use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class DCTreeServicesImpl method splitAttrSet.
protected AttrSet[] splitAttrSet(String orgDN, AttrSet attrSet) throws AMException, SSOException {
AttrSet[] attrArray = new AttrSet[2];
attrArray[0] = (attrSet != null) ? (AttrSet) attrSet.clone() : new AttrSet();
attrArray[1] = new AttrSet();
if (attrSet == null) {
return (attrArray);
}
Set dcNodeAttrs = dcNodeAttributes();
Iterator it = dcNodeAttrs.iterator();
while (it.hasNext()) {
String aName = (String) it.next();
if (aName.indexOf("objectclass=") > -1) {
Attr attr0 = attrSet.getAttribute("objectclass");
Attr attr = (attr0 != null) ? (Attr) attr0.clone() : null;
String oc = aName.substring("objectclass=".length());
Attr dcAttr = new Attr("objectclass");
if (attr != null && attr.contains(oc)) {
attr.removeValue(oc);
dcAttr.addValue(oc);
attrArray[0].replace(attr);
attrArray[1].add(dcAttr);
}
} else {
Attr attr = attrSet.getAttribute(aName);
if (attr != null) {
attrArray[1].add(attr);
attrArray[0].remove(aName);
}
}
}
if (debug.messageEnabled()) {
debug.message("DCTreeServicesImpl.splitAttrSet: " + "domain attrset = " + attrArray[1].toString());
debug.message("DCTreeServicesImpl.splitAttrSet: " + "non-domain attrset = " + attrArray[0].toString());
}
return attrArray;
}
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class DCTreeServicesImpl method setDomainAttributes.
protected void setDomainAttributes(SSOToken token, String orgDN, AttrSet attrSet) throws AMException {
String domainName = null;
try {
domainName = getCanonicalDomain(token, orgDN);
DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
if (domainName == null) {
if (debug.messageEnabled()) {
debug.message("DCTree.setDomainAttrs: " + "No domain found for org : " + orgDN);
}
return;
}
DomainComponent dcNode = dcTree.getDomainComponent(domainName);
if (attrSet != null) {
if (debug.messageEnabled()) {
debug.message("DCTree.setDomainAttrs: " + " setting attributes on domain " + domainName + ": " + attrSet.toString());
}
Attr ocAttr = attrSet.getAttribute("objectclass");
if (ocAttr != null) {
Attr oldOCAttr = dcNode.getAttribute("objectclass");
if (oldOCAttr != null) {
ocAttr.addValues(oldOCAttr.getStringValues());
}
if (debug.messageEnabled()) {
debug.message("DCTree.setDomainAttrs-> " + "objectclasses to be set " + ocAttr.toString());
}
if (ocAttr.size() == 0)
dcNode.modify(ocAttr, ModificationType.DELETE);
else
dcNode.modify(ocAttr, ModificationType.REPLACE);
dcNode.save();
attrSet.remove("objectclass");
}
int size = attrSet.size();
for (int i = 0; i < size; i++) {
Attr attr = attrSet.elementAt(i);
if (attr.size() == 0) {
// remove attribute
dcNode.modify(attr, ModificationType.DELETE);
} else {
// replace attribute
dcNode.modify(attr, ModificationType.REPLACE);
}
}
dcNode.save();
}
} catch (UMSException umse) {
debug.error("DCTree.setDomainAttributes: " + " error setting " + " attribute for domain " + domainName, umse);
}
}
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class ComplianceServicesImpl method addAttributesToEntry.
/**
* Method to addAttributes to an entry
*/
private void addAttributesToEntry(SSOToken token, String dn, AttrSet attrSet) throws UMSException {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(dn));
int size = attrSet.size();
for (int i = 0; i < size; i++) {
Attr attr = attrSet.elementAt(i);
po.modify(attr, ModificationType.ADD);
}
po.save();
}
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class ComplianceServicesImpl method verifyAndUnLinkRoleToGroup.
/**
* Verifies if the <code>roleDN</code> corresponds to an admin role. If
* true the <code>memberOf</code> and <code>adminRole</code> attributes
* of each member/user are set to null. Each of the members/users are also
* removed to the corresponding admin group.
*
* @param token
* single sign on token.
* @param members
* Set of member distinguished name to be operated.
* @param roleDN
* distinguished name of the role.
* @exception AMException
* if unsuccessful in removing the members from the
* corresponding administrative groups and updating the
* <code>memberOf</code> and <code>adminRole</code>
* attribute values to null.
*/
protected void verifyAndUnLinkRoleToGroup(SSOToken token, Set members, String roleDN) throws AMException {
// Obtain the group corresponding to roleDN
DN dn = DN.valueOf(roleDN);
String groupName = getGroupFromRoleDN(dn);
if (groupName != null) {
String orgDN = dn.parent().toString();
String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
// Delete the attributes memberOf & adminRole attribute values'
// corresponding to this groupDN.
Attr[] attrs = new Attr[1];
attrs[0] = new Attr("adminrole", groupRDN);
AttrSet attrSet = new AttrSet(attrs);
Iterator itr = members.iterator();
try {
AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
while (itr.hasNext()) {
String memberDN = (String) itr.next();
removeAttributesFromEntry(token, memberDN, attrSet);
group.removeMember(new Guid(memberDN));
}
} catch (EntryNotFoundException ex) {
debug.error("Compliance.verifyAndUnLinkRoleToGroup: " + "Admin groups are missing");
} catch (UMSException ue) {
debug.error("Compliance." + "verifyAndUnLinkRoleToGroup(): ", ue);
throw new AMException(AMSDKBundle.getString("772"), "772");
}
}
}
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class DCTreeServicesImpl method updateCacheAndReturnDomain.
/**
* This is a private method to update cache
*/
private String updateCacheAndReturnDomain(SSOToken token, String canonOrgDN) throws AMException {
try {
DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
SearchControl scontrol = new SearchControl();
scontrol.setSearchScope(SearchControl.SCOPE_SUB);
PersistentObject po = UMSObject.getObject(token, new Guid(DCTREE_START_DN));
String searchFilter = "(inetDomainBaseDN=" + canonOrgDN + ")";
if (debug.messageEnabled()) {
debug.message("DCTree.updateCache-> " + "searchFilter= " + searchFilter);
}
SearchResults results = po.search(searchFilter, null);
int count = 0;
String domainName = null;
String canonDomain = null;
while (results.hasMoreElements()) {
DomainComponent dcNode = (DomainComponent) results.next();
count++;
domainName = dcTree.mapDCToDomainName(dcNode);
if (debug.messageEnabled()) {
debug.message("DCTree:updateCache-> " + "domainName= " + domainName);
}
Attr isCanonical = dcNode.getAttribute(INET_CANONICAL_DOMAIN);
if (isCanonical != null) {
/*
* if (AMCacheManager.isCachingEnabled()) {
* synchronized(canonicalDomainMap) {
* canonicalDomainMap.put(canonOrgDN, domainName); } }
*/
canonDomain = domainName;
}
/*
* if (AMCacheManager.isCachingEnabled()) {
* synchronized(domainMap) { domainMap.put(canonOrgDN,
* domainName); } }
*/
}
results.abandon();
if (count == 1) {
canonDomain = domainName;
/*
* if (AMCacheManager.isCachingEnabled()) {
* canonicalDomainMap.put(canonOrgDN, domainName); }
*/
}
if (debug.messageEnabled()) {
debug.message("DCTree.updateCache-> " + "returning domain= " + canonDomain);
}
return canonDomain;
} catch (UMSException umse) {
debug.error("DCTree:updateCache: UMSException", umse);
return null;
}
}
Aggregations