use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getAMTemplateDN.
/**
* Get the AMTemplate DN (COSTemplateDN)
*
* @param token
* SSOToken
* @param entryDN
* DN of the profile whose template is to be set
* @param serviceName
* Service Name
* @param type
* the template type, AMTemplate.DYNAMIC_TEMPLATE
* @return String DN of the AMTemplate
*/
public String getAMTemplateDN(SSOToken token, String entryDN, int objectType, String serviceName, int type) throws AMException {
String roleDN = null;
// TBD : get template on flexible naming attribute
try {
// get COS Definition depends on different profile type
switch(objectType) {
case AMObject.ROLE:
case AMObject.FILTERED_ROLE:
roleDN = entryDN;
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
return ("cn=\"" + roleDN + "\",cn=" + serviceName + "," + po.getParentGuid().toString());
case AMObject.ORGANIZATION:
case AMObject.ORGANIZATIONAL_UNIT:
case AMObject.PEOPLE_CONTAINER:
roleDN = "cn=" + CONTAINER_DEFAULT_TEMPLATE_ROLE + "," + entryDN;
return ("cn=\"" + roleDN + "\",cn=" + serviceName + "," + entryDN);
default:
// does not have COS
throw new AMException(token, "450");
}
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.getAMTemplateDN() Unable to get " + "AMTemplate DN for service: " + serviceName + " entryDN: " + entryDN, e);
throw new AMException(token, "349", e);
}
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method changePassword.
/**
* Changes user password.
*
* @param token Single sign on token
* @param entryDN DN of the profile whose template is to be set
* @param attrName password attribute name
* @param oldPassword old password
* @param newPassword new password
* @throws AMException if an error occurs when changing user password
* @throws SSOException If user's single sign on token is invalid.
*/
public void changePassword(SSOToken token, String entryDN, String attrName, String oldPassword, String newPassword) throws AMException, SSOException {
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
po.changePassword(entryDN, attrName, oldPassword, newPassword);
} catch (UMSException umex) {
debug.error("DirectoryServicesImpl.changePassword: ", umex);
throw new AMException(token, "362", umex);
}
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getAttributes.
/**
* Gets all attributes corresponding to the entryDN. This method obtains the
* DC Tree node attributes and also performs compliance related verification
* checks in compliance mode. Note: In compliance mode you can skip the
* compliance checks by setting ignoreCompliance to "false".
*
* @param token
* a valid SSOToken
* @param entryDN
* the DN of the entry whose attributes need to retrieved
* @param ignoreCompliance
* a boolean value specificying if compliance related entries
* need to ignored or not. Ignored if true.
* @return a Map containing attribute names as keys and Set of values
* corresponding to each key.
* @throws AMException
* if an error is encountered in fetching the attributes
*/
public Map getAttributes(SSOToken token, String entryDN, boolean ignoreCompliance, boolean byteValues, int profileType) throws AMException, SSOException {
try {
// Obtain attributes from directory
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
AttrSet attrSet = po.getAttributes(po.getAttributeNames());
/*
* Add this 'dn' explicitly to the result set and return. reason:
* when queried with this entrydn/dn the lower level api/ ldapjdk
* does not return this attribute, but returns other ones.
*/
attrSet.add(new Attr("dn", entryDN));
attrSet.add(new Attr("entryDN", entryDN));
// Perform Compliance related checks
checkComplianceAttributes(attrSet, ignoreCompliance);
AMHashMap attributes = (AMHashMap) CommonUtils.attrSetToMap(attrSet, byteValues);
Map dcAttributes = getDCTreeAttributes(token, entryDN, null, byteValues, profileType);
attributes.copy(dcAttributes);
return attributes;
} catch (IllegalArgumentException ie) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.getAttributes(): " + "Unable to get attributes: ", ie);
}
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("330", locale), "330");
} catch (UMSException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.getAttributes(): " + "Unable to get attributes: ", e);
}
// Extract the ldap error code from Exception
throw new AMException(token, "330", e);
}
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method renameEntry.
/**
* Renames an entry. Currently used for only user renaming
*
* @param token
* the sso token
* @param objectType
* the type of entry
* @param entryDN
* the entry DN
* @param newName
* the new name (i.e., if RDN is cn=John, the value passed should
* be "John"
* @param deleteOldName
* if true the old name is deleted otherwise it is retained.
* @return new <code>DN</code> of the renamed entry
* @throws AMException
* if the operation was not successful
*/
public String renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName) throws AMException {
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
String newRDN = getNamingAttribute(objectType) + "=" + newName;
po.rename(newRDN, deleteOldName);
return po.getDN();
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): User does " + "not have sufficient access rights ", e);
}
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): Entry " + "not found: ", e);
}
String msgid = getEntryNotFoundMsgID(objectType);
String entryName = getEntryName(e);
Object[] args = { entryName };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException ume) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): Unable to " + "rename entry: ", ume);
}
throw new AMException(token, "360", ume);
}
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method updateUserAttribute.
/**
* Adds or remove static group DN to or from member attribute
* 'iplanet-am-static-group-dn'
*
* @param token
* SSOToken
* @param members
* set of user DN's
* @param staticGroupDN
* DN of the static group
* @param toAdd
* true to add, false to remove
* @throws AMException
* if there is an internal problem with AM Store.
*/
public void updateUserAttribute(SSOToken token, Set members, String staticGroupDN, boolean toAdd) throws AMException {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.updateUserAttribute(): " + "groupDN:" + staticGroupDN + ", toAdd: " + toAdd + " members: " + members);
}
Attr attr = new Attr(STATIC_GROUP_DN_ATTRIBUTE, staticGroupDN);
Iterator itr = members.iterator();
while (itr.hasNext()) {
String userDN = (String) itr.next();
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(userDN));
if (toAdd) {
po.modify(attr, ModificationType.ADD);
} else {
po.modify(attr, ModificationType.DELETE);
}
po.save();
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.updateUserAttribute(): " + "Failed while trying to set the static groupDN " + staticGroupDN + " for user: " + userDN, e);
throw new AMException(token, "351", e);
}
}
}
Aggregations