Search in sources :

Example 6 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class Validation method validateAttribute.

/**
     * Determines whether a specific attribute is valid. Called by
     * validateAttribute(Attr, Class). This method calls the validation method
     * for this attribute.
     * 
     * @param attr
     *            attribute to test
     * @param validatorClass
     *            the validator class name
     * @param rule
     *            optional rule applies to the validator
     * @exception UMSException
     *                failure
     * @exception DataConstraintException
     *                data validation failure
     */
public static void validateAttribute(Attr attr, String validatorClass, String rule) throws UMSException, DataConstraintException {
    if (attr != null) {
        String[] values = attr.getStringValues();
        for (int i = 0; i < values.length; i++) {
            String aValue = values[i];
            if ((aValue != null) && (!aValue.equalsIgnoreCase("")) && (validatorClass != null)) {
                IValidator validator = null;
                try {
                    Class theClass = Class.forName(validatorClass);
                    validator = (IValidator) theClass.newInstance();
                } catch (Exception e) {
                    throw new UMSException(i18n.getString(IUMSConstants.INSTANCE_FAILED), e);
                }
                if (!validator.validate(aValue, rule)) {
                    String msg = i18n.getString(IUMSConstants.DATA_CONSTRAINT);
                    throw new DataConstraintException(msg + ": " + "{ type=" + attr.getName() + ", value=" + aValue + " }");
                }
            }
        }
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) UMSException(com.iplanet.ums.UMSException)

Example 7 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndLinkRoleToGroup.

/**
     * Method which verifies if the <code>roleDN</code> corresponds to an
     * admin role. If true the <code>memberOf</code> and
     * <code>adminRole</code> attributes of each member/user are set to the
     * corresponding administration <code>groupDN</code> and administration
     * <code>groupRDN</code> respectively. Each of the members/users are also
     * added to the corresponding admin group.
     * 
     * @param token
     *            single sign on token.
     * @param membersGuid
     *            Guid array of members to be operated on.
     * @param roleDN
     *            distinguished name of the role.
     * 
     * @exception AMException
     *                if unsuccessful in adding the members to the corresponding
     *                admin group. As a result of which the memberOf and
     *                adminRole attributes are also not updated.
     */
protected void verifyAndLinkRoleToGroup(SSOToken token, Guid[] membersGuid, String roleDN) throws AMException {
    // Obtain the group corresponding to roleDN
    DN dn = DN.valueOf(roleDN);
    String groupName = getGroupFromRoleDN(dn);
    if (groupName != null) {
        // roleDN corresponds to an admin role
        String orgDN = dn.parent().toString();
        String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
        String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
        try {
            // Add the members to corresponding group.
            AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
            group.addMembers(membersGuid);
            Attr[] attrs = new Attr[1];
            attrs[0] = new Attr("adminrole", groupRDN);
            AttrSet attrSet = new AttrSet(attrs);
            int numMembers = membersGuid.length;
            for (int i = 0; i < numMembers; i++) {
                addAttributesToEntry(token, membersGuid[i].getDn(), attrSet);
            }
        } catch (EntryNotFoundException ex) {
            debug.error("Compliance.verifyAndLinkRoleToGroup: " + "Admin groups are missing");
        } catch (UMSException ue) {
            debug.error("Compliance." + "verifyAndLinkRoleToGroup(): ", ue);
            throw new AMException(AMSDKBundle.getString("771"), "771");
        }
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) EntryNotFoundException(com.iplanet.ums.EntryNotFoundException) AMException(com.iplanet.am.sdk.AMException) DN(org.forgerock.opendj.ldap.DN) Guid(com.iplanet.ums.Guid) AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup) Attr(com.iplanet.services.ldap.Attr) AttrSet(com.iplanet.services.ldap.AttrSet)

Example 8 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DCTreeServicesImpl method createDomain.

/**
     * Method which creates a <Code>Domain Component Tree </Code> for the given
     * organization, if the <code>sunPreferredDomain</code> attribute is
     * present and has a fully qualified domain name as value.
     * 
     * @param token
     *            SSO Token
     * @param orgGuid
     *            identifiication of organization entry to be mapped from 
     *            <Code>dctree</Code> to organization DIT organization
     * @param attrSet
     *            the attributes to be set on creation of domain.
     * 
     * @exception AMException
     *                if unsuccessful in creating a dc tree for the organization
     *                or unsuccessful in setting the mapping between dc tree and
     *                the organization
     */
protected void createDomain(SSOToken token, Guid orgGuid, AttrSet attrSet) throws AMException, SSOException {
    if (DCTREE_START_DN == null) {
        throw new AMException(AMSDKBundle.getString("355"), "355");
    }
    // Create a DC tree is value is specified for
    // sunPreferredDomain attribute
    String domainName = attrSet.getValue(IPLANET_DOMAIN_NAME_ATTR);
    // remove the attribute from the attribute set.
    attrSet.remove(IPLANET_DOMAIN_NAME_ATTR);
    if ((domainName != null) && (!domainName.equals(""))) {
        try {
            DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
            dcTree.addDomain(domainName);
            // Set the domain mapping
            dcTree.setDomainMapping(domainName, orgGuid);
            String status = attrSet.getValue(INET_DOMAIN_STATUS_ATTR);
            if (status != null) {
                dcTree.setDomainStatus(domainName, status);
            }
            AttrSet[] attrSetArray = splitAttrSet(orgGuid.getDn(), attrSet);
            if (attrSetArray[1] != null) {
                setDomainAttributes(token, orgGuid.getDn(), attrSetArray[1]);
            }
        } catch (InvalidDCRootException ie) {
            debug.error("DCTree.createDomain(): ", ie);
            throw new AMException(AMSDKBundle.getString("343"), "343");
        } catch (UMSException ue) {
            debug.error("DCTree.createDomain(): ", ue);
            throw new AMException(AMSDKBundle.getString("344"), "344");
        }
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) AMException(com.iplanet.am.sdk.AMException) DomainComponentTree(com.iplanet.ums.dctree.DomainComponentTree) Guid(com.iplanet.ums.Guid) InvalidDCRootException(com.iplanet.ums.dctree.InvalidDCRootException) AttrSet(com.iplanet.services.ldap.AttrSet)

Example 9 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DCTreeServicesImpl method removeDomain.

/**
     * Method which removes the DC Tree corresponding to the Org
     * 
     * @param token
     *            SSOToken
     * @param orgDN
     *            String representing the DN correponding to the organization
     * 
     * @exception AMException
     *                if error occured in accessing the org corresponding to
     *                orgDN or during the removal of the dc tree corresponding
     *                to the orgDN
     */
protected void removeDomain(SSOToken token, String orgDN) throws AMException {
    // String orgAttribute[] = {IPLANET_DOMAIN_NAME_ATTR};
    try {
        PersistentObject po = UMSObject.getObject(token, new Guid(orgDN));
        if (!(po instanceof com.iplanet.ums.Organization)) {
            if (debug.messageEnabled()) {
                debug.message("DCTree.removeDomain-> " + orgDN + " is not an organization");
            }
            return;
        }
        String domainName = getCanonicalDomain(token, orgDN);
        if (debug.messageEnabled()) {
            debug.message("DCTree.removeDomain-> " + "Obtained canon domain " + domainName);
        }
        if ((domainName != null) && (domainName.length() > 0)) {
            DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
            if (debug.messageEnabled()) {
                debug.message("DCTree.removeDomain: removing domain: " + domainName);
            }
            dcTree.removeDomain(domainName);
        } else {
            if (debug.warningEnabled()) {
                debug.warning("DCTree.removeDomain(): " + " unable to get domain for " + orgDN);
            }
        }
    } catch (UMSException ue) {
        if (debug.warningEnabled()) {
            debug.warning("DCTree.removeDomain(): ", ue);
        }
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) PersistentObject(com.iplanet.ums.PersistentObject) Guid(com.iplanet.ums.Guid) DomainComponentTree(com.iplanet.ums.dctree.DomainComponentTree)

Example 10 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DCTreeServicesImpl method getDCNodeDN.

protected String getDCNodeDN(SSOToken token, String orgDN) throws AMException {
    try {
        String domainName = getCanonicalDomain(token, orgDN);
        if (domainName != null) {
            DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
            String dcNodeDN = dcTree.mapDomainToDN(domainName);
            return LDAPUtils.formatToRFC(dcNodeDN);
        } else {
            return null;
        }
    } catch (InvalidDCRootException e) {
        debug.error("DCTree.getDCNodeDN(): Invalid DC root ", e);
        throw new AMException(AMSDKBundle.getString("343"), "343");
    } catch (UMSException e) {
        debug.error("DCTree.getDCNodeDN(): Unable to get dc node dn " + "for: " + orgDN, e);
        throw new AMException(AMSDKBundle.getString("344"), "344");
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) AMException(com.iplanet.am.sdk.AMException) DomainComponentTree(com.iplanet.ums.dctree.DomainComponentTree) Guid(com.iplanet.ums.Guid) InvalidDCRootException(com.iplanet.ums.dctree.InvalidDCRootException)

Aggregations

UMSException (com.iplanet.ums.UMSException)48 Guid (com.iplanet.ums.Guid)40 AMException (com.iplanet.am.sdk.AMException)31 PersistentObject (com.iplanet.ums.PersistentObject)24 AttrSet (com.iplanet.services.ldap.AttrSet)16 Attr (com.iplanet.services.ldap.Attr)14 EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)11 AccessRightsException (com.iplanet.ums.AccessRightsException)10 DomainComponentTree (com.iplanet.ums.dctree.DomainComponentTree)8 AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)6 SearchResults (com.iplanet.ums.SearchResults)6 HashMap (java.util.HashMap)6 Map (java.util.Map)6 DN (org.forgerock.opendj.ldap.DN)6 AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)5 AMHashMap (com.iplanet.am.sdk.AMHashMap)5 AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5 EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)5 TreeMap (java.util.TreeMap)5 LdapException (org.forgerock.opendj.ldap.LdapException)5