Example 26 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class ComplianceServicesImpl method verifyAndLinkRoleToGroup.
/**
* Method which verifies if the <code>roleDN</code> corresponds to an
* admin role. If true the <code>memberOf</code> and
* <code>adminRole</code> attributes of each member/user are set to the
* corresponding administration <code>groupDN</code> and administration
* <code>groupRDN</code> respectively. Each of the members/users are also
* added to the corresponding admin group.
*
* @param token
* single sign on token.
* @param membersGuid
* Guid array of members to be operated on.
* @param roleDN
* distinguished name of the role.
*
* @exception AMException
* if unsuccessful in adding the members to the corresponding
* admin group. As a result of which the memberOf and
* adminRole attributes are also not updated.
*/
protected void verifyAndLinkRoleToGroup(SSOToken token, Guid[] membersGuid, String roleDN) throws AMException {
// Obtain the group corresponding to roleDN
DN dn = DN.valueOf(roleDN);
String groupName = getGroupFromRoleDN(dn);
if (groupName != null) {
// roleDN corresponds to an admin role
String orgDN = dn.parent().toString();
String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
try {
// Add the members to corresponding group.
AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
group.addMembers(membersGuid);
Attr[] attrs = new Attr[1];
attrs[0] = new Attr("adminrole", groupRDN);
AttrSet attrSet = new AttrSet(attrs);
int numMembers = membersGuid.length;
for (int i = 0; i < numMembers; i++) {
addAttributesToEntry(token, membersGuid[i].getDn(), attrSet);
}
} catch (EntryNotFoundException ex) {
debug.error("Compliance.verifyAndLinkRoleToGroup: " + "Admin groups are missing");
} catch (UMSException ue) {
debug.error("Compliance." + "verifyAndLinkRoleToGroup(): ", ue);
throw new AMException(AMSDKBundle.getString("771"), "771");
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)
Attr(com.iplanet.services.ldap.Attr)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 27 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createDynamicGroup.
private void createDynamicGroup(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
// Invoke the Pre Process plugin
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
String entryDN = getNamingAttribute(AMObject.GROUP) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.DYNAMIC_GROUP, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.DYNAMIC_GROUP), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicDynamicGroup", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
com.iplanet.ums.DynamicGroup dgroup = new com.iplanet.ums.DynamicGroup(creationTemp, attrSet);
String filter = dgroup.getSearchFilter();
if ("(objectClass=*)".equalsIgnoreCase(filter)) {
dgroup.setSearchFilter(SearchFilterManager.getSearchFilter(AMObject.USER, orgDN));
}
dgroup.setSearchScope(SearchScope.WHOLE_SUBTREE.intValue());
dgroup.setSearchBase(new Guid(orgDN));
parentObj.addChild(dgroup);
// Invoke Post processing impls
callBackHelper.postProcess(token, dgroup.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.DYNAMIC_GROUP, false);
}
Also used :
CreationTemplate(com.iplanet.ums.CreationTemplate)
DynamicGroup(com.iplanet.ums.DynamicGroup)
AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)
TemplateManager(com.iplanet.ums.TemplateManager)
Guid(com.iplanet.ums.Guid)
DynamicGroup(com.iplanet.ums.DynamicGroup)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 28 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method modifyGroupMembership.
private void modifyGroupMembership(SSOToken token, String target, Set members, int operation, int profileType) throws UMSException, AMException {
StaticGroup group = (StaticGroup) UMSObject.getObject(token, new Guid(target));
// Make call backs to the plugins to let them know modification
// to role membership.
// Since this target cannot be an Org. Get the parent
String parentDN = group.getParentGuid().getDn();
String orgDN = getOrganizationDN(token, parentDN);
if (callBackHelper.isExistsPrePostPlugins(orgDN)) {
members = callBackHelper.preProcessModifyMemberShip(token, target, orgDN, members, operation, profileType);
if (members == null || members.isEmpty()) {
return;
}
}
switch(operation) {
case ADD_MEMBER:
group.addMembers(CommonUtils.toGuidArray(members));
updateUserAttribute(token, members, target, true);
break;
case REMOVE_MEMBER:
// UMS does not have Role.removerMembers : TBD
Object[] entries = members.toArray();
for (int i = 0; i < entries.length; i++) {
group.removeMember(new Guid((String) entries[i]));
}
updateUserAttribute(token, members, target, false);
break;
default:
throw new AMException(token, "114");
}
// role membership.
if (callBackHelper.isExistsPrePostPlugins(orgDN)) {
// Here the new members are just the ones added not the complete Set
callBackHelper.postProcessModifyMemberShip(token, target, orgDN, members, operation, profileType);
}
}
Also used :
AMException(com.iplanet.am.sdk.AMException)
AMObject(com.iplanet.am.sdk.AMObject)
UMSObject(com.iplanet.ums.UMSObject)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
StaticGroup(com.iplanet.ums.StaticGroup)
Example 29 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getGroupFilterAndScope.
// ##########Group and role related APIs
/**
* Returns an array containing the dynamic group's scope, base dn, and
* filter.
*/
public String[] getGroupFilterAndScope(SSOToken token, String entryDN, int profileType) throws SSOException, AMException {
String[] result = new String[3];
int scope;
String base;
String gfilter;
try {
DynamicGroup dg = (DynamicGroup) UMSObject.getObject(token, new Guid(entryDN));
scope = dg.getSearchScope();
base = dg.getSearchBase().getDn();
gfilter = dg.getSearchFilter();
result[0] = Integer.toString(scope);
result[1] = base;
result[2] = gfilter;
} catch (EntryNotFoundException e) {
debug.error("AMGroupImpl.searchUsers", e);
String msgid = getEntryNotFoundMsgID(profileType);
String expectionEntryName = getEntryName(e);
Object[] args = { expectionEntryName };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException e) {
debug.message("AMGroupImpl.searchUsers", e);
throw new AMException(AMSDKBundle.getString("341"), "341", e);
}
return result;
}
Also used :
DynamicGroup(com.iplanet.ums.DynamicGroup)
AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
Example 30 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method search.
// RENAME from searchUsingSearchControl => search()
/**
* Search the Directory
*
* @param token
* SSOToken
* @param entryDN
* DN of the entry to start the search with
* @param searchFilter
* search filter
* @param searchControl
* search control defining the VLV indexes and search scope
* @param attrNames
* name of attributes
* @return Set set of matching DNs
*/
public AMSearchResults search(SSOToken token, String entryDN, String searchFilter, SearchControl searchControl, String[] attrNames) throws AMException {
AMSearchResults amResults = null;
try {
SortKey[] skeys = searchControl.getSortKeys();
SortKey skey = null;
if (skeys != null && skeys.length > 0 && skeys[0].attributeName != null) {
skey = skeys[0];
}
String userLocale = CommonUtils.getUserLocale(token);
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.search() search with " + "searchcontrol locale = " + userLocale);
}
Collator collator = Collator.getInstance(Locale.getLocale(userLocale));
SearchControl sc;
if (skey != null) {
sc = new SearchControl();
sc.setMaxResults(searchControl.getMaxResults());
sc.setSearchScope(searchControl.getSearchScope());
sc.setTimeOut(searchControl.getTimeOut());
} else {
sc = searchControl;
}
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
SearchResults results;
if (attrNames == null) {
if (skey == null) {
results = po.search(searchFilter, sc);
} else {
String[] tmpAttrNames = { skey.attributeName };
results = po.search(searchFilter, tmpAttrNames, sc);
}
} else {
if (skey == null) {
results = po.search(searchFilter, attrNames, sc);
} else {
String[] tmpAttrNames = new String[attrNames.length + 1];
System.arraycopy(attrNames, 0, tmpAttrNames, 0, attrNames.length);
tmpAttrNames[attrNames.length] = skey.attributeName;
results = po.search(searchFilter, tmpAttrNames, sc);
}
}
amResults = getSearchResults(results, skey, attrNames, collator, sc.isGetAllReturnAttributesEnabled());
} catch (UMSException ue) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.search() with search " + "control entryDN: " + entryDN + " Search Filter: " + searchFilter + " Error occurred: ", ue);
}
processInternalException(token, ue, "341");
}
return amResults;
}
Also used :
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
SortKey(com.iplanet.ums.SortKey)
SearchControl(com.iplanet.ums.SearchControl)
Guid(com.iplanet.ums.Guid)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
Collator(java.text.Collator)
Aggregations
Guid (com.iplanet.ums.Guid)63
UMSException (com.iplanet.ums.UMSException)41
AMException (com.iplanet.am.sdk.AMException)33
PersistentObject (com.iplanet.ums.PersistentObject)29
AttrSet (com.iplanet.services.ldap.AttrSet)23
Attr (com.iplanet.services.ldap.Attr)16
CreationTemplate (com.iplanet.ums.CreationTemplate)13
TemplateManager (com.iplanet.ums.TemplateManager)13
EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)11
AccessRightsException (com.iplanet.ums.AccessRightsException)10
AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)9
DomainComponentTree (com.iplanet.ums.dctree.DomainComponentTree)8
AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)6
EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)6
SearchResults (com.iplanet.ums.SearchResults)6
DN (org.forgerock.opendj.ldap.DN)6
LdapException (org.forgerock.opendj.ldap.LdapException)6
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5
ManagedRole (com.iplanet.ums.ManagedRole)5
OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)5
