Example 16 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class LogRecWrite method execute.
/**
* Return result of the request processing in <code>Response</code>
* @return result of the request processing in <code>Response</code>
*/
public Response execute(AuditEventPublisher auditEventPublisher, AuditEventFactory auditEventFactory) {
Response res = new Response("OK");
SsoServerLoggingSvcImpl slsi = null;
SsoServerLoggingHdlrEntryImpl slei = null;
if (MonitoringUtil.isRunning()) {
slsi = Agent.getLoggingSvcMBean();
slei = slsi.getHandler(SsoServerLoggingSvcImpl.REMOTE_HANDLER_NAME);
}
Logger logger = (Logger) Logger.getLogger(_logname);
if (Debug.messageEnabled()) {
Debug.message("LogRecWrite: exec: logname = " + _logname);
}
Level level = Level.parse(((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).level);
String msg = ((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).msg;
Map logInfoMap = ((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).logInfoMap;
Object[] parameters = ((com.sun.identity.log.service.LogRecord) _records.elementAt(0)).parameters;
try {
msg = new String(com.sun.identity.shared.encode.Base64.decode(msg));
} catch (RuntimeException ex) {
// write msg as it is.
if (Debug.messageEnabled()) {
Debug.message("LogRecWrite: message is not base64 encoded");
}
}
LogRecord rec = new LogRecord(level, msg);
if (logInfoMap != null) {
String loginIDSid = (String) logInfoMap.get(LogConstants.LOGIN_ID_SID);
if (loginIDSid != null && loginIDSid.length() > 0) {
SSOToken loginIDToken = null;
try {
SSOTokenManager ssom = SSOTokenManager.getInstance();
loginIDToken = ssom.createSSOToken(loginIDSid);
} catch (SSOException e) {
if (Debug.warningEnabled()) {
Debug.warning("LogService::process(): SSOException", e);
}
rec.setLogInfoMap(logInfoMap);
}
if (loginIDToken != null) {
// here fill up logInfo into the newlr
rec = LogSSOTokenDetails.logSSOTokenInfo(rec, loginIDToken);
// now take one be one values from logInfoMap and overwrite
// any populated value from sso token.
Set keySet = logInfoMap.keySet();
Iterator i = keySet.iterator();
String key = null;
String value = null;
while (i.hasNext()) {
key = (String) i.next();
value = (String) logInfoMap.get(key);
if (value != null && value.length() > 0) {
if (key.equalsIgnoreCase(LogConstants.DATA)) {
try {
value = new String(com.sun.identity.shared.encode.Base64.decode(value));
} catch (RuntimeException ex) {
// ignore & write msg as it is.
if (Debug.messageEnabled()) {
Debug.message("LogRecWrite: data is not " + "base64 encoded");
}
}
}
rec.addLogInfo(key, value);
}
}
}
} else {
rec.setLogInfoMap(logInfoMap);
}
}
rec.addLogInfo(LogConstants.LOG_LEVEL, rec.getLevel().toString());
rec.setParameters(parameters);
SSOToken loggedByToken = null;
String realm = NO_REALM;
try {
SSOTokenManager ssom = SSOTokenManager.getInstance();
loggedByToken = ssom.createSSOToken(_loggedBySid);
Map<String, Set<String>> appAttributes = IdUtils.getIdentity(loggedByToken).getAttributes();
realm = getFirstItem(appAttributes.get(EVALUATION_REALM), NO_REALM);
} catch (IdRepoException | SSOException ssoe) {
Debug.error("LogRecWrite: exec:SSOException: ", ssoe);
}
if (MonitoringUtil.isRunning()) {
slei.incHandlerRequestCount(1);
}
auditAccessMessage(auditEventPublisher, auditEventFactory, rec, realm);
logger.log(rec, loggedByToken);
// Log file record write okay and return OK
if (MonitoringUtil.isRunning()) {
slei.incHandlerSuccessCount(1);
}
return res;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
Logger(com.sun.identity.log.Logger)
Response(com.iplanet.services.comm.share.Response)
LogRecord(com.sun.identity.log.LogRecord)
Iterator(java.util.Iterator)
Level(java.util.logging.Level)
Map(java.util.Map)
SsoServerLoggingSvcImpl(com.sun.identity.monitoring.SsoServerLoggingSvcImpl)
SsoServerLoggingHdlrEntryImpl(com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl)
Example 17 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class LogService method process.
/**
* The method which accepts the request set, parses the xml request and
* executes the appropriate log operation.
* @param requests
* @param servletRequest
* @param servletResponse
* @return The response set which contains the result of the log operation.
*/
public ResponseSet process(PLLAuditor auditor, List<Request> requests, HttpServletRequest servletRequest, HttpServletResponse servletResponse, ServletContext servletContext) {
if (Debug.messageEnabled()) {
Debug.message("LogService.process() called :requests are");
for (Request req : requests) {
Debug.message("xml = " + req.getContent());
}
}
ResponseSet rset = new ResponseSet(LOG_SERVICE);
for (Request req : requests) {
// remember sid string is the last item in the log tag
String xmlRequestString = req.getContent();
Response res;
if ((xmlRequestString == null) || xmlRequestString.equals("null")) {
Debug.error("Received a null log request");
res = new Response("NULL_LOG_REQUEST");
rset.addResponse(res);
} else {
int l = xmlRequestString.length();
int sidi = xmlRequestString.indexOf("sid=");
int sidj = xmlRequestString.indexOf("</log");
loggedBySid = xmlRequestString.substring((sidi + 5), (sidj - 2));
try {
//NOTE source ip address restrictions are temporary kludge
// for 6.1 session hijacking hotpatch
InetAddress remoteClient = SessionUtils.getClientAddress(servletRequest);
SSOToken ssoToken = RestrictedTokenHelper.resolveRestrictedToken(loggedBySid, remoteClient);
SSOTokenManager ssom = SSOTokenManager.getInstance();
if (!ssom.isValidToken(ssoToken)) {
String loggedByID = ssoToken.getPrincipal().getName();
Debug.error("LogService::process(): access denied for" + " user :" + loggedByID);
res = new Response("UNAUTHORIZED");
rset.addResponse(res);
return rset;
}
} catch (SSOException e) {
Debug.error("LogService::process(): SSOException", e);
res = new Response("UNAUTHORIZED");
rset.addResponse(res);
return rset;
} catch (Exception e) {
Debug.error("LogService::process(): ", e);
res = new Response("ERROR");
rset.addResponse(res);
}
try {
ByteArrayInputStream bin = new ByteArrayInputStream(xmlRequestString.getBytes("UTF-8"));
LogOperation op = (LogOperation) parser.parse(bin);
res = op.execute(auditEventPublisher, auditEventFactory);
} catch (Exception e) {
Debug.error("LogService::process():", e);
// FORMAT ERROR RESPONSE HERE
res = new Response("ERROR");
if (MonitoringUtil.isRunning()) {
SsoServerLoggingSvcImpl slsi = Agent.getLoggingSvcMBean();
SsoServerLoggingHdlrEntryImpl slei = slsi.getHandler(SsoServerLoggingSvcImpl.REMOTE_HANDLER_NAME);
slei.incHandlerFailureCount(1);
}
}
rset.addResponse(res);
}
}
return rset;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
Request(com.iplanet.services.comm.share.Request)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ResponseSet(com.iplanet.services.comm.share.ResponseSet)
SSOException(com.iplanet.sso.SSOException)
SSOException(com.iplanet.sso.SSOException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(com.iplanet.services.comm.share.Response)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InetAddress(java.net.InetAddress)
SsoServerLoggingSvcImpl(com.sun.identity.monitoring.SsoServerLoggingSvcImpl)
SsoServerLoggingHdlrEntryImpl(com.sun.identity.monitoring.SsoServerLoggingHdlrEntryImpl)
Example 18 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class UpdateDNSAlias method main.
public static void main(String[] args) {
if (args.length != 5) {
System.out.println(" Usage: UpdateDNSAlias " + "<add | delete> <orgdn> <dnsalias> <userdn> <passwd>");
System.exit(1);
}
String opt = args[0];
String orgDn = args[1];
String dnsAlias = args[2];
if ((opt == null) || (orgDn == null) || (dnsAlias == null)) {
debug.error("One or more parameters are null");
System.exit(1);
}
try {
String bindDN = args[3];
String password = args[4];
SSOTokenManager ssom = SSOTokenManager.getInstance();
SSOToken token = ssom.createSSOToken(new AuthPrincipal(bindDN), password);
AMStoreConnection asc = new AMStoreConnection(token);
AMOrganization org = asc.getOrganization(orgDn);
Set values = org.getAttribute("sunOrganizationAlias");
HashMap map = new HashMap();
if (opt.equalsIgnoreCase("add")) {
if (!values.contains(dnsAlias)) {
values.add(dnsAlias);
}
map.put("sunOrganizationAlias", values);
org.setAttributes(map);
org.store();
} else if (opt.equalsIgnoreCase("delete")) {
values.remove(dnsAlias);
map.put("sunOrganizationAlias", values);
org.setAttributes(map);
org.store();
} else {
debug.error("Unknown option in AMGenerateServerID");
System.exit(1);
}
} catch (Exception e) {
debug.error("Exception occured:", e);
}
System.exit(0);
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
AMStoreConnection(com.iplanet.am.sdk.AMStoreConnection)
Set(java.util.Set)
HashMap(java.util.HashMap)
AMOrganization(com.iplanet.am.sdk.AMOrganization)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
Example 19 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class AMGenerateServerID method main.
public static void main(String[] args) {
if (args.length != 4) {
System.out.println(" Usage: AMGenerateServerID create|delete " + "<serverurl> amadminDN amadminPassword");
System.exit(1);
}
String opt = args[0];
String serverUrl = args[1];
try {
String bindDN = args[2];
String password = args[3];
SSOTokenManager ssom = SSOTokenManager.getInstance();
SSOToken token = ssom.createSSOToken(new AuthPrincipal(bindDN), password);
Set servers = ServerConfiguration.getServerInfo(token);
for (Iterator iter = servers.iterator(); iter.hasNext(); ) {
String server = (String) iter.next();
if (server.startsWith(serverUrl)) {
debug.message("server already exists., exiting");
System.exit(0);
}
}
if (opt.equalsIgnoreCase("create")) {
if (debug.messageEnabled()) {
debug.message("New server entry:" + serverUrl);
}
ServerConfiguration.createServerInstance(token, serverUrl, Collections.EMPTY_SET, "");
} else if (opt.equalsIgnoreCase("delete")) {
if (ServerConfiguration.deleteServerInstance(token, serverUrl)) {
debug.message("Server entry to be removed:" + serverUrl);
} else {
debug.message("Can not find server in server's list:" + serverUrl);
System.exit(1);
}
} else {
debug.message("Unknown option in AMGenerateServerID");
System.exit(1);
}
} catch (Exception e) {
debug.error("Exception occured:", e);
}
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
Iterator(java.util.Iterator)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
Example 20 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class AMAuthUtils method getSSOToken.
/**
* Returns user's single sign on token.
*
* @param req HTTP Servlet request.
* @return single-sign-on token.
* @throws SSOException if single-sign-on token cannot be created
*/
public static SSOToken getSSOToken(HttpServletRequest req) throws SSOException {
SSOTokenManager manager = SSOTokenManager.getInstance();
SSOToken ssoToken = manager.createSSOToken(req);
manager.validateToken(ssoToken);
return ssoToken;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
Aggregations
SSOTokenManager (com.iplanet.sso.SSOTokenManager)53
SSOToken (com.iplanet.sso.SSOToken)48
SSOException (com.iplanet.sso.SSOException)39
IdRepoException (com.sun.identity.idm.IdRepoException)11
AMIdentity (com.sun.identity.idm.AMIdentity)9
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)8
IOException (java.io.IOException)7
Map (java.util.Map)6
Set (java.util.Set)6
ForbiddenException (org.forgerock.json.resource.ForbiddenException)6
SessionException (com.iplanet.dpro.session.SessionException)5
InternalSession (com.iplanet.dpro.session.service.InternalSession)5
AuthPrincipal (com.sun.identity.authentication.internal.AuthPrincipal)5
AuthException (com.sun.identity.authentication.service.AuthException)5
Iterator (java.util.Iterator)5
AuthContext (com.sun.identity.authentication.AuthContext)4
SMSException (com.sun.identity.sm.SMSException)4
Response (com.iplanet.services.comm.share.Response)3
UnsupportedEncodingException (java.io.UnsupportedEncodingException)3
HashMap (java.util.HashMap)3
