use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createOrganization.
private void createOrganization(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException, SSOException {
// Invoke the Pre Processing plugin. Note: we need to obtain
// the parent org of this organization to obtain the
// plugin classes for the parent org.
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
String entryDN = getNamingAttribute(AMObject.ORGANIZATION) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATION), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
com.iplanet.ums.Organization org = null;
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganization", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
// COMPLIANCE: DCTREE
if (dcTreeImpl.isRequired()) {
AttrSet[] attrSetArray = dcTreeImpl.splitAttrSet(parentObj.getDN(), attrSet);
org = new com.iplanet.ums.Organization(creationTemp, attrSetArray[0]);
// create the DC node first. If it fails then the org node will not
// be created at all. No clean up needed afterwards then.
dcTreeImpl.createDomain(token, new Guid(entryDN), attrSet);
} else {
org = new com.iplanet.ums.Organization(creationTemp, attrSet);
}
try {
parentObj.addChild(org);
} catch (UMSException ue) {
// clean up DC node
if (dcTreeImpl.isRequired()) {
dcTreeImpl.removeDomain(token, entryDN);
}
if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
// COMPLIANCE
// If the existing entry is marked for deletion, then
// the error message should be different.
complianceImpl.checkIfDeletedOrg(token, org.getDN());
}
throw ue;
}
if (ComplianceServicesImpl.isAdminGroupsEnabled(org.getDN())) {
complianceImpl.createAdminGroups(token, org);
}
// mode, the corresponding realm must also be created.
if (ServiceManager.isCoexistenceMode() && ServiceManager.isRealmEnabled()) {
try {
// Check if realm exisits, this throws SMSException
// if realm does not exist
new OrganizationConfigManager(token, entryDN);
} catch (SMSException smse) {
// Organization does not exist, create it
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::createOrganization " + "creating realm: " + org.getDN());
}
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, orgDN);
ocm.createSubOrganization(profileName, null);
} catch (SMSException se) {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::" + "createOrganization unable to create realm: " + org.getDN(), se);
}
}
}
}
// If in legacy mode, add the default services
if (ServiceManager.isCoexistenceMode()) {
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, entryDN);
OrganizationConfigManager.loadDefaultServices(token, ocm);
} catch (SMSException smse) {
// Unable to load default services
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl::createOrganization " + "Unable to load services: " + org.getDN());
}
}
}
// Invoke Post processing impls. Note: orgDN is parent org
callBackHelper.postProcess(token, org.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
}
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method combineOCs.
/**
* When an object is being created and attribute sets are being passed UMS
* does not overrid objectclasses in the attribute set, with the ones from
* creation template. This method takes care of that.
*
* @param ct
* @param aSet
*/
private AttrSet combineOCs(CreationTemplate ct, AttrSet aSet) {
// UMS creation template will not append default user
// objectclasses if the "objectclass" attribute is present
// so we need to append those default objectclass here
Attr attr = aSet.getAttribute("objectclass");
// if (attr != null) {
// TO: To write a separate method for attrSet combine object class
// values. Need to avoid conversion from string array to sets.
// get default user objectclass from creation template
Attr defAttr = ct.getAttribute("objectclass");
Set addOCs = (attr != null) ? CommonUtils.stringArrayToSet(attr.getStringValues()) : new HashSet();
Set ctOCs = CommonUtils.stringArrayToSet(defAttr.getStringValues());
Set finalOCs = CommonUtils.combineOCs(addOCs, ctOCs);
aSet.remove("objectclass");
Attr finalOCAttr = new Attr("objectclass", (String[]) finalOCs.toArray(new String[finalOCs.size()]));
aSet.add(finalOCAttr);
// }
return aSet;
}
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createOrganizationalUnit.
private void createOrganizationalUnit(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
// Invoke the Pre Post Plugins
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
String entryDN = getNamingAttribute(AMObject.ORGANIZATIONAL_UNIT) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATIONAL_UNIT, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATIONAL_UNIT), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganizationalUnit", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
OrganizationalUnit ou = new OrganizationalUnit(creationTemp, attrSet);
parentObj.addChild(ou);
// Invoke Post processing impls
callBackHelper.postProcess(token, ou.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATIONAL_UNIT, false);
}
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createEntity.
/**
* Method to create a user entry
*/
private void createEntity(SSOToken token, PersistentObject parentObj, int objectType, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
// Invoke the Pre Processing plugin
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(objectType), profileName);
String ctName = getCreationTemplateName(objectType);
if (ctName == null) {
// Create a user if no CT defined.
ctName = "BasicUser";
}
TemplateManager tempMgr = TemplateManager.getTemplateManager();
CreationTemplate creationTemp = tempMgr.getCreationTemplate(ctName, new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
PersistentObject user = new PersistentObject(creationTemp, attrSet);
try {
parentObj.addChild(user);
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createEntity():" + " Insufficient Access rights to create entity", e);
}
throw new AMException(token, "460");
} catch (EntryAlreadyExistsException ee) {
if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
// COMPLIANCE
// If the existing entry is marked for deletion, then
// the error message should be different.
complianceImpl.checkIfDeletedUser(token, user.getDN());
}
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createEntity() Entity " + "already exists: ", ee);
}
throw new AMEntryExistsException(token, "462", ee);
} catch (UMSException ue) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createEntity(): Internal " + "Error occurred. Unable to create User Entry", ue);
}
processInternalException(token, ue, "324");
}
}
use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createFilteredRole.
private void createFilteredRole(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
// Invoke the Pre Processing plugin
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
String entryDN = getNamingAttribute(AMObject.FILTERED_ROLE) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.FILTERED_ROLE, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.FILTERED_ROLE), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicFilteredRole", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
if (!attrSet.contains(FilteredRole.FILTER_ATTR_NAME)) {
Attr attr = new Attr(FilteredRole.FILTER_ATTR_NAME, SearchFilterManager.getSearchFilter(AMObject.USER, orgDN));
attrSet.add(attr);
}
FilteredRole frole = new FilteredRole(creationTemp, attrSet);
parentObj.addChild(frole);
// Invoke Post processing impls
callBackHelper.postProcess(token, frole.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.FILTERED_ROLE, false);
}
Aggregations