Search in sources :

Example 86 with SSOException

use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.

the class OrgConfigViaAMSDK method deleteSubOrganization.

/**
     * Deletes sub-organiation using AMSDK. If recursive flag is set, then all
     * sub-entries are also removed. Else if sub-entries are present this will
     * throw an exception.
     */
void deleteSubOrganization(String subOrgName) throws SMSException {
    try {
        // Check if subOrgName is empty or null
        if (subOrgName == null || subOrgName.trim().length() == 0) {
            if (parentOrg.isExists()) {
                parentOrg.delete(true);
            }
            return;
        }
        // Check if it is a hidden realm
        if (subOrgName.startsWith(SMSEntry.SUN_INTERNAL_REALM_NAME)) {
            return;
        }
        // Get the suborg DN
        Set subOrgDNs = parentOrg.searchSubOrganizations(subOrgName, AMConstants.SCOPE_ONE);
        if (subOrgDNs != null && !subOrgDNs.isEmpty()) {
            for (Iterator items = subOrgDNs.iterator(); items.hasNext(); ) {
                String dn = (String) items.next();
                AMOrganization subOrg = parentOrg.getSubOrganization(dn);
                if (subOrg != null) {
                    subOrg.delete(true);
                }
            }
        } else {
            AMOrganization subOrg = parentOrg.getSubOrganization(subOrgName);
            if (subOrg != null) {
                subOrg.delete(true);
            }
        }
    } catch (AMException ame) {
        if (debug.messageEnabled()) {
            debug.message("OrgConfigViaAMSDK::deleteSubOrganization" + ": failed with AMException", ame);
        }
        throw (new SMSException(AMSDKBundle.BUNDLE_NAME, ame.getMessage(), ame, ame.getMessage()));
    } catch (SSOException ssoe) {
        throw (new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), ssoe, "sms-INVALID_SSO_TOKEN"));
    }
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) AMOrganization(com.iplanet.am.sdk.AMOrganization) Iterator(java.util.Iterator) AMException(com.iplanet.am.sdk.AMException) SSOException(com.iplanet.sso.SSOException)

Example 87 with SSOException

use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.

the class OrgConfigViaAMSDK method checkRealmPermission.

// Check to see if the user has realm permissions
private boolean checkRealmPermission(SSOToken token, String realm, Set action) {
    boolean answer = false;
    if (token != null) {
        try {
            DelegationEvaluator de = new DelegationEvaluatorImpl();
            DelegationPermission dp = new DelegationPermission(realm, com.sun.identity.sm.SMSEntry.REALM_SERVICE, "1.0", "*", "*", action, Collections.EMPTY_MAP);
            answer = de.isAllowed(token, dp, null);
        } catch (DelegationException dex) {
            debug.error("OrgConfigViaAMSDK.checkRealmPermission: " + "Got Delegation Exception: ", dex);
        } catch (SSOException ssoe) {
            if (debug.messageEnabled()) {
                debug.message("OrgConfigViaAMSDK.checkRealmPermission: " + "Invalid SSOToken: ", ssoe);
            }
        }
    }
    return (answer);
}
Also used : DelegationEvaluatorImpl(com.sun.identity.delegation.DelegationEvaluatorImpl) DelegationEvaluator(com.sun.identity.delegation.DelegationEvaluator) DelegationException(com.sun.identity.delegation.DelegationException) SSOException(com.iplanet.sso.SSOException) DelegationPermission(com.sun.identity.delegation.DelegationPermission)

Example 88 with SSOException

use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.

the class OrgConfigViaAMSDK method getObjectType.

// Returns the organization type for AMSDK DN.
private int getObjectType() {
    if (objType == 0) {
        try {
            AMStoreConnection amcom = new AMStoreConnection((SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()));
            objType = amcom.getAMObjectType(parentOrgName);
        } catch (AMException ame) {
            // set as organizational unit
            objType = AMObject.ORGANIZATIONAL_UNIT;
            debug.error("OrgConfigViaAMSDK: Unable to determine type");
        } catch (SSOException ssoe) {
            // set as organizational unit
            objType = AMObject.ORGANIZATIONAL_UNIT;
        }
    }
    return (objType);
}
Also used : AMStoreConnection(com.iplanet.am.sdk.AMStoreConnection) AMException(com.iplanet.am.sdk.AMException) SSOException(com.iplanet.sso.SSOException)

Example 89 with SSOException

use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.

the class OrgConfigViaAMSDK method createSubOrganization.

/**
     * Create a suborganization using AMSDK. The code checks if the DIT has been
     * migrated to AM 7.0 to add the objectclass "sunRelamService".
     */
void createSubOrganization(String subOrgName) throws SMSException {
    // Check if suborg exists
    if (!getSubOrganizationNames(subOrgName, false).isEmpty() || subOrgName.startsWith(SMSEntry.SUN_INTERNAL_REALM_NAME)) {
        // Sub-org already exists or it is a hidden realm
        return;
    }
    // Create the organization
    try {
        if (ServiceManager.isConfigMigratedTo70()) {
            Map attrs = new HashMap();
            Set attrValues = new HashSet();
            attrValues.add(SMSEntry.OC_REALM_SERVICE);
            attrs.put(SMSEntry.ATTR_OBJECTCLASS, attrValues);
            Map subOrgs = new HashMap();
            subOrgs.put(subOrgName, attrs);
            parentOrg.createSubOrganizations(subOrgs);
        } else {
            Set subOrgs = new HashSet();
            subOrgs.add(subOrgName);
            parentOrg.createSubOrganizations(subOrgs);
        }
    } catch (AMException ame) {
        // Ignore if it is Organization already exists
        if (!ame.getErrorCode().equals("474")) {
            if (debug.messageEnabled()) {
                debug.message("OrgConfigViaAMSDK::createSubOrganization" + ": failed with AMException", ame);
            }
            throw (new SMSException(AMSDKBundle.BUNDLE_NAME, ame.getMessage(), ame, ame.getMessage()));
        }
    } catch (SSOException ssoe) {
        throw (new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), ssoe, "sms-INVALID_SSO_TOKEN"));
    }
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) AMException(com.iplanet.am.sdk.AMException) SSOException(com.iplanet.sso.SSOException) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) Map(java.util.Map) HashSet(java.util.HashSet)

Example 90 with SSOException

use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.

the class AttributeSchema method updateXMLDocument.

protected void updateXMLDocument(StringBuffer sb, String elementName, Document updateDoc) throws SMSException, SSOException {
    // Update the default element in XML
    try {
        // Construct the XML document
        Document doc = SMSSchema.getXMLDocument(sb.toString(), false);
        Node node = XMLUtils.getRootNode(doc, elementName);
        // Convert to Schema's document
        Document schemaDoc = null;
        if (updateDoc != null) {
            schemaDoc = updateDoc;
        } else if (ssm != null) {
            schemaDoc = ssm.getDocumentCopy();
        } else {
            schemaDoc = ps.getDocumentCopy();
        }
        Node nNode = schemaDoc.importNode(node, true);
        // Traverse the document to get this attribute element
        Node schemaNode = null;
        if (ss != null) {
            schemaNode = ss.getSchemaNode(schemaDoc);
        } else {
            schemaNode = ps.getPluginSchemaNode(schemaDoc);
        }
        Node attrSchemaNode = XMLUtils.getNamedChildNode(schemaNode, SMSUtils.SCHEMA_ATTRIBUTE, SMSUtils.NAME, getName());
        // This will be a special case for idrepo service.
        if (attrSchemaNode == null) {
            schemaNode = ss.getOrgAttrSchemaNode(schemaDoc);
            attrSchemaNode = XMLUtils.getNamedChildNode(schemaNode, SMSUtils.SCHEMA_ATTRIBUTE, SMSUtils.NAME, getName());
        }
        Node oNode = XMLUtils.getChildNode(attrSchemaNode, elementName);
        if (oNode != null) {
            attrSchemaNode.replaceChild(nNode, oNode);
        } else {
            attrSchemaNode.appendChild(nNode);
        }
        // Update the schema in the directory
        if (updateDoc != null) {
        // do nothing
        } else if (ssm != null) {
            ssm.replaceSchema(schemaDoc);
        } else {
            ps.replacePluginSchema(schemaDoc);
        }
    } catch (Exception e) {
        throw (new SMSException(e.getMessage(), e, "sms-cannot-update-xml-document"));
    }
}
Also used : Node(org.w3c.dom.Node) Document(org.w3c.dom.Document) SSOException(com.iplanet.sso.SSOException)

Aggregations

SSOException (com.iplanet.sso.SSOException)1002 SMSException (com.sun.identity.sm.SMSException)553 Set (java.util.Set)374 SSOToken (com.iplanet.sso.SSOToken)336 IdRepoException (com.sun.identity.idm.IdRepoException)291 HashSet (java.util.HashSet)289 Map (java.util.Map)223 HashMap (java.util.HashMap)205 AMIdentity (com.sun.identity.idm.AMIdentity)193 Iterator (java.util.Iterator)189 CLIException (com.sun.identity.cli.CLIException)170 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)126 ServiceConfig (com.sun.identity.sm.ServiceConfig)126 IOutput (com.sun.identity.cli.IOutput)121 ServiceSchemaManager (com.sun.identity.sm.ServiceSchemaManager)104 ServiceSchema (com.sun.identity.sm.ServiceSchema)101 ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)93 AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)88 IOException (java.io.IOException)65 PolicyException (com.sun.identity.policy.PolicyException)62