Examples with Attr com.iplanet.services.ldap.Attr used on opensource projects

Example 36 with Attr

use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndUnLinkRoleToGroup.

/**
     * Verifies if the <code>roleDN</code> corresponds to an admin role. If
     * true the <code>memberOf</code> and <code>adminRole</code> attributes
     * of each member/user are set to null. Each of the members/users are also
     * removed to the corresponding admin group.
     * 
     * @param token
     *            single sign on token.
     * @param members
     *            Set of member distinguished name to be operated.
     * @param roleDN
     *            distinguished name of the role.
     * @exception AMException
     *                if unsuccessful in removing the members from the
     *                corresponding administrative groups and updating the
     *                <code>memberOf</code> and <code>adminRole</code>
     *                attribute values to null.
     */
protected void verifyAndUnLinkRoleToGroup(SSOToken token, Set members, String roleDN) throws AMException {
    // Obtain the group corresponding to roleDN
    DN dn = DN.valueOf(roleDN);
    String groupName = getGroupFromRoleDN(dn);
    if (groupName != null) {
        String orgDN = dn.parent().toString();
        String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
        String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
        // Delete the attributes memberOf & adminRole attribute values'
        // corresponding to this groupDN.
        Attr[] attrs = new Attr[1];
        attrs[0] = new Attr("adminrole", groupRDN);
        AttrSet attrSet = new AttrSet(attrs);
        Iterator itr = members.iterator();
        try {
            AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
            while (itr.hasNext()) {
                String memberDN = (String) itr.next();
                removeAttributesFromEntry(token, memberDN, attrSet);
                group.removeMember(new Guid(memberDN));
            }
        } catch (EntryNotFoundException ex) {
            debug.error("Compliance.verifyAndUnLinkRoleToGroup: " + "Admin groups are missing");
        } catch (UMSException ue) {
            debug.error("Compliance." + "verifyAndUnLinkRoleToGroup(): ", ue);
            throw new AMException(AMSDKBundle.getString("772"), "772");
        }
    }
}

Example 37 with Attr

use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.

the class DCTreeServicesImpl method updateCacheAndReturnDomain.

/**
     * This is a private method to update cache
     */
private String updateCacheAndReturnDomain(SSOToken token, String canonOrgDN) throws AMException {
    try {
        DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
        SearchControl scontrol = new SearchControl();
        scontrol.setSearchScope(SearchControl.SCOPE_SUB);
        PersistentObject po = UMSObject.getObject(token, new Guid(DCTREE_START_DN));
        String searchFilter = "(inetDomainBaseDN=" + canonOrgDN + ")";
        if (debug.messageEnabled()) {
            debug.message("DCTree.updateCache-> " + "searchFilter= " + searchFilter);
        }
        SearchResults results = po.search(searchFilter, null);
        int count = 0;
        String domainName = null;
        String canonDomain = null;
        while (results.hasMoreElements()) {
            DomainComponent dcNode = (DomainComponent) results.next();
            count++;
            domainName = dcTree.mapDCToDomainName(dcNode);
            if (debug.messageEnabled()) {
                debug.message("DCTree:updateCache-> " + "domainName= " + domainName);
            }
            Attr isCanonical = dcNode.getAttribute(INET_CANONICAL_DOMAIN);
            if (isCanonical != null) {
                /*
                     * if (AMCacheManager.isCachingEnabled()) {
                     * synchronized(canonicalDomainMap) {
                     * canonicalDomainMap.put(canonOrgDN, domainName); } }
                     */
                canonDomain = domainName;
            }
        /*
                 * if (AMCacheManager.isCachingEnabled()) {
                 * synchronized(domainMap) { domainMap.put(canonOrgDN,
                 * domainName); } }
                 */
        }
        results.abandon();
        if (count == 1) {
            canonDomain = domainName;
        /*
                 * if (AMCacheManager.isCachingEnabled()) {
                 * canonicalDomainMap.put(canonOrgDN, domainName); }
                 */
        }
        if (debug.messageEnabled()) {
            debug.message("DCTree.updateCache-> " + "returning domain= " + canonDomain);
        }
        return canonDomain;
    } catch (UMSException umse) {
        debug.error("DCTree:updateCache: UMSException", umse);
        return null;
    }
}

Example 38 with Attr

use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.

the class DirectoryServicesImpl method modifyAndSaveEntry.

private void modifyAndSaveEntry(SSOToken token, String entryDN, Map stringAttributes, Map byteAttributes, boolean isAdd) throws AccessRightsException, EntryNotFoundException, UMSException {
    PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
    // Add string attributes
    if (stringAttributes != null && !stringAttributes.isEmpty()) {
        Iterator itr = stringAttributes.keySet().iterator();
        while (itr.hasNext()) {
            String attrName = (String) (itr.next());
            if (!attrName.equalsIgnoreCase("dn")) {
                Set set = (Set) (stringAttributes.get(attrName));
                String[] attrValues = (set == null) ? null : (String[]) set.toArray(new String[set.size()]);
                Attr attr = new Attr(attrName, attrValues);
                /*
                     * AMObjectImpl.removeAttributes(...) sets the values to be
                     * Collections.EMPTY_SET.
                     */
                modifyPersistentObject(po, attr, isAdd, (set == AMConstants.REMOVE_ATTRIBUTE));
            }
        }
    }
    // Add byte attributes
    if (byteAttributes != null && !byteAttributes.isEmpty()) {
        Iterator itr = byteAttributes.keySet().iterator();
        while (itr.hasNext()) {
            String attrName = (String) (itr.next());
            byte[][] attrValues = (byte[][]) (byteAttributes.get(attrName));
            Attr attr = new Attr(attrName, attrValues);
            modifyPersistentObject(po, attr, isAdd, false);
        }
    }
    po.save();
}

Example 39 with Attr

use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.

the class DirectoryServicesImpl method combineOCs.

/**
     * When an object is being created and attribute sets are being passed UMS
     * does not overrid objectclasses in the attribute set, with the ones from
     * creation template. This method takes care of that.
     * 
     * @param ct
     * @param aSet
     */
private AttrSet combineOCs(CreationTemplate ct, AttrSet aSet) {
    // UMS creation template will not append default user
    // objectclasses if the "objectclass" attribute is present
    // so we need to append those default objectclass here
    Attr attr = aSet.getAttribute("objectclass");
    // if (attr != null) {
    // TO: To write a separate method for attrSet combine object class
    // values. Need to avoid conversion from string array to sets.
    // get default user objectclass from creation template
    Attr defAttr = ct.getAttribute("objectclass");
    Set addOCs = (attr != null) ? CommonUtils.stringArrayToSet(attr.getStringValues()) : new HashSet();
    Set ctOCs = CommonUtils.stringArrayToSet(defAttr.getStringValues());
    Set finalOCs = CommonUtils.combineOCs(addOCs, ctOCs);
    aSet.remove("objectclass");
    Attr finalOCAttr = new Attr("objectclass", (String[]) finalOCs.toArray(new String[finalOCs.size()]));
    aSet.add(finalOCAttr);
    // }
    return aSet;
}

Example 40 with Attr

use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createFilteredRole.

private void createFilteredRole(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
    // Invoke the Pre Processing plugin
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    String entryDN = getNamingAttribute(AMObject.FILTERED_ROLE) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.FILTERED_ROLE, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.FILTERED_ROLE), profileName);
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicFilteredRole", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    if (!attrSet.contains(FilteredRole.FILTER_ATTR_NAME)) {
        Attr attr = new Attr(FilteredRole.FILTER_ATTR_NAME, SearchFilterManager.getSearchFilter(AMObject.USER, orgDN));
        attrSet.add(attr);
    }
    FilteredRole frole = new FilteredRole(creationTemp, attrSet);
    parentObj.addChild(frole);
    // Invoke Post processing impls
    callBackHelper.postProcess(token, frole.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.FILTERED_ROLE, false);
}