Example 21 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class ImportMetaData method handleSAML2Request.
private void handleSAML2Request(RequestContext rc) throws CLIException {
try {
SAML2MetaManager metaManager = new SAML2MetaManager(ssoToken);
EntityConfigElement configElt = null;
List<String> newMetaAliases = null;
if (extendedData != null) {
configElt = geEntityConfigElement();
/*
* see note at the end of this class for how we decide
* the realm value
*/
if (configElt != null && configElt.isHosted()) {
List<BaseConfigType> config = configElt.getIDPSSOConfigOrSPSSOConfigOrAuthnAuthorityConfig();
if (!config.isEmpty()) {
BaseConfigType bConfig = (BaseConfigType) config.iterator().next();
realm = SAML2MetaUtils.getRealmByMetaAlias(bConfig.getMetaAlias());
newMetaAliases = getMetaAliases(config);
}
}
}
List<String> entityIds = null;
// Load the metadata if it has been provided
if (metadata != null) {
entityIds = importSAML2Metadata(metaManager);
}
// Load the extended metadata if it has been provided
if (configElt != null) {
if (null != newMetaAliases && !newMetaAliases.isEmpty()) {
metaManager.validateMetaAliasForNewEntity(realm, newMetaAliases);
}
metaManager.createEntityConfig(realm, configElt);
}
if (entityIds != null) {
String out = (webAccess) ? "web" : metadata;
Object[] objs = { out };
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("import-entity-succeeded"), objs));
}
if (configElt != null) {
String out = (webAccess) ? "web" : extendedData;
Object[] objs = { out };
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("import-entity-succeeded"), objs));
}
if ((cot != null) && (cot.length() > 0) && (entityIds != null) && (!entityIds.isEmpty())) {
CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
for (String entityID : entityIds) {
if (!cotManager.isInCircleOfTrust(realm, cot, spec, entityID)) {
cotManager.addCircleOfTrustMember(realm, cot, spec, entityID);
}
}
}
} catch (COTException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SAML2MetaException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
CLIException(com.sun.identity.cli.CLIException)
SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager)
COTException(com.sun.identity.cot.COTException)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)
Example 22 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class ImportMetaData method validateCOT.
private void validateCOT() throws CLIException {
if ((cot != null) && (cot.length() > 0)) {
try {
CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
if (!cotManager.getAllCirclesOfTrust(realm).contains(cot)) {
String[] args = { realm, metadata, extendedData, cot, spec, getResourceString("import-entity-exception-cot-no-exist") };
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IMPORT_ENTITY", args);
throw new CLIException(getResourceString("import-entity-exception-cot-no-exist"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
} catch (COTException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
CLIException(com.sun.identity.cli.CLIException)
COTException(com.sun.identity.cot.COTException)
Example 23 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class ImportMetaData method handleWSFedRequest.
private void handleWSFedRequest(RequestContext rc) throws CLIException {
try {
String federationID = null;
List<String> newMetaAliases = null;
com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement configElt = null;
if (extendedData != null) {
configElt = getWSFedEntityConfigElement();
/*
* see note at the end of this class for how we decide
* the realm value
*/
if (configElt != null && configElt.isHosted()) {
List config = configElt.getIDPSSOConfigOrSPSSOConfig();
if (!config.isEmpty()) {
com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType bConfig = (com.sun.identity.wsfederation.jaxb.entityconfig.BaseConfigType) config.iterator().next();
realm = WSFederationMetaUtils.getRealmByMetaAlias(bConfig.getMetaAlias());
newMetaAliases = getMetaAliases(config);
}
}
}
WSFederationMetaManager metaManager = new WSFederationMetaManager(ssoToken);
if (metadata != null) {
federationID = importWSFedMetaData();
}
if (configElt != null) {
if (null != newMetaAliases && !newMetaAliases.isEmpty()) {
metaManager.validateMetaAliasForNewEntity(realm, newMetaAliases);
}
metaManager.createEntityConfig(realm, configElt);
String out = (webAccess) ? "web" : extendedData;
Object[] objs = { out };
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("import-entity-succeeded"), objs));
}
if ((cot != null) && (cot.length() > 0) && (federationID != null)) {
CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
if (!cotManager.isInCircleOfTrust(realm, cot, spec, federationID)) {
cotManager.addCircleOfTrustMember(realm, cot, spec, federationID);
}
}
} catch (COTException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (WSFederationMetaException e) {
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
WSFederationMetaManager(com.sun.identity.wsfederation.meta.WSFederationMetaManager)
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
COTException(com.sun.identity.cot.COTException)
BaseConfigType(com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType)
CLIException(com.sun.identity.cli.CLIException)
ArrayList(java.util.ArrayList)
List(java.util.List)
WSFederationMetaException(com.sun.identity.wsfederation.meta.WSFederationMetaException)
Example 24 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class ListCircleOfTrustMembers method handleRequest.
/**
* List members in a circle of trust.
*
* @param rc Request Context.
* @throws CLIException if unable to process this request.
*/
@Override
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
realm = getStringOptionValue(FedCLIConstants.ARGUMENT_REALM, "/");
cot = getStringOptionValue(FedCLIConstants.ARGUMENT_COT);
IOutput outputWriter = getOutputWriter();
spec = FederationManager.getIDFFSubCommandSpecification(rc);
String[] params = { realm, cot, spec };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_LIST_COT_MEMBERS", params);
try {
CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
Set circleOfTrusts = cotManager.getAllCirclesOfTrust(realm);
if (!circleOfTrusts.contains(cot)) {
Object[] obj = { cot };
String[] args = { realm, cot, spec, MessageFormat.format(getResourceString("list-circle-of-trust-members-cot-does-not-exists"), obj) };
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_LIST_COT_MEMBERS", args);
throw new CLIException(MessageFormat.format(getResourceString("list-circle-of-trust-members-cot-does-not-exists"), obj), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
Set members = cotManager.listCircleOfTrustMember(realm, cot, spec);
if ((members == null) || members.isEmpty()) {
Object[] obj = { cot };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("list-circle-of-trust-members-no-members"), obj));
} else {
Object[] obj = { cot };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("list-circle-of-trust-members-members"), obj));
for (Iterator i = members.iterator(); i.hasNext(); ) {
String entityId = (String) i.next();
outputWriter.printlnMessage(" " + entityId);
}
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_LIST_COT_MEMBERS", params);
} catch (COTException e) {
debugWarning("ListCircleOfTrustMembers.handleRequest", e);
String[] args = { realm, cot, spec, e.getMessage() };
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_LIST_COT_MEMBERS", args);
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
Set(java.util.Set)
IOutput(com.sun.identity.cli.IOutput)
Iterator(java.util.Iterator)
CLIException(com.sun.identity.cli.CLIException)
COTException(com.sun.identity.cot.COTException)
Example 25 with CircleOfTrustManager
use of com.sun.identity.cot.CircleOfTrustManager in project OpenAM by OpenRock.
the class ListCircleOfTrusts method handleRequest.
/**
* Lists circle of trusts.
*
* @param rc Request Context.
* @throws CLIException if unable to process this request.
*/
@Override
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
realm = getStringOptionValue(FedCLIConstants.ARGUMENT_REALM, "/");
IOutput outputWriter = getOutputWriter();
String[] params = { realm };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_LIST_COTS", params);
try {
CircleOfTrustManager cotManager = new CircleOfTrustManager(ssoToken);
Set members = cotManager.getAllCirclesOfTrust(realm);
if ((members == null) || members.isEmpty()) {
Object[] obj = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("list-circles-of-trust-no-members"), obj));
} else {
Object[] obj = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("list-circles-of-trust-members"), obj));
for (Iterator i = members.iterator(); i.hasNext(); ) {
String cot = (String) i.next();
outputWriter.printlnMessage(" " + cot);
}
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_LIST_COTS", params);
} catch (COTException e) {
debugWarning("ListCircleOfTrusts.handleRequest", e);
String[] args = { realm, e.getMessage() };
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_LIST_COTS", args);
throw new CLIException(e.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager)
Set(java.util.Set)
IOutput(com.sun.identity.cli.IOutput)
Iterator(java.util.Iterator)
CLIException(com.sun.identity.cli.CLIException)
COTException(com.sun.identity.cot.COTException)
Aggregations
CircleOfTrustManager (com.sun.identity.cot.CircleOfTrustManager)35
COTException (com.sun.identity.cot.COTException)29
Set (java.util.Set)18
CircleOfTrustDescriptor (com.sun.identity.cot.CircleOfTrustDescriptor)16
Iterator (java.util.Iterator)15
CLIException (com.sun.identity.cli.CLIException)10
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)9
HashSet (java.util.HashSet)9
List (java.util.List)9
ArrayList (java.util.ArrayList)6
IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)5
IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)5
SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)5
SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)5
HashMap (java.util.HashMap)4
Map (java.util.Map)4
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)3
CLIRequest (com.sun.identity.cli.CLIRequest)2
IOutput (com.sun.identity.cli.IOutput)2
BaseConfigType (com.sun.identity.federation.jaxb.entityconfig.BaseConfigType)2
