Example 41 with AMConfigurationException
use of com.sun.identity.authentication.config.AMConfigurationException in project OpenAM by OpenRock.
the class AuthenticationModuleCollectionHandler method handleQuery.
/**
* Returns the list of configured authentication module instances for the current realm.
*
* {@inheritDoc}
*/
@Override
public Promise<QueryResponse, ResourceException> handleQuery(Context context, QueryRequest request, QueryResourceHandler handler) {
String searchForId;
try {
searchForId = request.getQueryFilter().accept(new AuthenticationModuleQueryFilterVisitor(), null);
} catch (UnsupportedOperationException e) {
return new NotSupportedException("Query not supported: " + request.getQueryFilter()).asPromise();
}
if (request.getPagedResultsCookie() != null || request.getPagedResultsOffset() > 0 || request.getPageSize() > 0) {
return new NotSupportedException("Query paging not currently supported").asPromise();
}
try {
SSOToken ssoToken = context.asContext(SSOTokenContext.class).getCallerSSOToken();
String realm = context.asContext(RealmContext.class).getResolvedRealm();
AMAuthenticationManager mgr = new AMAuthenticationManager(ssoToken, realm);
Set<AMAuthenticationInstance> moduleInstances = mgr.getAuthenticationInstances();
List<ResourceResponse> resourceResponses = new ArrayList<>();
for (AMAuthenticationInstance instance : moduleInstances) {
String name = instance.getName();
if (searchForId == null || searchForId.equalsIgnoreCase(name)) {
try {
ServiceSchemaManager schemaManager = getSchemaManager(instance.getType());
String type = schemaManager.getResourceName();
String typeDescription = getI18NValue(schemaManager, instance.getType(), debug);
JsonValue result = json(object(field(ResourceResponse.FIELD_CONTENT_ID, name), field("typeDescription", typeDescription), field("type", type)));
resourceResponses.add(newResourceResponse(name, String.valueOf(result.hashCode()), result));
} catch (AMConfigurationException ex) {
debug.error("AuthenticationModuleCollectionHandler.handleQuery(): Invalid auth module " + "instance configuration: {}", name);
if (debug.messageEnabled()) {
debug.message("AuthenticationModuleCollectionHandler.handleQuery(): Configuration exception: {}", name, ex);
}
}
}
}
return QueryResponsePresentation.perform(handler, request, resourceResponses);
} catch (AMConfigurationException e) {
debug.warning("::AuthenticationModuleCollectionHandler:: AMConfigurationException on create", e);
return new InternalServerErrorException("Unable to create SMS config: " + e.getMessage()).asPromise();
} catch (SSOException e) {
debug.warning("::AuthenticationModuleCollectionHandler:: SSOException on create", e);
return new InternalServerErrorException("Unable to create SMS config: " + e.getMessage()).asPromise();
} catch (SMSException e) {
debug.warning("::AuthenticationModuleCollectionHandler:: SMSException on create", e);
return new InternalServerErrorException("Unable to create SMS config: " + e.getMessage()).asPromise();
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
RealmContext(org.forgerock.openam.rest.RealmContext)
SMSException(com.sun.identity.sm.SMSException)
ArrayList(java.util.ArrayList)
JsonValue(org.forgerock.json.JsonValue)
SSOException(com.iplanet.sso.SSOException)
SSOTokenContext(org.forgerock.openam.rest.resource.SSOTokenContext)
Responses.newResourceResponse(org.forgerock.json.resource.Responses.newResourceResponse)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
AMConfigurationException(com.sun.identity.authentication.config.AMConfigurationException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
AMAuthenticationInstance(com.sun.identity.authentication.config.AMAuthenticationInstance)
NotSupportedException(org.forgerock.json.resource.NotSupportedException)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
AMAuthenticationManager(com.sun.identity.authentication.config.AMAuthenticationManager)
Example 42 with AMConfigurationException
use of com.sun.identity.authentication.config.AMConfigurationException in project OpenAM by OpenRock.
the class ConfigMonitoring method getRealmAuthMods.
HashMap getRealmAuthMods(String realmName) {
String classMethod = "ConfigMonitoring.getRealmAuthMods: ";
HashMap aMods = new HashMap();
try {
AMAuthenticationManager mgr = new AMAuthenticationManager(ssoToken, realmName);
Set insts = mgr.getAuthenticationInstances();
for (Iterator it = insts.iterator(); it.hasNext(); ) {
AMAuthenticationInstance ai = (AMAuthenticationInstance) it.next();
String stname = ai.getName();
String sttype = ai.getType();
aMods.put(stname, sttype);
}
/*
* all get an "Application" instance/type by default
*/
aMods.put("Application", "Application");
} catch (AMConfigurationException e) {
debug.error(classMethod + "getting auth instances; " + e.getMessage());
}
return aMods;
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
Iterator(java.util.Iterator)
AMConfigurationException(com.sun.identity.authentication.config.AMConfigurationException)
AMAuthenticationInstance(com.sun.identity.authentication.config.AMAuthenticationInstance)
AMAuthenticationManager(com.sun.identity.authentication.config.AMAuthenticationManager)
Example 43 with AMConfigurationException
use of com.sun.identity.authentication.config.AMConfigurationException in project OpenAM by OpenRock.
the class ResourceEnvIPCondition method getAdviceMessagesforRedirectURL.
/**
* Returns advice messages for Authentication Redirect condition.
*/
private Set getAdviceMessagesforRedirectURL(String adviceValue, SSOToken token, Map env) throws PolicyException, SSOException {
Set adviceMessages = new HashSet();
Set requestAuthSchemes = null;
Set requestAuthSchemesIgnoreRealm = null;
boolean nullRealm = false;
boolean allow = false;
String orgName = "/";
if ((env != null) && (env.get(REQUEST_AUTH_SCHEMES) != null)) {
try {
Set<String> orgSet = (Set<String>) env.get(PolicyEvaluator.REALM_DN);
if (orgSet != null) {
orgName = orgSet.iterator().next();
}
requestAuthSchemes = (Set) env.get(REQUEST_AUTH_SCHEMES);
if (DEBUG.messageEnabled()) {
DEBUG.message("At ResourceEnvIPCondition." + "getAdviceMessagesforRedirectURL(): " + "requestAuthSchemes from env= " + requestAuthSchemes + " AND orgName from env= " + orgName);
}
} catch (ClassCastException e) {
String[] args = { REQUEST_AUTH_SCHEMES };
throw new PolicyException(ResBundleUtils.rbName, "property_is_not_a_Set", args, e);
}
} else {
if (token != null) {
orgName = token.getProperty(ISAuthConstants.ORGANIZATION);
requestAuthSchemes = AMAuthUtils.getRealmQualifiedAuthenticatedSchemes(token);
requestAuthSchemesIgnoreRealm = AMAuthUtils.getAuthenticatedSchemes(token);
if (DEBUG.messageEnabled()) {
DEBUG.message("At ResourceEnvIPCondition." + "getAdviceMessagesforRedirectURL(): " + "orgName from ssoToken= " + orgName);
DEBUG.message("At ResourceEnvIPCondition." + "getAdviceMessagesforRedirectURL(): " + "requestAuthSchemes from ssoToken= " + requestAuthSchemes);
DEBUG.message("At ResourceEnvIPCondition." + "getAdviceMessagesforRedirectURL(): " + "requestAuthSchemesIgnoreRealm from ssoToken= " + requestAuthSchemesIgnoreRealm);
}
}
}
if (requestAuthSchemes == null) {
requestAuthSchemes = Collections.EMPTY_SET;
}
if (requestAuthSchemesIgnoreRealm == null) {
requestAuthSchemesIgnoreRealm = Collections.EMPTY_SET;
}
String schemeInstance = null;
String authSchemeType = null;
try {
SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
for (Iterator iter = requestAuthSchemes.iterator(); iter.hasNext(); ) {
String requestAuthnScheme = (String) iter.next();
schemeInstance = AMAuthUtils.getDataFromRealmQualifiedData(requestAuthnScheme);
String realm = AMAuthUtils.getRealmFromRealmQualifiedData(requestAuthnScheme);
if ((realm == null) || (realm.length() == 0)) {
nullRealm = true;
break;
} else {
AMAuthenticationManager authManager = new AMAuthenticationManager(adminToken, orgName);
AMAuthenticationInstance authInstance = authManager.getAuthenticationInstance(schemeInstance);
authSchemeType = authInstance.getType();
if ("Federation".equals(authSchemeType)) {
allow = true;
break;
}
}
}
if (nullRealm) {
for (Iterator iter = requestAuthSchemesIgnoreRealm.iterator(); iter.hasNext(); ) {
schemeInstance = (String) iter.next();
AMAuthenticationManager authManager = new AMAuthenticationManager(adminToken, orgName);
AMAuthenticationInstance authInstance = authManager.getAuthenticationInstance(schemeInstance);
authSchemeType = authInstance.getType();
if ("Federation".equals(authSchemeType)) {
allow = true;
break;
}
}
}
} catch (AMConfigurationException ace) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("ResourceEnvIPCondition." + "getAdviceMessagesforRedirectURL():" + "got AMConfigurationException:" + "schemeInstance=" + schemeInstance + ", authSchemeType = " + authSchemeType);
}
Object[] args = { schemeInstance };
throw new PolicyException(ResBundleUtils.rbName, "auth_scheme_not_found", args, ace);
}
if (!allow) {
adviceMessages.add(adviceValue);
}
if (DEBUG.messageEnabled()) {
DEBUG.message("At ResourceEnvIPCondition." + "getAdviceMessagesforRedirectURL():" + "redirectURL=" + adviceValue + "schemeInstance=" + schemeInstance + ",authSchemeType=" + authSchemeType + ",adviceMessages=" + adviceMessages);
}
return adviceMessages;
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
SSOToken(com.iplanet.sso.SSOToken)
PolicyException(com.sun.identity.policy.PolicyException)
Iterator(java.util.Iterator)
AMConfigurationException(com.sun.identity.authentication.config.AMConfigurationException)
AMAuthenticationInstance(com.sun.identity.authentication.config.AMAuthenticationInstance)
HashSet(java.util.HashSet)
AMAuthenticationManager(com.sun.identity.authentication.config.AMAuthenticationManager)
Example 44 with AMConfigurationException
use of com.sun.identity.authentication.config.AMConfigurationException in project OpenAM by OpenRock.
the class ResourceEnvIPCondition method getAdviceMessagesforRedirectURL.
/**
* Returns advice messages for Authentication Redirect condition.
*/
private Set<String> getAdviceMessagesforRedirectURL(String adviceValue, SSOToken token, Map env) throws EntitlementException, SSOException {
if (debug.messageEnabled()) {
localDebugName = debugName + ".getAdviceMessagesforRedirectURL(): ";
}
Set<String> adviceMessages = new HashSet<String>();
Set requestAuthSchemes = null;
Set requestAuthSchemesIgnoreRealm = null;
boolean nullRealm = false;
boolean allow = false;
String orgName = "/";
if ((env != null) && (env.get(REQUEST_AUTH_SCHEMES) != null)) {
try {
orgName = CollectionHelper.getMapAttr(env, PolicyEvaluator.REALM_DN, orgName);
requestAuthSchemes = (Set) env.get(REQUEST_AUTH_SCHEMES);
if (debug.messageEnabled()) {
debug.message(localDebugName + "requestAuthSchemes from env= " + requestAuthSchemes + " AND " + "orgName from env= " + orgName);
}
} catch (ClassCastException e) {
throw new EntitlementException(PROPERTY_IS_NOT_A_SET, new String[] { REQUEST_AUTH_SCHEMES }, e);
}
} else {
if (token != null) {
orgName = token.getProperty(ISAuthConstants.ORGANIZATION);
requestAuthSchemes = AMAuthUtils.getRealmQualifiedAuthenticatedSchemes(token);
requestAuthSchemesIgnoreRealm = AMAuthUtils.getAuthenticatedSchemes(token);
if (debug.messageEnabled()) {
debug.message(localDebugName + "orgName " + "from ssoToken= " + orgName);
debug.message(localDebugName + "requestAuthSchemes from ssoToken= " + requestAuthSchemes);
debug.message(localDebugName + "requestAuthSchemesIgnoreRealm from ssoToken= " + requestAuthSchemesIgnoreRealm);
}
}
}
if (requestAuthSchemes == null) {
requestAuthSchemes = Collections.EMPTY_SET;
}
if (requestAuthSchemesIgnoreRealm == null) {
requestAuthSchemesIgnoreRealm = Collections.EMPTY_SET;
}
String schemeInstance = null;
String authSchemeType = null;
try {
SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
for (Iterator iter = requestAuthSchemes.iterator(); iter.hasNext(); ) {
String requestAuthnScheme = (String) iter.next();
schemeInstance = AMAuthUtils.getDataFromRealmQualifiedData(requestAuthnScheme);
String realm = AMAuthUtils.getRealmFromRealmQualifiedData(requestAuthnScheme);
if ((realm == null) || (realm.length() == 0)) {
nullRealm = true;
break;
} else {
AMAuthenticationManager authManager = new AMAuthenticationManager(adminToken, orgName);
AMAuthenticationInstance authInstance = authManager.getAuthenticationInstance(schemeInstance);
authSchemeType = authInstance.getType();
if ("Federation".equals(authSchemeType)) {
allow = true;
break;
}
}
}
if (nullRealm) {
for (Iterator iter = requestAuthSchemesIgnoreRealm.iterator(); iter.hasNext(); ) {
schemeInstance = (String) iter.next();
AMAuthenticationManager authManager = new AMAuthenticationManager(adminToken, orgName);
AMAuthenticationInstance authInstance = authManager.getAuthenticationInstance(schemeInstance);
authSchemeType = authInstance.getType();
if ("Federation".equals(authSchemeType)) {
allow = true;
break;
}
}
}
} catch (AMConfigurationException ace) {
if (debug.warningEnabled()) {
debug.warning(localDebugName + "got AMConfigurationException: schemeInstance=" + schemeInstance + ", " + "authSchemeType = " + authSchemeType);
}
throw new EntitlementException(AUTH_SCHEME_NOT_FOUND, new String[] { schemeInstance }, ace);
}
if (!allow) {
adviceMessages.add(adviceValue);
}
if (debug.messageEnabled()) {
debug.message(localDebugName + "redirectURL=" + adviceValue + "schemeInstance=" + schemeInstance + "," + "authSchemeType=" + authSchemeType + ",adviceMessages=" + adviceMessages);
}
return adviceMessages;
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
Set(java.util.Set)
HashSet(java.util.HashSet)
SSOToken(com.iplanet.sso.SSOToken)
Iterator(java.util.Iterator)
AMConfigurationException(com.sun.identity.authentication.config.AMConfigurationException)
AMAuthenticationInstance(com.sun.identity.authentication.config.AMAuthenticationInstance)
HashSet(java.util.HashSet)
AMAuthenticationManager(com.sun.identity.authentication.config.AMAuthenticationManager)
Example 45 with AMConfigurationException
use of com.sun.identity.authentication.config.AMConfigurationException in project OpenAM by OpenRock.
the class ConfigureSocialAuthN method createAuthModule.
private void createAuthModule(String realm, String authModuleName, Map<String, Set<String>> attrs) throws WorkflowException {
try {
AMAuthenticationManager mgr = new AMAuthenticationManager(getAdminToken(), realm);
Map<String, Set<String>> moduleAttrs = mgr.getAuthenticationSchema(AUTH_MODULE_TYPE).getAttributeValues();
// Override default attributes using the provided attrs, but skip any the auth module doesn't expect
for (Map.Entry<String, Set<String>> attr : attrs.entrySet()) {
if (moduleAttrs.containsKey(attr.getKey())) {
moduleAttrs.put(attr.getKey(), attr.getValue());
}
}
mgr.createAuthenticationInstance(authModuleName, AUTH_MODULE_TYPE, moduleAttrs);
} catch (AMConfigurationException e) {
DEBUG.error("An error occurred while creating/modifying social authentication module", e);
throw new WorkflowException("social-service-error", null);
}
}
Also used :
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
Set(java.util.Set)
AMConfigurationException(com.sun.identity.authentication.config.AMConfigurationException)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
Map(java.util.Map)
AMAuthenticationManager(com.sun.identity.authentication.config.AMAuthenticationManager)
Aggregations
AMConfigurationException (com.sun.identity.authentication.config.AMConfigurationException)45
AMAuthenticationManager (com.sun.identity.authentication.config.AMAuthenticationManager)33
Set (java.util.Set)26
Iterator (java.util.Iterator)18
SSOException (com.iplanet.sso.SSOException)17
SSOToken (com.iplanet.sso.SSOToken)17
SMSException (com.sun.identity.sm.SMSException)17
HashSet (java.util.HashSet)17
AMAuthenticationInstance (com.sun.identity.authentication.config.AMAuthenticationInstance)16
CLIException (com.sun.identity.cli.CLIException)13
HashMap (java.util.HashMap)12
Map (java.util.Map)11
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)9
ArrayList (java.util.ArrayList)8
List (java.util.List)8
AMAuthenticationSchema (com.sun.identity.authentication.config.AMAuthenticationSchema)6
AuthConfigurationEntry (com.sun.identity.authentication.config.AuthConfigurationEntry)5
IOutput (com.sun.identity.cli.IOutput)5
JsonValue (org.forgerock.json.JsonValue)3
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)3
