use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.
the class DCTreeServicesImpl method createDomain.
/**
* Method which creates a DC Tree for the given org, if the
* <code>sunPreferredDomain</code> attribute is present and has a fully
* qualified domain name as value.
*
* @param token
* SSOToken
* @param orgGuid
* identifiication of Organization entry to be mapped from dctree
* to organization DIT organization
* @param domainName
* set the domain this organization belongs to.
* @param attrSet
* the AttrSet of the organization
*
* @exception AMException
* if unsuccessful in creating a dc tree for the organization
* or unsuccessful in setting the mapping between dc tree and
* the organization
*/
protected void createDomain(SSOToken token, Guid orgGuid, String domainName, AttrSet attrSet) throws AMException {
if (DCTREE_START_DN == null) {
throw new AMException(AMSDKBundle.getString("355"), "355");
}
// Create a DC tree for specified domain.
if ((domainName != null) && (!domainName.equals(""))) {
try {
DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
dcTree.addDomain(domainName);
// Set the domain mapping
dcTree.setDomainMapping(domainName, orgGuid);
String status = attrSet.getValue(INET_DOMAIN_STATUS_ATTR);
if (status != null) {
dcTree.setDomainStatus(domainName, status);
}
} catch (InvalidDCRootException ie) {
debug.error("DCTree.createDomain(): ", ie);
throw new AMException(AMSDKBundle.getString("343"), "343");
} catch (UMSException ue) {
debug.error("DCTree.createDomain(): ", ue);
throw new AMException(AMSDKBundle.getString("344"), "344");
}
}
}
use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.
the class DCTreeServicesImpl method updateDomainStatus.
/**
* Method which update attribute inetdomainstatus of the DC Tree
* corresponding to the Org
*
* @param token
* SSOToken
* @param orgDN
* String representing the DN correponding to the organization
* @param status
* inetdomainstatus value
*
* @exception AMException
* if error occured in accessing the org corresponding to
* orgDN or during the attribute change of the dc tree
* corresponding to the orgDN
*/
protected void updateDomainStatus(SSOToken token, String orgDN, String status) throws AMException {
try {
String domainName = getCanonicalDomain(token, orgDN);
if ((domainName != null) && (domainName.length() > 0)) {
DomainComponentTree dcTree = new DomainComponentTree(token, new Guid(DCTREE_START_DN));
dcTree.setDomainStatus(domainName, status);
} else {
debug.warning("DCTree.updateDomainStatus(): value for " + IPLANET_DOMAIN_NAME_ATTR + " attribute " + "null or empty");
}
// }
} catch (UMSException ue) {
debug.error("DCTree.removeDomain(): ", ue);
throw new AMException(AMSDKBundle.getString("356"), "356");
}
}
use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method setAttributes.
// TODO: method rename from setProfileAttributes to setAttributes
/**
* Method Set the attributes of an entry.
*
* @param token
* SSOToken
* @param entryDN
* DN of the profile whose template is to be set
* @param objectType
* profile type
* @param stringAttributes
* attributes to be set
* @param byteAttributes
* attributes to be set
* @param isAdd
* <code>true</code> if add to existing value;
* otherwise replace the existing value.
*/
public void setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd) throws AMException, SSOException {
Map oldAttributes = null;
EmailNotificationHelper mailer = null;
validateAttributeUniqueness(entryDN, objectType, false, stringAttributes);
String eDN = entryDN;
if (objectType == AMObject.USER) {
eDN = DN.valueOf(entryDN).parent().toString();
}
String orgDN = getOrganizationDN(internalToken, eDN);
try {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.setAttributes() entryDN: " + entryDN);
}
if (objectType == AMObject.USER) {
// Create user modification list
// Invoke the user password validation plugin. Note: the
// validation is done only for String attributes
UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
try {
pluginImpl.validate(stringAttributes);
} catch (AMException ame) {
debug.error("DirectoryServicesImpl.setAttributes(): Invalid " + "characters for user", ame);
throw ame;
}
// Create a mailter instance
mailer = new EmailNotificationHelper(entryDN);
mailer.setUserModifyNotificationList();
}
if ((getUserPostPlugin() != null) || (mailer != null && mailer.isPresentUserModifyNotificationList())) {
Set attrNames = stringAttributes.keySet();
oldAttributes = getAttributes(token, entryDN, attrNames, objectType);
}
// Call pre-processing user impls & get modified attributes
// Note currently only String attributes supported
stringAttributes = processPreModifyCallBacks(token, entryDN, oldAttributes, stringAttributes, orgDN, objectType);
// Set DCTree attributes
setDCTreeAttributes(token, entryDN, stringAttributes, objectType);
// modify and save the entry
modifyAndSaveEntry(token, entryDN, stringAttributes, byteAttributes, isAdd);
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.setAttributes() User does " + "not have sufficient access rights: ", e);
}
throw new AMException(token, "460");
} catch (EntryNotFoundException ee) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.setAttributes() Entry not " + "found: ", ee);
}
String msgid = getEntryNotFoundMsgID(objectType);
String entryName = getEntryName(ee);
Object[] args = { entryName };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException e) {
if (debug.warningEnabled())
debug.warning("DirectoryServicesImpl.setAttributes() Internal " + "error occurred", e);
processInternalException(token, e, "452");
}
processPostModifyCallBacks(token, entryDN, oldAttributes, stringAttributes, orgDN, objectType);
if (objectType == AMObject.USER) {
AMUserEntryProcessed postPlugin = getUserPostPlugin();
if (postPlugin != null) {
// Invoke pre processing impls
postPlugin.processUserModify(token, entryDN, oldAttributes, stringAttributes);
}
if (mailer != null && mailer.isPresentUserModifyNotificationList()) {
mailer.sendUserModifyNotification(token, stringAttributes, oldAttributes);
}
}
}
use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createUser.
/**
* Method to create a user entry
*/
private void createUser(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
// Invoke the Pre Processing plugin
String entryDN = getNamingAttribute(AMObject.USER) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.USER), profileName);
// Invoke the user password validation plugin
UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
try {
pluginImpl.validate(CommonUtils.attrSetToMap(attrSet));
} catch (AMException ame) {
debug.error("DirectoryServicesImpl.createUser(): Invalid " + "characters for user", ame);
throw ame;
}
TemplateManager tempMgr = TemplateManager.getTemplateManager();
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicUser", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
// User user = new User(creationTemp, attrSet);
PersistentObject user = new PersistentObject(creationTemp, attrSet);
try {
parentObj.addChild(user);
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createUser(): Insufficient " + "Access rights to create user", e);
}
throw new AMException(token, "460");
} catch (EntryAlreadyExistsException ee) {
if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
// COMPLIANCE
// If the existing entry is marked for deletion, then
// the error message should be different.
complianceImpl.checkIfDeletedUser(token, user.getDN());
}
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createUser() User " + "already exists: ", ee);
}
throw new AMEntryExistsException(token, "328", ee);
} catch (UMSException ue) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.createUser(): Internal " + "Error occurred. Unable to create User Entry", ue);
}
processInternalException(token, ue, "324");
}
// Invoke Post processing impls
callBackHelper.postProcess(token, user.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.USER, false);
// TODO: REMOVE after Portal moves to new API's
AMUserEntryProcessed postPlugin = getUserPostPlugin();
if (postPlugin != null) {
Map attrMap = CommonUtils.attrSetToMap(attrSet);
postPlugin.processUserAdd(token, user.getDN(), attrMap);
}
EmailNotificationHelper mailerObj = new EmailNotificationHelper(user.getDN());
mailerObj.setUserCreateNotificationList();
mailerObj.sendUserCreateNotification(attributes);
}
use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createOrganization.
private void createOrganization(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException, SSOException {
// Invoke the Pre Processing plugin. Note: we need to obtain
// the parent org of this organization to obtain the
// plugin classes for the parent org.
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
String entryDN = getNamingAttribute(AMObject.ORGANIZATION) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATION), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
com.iplanet.ums.Organization org = null;
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganization", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
// COMPLIANCE: DCTREE
if (dcTreeImpl.isRequired()) {
AttrSet[] attrSetArray = dcTreeImpl.splitAttrSet(parentObj.getDN(), attrSet);
org = new com.iplanet.ums.Organization(creationTemp, attrSetArray[0]);
// create the DC node first. If it fails then the org node will not
// be created at all. No clean up needed afterwards then.
dcTreeImpl.createDomain(token, new Guid(entryDN), attrSet);
} else {
org = new com.iplanet.ums.Organization(creationTemp, attrSet);
}
try {
parentObj.addChild(org);
} catch (UMSException ue) {
// clean up DC node
if (dcTreeImpl.isRequired()) {
dcTreeImpl.removeDomain(token, entryDN);
}
if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
// COMPLIANCE
// If the existing entry is marked for deletion, then
// the error message should be different.
complianceImpl.checkIfDeletedOrg(token, org.getDN());
}
throw ue;
}
if (ComplianceServicesImpl.isAdminGroupsEnabled(org.getDN())) {
complianceImpl.createAdminGroups(token, org);
}
// mode, the corresponding realm must also be created.
if (ServiceManager.isCoexistenceMode() && ServiceManager.isRealmEnabled()) {
try {
// Check if realm exisits, this throws SMSException
// if realm does not exist
new OrganizationConfigManager(token, entryDN);
} catch (SMSException smse) {
// Organization does not exist, create it
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::createOrganization " + "creating realm: " + org.getDN());
}
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, orgDN);
ocm.createSubOrganization(profileName, null);
} catch (SMSException se) {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::" + "createOrganization unable to create realm: " + org.getDN(), se);
}
}
}
}
// If in legacy mode, add the default services
if (ServiceManager.isCoexistenceMode()) {
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, entryDN);
OrganizationConfigManager.loadDefaultServices(token, ocm);
} catch (SMSException smse) {
// Unable to load default services
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl::createOrganization " + "Unable to load services: " + org.getDN());
}
}
}
// Invoke Post processing impls. Note: orgDN is parent org
callBackHelper.postProcess(token, org.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
}
Aggregations