Example 6 with DelegationManager
use of com.sun.identity.delegation.DelegationManager in project OpenAM by OpenRock.
the class DelegationModelImpl method getSubjects.
/**
* Returns delegation subjects under a realm. Returning a set of
* universal ID of subject.
*
* @param realmName Name of realm.
* @param pattern Wildcard for matching subject name.
* @return delegation subjects under a realm.
* @throws AMConsoleException if subject universal ID cannot be obtained.
*/
public Set getSubjects(String realmName, String pattern) throws AMConsoleException {
String[] params = { realmName, pattern };
logEvent("ATTEMPT_GET_DELEGATION_SUBJECTS", params);
try {
DelegationManager mgr = new DelegationManager(getUserSSOToken(), realmName);
Set results = mgr.getSubjects(pattern);
logEvent("SUCCEED_GET_DELEGATION_SUBJECTS", params);
return (results != null) ? results : Collections.EMPTY_SET;
} catch (SSOException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, pattern, strError };
logEvent("SSO_EXCEPTION_GET_DELEGATION_SUBJECTS", params);
debug.error("DelegationModelImpl.getSubjects", e);
throw new AMConsoleException(strError);
} catch (DelegationException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, pattern, strError };
logEvent("DELEGATION_EXCEPTION_GET_DELEGATION_SUBJECTS", params);
debug.error("DelegationModelImpl.getSubjects", e);
throw new AMConsoleException(strError);
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
DelegationManager(com.sun.identity.delegation.DelegationManager)
SSOException(com.iplanet.sso.SSOException)
DelegationException(com.sun.identity.delegation.DelegationException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 7 with DelegationManager
use of com.sun.identity.delegation.DelegationManager in project OpenAM by OpenRock.
the class DelegationModelImpl method getPrivileges.
/**
* Returns a set of privileges of an identity.
*
* @param realmName Name of realm.
* @param uid Universal ID of the identity.
* @return a set of privileges of an identity.
* @throws AMConsoleException if privilege cannot be determined.
*/
public Set getPrivileges(String realmName, String uid) throws AMConsoleException {
String[] params = { realmName, uid };
logEvent("ATTEMPT_GET_PRIVILEGES_OF_DELEGATION_SUBJECT", params);
try {
DelegationManager mgr = new DelegationManager(getUserSSOToken(), realmName);
Set results = mgr.getPrivileges(uid);
logEvent("SUCCEED_GET_PRIVILEGES_OF_DELEGATION_SUBJECT", params);
return (results != null) ? results : Collections.EMPTY_SET;
} catch (SSOException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, uid, strError };
logEvent("SSO_EXCEPTION_GET_PRIVILEGES_OF_DELEGATION_SUBJECT", paramsEx);
debug.error("DelegationModelImpl.getPrivileges", e);
throw new AMConsoleException(strError);
} catch (DelegationException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, uid, strError };
logEvent("DELEGATION_EXCEPTION_GET_PRIVILEGES_OF_DELEGATION_SUBJECT", paramsEx);
debug.error("DelegationModelImpl.getPrivileges", e);
throw new AMConsoleException(strError);
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
DelegationManager(com.sun.identity.delegation.DelegationManager)
SSOException(com.iplanet.sso.SSOException)
DelegationException(com.sun.identity.delegation.DelegationException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 8 with DelegationManager
use of com.sun.identity.delegation.DelegationManager in project OpenAM by OpenRock.
the class PrivilegeXMLBuilder method getAllPrivileges.
public Set getAllPrivileges(String realm, AMModel model) {
Set privileges = null;
if (realm == null) {
realm = model.getStartDN();
}
try {
DelegationManager mgr = new DelegationManager(adminSSOToken, realm);
privileges = mgr.getConfiguredPrivilegeNames();
} catch (SSOException e) {
PropertyXMLBuilderBase.debug.error("PrivilegeXMLBuilder.getAllPrivileges", e);
} catch (DelegationException e) {
PropertyXMLBuilderBase.debug.error("PrivilegeXMLBuilder.getAllPrivileges", e);
}
return (privileges != null) ? privileges : Collections.EMPTY_SET;
}
Also used :
Set(java.util.Set)
DelegationManager(com.sun.identity.delegation.DelegationManager)
SSOException(com.iplanet.sso.SSOException)
DelegationException(com.sun.identity.delegation.DelegationException)
Example 9 with DelegationManager
use of com.sun.identity.delegation.DelegationManager in project OpenAM by OpenRock.
the class IdServicesImpl method removeIdentityFromPrivileges.
private void removeIdentityFromPrivileges(String name, IdType type, String amsdkDN, String orgName) {
SSOToken superAdminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
AMIdentity id = new AMIdentity(superAdminToken, name, type, orgName, amsdkDN);
String uid = id.getUniversalId();
try {
DelegationManager mgr = new DelegationManager(superAdminToken, orgName);
Set privilegeObjects = mgr.getPrivileges();
for (Iterator i = privilegeObjects.iterator(); i.hasNext(); ) {
DelegationPrivilege p = (DelegationPrivilege) i.next();
Set subjects = p.getSubjects();
if (subjects.contains(uid)) {
subjects.remove(uid);
mgr.addPrivilege(p);
}
}
} catch (SSOException ex) {
DEBUG.warning("IdServicesImpl.removeIdentityFromPrivileges", ex);
} catch (DelegationException ex) {
DEBUG.warning("IdServicesImpl.removeIdentityFromPrivileges", ex);
}
}
Also used :
DelegationPrivilege(com.sun.identity.delegation.DelegationPrivilege)
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
DelegationManager(com.sun.identity.delegation.DelegationManager)
AMIdentity(com.sun.identity.idm.AMIdentity)
Iterator(java.util.Iterator)
SSOException(com.iplanet.sso.SSOException)
DelegationException(com.sun.identity.delegation.DelegationException)
Example 10 with DelegationManager
use of com.sun.identity.delegation.DelegationManager in project OpenAM by OpenRock.
the class SMSMigration70 method migrateDelegationPolicies.
/**
* Migrate delegation policies to have correct policy name, resource name
* and subjects
*/
protected static void migrateDelegationPolicies(SSOToken token, String orgName) throws SSOException {
System.out.println("Migrating delegation policies for org: " + orgName);
try {
DelegationManager dm = new DelegationManager(token, orgName);
Set privileges = dm.getPrivileges();
Set newPrivileges = new HashSet();
for (Iterator items = privileges.iterator(); items.hasNext(); ) {
DelegationPrivilege dp = (DelegationPrivilege) items.next();
String name = dp.getName();
// remove the privilege
dm.removePrivilege(name);
Set permissions = dp.getPermissions();
DelegationPermission perm = null;
int index = -1;
for (Iterator perms = permissions.iterator(); perms.hasNext(); ) {
perm = (DelegationPermission) perms.next();
// change the resource name
String resource = perm.getOrganizationName();
index = resource.toLowerCase().indexOf("," + SMSEntry.getRootSuffix());
if (index != -1) {
resource = resource.substring(0, index) + "," + DNMapper.serviceDN + resource.substring(index + SMSEntry.getRootSuffix().length() + 1);
perm.setOrganizationName(resource);
}
}
// change the subject name
Set subjects = dp.getSubjects();
Set newSubjects = new HashSet();
for (Iterator ss = subjects.iterator(); ss.hasNext(); ) {
String subject = (String) ss.next();
index = subject.toLowerCase().indexOf("," + SMSEntry.getRootSuffix());
if (index != -1) {
subject = subject.substring(0, index) + "," + DNMapper.serviceDN + subject.substring(index + SMSEntry.getRootSuffix().length() + 1);
}
newSubjects.add(subject);
}
dp.setSubjects(newSubjects);
newPrivileges.add(dp);
}
// Normalized orgname to realm name
int index = orgName.toLowerCase().indexOf("," + SMSEntry.getRootSuffix());
if (index != -1) {
orgName = orgName.substring(0, index) + "," + DNMapper.serviceDN + orgName.substring(index + 1 + SMSEntry.getRootSuffix().length());
}
dm = new DelegationManager(token, orgName);
// Add the modified privileges
for (Iterator items = newPrivileges.iterator(); items.hasNext(); ) {
DelegationPrivilege dp = (DelegationPrivilege) items.next();
dm.addPrivilege(dp);
}
System.out.println("Delegation Policies for org: " + orgName + "\n" + privileges);
} catch (DelegationException de) {
System.out.println(" " + de.getMessage());
}
}
Also used :
DelegationPrivilege(com.sun.identity.delegation.DelegationPrivilege)
HashSet(java.util.HashSet)
Set(java.util.Set)
DelegationManager(com.sun.identity.delegation.DelegationManager)
Iterator(java.util.Iterator)
DelegationException(com.sun.identity.delegation.DelegationException)
DelegationPermission(com.sun.identity.delegation.DelegationPermission)
HashSet(java.util.HashSet)
Aggregations
DelegationManager (com.sun.identity.delegation.DelegationManager)11
DelegationException (com.sun.identity.delegation.DelegationException)10
Set (java.util.Set)10
SSOException (com.iplanet.sso.SSOException)9
DelegationPrivilege (com.sun.identity.delegation.DelegationPrivilege)7
Iterator (java.util.Iterator)7
HashSet (java.util.HashSet)6
SSOToken (com.iplanet.sso.SSOToken)4
AMIdentity (com.sun.identity.idm.AMIdentity)4
CLIException (com.sun.identity.cli.CLIException)3
IOutput (com.sun.identity.cli.IOutput)3
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)3
IdType (com.sun.identity.idm.IdType)3
IdRepoException (com.sun.identity.idm.IdRepoException)2
List (java.util.List)2
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)1
DelegationPermission (com.sun.identity.delegation.DelegationPermission)1
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)1
OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)1
