Search in sources :

Example 16 with AMStoreConnection

use of com.iplanet.am.sdk.AMStoreConnection in project OpenAM by OpenRock.

the class AMAuthConfigUtils method getAllAuthModules.

/**
     * Returns all supported authentication modules in an Organization
     * If there are not modules configured at the Organization level
     * then the authentication modules set at Global level will be returned.
     *
     * @param orgDN organization DN.
     * @param token single sign on token. 
     * @return Map contains all modules, key is the module name (e.g. LDAP),
     *         value is the complete class name (e.g.
     *         <code>com.sun.identity.authentication.modules.ldap.LDAP</code>)
     */
public static Map getAllAuthModules(String orgDN, SSOToken token) {
    Map modules = new HashMap();
    // get auth global attribute
    Set authenticators = null;
    try {
        AMStoreConnection dpStore = new AMStoreConnection(token);
        AMOrganization org = (AMOrganization) dpStore.getOrganization(orgDN);
        AMTemplate template = org.getTemplate(AUTH_SERVICE, AMTemplate.ORGANIZATION_TEMPLATE);
        Map attrs = template.getAttributes();
        authenticators = (Set) attrs.get(AUTH_MODULES_ATTR);
    } catch (Exception e) {
        debug.error("getAllAuthModules", e);
    }
    Set globalAuth = getGlobalAuthenticators(token);
    if ((authenticators != null) && (!authenticators.isEmpty())) {
        modules = constructModulesList(authenticators, globalAuth);
    } else {
        modules = constructModulesList(globalAuth, null);
    }
    if (debug.messageEnabled()) {
        debug.message("Returning modules : " + modules);
    }
    return modules;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) AMStoreConnection(com.iplanet.am.sdk.AMStoreConnection) HashMap(java.util.HashMap) AMOrganization(com.iplanet.am.sdk.AMOrganization) AMTemplate(com.iplanet.am.sdk.AMTemplate) HashMap(java.util.HashMap) Map(java.util.Map) SMSException(com.sun.identity.sm.SMSException) SSOException(com.iplanet.sso.SSOException)

Example 17 with AMStoreConnection

use of com.iplanet.am.sdk.AMStoreConnection in project OpenAM by OpenRock.

the class IdUtils method getOrganization.

/**
     * Returns an organization which maps to the identifier used by application
     * 
     * @param orgIdentifier  Organization identifier
     * @return Organization mapping to that identifier.
     */
public static String getOrganization(SSOToken token, String orgIdentifier) throws IdRepoException, SSOException {
    // Check in cache first
    String id = null;
    if ((id = (String) orgIdentifierToOrgName.get(orgIdentifier)) != null) {
        return (id);
    }
    // Compute the organization name
    if (debug.messageEnabled()) {
        debug.message("IdUtils:getOrganization Input orgname: " + orgIdentifier);
    }
    if (orgIdentifier == null || orgIdentifier.length() == 0 || orgIdentifier.equals("/")) {
        // Return base DN
        id = DNMapper.orgNameToDN("/");
    } else if (orgIdentifier.startsWith("/")) {
        // If orgIdentifier is in "/" format covert to DN and return
        id = DNMapper.orgNameToDN(orgIdentifier);
        try {
            new OrganizationConfigManager(token, orgIdentifier);
        } catch (SMSException e) {
            debug.message("IdUtils.getOrganization Exception in getting org name from SMS", e);
            Object[] args = { orgIdentifier };
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_MAPPING_FOUND, args);
        }
    } else if (LDAPUtils.isDN(orgIdentifier)) {
        id = orgIdentifier;
        try {
            // Search for realms with orgIdentifier name
            OrganizationConfigManager ocm = new OrganizationConfigManager(token, orgIdentifier);
        } catch (SMSException smse) {
            // debug message here.
            if (debug.messageEnabled()) {
                debug.message("IdUtils.getOrganization Exception in " + "getting org name from SMS", smse);
            }
            Object[] args = { orgIdentifier };
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_MAPPING_FOUND, args);
        }
    } else if (ServiceManager.isCoexistenceMode()) {
        // Return the org DN as determined by AMStoreConnection
        if (debug.messageEnabled()) {
            debug.message("IdUtils.getOrganization: getting from AMSDK");
        }
        try {
            AMStoreConnection amsc = new AMStoreConnection(token);
            id = amsc.getOrganizationDN(orgIdentifier, null);
        } catch (AMException ame) {
            if (debug.messageEnabled()) {
                debug.message("IdUtils.getOrganization Exception in " + "getting org name from AMSDK", ame);
            }
            throw convertAMException(ame);
        }
    } else {
        // Get the realm name from SMS
        if (debug.messageEnabled()) {
            debug.message("IdUtils.getOrganization: getting from " + "SMS realms");
        }
        try {
            boolean foundOrg = false;
            ServiceManager sm = new ServiceManager(token);
            // First search for realms with orgIdentifier name
            OrganizationConfigManager ocm = sm.getOrganizationConfigManager("/");
            Set subOrgNames = ocm.getSubOrganizationNames(orgIdentifier, true);
            if (subOrgNames != null && !subOrgNames.isEmpty()) {
                if (subOrgNames.size() == 1) {
                    id = DNMapper.orgNameToDN((String) subOrgNames.iterator().next());
                    foundOrg = true;
                } else {
                    for (Iterator items = subOrgNames.iterator(); items.hasNext(); ) {
                        // check for orgIdentifier
                        String subRealmName = (String) items.next();
                        StringTokenizer st = new StringTokenizer(subRealmName, "/");
                        // allowed
                        while (st.hasMoreTokens()) {
                            if (st.nextToken().equalsIgnoreCase(orgIdentifier)) {
                                if (!foundOrg) {
                                    id = DNMapper.orgNameToDN(subRealmName);
                                    foundOrg = true;
                                } else {
                                    Object[] args = { orgIdentifier };
                                    throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MULTIPLE_MAPPINGS_FOUND, args);
                                }
                            }
                        }
                    }
                }
            }
            // Check if organization name has been determined
            if (debug.messageEnabled()) {
                debug.message("IdUtils.getOrganization: getting from " + "SMS realms aliases");
            }
            // perform organization alias search
            Set vals = new HashSet();
            vals.add(orgIdentifier);
            Set orgAliases = sm.searchOrganizationNames(IdConstants.REPO_SERVICE, IdConstants.ORGANIZATION_ALIAS_ATTR, vals);
            if (!foundOrg && ((orgAliases == null) || orgAliases.isEmpty())) {
                if (debug.warningEnabled()) {
                    debug.warning("IdUtils.getOrganization Unable" + " to find Org name for: " + orgIdentifier);
                }
                Object[] args = { orgIdentifier };
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_MAPPING_FOUND, args);
            } else if ((orgAliases != null) && (orgAliases.size() > 0) && (foundOrg || orgAliases.size() > 1)) {
                // Multiple realms should not have the same alias
                if (debug.warningEnabled()) {
                    debug.warning("IdUtils.getOrganization Multiple " + " matching Orgs found for: " + orgIdentifier);
                }
                Object[] args = { orgIdentifier };
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MULTIPLE_MAPPINGS_FOUND, args);
            }
            if (!foundOrg) {
                String tmpS = (String) orgAliases.iterator().next();
                id = DNMapper.orgNameToDN(tmpS);
            }
        } catch (SMSException smse) {
            // debug message here.
            if (debug.messageEnabled()) {
                debug.message("IdUtils.getOrganization Exception in " + "getting org name from SMS", smse);
            }
            Object[] args = { orgIdentifier };
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_MAPPING_FOUND, args);
        }
    }
    if (debug.messageEnabled()) {
        debug.message("IdUtils:getOrganization Search for OrgIdentifier:" + orgIdentifier + " returning realm DN: " + id);
    }
    // Add to cache and return id
    orgIdentifierToOrgName.put(orgIdentifier, id);
    return id;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) SMSException(com.sun.identity.sm.SMSException) AMException(com.iplanet.am.sdk.AMException) StringTokenizer(java.util.StringTokenizer) AMStoreConnection(com.iplanet.am.sdk.AMStoreConnection) ServiceManager(com.sun.identity.sm.ServiceManager) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) Iterator(java.util.Iterator) AMObject(com.iplanet.am.sdk.AMObject) HashSet(java.util.HashSet)

Example 18 with AMStoreConnection

use of com.iplanet.am.sdk.AMStoreConnection in project OpenAM by OpenRock.

the class IdUtils method isOrganizationActive.

/**
     * Returs true or false, depending on if this organization is enabled or
     * not. The organization string passed to this method should be an
     * identifier returned from the method
     * <code> IdUtils.getOrganization </code>. In the default mode, where
     * relams are enabled but backward comaptibility is required, this checks
     * for organization status in the AM enabled Sun DS. Otherwise, it checks
     * for organization status from the realms tree.
     * 
     * @param token token SSOToken a valid SSOToken.
     * @param org name of the organization of interest.
     * @return <code>true</code> if org is active; 
     *    otherwise <code>false</code>
     * @throws IdRepoException if there are repository related error conditions.
     * @throws SSOException If user's single sign on token is invalid.
     */
public static boolean isOrganizationActive(SSOToken token, String org) throws IdRepoException, SSOException {
    // Check the cache
    if (orgStatusCache.containsKey(org)) {
        return (((Boolean) orgStatusCache.get(org)).booleanValue());
    }
    boolean isActive = true;
    // Need to initialize ServiceManager by creating the constructor
    if (!ServiceManager.isCoexistenceMode()) {
        // Pick it up from the realms tree.
        try {
            OrganizationConfigManager ocm = new OrganizationConfigManager(token, org);
            if (ocm == null) {
                Object[] args = { org };
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_MAPPING_FOUND, args);
            }
            Map attributes = ocm.getAttributes(IdConstants.REPO_SERVICE);
            Set vals = (Set) attributes.get(IdConstants.ORGANIZATION_STATUS_ATTR);
            if (vals == null || vals.isEmpty()) {
                isActive = true;
            } else {
                String stringActive = (String) vals.iterator().next();
                isActive = stringActive.equalsIgnoreCase("Active");
            }
        } catch (SMSException smse) {
            Object[] args = { org };
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_MAPPING_FOUND, args);
        }
    } else if (ServiceManager.isAMSDKEnabled()) {
        // Return the org DN as determined by AMStoreConnection.
        try {
            AMStoreConnection amsc = new AMStoreConnection(token);
            AMOrganization orgObj = amsc.getOrganization(org);
            isActive = orgObj.isActivated();
        } catch (AMException ame) {
            throw convertAMException(ame);
        }
    }
    // Add to cache
    orgStatusCache.put(org, isActive);
    return isActive;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) AMStoreConnection(com.iplanet.am.sdk.AMStoreConnection) SMSException(com.sun.identity.sm.SMSException) AMOrganization(com.iplanet.am.sdk.AMOrganization) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) AMException(com.iplanet.am.sdk.AMException) AMObject(com.iplanet.am.sdk.AMObject) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) Map(java.util.Map)

Aggregations

AMStoreConnection (com.iplanet.am.sdk.AMStoreConnection)18 Set (java.util.Set)11 SSOException (com.iplanet.sso.SSOException)10 HashSet (java.util.HashSet)10 AMException (com.iplanet.am.sdk.AMException)9 AMOrganization (com.iplanet.am.sdk.AMOrganization)8 Iterator (java.util.Iterator)7 Map (java.util.Map)7 HashMap (java.util.HashMap)6 DN (org.forgerock.opendj.ldap.DN)5 AttrSet (com.iplanet.services.ldap.AttrSet)4 SMSException (com.sun.identity.sm.SMSException)4 AMObject (com.iplanet.am.sdk.AMObject)3 OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)3 RDN (org.forgerock.opendj.ldap.RDN)3 AMEntity (com.iplanet.am.sdk.AMEntity)2 AMOrganizationalUnit (com.iplanet.am.sdk.AMOrganizationalUnit)2 AMRole (com.iplanet.am.sdk.AMRole)2 AMUser (com.iplanet.am.sdk.AMUser)2 PolicyException (com.sun.identity.policy.PolicyException)2