
            }
            po.modify(attr, ModificationType.REPLACE);
            po.save();
            return;
        }
        if (po instanceof com.iplanet.ums.Organization) {
            if (debug.messageEnabled()) {
                debug.message("Compliance:verifyAndDeleteObject: " + "Soft-delete mode, setting inetdomainstatus " + "to deleted");
            }
            Attr attr = new Attr(ORG_STATUS_ATTRIBUTE, "deleted");
            po.modify(attr, ModificationType.REPLACE);
            po.save();
            DCTreeServicesImpl dcTreeImpl = (DCTreeServicesImpl) DirectoryServicesFactory.getInstance().getDCTreeServicesImpl();
            if (dcTreeImpl.isRequired()) {
                dcTreeImpl.updateDomainStatus(token, profileDN, "deleted");
            }
        } else {
            UMSObject.removeObject(token, guid);
        }
    } catch (UMSException ue) {
        debug.error("Compliance.deleteObject(): ", ue);
        throw new AMException(AMSDKBundle.getString("773"), "773");
    } catch (SSOException se) {
        debug.error("Compliance.deleteObject(): ", se);
        throw new AMException(AMSDKBundle.getString("773"), "773");
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) PersistentObject(com.iplanet.ums.PersistentObject) AMException(com.iplanet.am.sdk.AMException) SSOException(com.iplanet.sso.SSOException) Guid(com.iplanet.ums.Guid) Attr(com.iplanet.services.ldap.Attr) HashMap(java.util.HashMap) Map(java.util.Map) AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)

Aggregations

AMException (com.iplanet.am.sdk.AMException)127 SSOException (com.iplanet.sso.SSOException)56 Set (java.util.Set)35 AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)34 Guid (com.iplanet.ums.Guid)33 UMSException (com.iplanet.ums.UMSException)33 Map (java.util.Map)33 AMEventManagerException (com.iplanet.am.sdk.AMEventManagerException)32 RemoteException (java.rmi.RemoteException)31 AttrSet (com.iplanet.services.ldap.AttrSet)28 HashSet (java.util.HashSet)28 HashMap (java.util.HashMap)26 Iterator (java.util.Iterator)22 PersistentObject (com.iplanet.ums.PersistentObject)20 SSOToken (com.iplanet.sso.SSOToken)14 EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)13 AMHashMap (com.iplanet.am.sdk.AMHashMap)12 AccessRightsException (com.iplanet.ums.AccessRightsException)12 SMSException (com.sun.identity.sm.SMSException)12 DN (org.forgerock.opendj.ldap.DN)12