Search in sources :

Example 16 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DCTreeServicesImpl method createDomain.

/**
     * Method which creates a DC Tree for the given org, if the
     * <code>sunPreferredDomain</code> attribute is present and has a fully
     * qualified domain name as value.
     * 
     * @param token
     *            SSOToken
     * @param orgGuid
     *            identifiication of Organization entry to be mapped from dctree
     *            to organization DIT organization
     * @param domainName
     *            set the domain this organization belongs to.
     * @param attrSet
     *            the AttrSet of the organization
     * 
     * @exception AMException
     *                if unsuccessful in creating a dc tree for the organization
     *                or unsuccessful in setting the mapping between dc tree and
     *                the organization
     */
protected void createDomain(SSOToken token, Guid orgGuid, String domainName, AttrSet attrSet) throws AMException {
    if (DCTREE_START_DN == null) {
        throw new AMException(AMSDKBundle.getString("355"), "355");
    }
    // Create a DC tree for specified domain.
    if ((domainName != null) && (!domainName.equals(""))) {
        try {
            DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
            dcTree.addDomain(domainName);
            // Set the domain mapping
            dcTree.setDomainMapping(domainName, orgGuid);
            String status = attrSet.getValue(INET_DOMAIN_STATUS_ATTR);
            if (status != null) {
                dcTree.setDomainStatus(domainName, status);
            }
        } catch (InvalidDCRootException ie) {
            debug.error("DCTree.createDomain(): ", ie);
            throw new AMException(AMSDKBundle.getString("343"), "343");
        } catch (UMSException ue) {
            debug.error("DCTree.createDomain(): ", ue);
            throw new AMException(AMSDKBundle.getString("344"), "344");
        }
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) AMException(com.iplanet.am.sdk.AMException) DomainComponentTree(com.iplanet.ums.dctree.DomainComponentTree) Guid(com.iplanet.ums.Guid) InvalidDCRootException(com.iplanet.ums.dctree.InvalidDCRootException)

Example 17 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DCTreeServicesImpl method updateDomainStatus.

/**
     * Method which update attribute inetdomainstatus of the DC Tree
     * corresponding to the Org
     * 
     * @param token
     *            SSOToken
     * @param orgDN
     *            String representing the DN correponding to the organization
     * @param status
     *            inetdomainstatus value
     * 
     * @exception AMException
     *                if error occured in accessing the org corresponding to
     *                orgDN or during the attribute change of the dc tree
     *                corresponding to the orgDN
     */
protected void updateDomainStatus(SSOToken token, String orgDN, String status) throws AMException {
    try {
        String domainName = getCanonicalDomain(token, orgDN);
        if ((domainName != null) && (domainName.length() > 0)) {
            DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
            dcTree.setDomainStatus(domainName, status);
        } else {
            debug.warning("DCTree.updateDomainStatus(): value for " + IPLANET_DOMAIN_NAME_ATTR + " attribute " + "null or empty");
        }
    // }
    } catch (UMSException ue) {
        debug.error("DCTree.removeDomain(): ", ue);
        throw new AMException(AMSDKBundle.getString("356"), "356");
    }
}
Also used : UMSException(com.iplanet.ums.UMSException) AMException(com.iplanet.am.sdk.AMException) DomainComponentTree(com.iplanet.ums.dctree.DomainComponentTree) Guid(com.iplanet.ums.Guid)

Example 18 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method setAttributes.

// TODO: method rename from setProfileAttributes to setAttributes
/**
     * Method Set the attributes of an entry.
     * 
     * @param token
     *            SSOToken
     * @param entryDN
     *            DN of the profile whose template is to be set
     * @param objectType
     *            profile type
     * @param stringAttributes
     *            attributes to be set
     * @param byteAttributes
     *            attributes to be set
     * @param isAdd
     *            <code>true</code> if add to existing value;
     *            otherwise replace the existing value.
     */
public void setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd) throws AMException, SSOException {
    Map oldAttributes = null;
    EmailNotificationHelper mailer = null;
    validateAttributeUniqueness(entryDN, objectType, false, stringAttributes);
    String eDN = entryDN;
    if (objectType == AMObject.USER) {
        eDN = DN.valueOf(entryDN).parent().toString();
    }
    String orgDN = getOrganizationDN(internalToken, eDN);
    try {
        if (debug.messageEnabled()) {
            debug.message("DirectoryServicesImpl.setAttributes() entryDN: " + entryDN);
        }
        if (objectType == AMObject.USER) {
            // Create user modification list
            // Invoke the user password validation plugin. Note: the
            // validation is done only for String attributes
            UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
            try {
                pluginImpl.validate(stringAttributes);
            } catch (AMException ame) {
                debug.error("DirectoryServicesImpl.setAttributes(): Invalid " + "characters for user", ame);
                throw ame;
            }
            // Create a mailter instance
            mailer = new EmailNotificationHelper(entryDN);
            mailer.setUserModifyNotificationList();
        }
        if ((getUserPostPlugin() != null) || (mailer != null && mailer.isPresentUserModifyNotificationList())) {
            Set attrNames = stringAttributes.keySet();
            oldAttributes = getAttributes(token, entryDN, attrNames, objectType);
        }
        // Call pre-processing user impls & get modified attributes
        // Note currently only String attributes supported
        stringAttributes = processPreModifyCallBacks(token, entryDN, oldAttributes, stringAttributes, orgDN, objectType);
        // Set DCTree attributes
        setDCTreeAttributes(token, entryDN, stringAttributes, objectType);
        // modify and save the entry
        modifyAndSaveEntry(token, entryDN, stringAttributes, byteAttributes, isAdd);
    } catch (AccessRightsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.setAttributes() User does " + "not have sufficient access rights: ", e);
        }
        throw new AMException(token, "460");
    } catch (EntryNotFoundException ee) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.setAttributes() Entry not " + "found: ", ee);
        }
        String msgid = getEntryNotFoundMsgID(objectType);
        String entryName = getEntryName(ee);
        Object[] args = { entryName };
        throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
    } catch (UMSException e) {
        if (debug.warningEnabled())
            debug.warning("DirectoryServicesImpl.setAttributes() Internal " + "error occurred", e);
        processInternalException(token, e, "452");
    }
    processPostModifyCallBacks(token, entryDN, oldAttributes, stringAttributes, orgDN, objectType);
    if (objectType == AMObject.USER) {
        AMUserEntryProcessed postPlugin = getUserPostPlugin();
        if (postPlugin != null) {
            // Invoke pre processing impls
            postPlugin.processUserModify(token, entryDN, oldAttributes, stringAttributes);
        }
        if (mailer != null && mailer.isPresentUserModifyNotificationList()) {
            mailer.sendUserModifyNotification(token, stringAttributes, oldAttributes);
        }
    }
}
Also used : AccessRightsException(com.iplanet.ums.AccessRightsException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) TreeSet(java.util.TreeSet) HashSet(java.util.HashSet) AttrSet(com.iplanet.services.ldap.AttrSet) UMSException(com.iplanet.ums.UMSException) EntryNotFoundException(com.iplanet.ums.EntryNotFoundException) AMException(com.iplanet.am.sdk.AMException) AMUserEntryProcessed(com.iplanet.am.sdk.AMUserEntryProcessed) Map(java.util.Map) AMHashMap(com.iplanet.am.sdk.AMHashMap) HashMap(java.util.HashMap) TreeMap(java.util.TreeMap)

Example 19 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createUser.

/**
     * Method to create a user entry
     */
private void createUser(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    // Invoke the Pre Processing plugin
    String entryDN = getNamingAttribute(AMObject.USER) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.USER), profileName);
    // Invoke the user password validation plugin
    UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
    try {
        pluginImpl.validate(CommonUtils.attrSetToMap(attrSet));
    } catch (AMException ame) {
        debug.error("DirectoryServicesImpl.createUser(): Invalid " + "characters for user", ame);
        throw ame;
    }
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicUser", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    // User user = new User(creationTemp, attrSet);
    PersistentObject user = new PersistentObject(creationTemp, attrSet);
    try {
        parentObj.addChild(user);
    } catch (AccessRightsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createUser(): Insufficient " + "Access rights to create user", e);
        }
        throw new AMException(token, "460");
    } catch (EntryAlreadyExistsException ee) {
        if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
            // COMPLIANCE
            // If the existing entry is marked for deletion, then
            // the error message should be different.
            complianceImpl.checkIfDeletedUser(token, user.getDN());
        }
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createUser() User " + "already exists: ", ee);
        }
        throw new AMEntryExistsException(token, "328", ee);
    } catch (UMSException ue) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createUser(): Internal " + "Error occurred. Unable to create User Entry", ue);
        }
        processInternalException(token, ue, "324");
    }
    // Invoke Post processing impls
    callBackHelper.postProcess(token, user.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
    // TODO: REMOVE after Portal moves to new API's
    AMUserEntryProcessed postPlugin = getUserPostPlugin();
    if (postPlugin != null) {
        Map attrMap = CommonUtils.attrSetToMap(attrSet);
        postPlugin.processUserAdd(token, user.getDN(), attrMap);
    }
    EmailNotificationHelper mailerObj = new EmailNotificationHelper(user.getDN());
    mailerObj.setUserCreateNotificationList();
    mailerObj.sendUserCreateNotification(attributes);
}
Also used : AccessRightsException(com.iplanet.ums.AccessRightsException) UMSException(com.iplanet.ums.UMSException) AMException(com.iplanet.am.sdk.AMException) PersistentObject(com.iplanet.ums.PersistentObject) Guid(com.iplanet.ums.Guid) EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException) AttrSet(com.iplanet.services.ldap.AttrSet) AMEntryExistsException(com.iplanet.am.sdk.AMEntryExistsException) CreationTemplate(com.iplanet.ums.CreationTemplate) TemplateManager(com.iplanet.ums.TemplateManager) AMUserEntryProcessed(com.iplanet.am.sdk.AMUserEntryProcessed) Map(java.util.Map) AMHashMap(com.iplanet.am.sdk.AMHashMap) HashMap(java.util.HashMap) TreeMap(java.util.TreeMap)

Example 20 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createOrganization.

private void createOrganization(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException, SSOException {
    // Invoke the Pre Processing plugin. Note: we need to obtain
    // the parent org of this organization to obtain the
    // plugin classes for the parent org.
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    String entryDN = getNamingAttribute(AMObject.ORGANIZATION) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATION), profileName);
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    com.iplanet.ums.Organization org = null;
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganization", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    // COMPLIANCE: DCTREE
    if (dcTreeImpl.isRequired()) {
        AttrSet[] attrSetArray = dcTreeImpl.splitAttrSet(parentObj.getDN(), attrSet);
        org = new com.iplanet.ums.Organization(creationTemp, attrSetArray[0]);
        // create the DC node first. If it fails then the org node will not
        // be created at all. No clean up needed afterwards then.
        dcTreeImpl.createDomain(token, new Guid(entryDN), attrSet);
    } else {
        org = new com.iplanet.ums.Organization(creationTemp, attrSet);
    }
    try {
        parentObj.addChild(org);
    } catch (UMSException ue) {
        // clean up DC node
        if (dcTreeImpl.isRequired()) {
            dcTreeImpl.removeDomain(token, entryDN);
        }
        if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
            // COMPLIANCE
            // If the existing entry is marked for deletion, then
            // the error message should be different.
            complianceImpl.checkIfDeletedOrg(token, org.getDN());
        }
        throw ue;
    }
    if (ComplianceServicesImpl.isAdminGroupsEnabled(org.getDN())) {
        complianceImpl.createAdminGroups(token, org);
    }
    // mode, the corresponding realm must also be created.
    if (ServiceManager.isCoexistenceMode() && ServiceManager.isRealmEnabled()) {
        try {
            // Check if realm exisits, this throws SMSException
            // if realm does not exist
            new OrganizationConfigManager(token, entryDN);
        } catch (SMSException smse) {
            // Organization does not exist, create it
            if (debug.messageEnabled()) {
                debug.message("DirectoryServicesImpl::createOrganization " + "creating realm: " + org.getDN());
            }
            try {
                OrganizationConfigManager ocm = new OrganizationConfigManager(token, orgDN);
                ocm.createSubOrganization(profileName, null);
            } catch (SMSException se) {
                if (debug.messageEnabled()) {
                    debug.message("DirectoryServicesImpl::" + "createOrganization unable to create realm: " + org.getDN(), se);
                }
            }
        }
    }
    // If in legacy mode, add the default services
    if (ServiceManager.isCoexistenceMode()) {
        try {
            OrganizationConfigManager ocm = new OrganizationConfigManager(token, entryDN);
            OrganizationConfigManager.loadDefaultServices(token, ocm);
        } catch (SMSException smse) {
            // Unable to load default services
            if (debug.warningEnabled()) {
                debug.warning("DirectoryServicesImpl::createOrganization " + "Unable to load services: " + org.getDN());
            }
        }
    }
    // Invoke Post processing impls. Note: orgDN is parent org
    callBackHelper.postProcess(token, org.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
}
Also used : CreationTemplate(com.iplanet.ums.CreationTemplate) UMSException(com.iplanet.ums.UMSException) SMSException(com.sun.identity.sm.SMSException) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) TemplateManager(com.iplanet.ums.TemplateManager) Guid(com.iplanet.ums.Guid) AttrSet(com.iplanet.services.ldap.AttrSet)

Aggregations

UMSException (com.iplanet.ums.UMSException)48 Guid (com.iplanet.ums.Guid)40 AMException (com.iplanet.am.sdk.AMException)31 PersistentObject (com.iplanet.ums.PersistentObject)24 AttrSet (com.iplanet.services.ldap.AttrSet)16 Attr (com.iplanet.services.ldap.Attr)14 EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)11 AccessRightsException (com.iplanet.ums.AccessRightsException)10 DomainComponentTree (com.iplanet.ums.dctree.DomainComponentTree)8 AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)6 SearchResults (com.iplanet.ums.SearchResults)6 HashMap (java.util.HashMap)6 Map (java.util.Map)6 DN (org.forgerock.opendj.ldap.DN)6 AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)5 AMHashMap (com.iplanet.am.sdk.AMHashMap)5 AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5 EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)5 TreeMap (java.util.TreeMap)5 LdapException (org.forgerock.opendj.ldap.LdapException)5