Examples with SSOToken com.iplanet.sso.SSOToken used on opensource projects

Example 71 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class RestletRealmRouterTest method shouldRouteToRealm.

@Test(dataProvider = "realmRoutingDataProvider")
public void shouldRouteToRealm(String realmLocation, boolean isRealmAlias) throws Exception {
    //Given
    SSOToken adminToken = mock(SSOToken.class);
    Restlet next = mock(Restlet.class);
    HttpServletRequest httpRequest = mock(HttpServletRequest.class);
    Request request = setUpRequest(httpRequest, adminToken);
    Response response = mock(Response.class);
    String realm;
    if (!isRealmAlias) {
        realm = "REALM";
    } else {
        realm = "REALM_ALIAS";
    }
    if ("dns".equalsIgnoreCase(realmLocation)) {
        //set up server name
        setUpServerName(request, adminToken, realm);
    }
    if ("query".equalsIgnoreCase(realmLocation)) {
        //set up query string
        setUpServerName(request, adminToken, "/");
        setUpQueryString(request, realm);
    }
    if ("uri".equalsIgnoreCase(realmLocation)) {
        //set up uri
        setUpServerName(request, adminToken, "/");
        setUpUri(request, realm);
    }
    //set up validate realm
    setUpRealmValidator(realm, isRealmAlias, adminToken);
    //When
    router.doHandle(next, request, response);
    //Then
    assertThat(request.getAttributes()).containsEntry("realm", "/REALM");
    verify(httpRequest).setAttribute("realm", "/REALM");
    assertThat(request.getAttributes()).containsEntry("realmUrl", "The base url");
}

Example 72 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class DataStore method hasPrivilgesWithApplication.

public boolean hasPrivilgesWithApplication(Subject adminSubject, String realm, String applName) throws EntitlementException {
    SSOToken token = getSSOToken(adminSubject);
    //Search privilege
    String filter = "(ou=" + Privilege.APPLICATION_ATTRIBUTE + "=" + applName + ")";
    String baseDN = getSearchBaseDN(realm, null);
    if (hasEntries(token, baseDN, filter)) {
        return true;
    }
    //Search referral privilege
    baseDN = getSearchBaseDN(realm, REFERRAL_STORE);
    if (hasEntries(token, baseDN, filter)) {
        return true;
    }
    //Search delegation privilege
    baseDN = getSearchBaseDN(getHiddenRealmDN(), null);
    if (hasEntries(token, baseDN, filter)) {
        return true;
    }
    return false;
}

Example 73 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class DataStore method searchPrivileges.

private Set<IPrivilege> searchPrivileges(String realm, BufferedIterator iterator, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree, Set<String> excludeDNs) throws EntitlementException {
    Set<IPrivilege> results = new HashSet<IPrivilege>();
    String filter = getFilter(indexes, subjectIndexes, bSubTree);
    String baseDN = getSearchBaseDN(realm, null);
    if (PolicyConstants.DEBUG.messageEnabled()) {
        PolicyConstants.DEBUG.message("[PolicyEval] DataStore.searchPrivileges");
        PolicyConstants.DEBUG.message("[PolicyEval] search filter: " + filter);
        PolicyConstants.DEBUG.message("[PolicyEval] search DN: " + baseDN);
    }
    if (filter != null) {
        SSOToken token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
        long start = DB_MONITOR_PRIVILEGE.start();
        if (SMSEntry.checkIfEntryExists(baseDN, token)) {
            try {
                Iterator i = SMSEntry.search(token, baseDN, filter, NO_LIMIT, NO_LIMIT, NOT_SORTED, NOT_SORTED, excludeDNs);
                while (i.hasNext()) {
                    SMSDataEntry e = (SMSDataEntry) i.next();
                    Privilege privilege = Privilege.getInstance(new JSONObject(e.getAttributeValue(SERIALIZABLE_INDEX_KEY)));
                    iterator.add(privilege);
                    results.add(privilege);
                }
            } catch (JSONException e) {
                Object[] arg = { baseDN };
                throw new EntitlementException(52, arg, e);
            } catch (SMSException e) {
                Object[] arg = { baseDN };
                throw new EntitlementException(52, arg, e);
            }
        }
        DB_MONITOR_PRIVILEGE.end(start);
    }
    return results;
}

Example 74 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class DataStore method remove.

/**
     * Removes privilege.
     *
     * @param adminSubject Admin Subject who has the rights to write to
     *        datastore.
     * @param realm Realm name.
     * @param name Privilege name.
     * @throws com.sun.identity.entitlement.EntitlementException if privilege
     * cannot be removed.
     */
public void remove(Subject adminSubject, String realm, String name) throws EntitlementException {
    SSOToken token = getSSOToken(adminSubject);
    if (token == null) {
        Object[] arg = { name };
        throw new EntitlementException(55, arg);
    }
    String dn = null;
    try {
        dn = getPrivilegeDistinguishedName(name, realm, null);
        if (SMSEntry.checkIfEntryExists(dn, token)) {
            SMSEntry s = new SMSEntry(token, dn);
            s.delete();
            updateIndexCount(realm, -1, false);
            Map<String, String> params = new HashMap<String, String>();
            params.put(NotificationServlet.ATTR_NAME, name);
            params.put(NotificationServlet.ATTR_REALM_NAME, realm);
            Notifier.submit(NotificationServlet.PRIVILEGE_DELETED, params);
        }
    } catch (SMSException e) {
        Object[] arg = { dn };
        throw new EntitlementException(51, arg, e);
    } catch (SSOException e) {
        throw new EntitlementException(10, null, e);
    }
}

Example 75 with SSOToken

use of com.iplanet.sso.SSOToken in project OpenAM by OpenRock.

the class EntitlementService method addApplicationAction.

/**
     * Adds a new action.
     *
     * @param appName application name.
     * @param name Action name.
     * @param defVal Default value.
     * @throws EntitlementException if action cannot be added.
     */
public void addApplicationAction(String appName, String name, Boolean defVal) throws EntitlementException {
    try {
        SSOToken token = SubjectUtils.getSSOToken(getAdminSubject());
        if (token == null) {
            throw new EntitlementException(226);
        }
        ServiceConfig applConf = getApplicationSubConfig(token, realm, appName);
        if (applConf != null) {
            Map<String, Set<String>> data = applConf.getAttributes();
            Map<String, Set<String>> result = addAction(data, name, defVal);
            if (result != null) {
                applConf.setAttributes(result);
            }
        }
    } catch (SMSException ex) {
        throw new EntitlementException(221, ex);
    } catch (SSOException ex) {
        throw new EntitlementException(221, ex);
    }
}