Search in sources :

Example 76 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class BulkFederation method saml2FederateUser.

private void saml2FederateUser(String localUserId, String remoteUserId, BufferedWriter out) throws CLIException {
    SSOToken adminSSOToken = getAdminSSOToken();
    try {
        AMIdentity amid = IdUtils.getIdentity(adminSSOToken, localUserId);
        String nameIdValue = createNameIdentifier();
        NameID nameId = AssertionFactory.getInstance().createNameID();
        nameId.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        if (isIDP) {
            nameId.setNameQualifier(localEntityId);
            nameId.setSPNameQualifier(remoteEntityId);
        } else {
            nameId.setNameQualifier(remoteEntityId);
            nameId.setSPNameQualifier(localEntityId);
        }
        nameId.setValue(nameIdValue);
        String role = (isIDP) ? SAML2Constants.IDP_ROLE : SAML2Constants.SP_ROLE;
        NameIDInfoKey key = new NameIDInfoKey(nameIdValue, localEntityId, remoteEntityId);
        NameIDInfo info = new NameIDInfo(localEntityId, remoteEntityId, nameId, role, true);
        Map attributes = amid.getAttributes(saml2UserAttributesFed);
        Set setInfoKey = (Set) attributes.get(SAML2Constants.NAMEID_INFO_KEY);
        if ((setInfoKey == null) || setInfoKey.isEmpty()) {
            setInfoKey = new HashSet(2);
            attributes.put(SAML2Constants.NAMEID_INFO_KEY, setInfoKey);
        }
        setInfoKey.add(key.toValueString());
        Set setInfo = (Set) attributes.get(SAML2Constants.NAMEID_INFO);
        if ((setInfo == null) || setInfo.isEmpty()) {
            setInfo = new HashSet(2);
            attributes.put(SAML2Constants.NAMEID_INFO, setInfo);
        }
        setInfo.add(info.toValueString());
        amid.setAttributes(attributes);
        amid.store();
        out.write(remoteUserId + "|" + nameIdValue);
        out.newLine();
    } catch (SAML2Exception e) {
        debugError("BulkFederation.saml2FederateUser", e);
        Object[] param = { localUserId };
        throw new CLIException(MessageFormat.format(getResourceString("bulk-federation-cannot-federate"), param), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (IOException e) {
        debugError("BulkFederation.saml2FederateUser", e);
        Object[] param = { localUserId };
        throw new CLIException(MessageFormat.format(getResourceString("bulk-federation-cannot-federate"), param), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (IdRepoException e) {
        debugError("BulkFederation.saml2FederateUser", e);
        IOutput outputWriter = getOutputWriter();
        outputWriter.printlnError(e.getMessage());
    } catch (SSOException e) {
        debugError("BulkFederation.saml2FederateUser", e);
        IOutput outputWriter = getOutputWriter();
        outputWriter.printlnError(e.getMessage());
    }
}
Also used : NameIDInfo(com.sun.identity.saml2.common.NameIDInfo) SSOToken(com.iplanet.sso.SSOToken) HashSet(java.util.HashSet) Set(java.util.Set) NameID(com.sun.identity.saml2.assertion.NameID) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) IOException(java.io.IOException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) IOutput(com.sun.identity.cli.IOutput) AMIdentity(com.sun.identity.idm.AMIdentity) CLIException(com.sun.identity.cli.CLIException) HashMap(java.util.HashMap) Map(java.util.Map) NameIDInfoKey(com.sun.identity.saml2.common.NameIDInfoKey) HashSet(java.util.HashSet)

Example 77 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class CreateCircleOfTrust method handleRequest.

/**
     * Creates a circle of trust.
     *
     * @param rc Request Context.
     * @throws CLIException if unable to process this request.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    ldapLogin();
    realm = getStringOptionValue(FedCLIConstants.ARGUMENT_REALM, "/");
    cot = getStringOptionValue(FedCLIConstants.ARGUMENT_COT);
    prefix = getStringOptionValue(FedCLIConstants.ARGUMENT_PREFIX);
    trustedProviders = (List) rc.getOption(FedCLIConstants.ARGUMENT_TRUSTED_PROVIDERS);
    Set providers = new HashSet();
    if (trustedProviders != null) {
        providers.addAll(trustedProviders);
    }
    String[] params = { realm, cot, providers.toString(), prefix };
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_CREATE_COT", params);
    try {
        CircleOfTrustDescriptor descriptor = ((prefix == null) || (prefix.trim().length() == 0)) ? new CircleOfTrustDescriptor(cot, realm, COTConstants.ACTIVE, "", null, null, null, null, providers) : new CircleOfTrustDescriptor(cot, realm, COTConstants.ACTIVE, "", prefix + "/idffreader", prefix + "/idffwriter", prefix + "/saml2reader", prefix + "/saml2writer", providers);
        CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
        cotManager.createCircleOfTrust(realm, descriptor);
        Object[] objs = { cot, realm };
        getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("create-circle-of-trust-succeeded"), objs));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_CREATE_COT", params);
    } catch (COTException e) {
        debug.warning("CreateCircleOfTrust.handleRequest", e);
        String[] args = { realm, cot, providers.toString(), prefix, e.getMessage() };
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_CREATE_COT", args);
        throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager) CLIException(com.sun.identity.cli.CLIException) CircleOfTrustDescriptor(com.sun.identity.cot.CircleOfTrustDescriptor) COTException(com.sun.identity.cot.COTException) HashSet(java.util.HashSet)

Example 78 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class CreateMetaDataTemplate method buildWSFedDescriptorTemplate.

private void buildWSFedDescriptorTemplate() throws CLIException {
    Writer pw = null;
    try {
        boolean writeToFile = !isWebBased && (metadata != null) && (metadata.length() > 0);
        if (writeToFile) {
            pw = new PrintWriter(new FileWriter(metadata));
        } else {
            pw = new StringWriter();
        }
        String xml = CreateWSFedMetaDataTemplate.createStandardMetaTemplate(entityID, getWorkflowParamMap(), protocol + "://" + host + ":" + port + deploymentURI);
        pw.write(xml);
        if (writeToFile) {
            Object[] objs = { metadata };
            getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("create-meta-template-created-descriptor-template"), objs));
        }
    } catch (IOException e) {
        Object[] objs = { metadata };
        throw new CLIException(MessageFormat.format(getResourceString("cannot-write-to-file"), objs), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (JAXBException e) {
        throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (CertificateEncodingException e) {
        throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } finally {
        if ((pw != null) && (pw instanceof PrintWriter)) {
            ((PrintWriter) pw).close();
        } else {
            this.getOutputWriter().printlnMessage(((StringWriter) pw).toString());
        }
    }
}
Also used : StringWriter(java.io.StringWriter) FileWriter(java.io.FileWriter) JAXBException(javax.xml.bind.JAXBException) CLIException(com.sun.identity.cli.CLIException) CertificateEncodingException(java.security.cert.CertificateEncodingException) IOException(java.io.IOException) LogWriter(com.sun.identity.cli.LogWriter) PrintWriter(java.io.PrintWriter) StringWriter(java.io.StringWriter) FileWriter(java.io.FileWriter) Writer(java.io.Writer) PrintWriter(java.io.PrintWriter)

Example 79 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class CreateMetaDataTemplate method buildIDFFConfigTemplate.

private void buildIDFFConfigTemplate() throws CLIException {
    Writer pw = null;
    try {
        boolean writeToFile = !isWebBased && (extendedData != null) && (extendedData.length() > 0);
        if (writeToFile) {
            pw = new PrintWriter(new FileWriter(extendedData));
        } else {
            pw = new StringWriter();
        }
        String xml = CreateIDFFMetaDataTemplate.createExtendedMetaTemplate(entityID, getWorkflowParamMap());
        pw.write(xml);
        if (writeToFile) {
            Object[] objs = { extendedData };
            getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("create-meta-template-created-configuration-template"), objs));
        }
    } catch (IOException ex) {
        Object[] objs = { extendedData };
        throw new CLIException(MessageFormat.format(getResourceString("cannot-write-to-file"), objs), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } finally {
        if ((pw != null) && (pw instanceof PrintWriter)) {
            ((PrintWriter) pw).close();
        } else {
            this.getOutputWriter().printlnMessage(((StringWriter) pw).toString());
        }
    }
}
Also used : StringWriter(java.io.StringWriter) FileWriter(java.io.FileWriter) CLIException(com.sun.identity.cli.CLIException) IOException(java.io.IOException) LogWriter(com.sun.identity.cli.LogWriter) PrintWriter(java.io.PrintWriter) StringWriter(java.io.StringWriter) FileWriter(java.io.FileWriter) Writer(java.io.Writer) PrintWriter(java.io.PrintWriter)

Example 80 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class CreateMetaDataTemplate method buildConfigTemplate.

private void buildConfigTemplate() throws CLIException {
    Writer pw = null;
    try {
        boolean writeToFile = !isWebBased && (extendedData != null) && (extendedData.length() > 0);
        if (writeToFile) {
            pw = new PrintWriter(new FileWriter(extendedData));
        } else {
            pw = new StringWriter();
        }
        String xml = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityID, getWorkflowParamMap(), protocol + "://" + host + ":" + port + deploymentURI);
        pw.write(xml);
        if (writeToFile) {
            Object[] objs = { extendedData };
            getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("create-meta-template-created-configuration-template"), objs));
        }
    } catch (IOException ex) {
        Object[] objs = { extendedData };
        throw new CLIException(MessageFormat.format(getResourceString("cannot-write-to-file"), objs), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } finally {
        if ((pw != null) && (pw instanceof PrintWriter)) {
            ((PrintWriter) pw).close();
        } else {
            this.getOutputWriter().printlnMessage(((StringWriter) pw).toString());
        }
    }
}
Also used : StringWriter(java.io.StringWriter) FileWriter(java.io.FileWriter) CLIException(com.sun.identity.cli.CLIException) IOException(java.io.IOException) LogWriter(com.sun.identity.cli.LogWriter) PrintWriter(java.io.PrintWriter) StringWriter(java.io.StringWriter) FileWriter(java.io.FileWriter) Writer(java.io.Writer) PrintWriter(java.io.PrintWriter)

Aggregations

CLIException (com.sun.identity.cli.CLIException)282 SSOException (com.iplanet.sso.SSOException)171 SMSException (com.sun.identity.sm.SMSException)150 IOutput (com.sun.identity.cli.IOutput)136 SSOToken (com.iplanet.sso.SSOToken)116 Set (java.util.Set)88 Iterator (java.util.Iterator)62 List (java.util.List)61 IOException (java.io.IOException)53 IdRepoException (com.sun.identity.idm.IdRepoException)48 ServiceSchema (com.sun.identity.sm.ServiceSchema)46 AMIdentity (com.sun.identity.idm.AMIdentity)43 Map (java.util.Map)42 ServiceSchemaManager (com.sun.identity.sm.ServiceSchemaManager)33 AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)29 AttributeSchema (com.sun.identity.sm.AttributeSchema)28 CLIRequest (com.sun.identity.cli.CLIRequest)27 AfterTest (org.testng.annotations.AfterTest)27 BeforeTest (org.testng.annotations.BeforeTest)27 Test (org.testng.annotations.Test)27