Example 6 with AuthPrincipal
use of com.sun.identity.authentication.internal.AuthPrincipal in project OpenAM by OpenRock.
the class ImportConfig method main.
public static void main(String[] args) throws Exception {
if (args.length == 0) {
System.err.println("usage: serverAdmin import xmlFile");
System.exit(1);
}
if (args[0].equals("import")) {
try {
FileInputStream fisSchema = new FileInputStream(args[1]);
DSConfigMgr cfgMgr = DSConfigMgr.getDSConfigMgr();
ServerInstance sInst = cfgMgr.getServerInstance(LDAPUser.Type.AUTH_ADMIN);
authPcpl = new AuthPrincipal(sInst.getAuthID());
AuthContext authCtx = new AuthContext(authPcpl, sInst.getPasswd().toCharArray());
SSOToken userSSOToken = authCtx.getSSOToken();
ServiceManager smsMgr = new ServiceManager(userSSOToken);
smsMgr.registerServices(fisSchema);
} catch (Exception e) {
e.printStackTrace();
System.err.println(e);
}
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
ServiceManager(com.sun.identity.sm.ServiceManager)
DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr)
AuthContext(com.sun.identity.authentication.internal.AuthContext)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
ServerInstance(com.iplanet.services.ldap.ServerInstance)
FileInputStream(java.io.FileInputStream)
Example 7 with AuthPrincipal
use of com.sun.identity.authentication.internal.AuthPrincipal in project OpenAM by OpenRock.
the class AdminInterfaceUtils method initialize.
/**
* Initializes the default containers using SMS
*/
private static void initialize() {
if (!initialized) {
try {
// Generate a SSOToken to initialize ServiceSchemaManager
String adminDN = (String) AccessController.doPrivileged(new AdminDNAction());
String adminPassword = (String) AccessController.doPrivileged(new AdminPasswordAction());
SSOTokenManager mgr = SSOTokenManager.getInstance();
ServiceConfigManager scm = new ServiceConfigManager(SERVICE_NAME, mgr.createSSOToken(new AuthPrincipal(adminDN), adminPassword));
if (!addedListener) {
addedListener = true;
scm.addListener(new AdminInterfaceUtils());
}
ServiceConfig globalConfig = scm.getGlobalConfig(null);
ServiceConfig templatesConfig = globalConfig.getSubConfig(TEMPLATES);
ServiceConfig structTemplateSubConfig = templatesConfig.getSubConfig(STRUCTURE_TEMPLATES);
ServiceConfig groupContConfig = structTemplateSubConfig.getSubConfig(GCCREATE_ATTR_NAME);
ServiceConfig peopleContConfig = structTemplateSubConfig.getSubConfig(PCCREATE_ATTR_NAME);
ServiceConfig orgAdminConfig = structTemplateSubConfig.getSubConfig(ORG_ADMIN_ATTR_NAME);
ServiceConfig helpDeskAdminConfig = structTemplateSubConfig.getSubConfig(HELP_DESK_ADMIN_ATTR_NAME);
ServiceConfig policyAdminConfig = structTemplateSubConfig.getSubConfig(POLICY_ADMIN_ATTR_NAME);
defaultGCCreateDuringOrgConfig = getConfigAttributeValue(groupContConfig, defaultGCCreateDuringOrgConfig);
defaultPCCreateDuringOrgConfig = getConfigAttributeValue(peopleContConfig, defaultPCCreateDuringOrgConfig);
defaultORGADMIN = getConfigAttributeValue(orgAdminConfig, defaultORGADMIN);
defaultHELP_DESK_ADMIN = getConfigAttributeValue(helpDeskAdminConfig, defaultHELP_DESK_ADMIN);
defaultPOLICY_ADMIN = getConfigAttributeValue(policyAdminConfig, defaultPOLICY_ADMIN);
ServiceSchemaManager sm = new ServiceSchemaManager(CONSOLE_SERVICE_NAME, mgr.createSSOToken(new AuthPrincipal(adminDN), adminPassword));
if (!addedListener) {
addedListener = true;
sm.addListener(new AdminInterfaceUtils());
}
ServiceSchema schema = sm.getGlobalSchema();
defaultAC = getAttributeValue(schema, AC_ATTR_NAME, defaultAC);
defaultGC = getAttributeValue(schema, GC_ATTR_NAME, defaultGC);
defaultPC = getAttributeValue(schema, PC_ATTR_NAME, defaultPC);
} catch (Exception e) {
// Use the default values, and write out debug warning msg
debug.warning("AdminInterfaceUtils: Unable to get " + "default People, Groups, Org Admin Role, " + "Help Desk Admin Role, Policy Admin Role and " + "Agents containers from SM", e);
}
if (debug.messageEnabled()) {
debug.message("AdminInterfaceUtils: Defaults container: " + defaultPC + ", " + defaultGC + ", " + defaultAC + ", " + defaultPCCreateDuringOrgConfig + ", " + defaultGCCreateDuringOrgConfig + ", " + defaultORGADMIN + ", " + defaultHELP_DESK_ADMIN + ", " + defaultPOLICY_ADMIN);
}
initialized = true;
}
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
ServiceSchema(com.sun.identity.sm.ServiceSchema)
AdminDNAction(com.sun.identity.security.AdminDNAction)
AdminPasswordAction(com.sun.identity.security.AdminPasswordAction)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
ServiceConfigManager(com.sun.identity.sm.ServiceConfigManager)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
SMSException(com.sun.identity.sm.SMSException)
AMException(com.iplanet.am.sdk.AMException)
SSOException(com.iplanet.sso.SSOException)
Example 8 with AuthPrincipal
use of com.sun.identity.authentication.internal.AuthPrincipal in project OpenAM by OpenRock.
the class TokenUtils method getLocalToken.
public static SSOToken getLocalToken(String orgName, String userId, String password) throws Exception {
SSOTokenManager tm = SSOTokenManager.getInstance();
SSOToken token = tm.createSSOToken(new AuthPrincipal(userId), password);
return token;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
Example 9 with AuthPrincipal
use of com.sun.identity.authentication.internal.AuthPrincipal in project OpenAM by OpenRock.
the class ServerConfigMgr method changePassword.
/**
* Checks and sets the password
*/
private void changePassword(String userType, String oldPassword, String newPassword) throws Exception {
String fileEncPassword = getUserPassword(userType);
String userDN = getUserDN(userType);
if ((fileEncPassword == null) || (fileEncPassword.length() == 0) || (userDN == null) || (userDN.length() == 0)) {
debug.error("Null password or user DN for user type: " + userType + " from file: " + configFile);
throw new XMLException(i18n.getString("dscfg-corrupted-serverconfig"));
}
// Verify old password
if (!oldPassword.equals(AccessController.doPrivileged(new DecodeAction(fileEncPassword)))) {
throw new Exception(i18n.getString("dscfg-old-passwd-donot-match"));
}
if (isAMSDKConfigured) {
// this is to check if updating of DS is required.
try {
new AuthContext(new AuthPrincipal(userDN), newPassword.toCharArray());
if (debug.messageEnabled()) {
debug.message("DN: " + userDN + " new password is already updated in the directory");
}
} catch (LoginException lee) {
try {
AuthContext ac = new AuthContext(new AuthPrincipal(userDN), oldPassword.toCharArray());
PersistentObject user = UMSObject.getObject(ac.getSSOToken(), new Guid(userDN));
if (debug.messageEnabled()) {
debug.message("For DN: " + userDN + " changing password in directory");
}
user.setAttribute(new Attr("userPassword", newPassword));
user.save();
} catch (LoginException le) {
if (debug.warningEnabled()) {
debug.warning("For DN: " + userDN + " new and old passwords donot match with directory");
}
throw new Exception(i18n.getString("dscfg-invalid-password") + "\n" + le.getMessage());
}
}
}
setUserPassword(userType, newPassword);
}
Also used :
XMLException(com.iplanet.services.util.XMLException)
DecodeAction(com.sun.identity.security.DecodeAction)
AuthContext(com.sun.identity.authentication.internal.AuthContext)
LoginException(javax.security.auth.login.LoginException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
PersistentObject(com.iplanet.ums.PersistentObject)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
Guid(com.iplanet.ums.Guid)
LoginException(javax.security.auth.login.LoginException)
FileNotFoundException(java.io.FileNotFoundException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IdRepoException(com.sun.identity.idm.IdRepoException)
XMLException(com.iplanet.services.util.XMLException)
IOException(java.io.IOException)
ConfiguratorException(com.sun.identity.setup.ConfiguratorException)
Example 10 with AuthPrincipal
use of com.sun.identity.authentication.internal.AuthPrincipal in project OpenAM by OpenRock.
the class LocalLdapAuthModule method commit.
public boolean commit() throws LoginException {
// Add the DN to the Subject
Set principals = subject.getPrincipals();
principals.add(new AuthPrincipal(userDN));
return (true);
}
Also used :
Set(java.util.Set)
AuthPrincipal(com.sun.identity.authentication.internal.AuthPrincipal)
Aggregations
AuthPrincipal (com.sun.identity.authentication.internal.AuthPrincipal)12
SSOToken (com.iplanet.sso.SSOToken)8
SSOTokenManager (com.iplanet.sso.SSOTokenManager)5
AuthContext (com.sun.identity.authentication.internal.AuthContext)5
SSOException (com.iplanet.sso.SSOException)4
Set (java.util.Set)4
AdminDNAction (com.sun.identity.security.AdminDNAction)2
ConfiguratorException (com.sun.identity.setup.ConfiguratorException)2
SMSException (com.sun.identity.sm.SMSException)2
HashMap (java.util.HashMap)2
AMException (com.iplanet.am.sdk.AMException)1
AMOrganization (com.iplanet.am.sdk.AMOrganization)1
AMStoreConnection (com.iplanet.am.sdk.AMStoreConnection)1
DSConfigMgr (com.iplanet.services.ldap.DSConfigMgr)1
ServerInstance (com.iplanet.services.ldap.ServerInstance)1
XMLException (com.iplanet.services.util.XMLException)1
Guid (com.iplanet.ums.Guid)1
PersistentObject (com.iplanet.ums.PersistentObject)1
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)1
IdRepoException (com.sun.identity.idm.IdRepoException)1
