Example 1 with AttrSet
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DCTreeServicesImpl method createDomain.
/**
* Method which creates a <Code>Domain Component Tree </Code> for the given
* organization, if the <code>sunPreferredDomain</code> attribute is
* present and has a fully qualified domain name as value.
*
* @param token
* SSO Token
* @param orgGuid
* identifiication of organization entry to be mapped from
* <Code>dctree</Code> to organization DIT organization
* @param attrSet
* the attributes to be set on creation of domain.
*
* @exception AMException
* if unsuccessful in creating a dc tree for the organization
* or unsuccessful in setting the mapping between dc tree and
* the organization
*/
protected void createDomain(SSOToken token, Guid orgGuid, AttrSet attrSet) throws AMException, SSOException {
if (DCTREE_START_DN == null) {
throw new AMException(AMSDKBundle.getString("355"), "355");
}
// Create a DC tree is value is specified for
// sunPreferredDomain attribute
String domainName = attrSet.getValue(IPLANET_DOMAIN_NAME_ATTR);
// remove the attribute from the attribute set.
attrSet.remove(IPLANET_DOMAIN_NAME_ATTR);
if ((domainName != null) && (!domainName.equals(""))) {
try {
DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
dcTree.addDomain(domainName);
// Set the domain mapping
dcTree.setDomainMapping(domainName, orgGuid);
String status = attrSet.getValue(INET_DOMAIN_STATUS_ATTR);
if (status != null) {
dcTree.setDomainStatus(domainName, status);
}
AttrSet[] attrSetArray = splitAttrSet(orgGuid.getDn(), attrSet);
if (attrSetArray[1] != null) {
setDomainAttributes(token, orgGuid.getDn(), attrSetArray[1]);
}
} catch (InvalidDCRootException ie) {
debug.error("DCTree.createDomain(): ", ie);
throw new AMException(AMSDKBundle.getString("343"), "343");
} catch (UMSException ue) {
debug.error("DCTree.createDomain(): ", ue);
throw new AMException(AMSDKBundle.getString("344"), "344");
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
AMException(com.iplanet.am.sdk.AMException)
DomainComponentTree(com.iplanet.ums.dctree.DomainComponentTree)
Guid(com.iplanet.ums.Guid)
InvalidDCRootException(com.iplanet.ums.dctree.InvalidDCRootException)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 2 with AttrSet
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DCTreeServicesImpl method splitAttrSet.
protected AttrSet[] splitAttrSet(String orgDN, AttrSet attrSet) throws AMException, SSOException {
AttrSet[] attrArray = new AttrSet[2];
attrArray[0] = (attrSet != null) ? (AttrSet) attrSet.clone() : new AttrSet();
attrArray[1] = new AttrSet();
if (attrSet == null) {
return (attrArray);
}
Set dcNodeAttrs = dcNodeAttributes();
Iterator it = dcNodeAttrs.iterator();
while (it.hasNext()) {
String aName = (String) it.next();
if (aName.indexOf("objectclass=") > -1) {
Attr attr0 = attrSet.getAttribute("objectclass");
Attr attr = (attr0 != null) ? (Attr) attr0.clone() : null;
String oc = aName.substring("objectclass=".length());
Attr dcAttr = new Attr("objectclass");
if (attr != null && attr.contains(oc)) {
attr.removeValue(oc);
dcAttr.addValue(oc);
attrArray[0].replace(attr);
attrArray[1].add(dcAttr);
}
} else {
Attr attr = attrSet.getAttribute(aName);
if (attr != null) {
attrArray[1].add(attr);
attrArray[0].remove(aName);
}
}
}
if (debug.messageEnabled()) {
debug.message("DCTreeServicesImpl.splitAttrSet: " + "domain attrset = " + attrArray[1].toString());
debug.message("DCTreeServicesImpl.splitAttrSet: " + "non-domain attrset = " + attrArray[0].toString());
}
return attrArray;
}Example 3 with AttrSet
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class ComplianceServicesImpl method verifyAndUnLinkRoleToGroup.
/**
* Verifies if the <code>roleDN</code> corresponds to an admin role. If
* true the <code>memberOf</code> and <code>adminRole</code> attributes
* of each member/user are set to null. Each of the members/users are also
* removed to the corresponding admin group.
*
* @param token
* single sign on token.
* @param members
* Set of member distinguished name to be operated.
* @param roleDN
* distinguished name of the role.
* @exception AMException
* if unsuccessful in removing the members from the
* corresponding administrative groups and updating the
* <code>memberOf</code> and <code>adminRole</code>
* attribute values to null.
*/
protected void verifyAndUnLinkRoleToGroup(SSOToken token, Set members, String roleDN) throws AMException {
// Obtain the group corresponding to roleDN
DN dn = DN.valueOf(roleDN);
String groupName = getGroupFromRoleDN(dn);
if (groupName != null) {
String orgDN = dn.parent().toString();
String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
// Delete the attributes memberOf & adminRole attribute values'
// corresponding to this groupDN.
Attr[] attrs = new Attr[1];
attrs[0] = new Attr("adminrole", groupRDN);
AttrSet attrSet = new AttrSet(attrs);
Iterator itr = members.iterator();
try {
AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
while (itr.hasNext()) {
String memberDN = (String) itr.next();
removeAttributesFromEntry(token, memberDN, attrSet);
group.removeMember(new Guid(memberDN));
}
} catch (EntryNotFoundException ex) {
debug.error("Compliance.verifyAndUnLinkRoleToGroup: " + "Admin groups are missing");
} catch (UMSException ue) {
debug.error("Compliance." + "verifyAndUnLinkRoleToGroup(): ", ue);
throw new AMException(AMSDKBundle.getString("772"), "772");
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
Iterator(java.util.Iterator)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
Attr(com.iplanet.services.ldap.Attr)
AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 4 with AttrSet
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createGroupContainer.
private void createGroupContainer(PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.GROUP_CONTAINER), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicGroupContainer", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
OrganizationalUnit gc = new OrganizationalUnit(creationTemp, attrSet);
parentObj.addChild(gc);
}
Also used :
CreationTemplate(com.iplanet.ums.CreationTemplate)
AMOrganizationalUnit(com.iplanet.am.sdk.AMOrganizationalUnit)
OrganizationalUnit(com.iplanet.ums.OrganizationalUnit)
TemplateManager(com.iplanet.ums.TemplateManager)
Guid(com.iplanet.ums.Guid)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 5 with AttrSet
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createUser.
/**
* Method to create a user entry
*/
private void createUser(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
// Invoke the Pre Processing plugin
String entryDN = getNamingAttribute(AMObject.USER) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.USER), profileName);
// Invoke the user password validation plugin
UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
try {
pluginImpl.validate(CommonUtils.attrSetToMap(attrSet));
} catch (AMException ame) {
debug.error("DirectoryServicesImpl.createUser(): Invalid " + "characters for user", ame);
throw ame;
}
TemplateManager tempMgr = TemplateManager.getTemplateManager();
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicUser", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
// User user = new User(creationTemp, attrSet);
PersistentObject user = new PersistentObject(creationTemp, attrSet);
try {
parentObj.addChild(user);
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createUser(): Insufficient " + "Access rights to create user", e);
}
throw new AMException(token, "460");
} catch (EntryAlreadyExistsException ee) {
if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
// COMPLIANCE
// If the existing entry is marked for deletion, then
// the error message should be different.
complianceImpl.checkIfDeletedUser(token, user.getDN());
}
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createUser() User " + "already exists: ", ee);
}
throw new AMEntryExistsException(token, "328", ee);
} catch (UMSException ue) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createUser(): Internal " + "Error occurred. Unable to create User Entry", ue);
}
processInternalException(token, ue, "324");
}
// Invoke Post processing impls
callBackHelper.postProcess(token, user.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
// TODO: REMOVE after Portal moves to new API's
AMUserEntryProcessed postPlugin = getUserPostPlugin();
if (postPlugin != null) {
Map attrMap = CommonUtils.attrSetToMap(attrSet);
postPlugin.processUserAdd(token, user.getDN(), attrMap);
}
EmailNotificationHelper mailerObj = new EmailNotificationHelper(user.getDN());
mailerObj.setUserCreateNotificationList();
mailerObj.sendUserCreateNotification(attributes);
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
AMException(com.iplanet.am.sdk.AMException)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException)
AttrSet(com.iplanet.services.ldap.AttrSet)
AMEntryExistsException(com.iplanet.am.sdk.AMEntryExistsException)
CreationTemplate(com.iplanet.ums.CreationTemplate)
TemplateManager(com.iplanet.ums.TemplateManager)
AMUserEntryProcessed(com.iplanet.am.sdk.AMUserEntryProcessed)
Map(java.util.Map)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
TreeMap(java.util.TreeMap)
Aggregations
AttrSet (com.iplanet.services.ldap.AttrSet)61
Attr (com.iplanet.services.ldap.Attr)33
Guid (com.iplanet.ums.Guid)19
Iterator (java.util.Iterator)16
Set (java.util.Set)14
UMSException (com.iplanet.ums.UMSException)13
AMException (com.iplanet.am.sdk.AMException)12
CreationTemplate (com.iplanet.ums.CreationTemplate)12
TemplateManager (com.iplanet.ums.TemplateManager)12
HashMap (java.util.HashMap)9
HashSet (java.util.HashSet)9
Map (java.util.Map)9
ArrayList (java.util.ArrayList)8
PersistentObject (com.iplanet.ums.PersistentObject)6
SSOException (com.iplanet.sso.SSOException)5
AMHashMap (com.iplanet.am.sdk.AMHashMap)4
AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)4
AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)3
AccessRightsException (com.iplanet.ums.AccessRightsException)3
EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)3
