Example 41 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method verifyAndGetOrgDN.
/**
* Gets the Organization DN for the specified entryDN. If the entry itself
* is an org, then same DN is returned.
*
* @param token
* a valid SSOToken
* @param entryDN
* the entry whose parent Organization is to be obtained
* @param childDN
* the immediate entry whose parent Organization is to be
* obtained
* @return the DN String of the parent Organization
* @throws AMException
* if an error occured while obtaining the parent Organization
*/
public String verifyAndGetOrgDN(SSOToken token, String entryDN, String childDN) throws AMException {
if (entryDN.isEmpty() || DN.valueOf(entryDN).size() <= 0) {
debug.error("DirectoryServicesImpl.verifyAndGetOrgDN() Invalid " + "DN: " + entryDN);
throw new AMException(token, "157");
}
String organizationDN = null;
boolean errorCondition = false;
try {
PersistentObject po = UMSObject.getObjectHandle(internalToken, new Guid(childDN));
String searchFilter = getOrgSearchFilter(entryDN);
SearchResults result = po.search(searchFilter, aName, scontrol);
if (result.hasMoreElements()) {
// ABANDON logged in directory server access logs.
while (result.hasMoreElements()) {
result.next();
}
organizationDN = po.getGuid().toString().toLowerCase();
}
} catch (InvalidSearchFilterException e) {
errorCondition = true;
debug.error("DirectoryServicesImpl.verifyAndGetOrgDN(): Invalid " + "search filter, unable to get Parent Organization: ", e);
} catch (UMSException ue) {
errorCondition = true;
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.verifyAndGetOrgDN(): " + "Unable to Obtain Parent Organization", ue);
}
LdapException lex = (LdapException) ue.getRootCause();
ResultCode errorCode = lex.getResult().getResultCode();
if (retryErrorCodes.contains("" + errorCode)) {
throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
}
}
if (errorCondition) {
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("124", locale), "124");
}
return organizationDN;
}
Also used :
UMSException(com.iplanet.ums.UMSException)
InvalidSearchFilterException(com.iplanet.ums.InvalidSearchFilterException)
AMException(com.iplanet.am.sdk.AMException)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Example 42 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method modifyRoleMembership.
/**
* @param token
* @param target
* @param members
* @param operation
* @param profileType
* @throws UMSException
* @throws AMException
*/
private void modifyRoleMembership(SSOToken token, String target, Set members, int operation, int profileType) throws UMSException, AMException {
ManagedRole role;
try {
role = (ManagedRole) UMSObject.getObject(token, new Guid(target));
} catch (ClassCastException e) {
debug.message("DirectoryServicesImpl.modifyRoleMembership() - Unable to " + "modify role membership", e);
throw new AMException(token, "350");
}
// Since this target cannot be an Org. Get the parent
String parentDN = role.getParentGuid().getDn();
String orgDN = getOrganizationDN(token, parentDN);
if (callBackHelper.isExistsPrePostPlugins(orgDN)) {
members = callBackHelper.preProcessModifyMemberShip(token, target, orgDN, members, operation, profileType);
if (members == null || members.isEmpty()) {
return;
}
}
switch(operation) {
case ADD_MEMBER:
Guid[] membersGuid = CommonUtils.toGuidArray(members);
role.addMembers(membersGuid);
// compilance related operations if needed.
if (ComplianceServicesImpl.isAdminGroupsEnabled(parentDN)) {
complianceImpl.verifyAndLinkRoleToGroup(token, membersGuid, target);
}
break;
case REMOVE_MEMBER:
// UMS does not have Role.removerMembers : TBD
Object[] entries = members.toArray();
for (int i = 0; i < entries.length; i++) {
role.removeMember(new Guid((String) entries[i]));
}
// compilance related operations if needed.
if (ComplianceServicesImpl.isAdminGroupsEnabled(parentDN)) {
complianceImpl.verifyAndUnLinkRoleToGroup(token, members, target);
}
break;
default:
throw new AMException(token, "114");
}
// role membership.
if (callBackHelper.isExistsPrePostPlugins(orgDN)) {
// Here the new members are just the ones added not the complete Set
callBackHelper.postProcessModifyMemberShip(token, target, orgDN, members, operation, profileType);
}
}
Also used :
AMException(com.iplanet.am.sdk.AMException)
AMObject(com.iplanet.am.sdk.AMObject)
UMSObject(com.iplanet.ums.UMSObject)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
ManagedRole(com.iplanet.ums.ManagedRole)
Example 43 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method unRegisterService.
// Rename from removeService to unRegisterService
/**
* Un register service for a AMro profile.
*
* @param token
* SSOToken
* @param entryDN
* DN of the profile whose service is to be removed
* @param objectType
* profile type
* @param serviceName
* Service Name
* @param type
* Template type
*/
public void unRegisterService(SSOToken token, String entryDN, int objectType, String serviceName, int type) throws AMException {
if (type == AMTemplate.DYNAMIC_TEMPLATE) {
// TODO:change "cn" to fleasible naming attribute for AMObject.ROLE
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
COSManager cm = null;
// COS Definition to obtaint depends on different profile type
switch(objectType) {
case AMObject.ROLE:
case AMObject.FILTERED_ROLE:
cm = COSManager.getCOSManager(token, po.getParentGuid());
break;
case AMObject.ORGANIZATION:
case AMObject.ORGANIZATIONAL_UNIT:
case AMObject.PEOPLE_CONTAINER:
cm = COSManager.getCOSManager(token, po.getGuid());
break;
default:
// does not have COS
throw new AMException(token, "450");
}
DirectCOSDefinition dcos;
try {
dcos = (DirectCOSDefinition) cm.getDefinition(serviceName);
} catch (COSNotFoundException e) {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl." + "unRegisterService() " + "No COSDefinition found for service: " + serviceName);
}
Object[] args = { serviceName };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("463", args, locale), "463", args);
}
// Remove the COS Definition and Template
dcos.removeCOSTemplates();
cm.removeDefinition(serviceName);
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.unRegisterService() " + "Insufficient Access rights to unRegister service: ", e);
throw new AMException(token, "460");
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.unRegisterService: " + "Unable to unregister service ", e);
throw new AMException(token, "855", e);
}
}
}
Also used :
DirectCOSDefinition(com.iplanet.ums.cos.DirectCOSDefinition)
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
COSManager(com.iplanet.ums.cos.COSManager)
COSNotFoundException(com.iplanet.ums.cos.COSNotFoundException)
Example 44 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method search.
/**
* Searches the Directory
*
* @param token
* SSOToken
* @param entryDN
* DN of the entry to start the search with
* @param searchFilter
* search filter
* @param searchScope
* search scope, BASE, ONELEVEL or SUBTREE
* @return Set set of matching DNs
*/
public Set search(SSOToken token, String entryDN, String searchFilter, int searchScope) throws AMException {
Set resultSet = Collections.EMPTY_SET;
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
SearchControl control = new SearchControl();
control.setSearchScope(searchScope);
SearchResults results = po.search(searchFilter, control);
resultSet = searchResultsToSet(results);
} catch (UMSException ue) {
LdapException lex = (LdapException) ue.getRootCause();
ResultCode errorCode = lex.getResult().getResultCode();
if (retryErrorCodes.contains("" + errorCode)) {
throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
}
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.search(token:, entryDN: " + entryDN + ", searchFilter: " + searchFilter + "searchScope: " + searchScope + " error occurred: ", ue);
}
processInternalException(token, ue, "341");
}
return resultSet;
}
Also used :
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
TreeSet(java.util.TreeSet)
HashSet(java.util.HashSet)
AttrSet(com.iplanet.services.ldap.AttrSet)
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
SearchControl(com.iplanet.ums.SearchControl)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Example 45 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSingleEntry.
/**
* Private method to delete a single entry
*/
private void removeSingleEntry(SSOToken token, String entryDN, int objectType, boolean softDelete) throws AMException, SSOException {
Map attributes = null;
EmailNotificationHelper mailer = null;
String eDN = entryDN;
if (objectType == AMObject.USER) {
eDN = DN.valueOf(entryDN).parent().toString();
}
String orgDN = getOrganizationDN(internalToken, eDN);
try {
if (objectType == AMObject.USER) {
// Extract a delete notification list
mailer = new EmailNotificationHelper(entryDN);
mailer.setUserDeleteNotificationList();
}
if ((getUserPostPlugin() != null) || (mailer != null && mailer.isPresentUserDeleteNotificationList())) {
// Obtain the attributes needed to send notification and also
// call backs as these won't be available after deletion
attributes = getAttributes(token, entryDN, objectType);
}
processPreDeleteCallBacks(token, entryDN, attributes, orgDN, objectType, softDelete);
// } else {
if (dcTreeImpl.isRequired()) {
String rfcDN = LDAPUtils.formatToRFC(entryDN);
dcTreeImpl.removeDomain(internalToken, rfcDN);
}
Guid guid = new Guid(entryDN);
UMSObject.removeObject(token, guid);
// }
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(objectType);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
processPostDeleteCallBacks(token, entryDN, attributes, orgDN, objectType, softDelete);
if (objectType == AMObject.USER) {
AMUserEntryProcessed postPlugin = getUserPostPlugin();
if (postPlugin != null) {
// TODO: Remove after deprecating interface
postPlugin.processUserDelete(token, entryDN, attributes);
}
if (mailer != null && mailer.isPresentUserDeleteNotificationList()) {
mailer.sendUserDeleteNotification(attributes);
}
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
AMUserEntryProcessed(com.iplanet.am.sdk.AMUserEntryProcessed)
Guid(com.iplanet.ums.Guid)
Map(java.util.Map)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
TreeMap(java.util.TreeMap)
Aggregations
Guid (com.iplanet.ums.Guid)63
UMSException (com.iplanet.ums.UMSException)41
AMException (com.iplanet.am.sdk.AMException)33
PersistentObject (com.iplanet.ums.PersistentObject)29
AttrSet (com.iplanet.services.ldap.AttrSet)23
Attr (com.iplanet.services.ldap.Attr)16
CreationTemplate (com.iplanet.ums.CreationTemplate)13
TemplateManager (com.iplanet.ums.TemplateManager)13
EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)11
AccessRightsException (com.iplanet.ums.AccessRightsException)10
AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)9
DomainComponentTree (com.iplanet.ums.dctree.DomainComponentTree)8
AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)6
EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)6
SearchResults (com.iplanet.ums.SearchResults)6
DN (org.forgerock.opendj.ldap.DN)6
LdapException (org.forgerock.opendj.ldap.LdapException)6
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5
ManagedRole (com.iplanet.ums.ManagedRole)5
OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)5
