Example 26 with PersistentObject
use of com.iplanet.ums.PersistentObject in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createEntry.
/**
* Create an entry in the Directory
*
* @param token
* SSOToken
* @param entryName
* name of the entry (naming value), e.g. "sun.com", "manager"
* @param objectType
* Profile Type, ORGANIZATION, AMObject.ROLE, AMObject.USER, etc.
* @param parentDN
* the parent DN
* @param attributes
* the initial attribute set for creation
*/
public void createEntry(SSOToken token, String entryName, int objectType, String parentDN, Map attributes) throws AMEntryExistsException, AMException, SSOException {
try {
if (entryName == null || entryName.length() == 0) {
throw new AMException(token, "320");
} else if (parentDN == null) {
throw new AMException(token, "322");
}
// tmpDN to be used only when validating since the method
// expects a DN.
String tmpDN = getNamingAttribute(objectType) + "=" + entryName + "," + parentDN;
validateAttributeUniqueness(tmpDN, objectType, true, attributes);
// Get handle to the parent object
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(parentDN));
switch(objectType) {
case AMObject.USER:
createUser(token, po, attributes, entryName);
break;
case AMObject.MANAGED_ROLE:
case // same as MANAGED ROLE
AMObject.ROLE:
createRole(token, po, attributes, entryName);
break;
case AMObject.ORGANIZATION:
createOrganization(token, po, attributes, entryName);
break;
case AMObject.STATIC_GROUP:
case AMObject.GROUP:
createGroup(token, po, attributes, entryName);
break;
case AMObject.ASSIGNABLE_DYNAMIC_GROUP:
createAssignDynamicGroup(token, po, attributes, entryName);
break;
case AMObject.DYNAMIC_GROUP:
createDynamicGroup(token, po, attributes, entryName);
break;
case AMObject.PEOPLE_CONTAINER:
createPeopleContainer(po, attributes, entryName);
break;
case AMObject.ORGANIZATIONAL_UNIT:
createOrganizationalUnit(token, po, attributes, entryName);
break;
case AMObject.GROUP_CONTAINER:
createGroupContainer(po, attributes, entryName);
break;
case AMObject.FILTERED_ROLE:
createFilteredRole(token, po, attributes, entryName);
break;
case AMObject.RESOURCE:
createResource(po, attributes, entryName);
break;
case AMObject.UNDETERMINED_OBJECT_TYPE:
case AMObject.UNKNOWN_OBJECT_TYPE:
throw new AMException(token, "326");
default:
// Supported generic type
createEntity(token, po, objectType, attributes, entryName);
}
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createEntry() " + "Insufficient access rights to create entry: " + entryName, e);
}
throw new AMException(token, "460");
} catch (EntryAlreadyExistsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createEntry() Entry: " + entryName + "already exists: ", e);
}
String msgid = getEntryExistsMsgID(objectType);
String name = getEntryName(e);
Object[] args = { name };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createEntry() Unable to " + "create entry: " + entryName, e);
}
throw new AMException(token, "324", e);
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
AMException(com.iplanet.am.sdk.AMException)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException)
Example 27 with PersistentObject
use of com.iplanet.ums.PersistentObject in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getAMTemplateDN.
/**
* Get the AMTemplate DN (COSTemplateDN)
*
* @param token
* SSOToken
* @param entryDN
* DN of the profile whose template is to be set
* @param serviceName
* Service Name
* @param type
* the template type, AMTemplate.DYNAMIC_TEMPLATE
* @return String DN of the AMTemplate
*/
public String getAMTemplateDN(SSOToken token, String entryDN, int objectType, String serviceName, int type) throws AMException {
String roleDN = null;
// TBD : get template on flexible naming attribute
try {
// get COS Definition depends on different profile type
switch(objectType) {
case AMObject.ROLE:
case AMObject.FILTERED_ROLE:
roleDN = entryDN;
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
return ("cn=\"" + roleDN + "\",cn=" + serviceName + "," + po.getParentGuid().toString());
case AMObject.ORGANIZATION:
case AMObject.ORGANIZATIONAL_UNIT:
case AMObject.PEOPLE_CONTAINER:
roleDN = "cn=" + CONTAINER_DEFAULT_TEMPLATE_ROLE + "," + entryDN;
return ("cn=\"" + roleDN + "\",cn=" + serviceName + "," + entryDN);
default:
// does not have COS
throw new AMException(token, "450");
}
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.getAMTemplateDN() Unable to get " + "AMTemplate DN for service: " + serviceName + " entryDN: " + entryDN, e);
throw new AMException(token, "349", e);
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
Example 28 with PersistentObject
use of com.iplanet.ums.PersistentObject in project OpenAM by OpenRock.
the class DirectoryServicesImpl method changePassword.
/**
* Changes user password.
*
* @param token Single sign on token
* @param entryDN DN of the profile whose template is to be set
* @param attrName password attribute name
* @param oldPassword old password
* @param newPassword new password
* @throws AMException if an error occurs when changing user password
* @throws SSOException If user's single sign on token is invalid.
*/
public void changePassword(SSOToken token, String entryDN, String attrName, String oldPassword, String newPassword) throws AMException, SSOException {
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
po.changePassword(entryDN, attrName, oldPassword, newPassword);
} catch (UMSException umex) {
debug.error("DirectoryServicesImpl.changePassword: ", umex);
throw new AMException(token, "362", umex);
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
Example 29 with PersistentObject
use of com.iplanet.ums.PersistentObject in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getAttributes.
/**
* Gets all attributes corresponding to the entryDN. This method obtains the
* DC Tree node attributes and also performs compliance related verification
* checks in compliance mode. Note: In compliance mode you can skip the
* compliance checks by setting ignoreCompliance to "false".
*
* @param token
* a valid SSOToken
* @param entryDN
* the DN of the entry whose attributes need to retrieved
* @param ignoreCompliance
* a boolean value specificying if compliance related entries
* need to ignored or not. Ignored if true.
* @return a Map containing attribute names as keys and Set of values
* corresponding to each key.
* @throws AMException
* if an error is encountered in fetching the attributes
*/
public Map getAttributes(SSOToken token, String entryDN, boolean ignoreCompliance, boolean byteValues, int profileType) throws AMException, SSOException {
try {
// Obtain attributes from directory
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
AttrSet attrSet = po.getAttributes(po.getAttributeNames());
/*
* Add this 'dn' explicitly to the result set and return. reason:
* when queried with this entrydn/dn the lower level api/ ldapjdk
* does not return this attribute, but returns other ones.
*/
attrSet.add(new Attr("dn", entryDN));
attrSet.add(new Attr("entryDN", entryDN));
// Perform Compliance related checks
checkComplianceAttributes(attrSet, ignoreCompliance);
AMHashMap attributes = (AMHashMap) CommonUtils.attrSetToMap(attrSet, byteValues);
Map dcAttributes = getDCTreeAttributes(token, entryDN, null, byteValues, profileType);
attributes.copy(dcAttributes);
return attributes;
} catch (IllegalArgumentException ie) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.getAttributes(): " + "Unable to get attributes: ", ie);
}
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("330", locale), "330");
} catch (UMSException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.getAttributes(): " + "Unable to get attributes: ", e);
}
// Extract the ldap error code from Exception
throw new AMException(token, "330", e);
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
Map(java.util.Map)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
TreeMap(java.util.TreeMap)
Attr(com.iplanet.services.ldap.Attr)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 30 with PersistentObject
use of com.iplanet.ums.PersistentObject in project OpenAM by OpenRock.
the class DirectoryServicesImpl method renameEntry.
/**
* Renames an entry. Currently used for only user renaming
*
* @param token
* the sso token
* @param objectType
* the type of entry
* @param entryDN
* the entry DN
* @param newName
* the new name (i.e., if RDN is cn=John, the value passed should
* be "John"
* @param deleteOldName
* if true the old name is deleted otherwise it is retained.
* @return new <code>DN</code> of the renamed entry
* @throws AMException
* if the operation was not successful
*/
public String renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName) throws AMException {
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
String newRDN = getNamingAttribute(objectType) + "=" + newName;
po.rename(newRDN, deleteOldName);
return po.getDN();
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): User does " + "not have sufficient access rights ", e);
}
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): Entry " + "not found: ", e);
}
String msgid = getEntryNotFoundMsgID(objectType);
String entryName = getEntryName(e);
Object[] args = { entryName };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException ume) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): Unable to " + "rename entry: ", ume);
}
throw new AMException(token, "360", ume);
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
Aggregations
PersistentObject (com.iplanet.ums.PersistentObject)32
Guid (com.iplanet.ums.Guid)26
UMSException (com.iplanet.ums.UMSException)24
AMException (com.iplanet.am.sdk.AMException)16
Attr (com.iplanet.services.ldap.Attr)12
AttrSet (com.iplanet.services.ldap.AttrSet)10
AccessRightsException (com.iplanet.ums.AccessRightsException)8
SearchResults (com.iplanet.ums.SearchResults)7
AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)5
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5
EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)5
OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)5
HashSet (java.util.HashSet)5
Set (java.util.Set)5
TreeSet (java.util.TreeSet)5
AMHashMap (com.iplanet.am.sdk.AMHashMap)4
EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)4
SearchControl (com.iplanet.ums.SearchControl)4
HashMap (java.util.HashMap)4
Map (java.util.Map)4
