use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.
the class OrgConfigViaAMSDK method deleteSubOrganization.
/**
* Deletes sub-organiation using AMSDK. If recursive flag is set, then all
* sub-entries are also removed. Else if sub-entries are present this will
* throw an exception.
*/
void deleteSubOrganization(String subOrgName) throws SMSException {
try {
// Check if subOrgName is empty or null
if (subOrgName == null || subOrgName.trim().length() == 0) {
if (parentOrg.isExists()) {
parentOrg.delete(true);
}
return;
}
// Check if it is a hidden realm
if (subOrgName.startsWith(SMSEntry.SUN_INTERNAL_REALM_NAME)) {
return;
}
// Get the suborg DN
Set subOrgDNs = parentOrg.searchSubOrganizations(subOrgName, AMConstants.SCOPE_ONE);
if (subOrgDNs != null && !subOrgDNs.isEmpty()) {
for (Iterator items = subOrgDNs.iterator(); items.hasNext(); ) {
String dn = (String) items.next();
AMOrganization subOrg = parentOrg.getSubOrganization(dn);
if (subOrg != null) {
subOrg.delete(true);
}
}
} else {
AMOrganization subOrg = parentOrg.getSubOrganization(subOrgName);
if (subOrg != null) {
subOrg.delete(true);
}
}
} catch (AMException ame) {
if (debug.messageEnabled()) {
debug.message("OrgConfigViaAMSDK::deleteSubOrganization" + ": failed with AMException", ame);
}
throw (new SMSException(AMSDKBundle.BUNDLE_NAME, ame.getMessage(), ame, ame.getMessage()));
} catch (SSOException ssoe) {
throw (new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), ssoe, "sms-INVALID_SSO_TOKEN"));
}
}
use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.
the class OrgConfigViaAMSDK method checkRealmPermission.
// Check to see if the user has realm permissions
private boolean checkRealmPermission(SSOToken token, String realm, Set action) {
boolean answer = false;
if (token != null) {
try {
DelegationEvaluator de = new DelegationEvaluatorImpl();
DelegationPermission dp = new DelegationPermission(realm, com.sun.identity.sm.SMSEntry.REALM_SERVICE, "1.0", "*", "*", action, Collections.EMPTY_MAP);
answer = de.isAllowed(token, dp, null);
} catch (DelegationException dex) {
debug.error("OrgConfigViaAMSDK.checkRealmPermission: " + "Got Delegation Exception: ", dex);
} catch (SSOException ssoe) {
if (debug.messageEnabled()) {
debug.message("OrgConfigViaAMSDK.checkRealmPermission: " + "Invalid SSOToken: ", ssoe);
}
}
}
return (answer);
}
use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.
the class OrgConfigViaAMSDK method getObjectType.
// Returns the organization type for AMSDK DN.
private int getObjectType() {
if (objType == 0) {
try {
AMStoreConnection amcom = new AMStoreConnection((SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()));
objType = amcom.getAMObjectType(parentOrgName);
} catch (AMException ame) {
// set as organizational unit
objType = AMObject.ORGANIZATIONAL_UNIT;
debug.error("OrgConfigViaAMSDK: Unable to determine type");
} catch (SSOException ssoe) {
// set as organizational unit
objType = AMObject.ORGANIZATIONAL_UNIT;
}
}
return (objType);
}
use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.
the class OrgConfigViaAMSDK method createSubOrganization.
/**
* Create a suborganization using AMSDK. The code checks if the DIT has been
* migrated to AM 7.0 to add the objectclass "sunRelamService".
*/
void createSubOrganization(String subOrgName) throws SMSException {
// Check if suborg exists
if (!getSubOrganizationNames(subOrgName, false).isEmpty() || subOrgName.startsWith(SMSEntry.SUN_INTERNAL_REALM_NAME)) {
// Sub-org already exists or it is a hidden realm
return;
}
// Create the organization
try {
if (ServiceManager.isConfigMigratedTo70()) {
Map attrs = new HashMap();
Set attrValues = new HashSet();
attrValues.add(SMSEntry.OC_REALM_SERVICE);
attrs.put(SMSEntry.ATTR_OBJECTCLASS, attrValues);
Map subOrgs = new HashMap();
subOrgs.put(subOrgName, attrs);
parentOrg.createSubOrganizations(subOrgs);
} else {
Set subOrgs = new HashSet();
subOrgs.add(subOrgName);
parentOrg.createSubOrganizations(subOrgs);
}
} catch (AMException ame) {
// Ignore if it is Organization already exists
if (!ame.getErrorCode().equals("474")) {
if (debug.messageEnabled()) {
debug.message("OrgConfigViaAMSDK::createSubOrganization" + ": failed with AMException", ame);
}
throw (new SMSException(AMSDKBundle.BUNDLE_NAME, ame.getMessage(), ame, ame.getMessage()));
}
} catch (SSOException ssoe) {
throw (new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), ssoe, "sms-INVALID_SSO_TOKEN"));
}
}
use of com.iplanet.sso.SSOException in project OpenAM by OpenRock.
the class AttributeSchema method updateXMLDocument.
protected void updateXMLDocument(StringBuffer sb, String elementName, Document updateDoc) throws SMSException, SSOException {
// Update the default element in XML
try {
// Construct the XML document
Document doc = SMSSchema.getXMLDocument(sb.toString(), false);
Node node = XMLUtils.getRootNode(doc, elementName);
// Convert to Schema's document
Document schemaDoc = null;
if (updateDoc != null) {
schemaDoc = updateDoc;
} else if (ssm != null) {
schemaDoc = ssm.getDocumentCopy();
} else {
schemaDoc = ps.getDocumentCopy();
}
Node nNode = schemaDoc.importNode(node, true);
// Traverse the document to get this attribute element
Node schemaNode = null;
if (ss != null) {
schemaNode = ss.getSchemaNode(schemaDoc);
} else {
schemaNode = ps.getPluginSchemaNode(schemaDoc);
}
Node attrSchemaNode = XMLUtils.getNamedChildNode(schemaNode, SMSUtils.SCHEMA_ATTRIBUTE, SMSUtils.NAME, getName());
// This will be a special case for idrepo service.
if (attrSchemaNode == null) {
schemaNode = ss.getOrgAttrSchemaNode(schemaDoc);
attrSchemaNode = XMLUtils.getNamedChildNode(schemaNode, SMSUtils.SCHEMA_ATTRIBUTE, SMSUtils.NAME, getName());
}
Node oNode = XMLUtils.getChildNode(attrSchemaNode, elementName);
if (oNode != null) {
attrSchemaNode.replaceChild(nNode, oNode);
} else {
attrSchemaNode.appendChild(nNode);
}
// Update the schema in the directory
if (updateDoc != null) {
// do nothing
} else if (ssm != null) {
ssm.replaceSchema(schemaDoc);
} else {
ps.replacePluginSchema(schemaDoc);
}
} catch (Exception e) {
throw (new SMSException(e.getMessage(), e, "sms-cannot-update-xml-document"));
}
}
Aggregations