use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class PolicyPrivilegeManager method notifyPrivilegeChanged.
@Override
protected void notifyPrivilegeChanged(String realm, Privilege previous, Privilege current) throws EntitlementException {
Set<String> resourceNames = new HashSet<String>();
if (previous != null) {
Set<String> r = previous.getEntitlement().getResourceNames();
if (r != null) {
resourceNames.addAll(r);
}
}
Set<String> r = current.getEntitlement().getResourceNames();
if (r != null) {
resourceNames.addAll(r);
}
String applicationName = current.getEntitlement().getApplicationName();
if (PrivilegeManager.debug.messageEnabled()) {
PrivilegeManager.debug.message("PolicyPrivilegeManager.notifyPrivilegeChanged():" + "applicationName=" + applicationName + ", resources=" + resourceNames);
}
PrivilegeChangeNotifier.getInstance().notify(getAdminSubject(), realm, applicationName, current.getName(), resourceNames);
if (policyCache != null) {
// Retrieve the underlying application type to map to the legacy service type model.
final Application application = ApplicationManager.getApplication(PrivilegeManager.superAdminSubject, realm, applicationName);
if (application == null) {
throw new EntitlementException(EntitlementException.APP_RETRIEVAL_ERROR, new Object[] { realm });
}
final String serviceTypeName = application.getApplicationType().getName();
policyCache.firePrivilegeChanged(serviceTypeName, resourceNames, PolicyEvent.POLICY_MODIFIED);
}
}
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class UmaResourceSetRegistrationHook method resourceSetDeleted.
/**
* Removes the ResourceType from the Resource Server's policy application, deletes all related policies,
* then deletes the ResourceSet.
*
* @param realm {@inheritDoc}
* @param resourceSet {@inheritDoc}
*/
@Override
public void resourceSetDeleted(String realm, ResourceSetDescription resourceSet) throws ServerException {
Subject adminSubject = SubjectUtils.createSuperAdminSubject();
String resourceTypeUUID = resourceSet.getId();
try {
Application application = applicationManager.getApplication(adminSubject, realm, resourceSet.getClientId().toLowerCase());
application.removeResourceTypeUuid(resourceTypeUUID);
applicationManager.saveApplication(adminSubject, realm, application);
} catch (EntitlementException e) {
logger.error("Failed to remove Resource Type, " + resourceTypeUUID + " from application, " + resourceSet.getClientId(), e);
throw new ServerException(e);
}
policyService.deletePolicy(createAdminContext(realm, resourceSet.getResourceOwnerId()), resourceSet.getId());
try {
resourceTypeService.deleteResourceType(adminSubject, realm, resourceTypeUUID);
} catch (EntitlementException e) {
logger.error("Failed to delete Resource Type " + resourceTypeUUID, e);
throw new ServerException(e);
}
}
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class OpenSSOIndexStore method getReferredResources.
/**
* Returns a set of resources that are referred to this realm.
*
* @param applicationTypeName Application type name,
* @return a set of resources that are referred to this realm.
* @throws EntitlementException if resources cannot be returned.
*/
@Override
public Set<String> getReferredResources(String applicationTypeName) throws EntitlementException {
String realm = getRealm();
if (realm.equals("/")) {
return Collections.EMPTY_SET;
}
if (LDAPUtils.isDN(realm)) {
realm = DNMapper.orgNameToRealmName(realm);
}
SSOToken adminToken = SubjectUtils.getSSOToken(superAdminSubject);
try {
Set<String> results = new HashSet<String>();
Set<String> realms = getPeerRealms(realm);
realms.addAll(getParentRealms(realm));
String filter = "(&(ou=" + DataStore.REFERRAL_APPLS + "=" + applicationTypeName + ")(ou=" + DataStore.REFERRAL_REALMS + "=" + realm + "))";
Map<String, Set<ReferralPrivilege>> referrals = new HashMap<String, Set<ReferralPrivilege>>();
for (String rlm : realms) {
referrals.put(rlm, dataStore.searchReferrals(adminToken, rlm, filter));
}
for (String rlm : referrals.keySet()) {
Set<ReferralPrivilege> rPrivileges = referrals.get(rlm);
String realmName = LDAPUtils.isDN(rlm) ? DNMapper.orgNameToRealmName(rlm) : rlm;
for (ReferralPrivilege r : rPrivileges) {
Map<String, Set<String>> map = r.getOriginalMapApplNameToResources();
for (String a : map.keySet()) {
Application appl = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realmName, a);
if (appl.getApplicationType().getName().equals(applicationTypeName)) {
results.addAll(map.get(a));
}
}
}
}
results.addAll(getOrgAliasMappingResources(realm, applicationTypeName));
return results;
} catch (SMSException ex) {
PolicyConstants.DEBUG.error("OpenSSOIndexStore.getReferredResources", ex);
Object[] param = { realm };
throw new EntitlementException(275, param);
}
}
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class EntitlementService method addSubjectAttributeNames.
/**
* Returns subject attribute names.
*
* @param applicationName Application name.
* @param names subject attribute names.
* @throws EntitlementException if subject attribute names cannot be
* returned.
*/
public void addSubjectAttributeNames(String applicationName, Set<String> names) throws EntitlementException {
if ((names == null) || names.isEmpty()) {
return;
}
try {
SSOToken token = getSSOToken();
if (token == null) {
throw new EntitlementException(225);
}
Application appl = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realm, applicationName);
if (appl != null) {
appl.addAttributeNames(names);
}
ServiceConfig applConf = getApplicationSubConfig(token, realm, applicationName);
String parentRealm = realm;
while (applConf == null) {
parentRealm = getParentRealm(parentRealm);
if (parentRealm == null) {
break;
}
applConf = getApplicationSubConfig(token, parentRealm, applicationName);
}
if (applConf != null) {
Set<String> orig = (Set<String>) applConf.getAttributes().get(ATTR_NAME_SUBJECT_ATTR_NAMES);
if ((orig == null) || orig.isEmpty()) {
orig = new HashSet<String>();
}
orig.addAll(names);
Map<String, Set<String>> map = new HashMap<String, Set<String>>();
map.put(ATTR_NAME_SUBJECT_ATTR_NAMES, orig);
applConf.setAttributes(map);
}
} catch (SMSException ex) {
throw new EntitlementException(220, ex);
} catch (SSOException ex) {
throw new EntitlementException(220, ex);
}
}
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class EntitlementService method getApplications.
/**
* Returns a set of registered applications.
*
* @return a set of registered applications.
*/
public Set<Application> getApplications() {
final Set<Application> results = new HashSet<Application>();
try {
SSOToken token = getSSOToken();
final ServiceConfig appConfig = getApplicationConfiguration(token, realm);
if (appConfig != null) {
final Set<String> names = appConfig.getSubConfigNames();
for (String name : names) {
results.add(createApplication(appConfig, name));
}
}
} catch (EntitlementException ex) {
PolicyConstants.DEBUG.error("EntitlementService.getRawApplications", ex);
} catch (ClassCastException ex) {
PolicyConstants.DEBUG.error("EntitlementService.getRawApplications", ex);
} catch (InstantiationException ex) {
PolicyConstants.DEBUG.error("EntitlementService.getRawApplications", ex);
} catch (IllegalAccessException ex) {
PolicyConstants.DEBUG.error("EntitlementService.getRawApplications", ex);
} catch (SMSException ex) {
PolicyConstants.DEBUG.error("EntitlementService.getRawApplications", ex);
} catch (SSOException ex) {
PolicyConstants.DEBUG.error("EntitlementService.getRawApplications", ex);
}
return results;
}
Aggregations