Example 16 with ApplicationPrivilege
use of com.sun.identity.entitlement.ApplicationPrivilege in project OpenAM by OpenRock.
the class OpenSSOApplicationPrivilegeManager method toApplicationPrivilege.
private ApplicationPrivilege toApplicationPrivilege(Privilege p) throws EntitlementException {
ApplicationPrivilege ap = new ApplicationPrivilege(p.getName());
ap.setDescription(p.getDescription());
ap.setCreatedBy(p.getCreatedBy());
ap.setCreationDate(p.getCreationDate());
ap.setLastModifiedBy(p.getLastModifiedBy());
ap.setLastModifiedDate(p.getLastModifiedDate());
Entitlement ent = p.getEntitlement();
Set<String> resourceNames = ent.getResourceNames();
Map<String, Set<String>> mapAppToRes = getApplicationPrivilegeResourceNames(resourceNames);
ap.setApplicationResources(mapAppToRes);
ap.setActionValues(getActionValues(ent.getActionValues()));
Set<SubjectImplementation> subjects = new HashSet<SubjectImplementation>();
if (p.getSubject() instanceof OrSubject) {
OrSubject orSubject = (OrSubject) p.getSubject();
for (EntitlementSubject es : orSubject.getESubjects()) {
if (es instanceof SubjectImplementation) {
subjects.add((SubjectImplementation) es);
}
}
} else if (p.getSubject() instanceof SubjectImplementation) {
subjects.add((SubjectImplementation) p.getSubject());
}
ap.setSubject(subjects);
EntitlementCondition cond = p.getCondition();
if (cond instanceof SimpleTimeCondition) {
ap.setCondition(cond);
}
return ap;
}
Also used :
EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition)
HashSet(java.util.HashSet)
Set(java.util.Set)
SimpleTimeCondition(org.forgerock.openam.entitlement.conditions.environment.SimpleTimeCondition)
OrSubject(com.sun.identity.entitlement.OrSubject)
EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject)
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
SubjectImplementation(com.sun.identity.entitlement.SubjectImplementation)
Entitlement(com.sun.identity.entitlement.Entitlement)
HashSet(java.util.HashSet)
Example 17 with ApplicationPrivilege
use of com.sun.identity.entitlement.ApplicationPrivilege in project OpenAM by OpenRock.
the class OpenSSOApplicationPrivilegeManager method addPrivilege.
public void addPrivilege(ApplicationPrivilege appPrivilege) throws EntitlementException {
validatePrivilege(appPrivilege);
Privilege[] privileges = toPrivilege(appPrivilege);
PrivilegeManager pm = PrivilegeManager.getInstance(getHiddenRealmDN(), dsameUserSubject);
for (Privilege p : privileges) {
pm.add(p);
}
cachePrivilege(privileges[0]);
}
Also used :
ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager)
PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager)
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
Example 18 with ApplicationPrivilege
use of com.sun.identity.entitlement.ApplicationPrivilege in project OpenAM by OpenRock.
the class RealmRemovedTest method createApplicationPrivilege.
private void createApplicationPrivilege() throws EntitlementException {
ApplicationPrivilegeManager mgr = ApplicationPrivilegeManager.getInstance(SUB_REALM1, SubjectUtils.createSubject(adminToken));
ApplicationPrivilege ap = new ApplicationPrivilege(APP_PRIVILEGE_NAME);
OpenSSOUserSubject sbj = new OpenSSOUserSubject();
sbj.setID("ou=dummy,ou=user,dc=openam,dc=forgerock,dc=org");
Set<SubjectImplementation> subjects = new HashSet<SubjectImplementation>();
subjects.add(sbj);
ap.setSubject(subjects);
Map<String, Set<String>> appRes = new HashMap<String, Set<String>>();
Set<String> res = new HashSet<String>();
appRes.put(ApplicationTypeManager.URL_APPLICATION_TYPE_NAME, res);
res.add("http://www.RealmRemovedTest.com/*");
ap.setApplicationResources(appRes);
ap.setActionValues(ApplicationPrivilege.PossibleAction.READ_MODIFY_DELEGATE);
mgr.addPrivilege(ap);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager)
SubjectImplementation(com.sun.identity.entitlement.SubjectImplementation)
HashSet(java.util.HashSet)
Example 19 with ApplicationPrivilege
use of com.sun.identity.entitlement.ApplicationPrivilege in project OpenAM by OpenRock.
the class ApplicationPrivilegeCLITest method addSubjects.
@Test(dependsOnMethods = "setSubjects")
public void addSubjects() throws Exception {
String[] args = new String[10];
args[0] = "update-app-priv-subjects";
args[1] = CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME;
args[2] = "/";
args[3] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_NAME;
args[4] = PRIVILEGE_NAME;
args[5] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_SUBJECT_TYPE;
args[6] = ApplicationPrivilegeBase.PARAM_SUBJECT_USER;
args[7] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_SUBJECTS;
args[8] = user1.getUniversalId();
args[9] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_ADD;
CLIRequest req = new CLIRequest(null, args, adminToken);
cmdManager.addToRequestQueue(req);
cmdManager.serviceRequestQueue();
ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance("/", adminSubject);
ApplicationPrivilege ap = apm.getPrivilege(PRIVILEGE_NAME);
Set<AMIdentity> users = new HashSet<AMIdentity>();
users.add(user1);
users.add(user2);
validateSubjects(ap, users, "setSubjects");
}
Also used :
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
AMIdentity(com.sun.identity.idm.AMIdentity)
CLIRequest(com.sun.identity.cli.CLIRequest)
ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
Example 20 with ApplicationPrivilege
use of com.sun.identity.entitlement.ApplicationPrivilege in project OpenAM by OpenRock.
the class ApplicationPrivilegeCLITest method addResources.
@Test(dependsOnMethods = "setResources")
public void addResources() throws Exception {
String[] args = new String[10];
args[0] = "update-app-priv-resources";
args[1] = CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME;
args[2] = "/";
args[3] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_NAME;
args[4] = PRIVILEGE_NAME;
args[5] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_APPL_NAME;
args[6] = ApplicationTypeManager.URL_APPLICATION_TYPE_NAME;
args[7] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_RESOURCES;
args[8] = "http://www.example3.com";
args[9] = CLIConstants.PREFIX_ARGUMENT_LONG + ApplicationPrivilegeBase.PARAM_ADD;
CLIRequest req = new CLIRequest(null, args, adminToken);
cmdManager.addToRequestQueue(req);
cmdManager.serviceRequestQueue();
ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance("/", adminSubject);
ApplicationPrivilege ap = apm.getPrivilege(PRIVILEGE_NAME);
Set<String> resources = new HashSet<String>();
resources.add("http://www.example1.com");
resources.add("http://www.example2.com");
resources.add("http://www.example3.com");
validateResources(ap, resources, "setResources");
}
Also used :
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
CLIRequest(com.sun.identity.cli.CLIRequest)
ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager)
HashSet(java.util.HashSet)
Test(org.testng.annotations.Test)
Aggregations
ApplicationPrivilege (com.sun.identity.entitlement.ApplicationPrivilege)21
ApplicationPrivilegeManager (com.sun.identity.entitlement.ApplicationPrivilegeManager)19
EntitlementException (com.sun.identity.entitlement.EntitlementException)12
HashSet (java.util.HashSet)10
CLIRequest (com.sun.identity.cli.CLIRequest)9
Test (org.testng.annotations.Test)9
CLIException (com.sun.identity.cli.CLIException)7
Subject (javax.security.auth.Subject)7
SubjectImplementation (com.sun.identity.entitlement.SubjectImplementation)6
Set (java.util.Set)5
AMIdentity (com.sun.identity.idm.AMIdentity)4
SSOException (com.iplanet.sso.SSOException)3
IPrivilege (com.sun.identity.entitlement.IPrivilege)3
Privilege (com.sun.identity.entitlement.Privilege)3
ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)3
IdRepoException (com.sun.identity.idm.IdRepoException)3
Entitlement (com.sun.identity.entitlement.Entitlement)2
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)2
OrSubject (com.sun.identity.entitlement.OrSubject)2
PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)2
