use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.
the class AMObjectImpl method searchObjects.
protected AMSearchResults searchObjects(String namingAttr, String objectClassFilter, String wildcard, Map avPairs, AMSearchControl searchControl) throws AMException, SSOException {
SSOTokenManager.getInstance().validateToken(token);
StringBuilder filterSB = new StringBuilder();
filterSB.append("(&").append(constructFilter(namingAttr, objectClassFilter, wildcard));
if ((avPairs != null) && !avPairs.isEmpty()) {
filterSB.append(constructFilter(avPairs));
}
filterSB.append(")");
if (debug.messageEnabled()) {
debug.message("AMObjectImpl.searchObjects(" + namingAttr + ", " + objectClassFilter + ", " + wildcard + ", Map): DN=" + entryDN + ", level " + searchControl.getSearchScope() + "\n" + mapToString(avPairs));
debug.message("AMObjectImpl.searchObjects(): filter: " + filterSB.toString());
}
SearchControl sc = searchControl.getSearchControl();
String[] returnAttrs = searchControl.getReturnAttributes();
return dsServices.search(token, entryDN, filterSB.toString(), sc, returnAttrs);
}
use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSubtree.
/**
* Private method used by "removeEntry" to delete an entire subtree
*/
private void removeSubtree(SSOToken token, String entryDN, boolean softDelete) throws AMException, SSOException {
int type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
Guid guid = new Guid(entryDN);
PersistentObject po = UMSObject.getObjectHandle(internalToken, guid);
// first get all the children of the object
SearchControl control = new SearchControl();
control.setSearchScope(SearchControl.SCOPE_SUB);
String searchFilter = "(|(objectclass=*)(objectclass=ldapsubEntry))";
List list = new ArrayList();
// get number of RDNs in the entry itself
int entryRDNs = DN.valueOf(entryDN).size();
// to count maximum level of RDNs in the search return
int maxRDNCount = entryRDNs;
// go through all search results, add DN to the list, and
// set the maximun RDN count, will be used to remove DNs
SearchResults children = po.getChildren(searchFilter, control);
while (children.hasMoreElements()) {
PersistentObject object = children.next();
DN dn = DN.valueOf(object.getDN());
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): " + "found child: " + object.getDN());
}
int count = dn.size();
if (count > maxRDNCount) {
maxRDNCount = count;
}
list.add(dn);
}
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): max " + "RDNs: " + maxRDNCount);
}
// go through all search results, delete entries from the
// bottom up, starting from entries whose's RDN count
// equals the maxRDNCount
// TODO : If the list has too many entries, then the multiple
// iteration in the inner for loop may be the bottleneck.
// One enhancement to the existing algorithm is to store all
// the entries by level in a different List. Per Sai's comments
int len = list.size();
for (int i = maxRDNCount; i >= entryRDNs; i--) {
for (int j = 0; j < len; j++) {
DN dn = (DN) list.get(j);
// check if we need delete it now
if (dn.size() == i) {
// remove the entry
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl." + "removeEntry(): del " + dn.toString());
}
String rfcDN = dn.toString();
type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
type = getObjectType(internalToken, rfcDN);
} catch (AMException ae) {
// Not a managed type, just delete it.
Guid g = new Guid(rfcDN);
UMSObject.removeObject(token, g);
}
// Do a non-recursive delete
if (type != AMObject.UNKNOWN_OBJECT_TYPE && type != AMObject.UNDETERMINED_OBJECT_TYPE) {
try {
removeSingleEntry(token, rfcDN, type, softDelete);
} catch (AMPreCallBackException amp) {
debug.error("DirectoryServicesImpl." + "removeSubTree: Aborting delete of: " + rfcDN + " due to pre-callback exception", amp);
}
}
// remove the deleted entry from the list
list.remove(j);
// move back pointer, as current element is removed
j--;
// reduce list length
len--;
}
}
}
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(type);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
}
use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.
the class DirectoryServicesImpl method search.
/**
* Searches the Directory
*
* @param token
* SSOToken
* @param entryDN
* DN of the entry to start the search with
* @param searchFilter
* search filter
* @param searchScope
* search scope, BASE, ONELEVEL or SUBTREE
* @return Set set of matching DNs
*/
public Set search(SSOToken token, String entryDN, String searchFilter, int searchScope) throws AMException {
Set resultSet = Collections.EMPTY_SET;
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
SearchControl control = new SearchControl();
control.setSearchScope(searchScope);
SearchResults results = po.search(searchFilter, control);
resultSet = searchResultsToSet(results);
} catch (UMSException ue) {
LdapException lex = (LdapException) ue.getRootCause();
ResultCode errorCode = lex.getResult().getResultCode();
if (retryErrorCodes.contains("" + errorCode)) {
throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
}
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.search(token:, entryDN: " + entryDN + ", searchFilter: " + searchFilter + "searchScope: " + searchScope + " error occurred: ", ue);
}
processInternalException(token, ue, "341");
}
return resultSet;
}
use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.
the class AMFilteredRoleImpl method searchUsers.
/**
* Searches for users in this role using wildcards and attribute values.
* Wildcards can be specified such as a*, *, *a. To further refine the
* search, attribute-value pairs can be specifed so that distinguished name
* of users with matching attribute-value pairs will be returned.
*
* @param wildcard
* pattern to be used in the search.
* @param avPairs
* attribute-value pairs to match when searching users.
* @param searchControl
* specifies the search scope to be used, VLV ranges etc.
* @return <code>AMSearchResults</code> which contains a set distinguished
* name of users matching the search.
* @throws AMException
* if there is an internal error in the access management Store.
* @throws SSOException
* if the single sign on token is no longer valid.
*/
public AMSearchResults searchUsers(String wildcard, Map avPairs, AMSearchControl searchControl) throws AMException, SSOException {
int level = searchControl.getSearchScope();
if ((level != AMConstants.SCOPE_ONE) && (level != AMConstants.SCOPE_SUB)) {
throw new AMException(AMSDKBundle.getString("123", super.locale), "123");
}
if ((wildcard == null) || (wildcard.length() == 0)) {
throw new AMException(AMSDKBundle.getString("122", super.locale), "122");
}
String userFilter = "(&(" + AMNamingAttrManager.getNamingAttr(USER) + "=" + wildcard + ")" + getFilter() + ")";
String filter = null;
if (avPairs == null) {
filter = userFilter;
} else {
if (avPairs.isEmpty()) {
filter = userFilter;
} else {
StringBuilder filterSB = new StringBuilder();
filterSB.append("(&").append(userFilter).append("(|");
Iterator iter = avPairs.keySet().iterator();
while (iter.hasNext()) {
String attributeName = (String) (iter.next());
Iterator iter2 = ((Set) (avPairs.get(attributeName))).iterator();
while (iter2.hasNext()) {
String attributeValue = (String) iter2.next();
filterSB.append("(").append(attributeName).append("=").append(attributeValue).append(")");
}
}
filterSB.append("))");
filter = filterSB.toString();
}
}
SearchControl sc = searchControl.getSearchControl();
String[] returnAttrs = searchControl.getReturnAttributes();
return dsServices.search(super.token, getOrganizationDN(), filter, sc, returnAttrs);
}
use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.
the class AMFilteredRoleImpl method searchUsers.
/**
* Searches for users in this role using wildcards and attribute values.
* Wildcards can be specified such as a*, *, *a. To further refine the
* search, attribute-value pairs can be specifed so that distinguished name
* of users with matching attribute-value pairs will be returned.
*
* @param wildcard
* pattern to be used in the search.
* @param avPairs
* attribute-value pairs to match when searching users.
* @param searchControl
* specifies the search scope to be used, VLV ranges etc.
* @return <code>AMSearchResults</code> which contains a set distinguished
* name of users matching the search.
* @throws AMException
* if there is an internal error in the access management Store.
* @throws SSOException
* if the single sign on token is no longer valid.
*/
public AMSearchResults searchUsers(AMSearchControl searchControl, String avFilter) throws AMException, SSOException {
int level = searchControl.getSearchScope();
if ((level != AMConstants.SCOPE_ONE) && (level != AMConstants.SCOPE_SUB)) {
throw new AMException(AMSDKBundle.getString("123", super.locale), "123");
}
String filter = "(&" + getFilter() + avFilter + ")";
if (debug.messageEnabled()) {
debug.message("AMFilteredRoleImpl.searchUsers: " + filter);
}
searchControl.setSearchScope(AMConstants.SCOPE_SUB);
SearchControl sc = searchControl.getSearchControl();
String[] returnAttrs = searchControl.getReturnAttributes();
return dsServices.search(super.token, getOrganizationDN(), filter, sc, returnAttrs);
}
Aggregations