Examples with Application com.sun.identity.entitlement.Application used on opensource projects

Search in sources :

Example 31 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class ApplicationPrivilegeBase method getApplicationResourcesMap.

protected Map<String, Set<String>> getApplicationResourcesMap(RequestContext rc, String realm) throws CLIException, EntitlementException {
    String appName = getStringOptionValue(PARAM_APPL_NAME);
    Subject subject = SubjectUtils.createSubject(getAdminSSOToken());
    Application application = ApplicationManager.getApplication(subject, realm, appName);
    if (application == null) {
        String[] param = { appName };
        throw new CLIException(MessageFormat.format(getResourceString("privilege-application-application-invalid"), (Object[]) param), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    Set<String> delResources = new HashSet<String>();
    List<String> resources = rc.getOption(PARAM_RESOURCES);
    // if resources is not provided, delegate all resources
    if ((resources == null) || resources.isEmpty()) {
        delResources.addAll(getAllBaseResources(subject, realm, application));
    } else {
        delResources.addAll(resources);
    }
    Map<String, Set<String>> map = new HashMap<String, Set<String>>();
    map.put(appName, delResources);
    return map;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) CLIException(com.sun.identity.cli.CLIException) Application(com.sun.identity.entitlement.Application) OpenSSOGroupSubject(com.sun.identity.entitlement.opensso.OpenSSOGroupSubject) Subject(javax.security.auth.Subject) OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject) HashSet(java.util.HashSet)

Example 32 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class ConfigureOAuth2 method getUrlResourceTypeId.

private String getUrlResourceTypeId(Subject adminSubject, String realm) throws EntitlementException, WorkflowException {
    Application application = ApplicationManager.getApplication(adminSubject, realm, POLICY_APPLICATION_NAME);
    if (application == null) {
        ApplicationType applicationType = ApplicationTypeManager.getAppplicationType(adminSubject, ApplicationTypeManager.URL_APPLICATION_TYPE_NAME);
        application = ApplicationManager.newApplication(POLICY_APPLICATION_NAME, applicationType);
    }
    Set<String> resourceTypeIds = application.getResourceTypeUuids();
    ResourceTypeService resourceTypeService = InjectorHolder.getInstance(ResourceTypeService.class);
    for (String id : resourceTypeIds) {
        ResourceType resourceType = resourceTypeService.getResourceType(adminSubject, realm, id);
        if (POLICY_RESOURCE_TYPE_NAME.equalsIgnoreCase(resourceType.getName())) {
            return id;
        }
    }
    QueryFilter<SmsAttribute> name = equalTo(SmsAttribute.newSearchableInstance("name"), POLICY_RESOURCE_TYPE_NAME);
    Set<ResourceType> types = resourceTypeService.getResourceTypes(name, adminSubject, realm);
    ResourceType resourceType;
    if (types == null || types.isEmpty()) {
        resourceType = ResourceType.builder().addPatterns(asSet("*://*:*/*/authorize?*")).addActions(new ImmutableMap.Builder<String, Boolean>().put("GET", true).put("POST", true).build()).setName(POLICY_RESOURCE_TYPE_NAME).setUUID(UUID.randomUUID().toString()).build();
        resourceType = resourceTypeService.saveResourceType(adminSubject, realm, resourceType);
    } else {
        resourceType = types.iterator().next();
    }
    application.addAllResourceTypeUuids(asSet(resourceType.getUUID()));
    application.setEntitlementCombiner(DenyOverride.class);
    ApplicationManager.saveApplication(adminSubject, realm, application);
    return resourceType.getUUID();
}
Also used : ApplicationType(com.sun.identity.entitlement.ApplicationType) SmsAttribute(org.forgerock.openam.entitlement.configuration.SmsAttribute) ResourceType(org.forgerock.openam.entitlement.ResourceType) ResourceTypeService(org.forgerock.openam.entitlement.service.ResourceTypeService) Application(com.sun.identity.entitlement.Application)

Example 33 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class PrivilegeUtils method referralPrivilegeToPolicy.

public static Policy referralPrivilegeToPolicy(String realm, ReferralPrivilege referralPrivilege) throws PolicyException, SSOException, EntitlementException {
    Policy policy = new Policy(referralPrivilege.getName(), referralPrivilege.getDescription(), true);
    SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
    javax.security.auth.Subject adminSubject = SubjectUtils.createSubject(adminToken);
    PolicyManager pm = new PolicyManager(adminToken, realm);
    ReferralTypeManager rm = pm.getReferralTypeManager();
    policy.setCreatedBy(referralPrivilege.getCreatedBy());
    policy.setCreationDate(referralPrivilege.getCreationDate());
    policy.setLastModifiedBy(referralPrivilege.getLastModifiedBy());
    policy.setLastModifiedDate(referralPrivilege.getLastModifiedDate());
    int count = 1;
    for (String r : referralPrivilege.getRealms()) {
        Referral referral = rm.getReferral("SubOrgReferral");
        Set<String> tmp = new HashSet<String>();
        tmp.add(r);
        referral.setValues(tmp);
        policy.addReferral("referral" + count++, referral);
    }
    Map<String, Set<String>> map = referralPrivilege.getOriginalMapApplNameToResources();
    count = 1;
    String realmName = LDAPUtils.isDN(realm) ? DNMapper.orgNameToRealmName(realm) : realm;
    for (String appName : map.keySet()) {
        Set<String> res = map.get(appName);
        Application application = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realmName, appName);
        if (application == null) {
            Object[] params = { appName, realm };
            throw new EntitlementException(105, params);
        }
        String serviceName = application.getApplicationType().getName();
        for (String r : res) {
            Rule rule = new Rule("rule" + count++, serviceName, r, Collections.EMPTY_MAP);
            rule.setApplicationName(appName);
            policy.addRule(rule);
        }
    }
    return policy;
}
Also used : Policy(com.sun.identity.policy.Policy) ReferralTypeManager(com.sun.identity.policy.ReferralTypeManager) PolicyManager(com.sun.identity.policy.PolicyManager) SSOToken(com.iplanet.sso.SSOToken) HashSet(java.util.HashSet) Set(java.util.Set) EntitlementException(com.sun.identity.entitlement.EntitlementException) Referral(com.sun.identity.policy.interfaces.Referral) Rule(com.sun.identity.policy.Rule) Application(com.sun.identity.entitlement.Application) HashSet(java.util.HashSet)

Example 34 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class UmaPolicyApplicationListener method createApplication.

private void createApplication(String realm, String resourceServerId) {
    Subject adminSubject = SubjectUtils.createSuperAdminSubject();
    try {
        Application application = applicationManager.getApplication(adminSubject, realm, resourceServerId);
        if (application == null) {
            ApplicationType applicationType = applicationTypeManagerWrapper.getApplicationType(adminSubject, UmaConstants.UMA_POLICY_APPLICATION_TYPE);
            application = new Application(resourceServerId, applicationType);
            application.setEntitlementCombiner(DenyOverride.class);
            applicationManager.saveApplication(adminSubject, realm, application);
        }
    } catch (EntitlementException e) {
        logger.error("Failed to create policy application", e);
    }
}
Also used : ApplicationType(com.sun.identity.entitlement.ApplicationType) EntitlementException(com.sun.identity.entitlement.EntitlementException) Application(com.sun.identity.entitlement.Application) Subject(javax.security.auth.Subject)

Example 35 with Application

use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.

the class UmaResourceSetRegistrationHook method resourceSetCreated.

/**
     * Creates a ResourceType for the Resource Set and adds it to the Resource Server's policy Application.
     *
     * @param realm {@inheritDoc}
     * @param resourceSet {@inheritDoc}
     */
@Override
public void resourceSetCreated(String realm, ResourceSetDescription resourceSet) throws ServerException {
    Map<String, Boolean> resourceTypeActions = new HashMap<String, Boolean>();
    for (String umaScope : resourceSet.getScopes()) {
        resourceTypeActions.put(umaScope, Boolean.TRUE);
    }
    ResourceType resourceType = ResourceType.builder().setName(resourceSet.getName() + " - " + resourceSet.getId()).setUUID(resourceSet.getId()).setDescription("Dynamically created resource type for the UMA resource set. " + "Used to find all Policy Engine Policies that make up an UMA Policy").setActions(resourceTypeActions).addPattern(UmaConstants.UMA_POLICY_SCHEME_PATTERN).build();
    Subject adminSubject = SubjectUtils.createSuperAdminSubject();
    try {
        resourceTypeService.saveResourceType(adminSubject, realm, resourceType);
    } catch (EntitlementException e) {
        logger.error("Failed to create resource type for resource set, {}", resourceSet, e);
        throw new ServerException(e);
    }
    try {
        Application application = applicationManager.getApplication(adminSubject, realm, resourceSet.getClientId().toLowerCase());
        application.addResourceTypeUuid(resourceType.getUUID());
        applicationManager.saveApplication(adminSubject, realm, application);
    } catch (EntitlementException e) {
        logger.error("Failed to add Resource Type, " + resourceType.getUUID() + " to application, " + resourceSet.getClientId(), e);
        throw new ServerException(e);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) ServerException(org.forgerock.oauth2.core.exceptions.ServerException) HashMap(java.util.HashMap) ResourceType(org.forgerock.openam.entitlement.ResourceType) Application(com.sun.identity.entitlement.Application) Subject(javax.security.auth.Subject)

Aggregations

Application (com.sun.identity.entitlement.Application)65 EntitlementException (com.sun.identity.entitlement.EntitlementException)37 Subject (javax.security.auth.Subject)29 ResourceResponse (org.forgerock.json.resource.ResourceResponse)22 Test (org.testng.annotations.Test)22 HashSet (java.util.HashSet)20 JsonValue (org.forgerock.json.JsonValue)18 Set (java.util.Set)16 ResourceException (org.forgerock.json.resource.ResourceException)16 RealmContext (org.forgerock.openam.rest.RealmContext)16 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)16 HashMap (java.util.HashMap)15 ClientContext (org.forgerock.services.context.ClientContext)13 Context (org.forgerock.services.context.Context)13 Matchers.anyString (org.mockito.Matchers.anyString)13 UpgradeException (org.forgerock.openam.upgrade.UpgradeException)10 UpdateRequest (org.forgerock.json.resource.UpdateRequest)9 ApplicationWrapper (org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper)9 Map (java.util.Map)8 BadRequestException (org.forgerock.json.resource.BadRequestException)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial