Search in sources :

Example 6 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class DataLayer method initLdapPool.

/**
     * Initialize the pool shared by all DataLayer object(s).
     */
private synchronized void initLdapPool() throws UMSException {
    // Don't do anything if pool is already initialized
    if (_ldapPool != null)
        return;
    /*
         * Initialize the pool with minimum and maximum connections settings
         * retrieved from configuration
         */
    ServerInstance svrCfg = null;
    String hostName = null;
    try {
        DSConfigMgr dsCfg = DSConfigMgr.getDSConfigMgr();
        hostName = dsCfg.getHostName("default");
        baseFactory = dsCfg.getNewProxyConnectionFactory();
        svrCfg = dsCfg.getServerInstance(LDAPUser.Type.AUTH_PROXY);
    } catch (LDAPServiceException ex) {
        debug.error("Error initializing connection pool " + ex.getMessage());
    }
    // Check if svrCfg was successfully obtained
    if (svrCfg == null) {
        debug.error("Error getting server config.");
        String[] args = new String[1];
        args[0] = hostName == null ? "default" : hostName;
        throw new UMSException(i18n.getString(IUMSConstants.NEW_INSTANCE_FAILED, args));
    }
    int poolMin = svrCfg.getMinConnections();
    int poolMax = svrCfg.getMaxConnections();
    m_releaseConnectionBeforeSearchCompletes = svrCfg.getBooleanValue(LDAP_RELEASECONNBEFORESEARCH, false);
    if (debug.messageEnabled()) {
        debug.message("Creating ldap connection pool with: poolMin {}, poolMax {}", poolMin, poolMax);
    }
    int idleTimeout = SystemProperties.getAsInt(Constants.LDAP_CONN_IDLE_TIME_IN_SECS, 0);
    if (idleTimeout == 0) {
        debug.warning("Idle timeout not set. Defaulting to 0.");
    }
    _ldapPool = Connections.newCachedConnectionPool(Connections.newNamedConnectionFactory(baseFactory, "DataLayer"), poolMin, poolMax, idleTimeout, TimeUnit.SECONDS);
    ShutdownManager shutdownMan = com.sun.identity.common.ShutdownManager.getInstance();
    shutdownMan.addShutdownListener(new ShutdownListener() {

        public void shutdown() {
            if (_ldapPool != null) {
                _ldapPool.close();
            }
        }
    });
}
Also used : ShutdownListener(org.forgerock.util.thread.listener.ShutdownListener) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) ShutdownManager(org.forgerock.util.thread.listener.ShutdownManager) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ByteString(org.forgerock.opendj.ldap.ByteString) ServerInstance(com.iplanet.services.ldap.ServerInstance)

Example 7 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class DataLayer method getInstance.

/**
     * Create the singleton DataLayer object if it doesn't exist already.
     * Assumes the server instance for "LDAPUser.Type.AUTH_PROXY".
     *
     * @supported.api
     */
public static DataLayer getInstance() throws UMSException {
    // Make sure only one instance of this class is created.
    if (m_instance == null) {
        try {
            DSConfigMgr cfgMgr = DSConfigMgr.getDSConfigMgr();
            ServerInstance serverCfg = cfgMgr.getServerInstance(LDAPUser.Type.AUTH_PROXY);
            m_instance = getInstance(serverCfg);
        } catch (LDAPServiceException ex) {
            debug.error("Error:  Unable to get server config instance " + ex.getMessage());
        }
    }
    return m_instance;
}
Also used : DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ServerInstance(com.iplanet.services.ldap.ServerInstance)

Example 8 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class SMDataLayer method initLdapPool.

/**
     * Initialize the pool shared by all SMDataLayer object(s).
     */
private synchronized void initLdapPool() {
    // Dont' do anything if pool is already initialized
    if (_ldapPool != null)
        return;
    // Initialize the pool with minimum and maximum connections settings
    // retrieved from configuration
    ServerInstance svrCfg;
    try {
        DSConfigMgr dsCfg = DSConfigMgr.getDSConfigMgr();
        // Get "sms" ServerGroup if present
        ServerGroup sg = dsCfg.getServerGroup("sms");
        final ConnectionFactory baseFactory;
        if (sg != null) {
            baseFactory = dsCfg.getNewConnectionFactory("sms", LDAPUser.Type.AUTH_ADMIN);
            svrCfg = sg.getServerInstance(LDAPUser.Type.AUTH_ADMIN);
        } else {
            baseFactory = dsCfg.getNewAdminConnectionFactory();
            svrCfg = dsCfg.getServerInstance(LDAPUser.Type.AUTH_ADMIN);
        }
        if (svrCfg == null) {
            debug.error("SMDataLayer:initLdapPool()-" + "Error getting server config.");
        }
        int poolMin = 1;
        int poolMax = 2;
        // Initialize the Connection Pool size only for the server
        if (SystemProperties.isServerMode()) {
            poolMin = svrCfg.getMinConnections();
            poolMax = svrCfg.getMaxConnections();
        }
        debug.message("SMDataLayer:initLdapPool(): Creating ldap connection pool with: poolMin {} poolMax {}", poolMin, poolMax);
        int idleTimeout = SystemProperties.getAsInt(LDAP_CONN_IDLE_TIME_IN_SECS, 0);
        if (idleTimeout == 0 && StringUtils.isNotBlank(SystemProperties.get(LDAP_CONN_IDLE_TIME_IN_SECS))) {
            debug.error("SMDataLayer: Idle timeout could not be parsed, connection reaping is disabled");
        } else if (idleTimeout == 0) {
            debug.message("SMDataLayer: Idle timeout is set to 0 - connection reaping is disabled");
        }
        _ldapPool = Connections.newCachedConnectionPool(baseFactory, poolMin, poolMax, idleTimeout, TimeUnit.SECONDS);
        ShutdownManager shutdownMan = com.sun.identity.common.ShutdownManager.getInstance();
        shutdownMan.addShutdownListener(new ShutdownListener() {

            public void shutdown() {
                if (_ldapPool != null) {
                    _ldapPool.close();
                }
            }
        });
    } catch (LDAPServiceException ex) {
        debug.error("SMDataLayer:initLdapPool()-" + "Error initializing connection pool " + ex.getMessage());
        ex.printStackTrace();
    }
}
Also used : ShutdownListener(org.forgerock.util.thread.listener.ShutdownListener) ConnectionFactory(org.forgerock.opendj.ldap.ConnectionFactory) ServerGroup(com.iplanet.services.ldap.ServerGroup) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) ShutdownManager(org.forgerock.util.thread.listener.ShutdownManager) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ServerInstance(com.iplanet.services.ldap.ServerInstance)

Example 9 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class CoreGuiceModule method configure.

@Override
protected void configure() {
    bind(new AdminTokenType()).toProvider(new AdminTokenProvider()).in(Singleton.class);
    bind(ServiceManagementDAO.class).to(ServiceManagementDAOWrapper.class).in(Singleton.class);
    bind(DNWrapper.class).in(Singleton.class);
    bind(URLValidator.class).toInstance(URLValidator.getInstance());
    bind(new TypeLiteral<TokenAdapter<JsonValue>>() {
    }).annotatedWith(Names.named(OAuth2Constants.CoreTokenParams.OAUTH_TOKEN_ADAPTER)).to(OAuthAdapter.class);
    bind(DSConfigMgr.class).toProvider(new Provider<DSConfigMgr>() {

        public DSConfigMgr get() {
            try {
                return DSConfigMgr.getDSConfigMgr();
            } catch (LDAPServiceException e) {
                throw new IllegalStateException(e);
            }
        }
    }).in(Singleton.class);
    bind(SSOTokenManager.class).toProvider(new Provider<SSOTokenManager>() {

        public SSOTokenManager get() {
            try {
                return SSOTokenManager.getInstance();
            } catch (SSOException e) {
                throw new IllegalStateException(e);
            }
        }
    }).in(Singleton.class);
    /**
         * Core Token Service bindings are divided into a number of logical groups.
         */
    // CTS General
    bind(CTSPersistentStore.class).to(CTSPersistentStoreImpl.class);
    bind(Debug.class).annotatedWith(Names.named(CoreTokenConstants.CTS_DEBUG)).toInstance(Debug.getInstance(CoreTokenConstants.CTS_DEBUG));
    bind(Debug.class).annotatedWith(Names.named(CoreTokenConstants.CTS_REAPER_DEBUG)).toInstance(Debug.getInstance(CoreTokenConstants.CTS_REAPER_DEBUG));
    bind(Debug.class).annotatedWith(Names.named(CoreTokenConstants.CTS_ASYNC_DEBUG)).toInstance(Debug.getInstance(CoreTokenConstants.CTS_ASYNC_DEBUG));
    bind(Debug.class).annotatedWith(Names.named(CoreTokenConstants.CTS_MONITOR_DEBUG)).toInstance(Debug.getInstance(CoreTokenConstants.CTS_MONITOR_DEBUG));
    bind(Debug.class).annotatedWith(Names.named(DataLayerConstants.DATA_LAYER_DEBUG)).toInstance(Debug.getInstance(DataLayerConstants.DATA_LAYER_DEBUG));
    bind(Debug.class).annotatedWith(Names.named("amSMS")).toInstance(Debug.getInstance("amSMS"));
    bind(Debug.class).annotatedWith(Names.named(PolicyMonitor.POLICY_MONITOR_DEBUG)).toInstance(Debug.getInstance(PolicyMonitor.POLICY_MONITOR_DEBUG));
    bind(Debug.class).annotatedWith(Names.named(OAuth2Constants.DEBUG_LOG_NAME)).toInstance(Debug.getInstance(OAuth2Constants.DEBUG_LOG_NAME));
    bind(CoreTokenConstants.class).in(Singleton.class);
    bind(CoreTokenConfig.class).in(Singleton.class);
    // CTS Connection Management
    bind(String.class).annotatedWith(Names.named(DataLayerConstants.ROOT_DN_SUFFIX)).toProvider(new Provider<String>() {

        public String get() {
            return SMSEntry.getRootSuffix();
        }
    }).in(Singleton.class);
    bind(ConfigurationObserver.class).toProvider(new Provider<ConfigurationObserver>() {

        public ConfigurationObserver get() {
            return ConfigurationObserver.getInstance();
        }
    }).in(Singleton.class);
    // CTS Monitoring
    bind(CTSOperationsMonitoringStore.class).to(CTSMonitoringStoreImpl.class);
    bind(CTSReaperMonitoringStore.class).to(CTSMonitoringStoreImpl.class);
    bind(CTSConnectionMonitoringStore.class).to(CTSMonitoringStoreImpl.class);
    // Enable monitoring of all CTS operations
    bind(ResultHandlerFactory.class).to(MonitoredResultHandlerFactory.class);
    // CTS Reaper configuration
    bind(ReaperQuery.class).to(ReaperConnection.class);
    // Policy Monitoring
    bind(PolicyMonitor.class).to(PolicyMonitorImpl.class);
    // SAML2 token repository dependencies
    bind(new TypeLiteral<TokenAdapter<SAMLToken>>() {
    }).to(SAMLAdapter.class);
    /**
         * Session related dependencies.
         */
    bind(SessionOperationStrategy.class).to(ServerSessionOperationStrategy.class);
    // TODO: Investigate whether or not this lazy-loading "Config<SessionService>" wrapper is still needed
    bind(new TypeLiteral<Config<SessionService>>() {
    }).toInstance(new Config<SessionService>() {

        @Override
        public boolean isReady() {
            return true;
        }

        @Override
        public SessionService get() {
            return InjectorHolder.getInstance(SessionService.class);
        }
    });
    bind(Debug.class).annotatedWith(Names.named(SessionConstants.SESSION_DEBUG)).toInstance(Debug.getInstance(SessionConstants.SESSION_DEBUG));
    bind(new TypeLiteral<Function<String, String, NeverThrowsException>>() {
    }).annotatedWith(Names.named("tagSwapFunc")).toInstance(new Function<String, String, NeverThrowsException>() {

        @Override
        public String apply(String text) {
            return ServicesDefaultValues.tagSwap(text, true);
        }
    });
    install(new FactoryModuleBuilder().implement(AMIdentityRepository.class, AMIdentityRepository.class).build(AMIdentityRepositoryFactory.class));
    install(new FactoryModuleBuilder().implement(SMSAuditor.class, SMSAuditor.class).build(ConfigAuditorFactory.class));
    Multibinder.newSetBinder(binder(), SMSAuditFilter.class);
    Multibinder.newSetBinder(binder(), IdRepoCreationListener.class);
    bind(Stats.class).annotatedWith(Names.named(SessionConstants.STATS_MASTER_TABLE)).toInstance(Stats.getInstance(SessionConstants.STATS_MASTER_TABLE));
    bind(SessionCache.class).toInstance(SessionCache.getInstance());
    bind(SessionPollerPool.class).toInstance(SessionPollerPool.getInstance());
    /*
         * Must use a provider to ensure initialisation happens after SystemProperties have been set.
         */
    bind(SessionCookies.class).toProvider(new Provider<SessionCookies>() {

        @Override
        public SessionCookies get() {
            return SessionCookies.getInstance();
        }
    });
    /*
         * Must use a provider to ensure initialisation happens after SystemProperties have been set.
         */
    bind(SessionURL.class).toProvider(new Provider<SessionURL>() {

        @Override
        public SessionURL get() {
            return SessionURL.getInstance();
        }
    });
    bind(SessionServiceURLService.class).toInstance(SessionServiceURLService.getInstance());
    bind(ConsoleConfigHandler.class).to(ConsoleConfigHandlerImpl.class);
}
Also used : ServiceManagementDAOWrapper(com.sun.identity.sm.ServiceManagementDAOWrapper) FactoryModuleBuilder(com.google.inject.assistedinject.FactoryModuleBuilder) SessionURL(org.forgerock.openam.session.SessionURL) SSOException(com.iplanet.sso.SSOException) PolicyMonitor(org.forgerock.openam.entitlement.monitoring.PolicyMonitor) CTSOperationsMonitoringStore(org.forgerock.openam.cts.monitoring.CTSOperationsMonitoringStore) CTSPersistentStore(org.forgerock.openam.cts.CTSPersistentStore) Function(org.forgerock.util.Function) SessionCookies(org.forgerock.openam.session.SessionCookies) TypeLiteral(com.google.inject.TypeLiteral) URLValidator(com.sun.identity.shared.validation.URLValidator) ConfigAuditorFactory(com.sun.identity.sm.ldap.ConfigAuditorFactory) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) CTSConnectionMonitoringStore(org.forgerock.openam.cts.monitoring.CTSConnectionMonitoringStore) ServerSessionOperationStrategy(com.iplanet.dpro.session.operations.ServerSessionOperationStrategy) SessionOperationStrategy(com.iplanet.dpro.session.operations.SessionOperationStrategy) SessionPollerPool(org.forgerock.openam.session.SessionPollerPool) CTSReaperMonitoringStore(org.forgerock.openam.cts.monitoring.CTSReaperMonitoringStore) ConsoleConfigHandler(org.forgerock.openam.sm.config.ConsoleConfigHandler) AMIdentityRepositoryFactory(org.forgerock.openam.identity.idm.AMIdentityRepositoryFactory) SAMLToken(org.forgerock.openam.cts.api.tokens.SAMLToken) SessionServiceURLService(org.forgerock.openam.session.SessionServiceURLService) Provider(com.google.inject.Provider) ReaperQuery(org.forgerock.openam.cts.impl.query.reaper.ReaperQuery) CoreTokenConfig(org.forgerock.openam.cts.CoreTokenConfig) NeverThrowsException(org.forgerock.util.promise.NeverThrowsException) SessionService(com.iplanet.dpro.session.service.SessionService) CoreTokenConstants(org.forgerock.openam.cts.api.CoreTokenConstants) TokenAdapter(org.forgerock.openam.cts.adapters.TokenAdapter) MonitoredResultHandlerFactory(org.forgerock.openam.cts.monitoring.impl.queue.MonitoredResultHandlerFactory) ResultHandlerFactory(org.forgerock.openam.cts.impl.queue.ResultHandlerFactory) SessionCache(org.forgerock.openam.session.SessionCache)

Example 10 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class DataLayer method changePassword.

/**
     * Changes user password.
     * 
     * @param guid globally unique identifier for the entry.
     * @param attrName password attribute name
     * @param oldPassword old password
     * @param newPassword new password
     * @exception AccessRightsException if insufficient access
     * @exception EntryNotFoundException if the entry is not found.
     * @exception UMSException if failure
     *
     * @supported.api
     */
public void changePassword(Guid guid, String attrName, String oldPassword, String newPassword) throws UMSException {
    Modification modification = new Modification(ModificationType.REPLACE, Attributes.singletonAttribute(attrName, newPassword));
    String id = guid.getDn();
    try {
        DSConfigMgr dsCfg = DSConfigMgr.getDSConfigMgr();
        String hostAndPort = dsCfg.getHostName("default");
        // All connections will use authentication
        SimpleBindRequest bindRequest = LDAPRequests.newSimpleBindRequest(id, oldPassword.toCharArray());
        Options options = Options.defaultOptions().set(AUTHN_BIND_REQUEST, bindRequest);
        try (ConnectionFactory factory = new LDAPConnectionFactory(hostAndPort, 389, options)) {
            Connection ldc = factory.getConnection();
            ldc.modify(LDAPRequests.newModifyRequest(id).addModification(modification));
        } catch (LdapException ldex) {
            if (debug.warningEnabled()) {
                debug.warning("DataLayer.changePassword:", ldex);
            }
            ResultCode errorCode = ldex.getResult().getResultCode();
            if (ResultCode.NO_SUCH_OBJECT.equals(errorCode)) {
                throw new EntryNotFoundException(id, ldex);
            } else if (ResultCode.INSUFFICIENT_ACCESS_RIGHTS.equals(errorCode)) {
                throw new AccessRightsException(id, ldex);
            } else {
                throw new UMSException(id, ldex);
            }
        }
    } catch (LDAPServiceException ex) {
        debug.error("DataLayer.changePassword:", ex);
        throw new UMSException(id, ex);
    }
}
Also used : Modification(org.forgerock.opendj.ldap.Modification) Options(org.forgerock.util.Options) Connection(org.forgerock.opendj.ldap.Connection) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) ByteString(org.forgerock.opendj.ldap.ByteString) SimpleBindRequest(org.forgerock.opendj.ldap.requests.SimpleBindRequest) ConnectionFactory(org.forgerock.opendj.ldap.ConnectionFactory) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) LdapException(org.forgerock.opendj.ldap.LdapException) ResultCode(org.forgerock.opendj.ldap.ResultCode)

Aggregations

LDAPServiceException (com.iplanet.services.ldap.LDAPServiceException)12 DSConfigMgr (com.iplanet.services.ldap.DSConfigMgr)10 ServerInstance (com.iplanet.services.ldap.ServerInstance)7 ServerGroup (com.iplanet.services.ldap.ServerGroup)4 Connection (org.forgerock.opendj.ldap.Connection)4 ConnectionFactory (org.forgerock.opendj.ldap.ConnectionFactory)4 LdapException (org.forgerock.opendj.ldap.LdapException)3 LoginException (javax.security.auth.login.LoginException)2 ShutdownListener (org.forgerock.util.thread.listener.ShutdownListener)2 ShutdownManager (org.forgerock.util.thread.listener.ShutdownManager)2 Provider (com.google.inject.Provider)1 TypeLiteral (com.google.inject.TypeLiteral)1 FactoryModuleBuilder (com.google.inject.assistedinject.FactoryModuleBuilder)1 SystemProperties (com.iplanet.am.util.SystemProperties)1 ServerSessionOperationStrategy (com.iplanet.dpro.session.operations.ServerSessionOperationStrategy)1 SessionOperationStrategy (com.iplanet.dpro.session.operations.SessionOperationStrategy)1 SessionService (com.iplanet.dpro.session.service.SessionService)1 Server (com.iplanet.services.ldap.Server)1 SSOException (com.iplanet.sso.SSOException)1 SSOToken (com.iplanet.sso.SSOToken)1