Example 6 with EntitlementConfiguration
use of com.sun.identity.entitlement.EntitlementConfiguration in project OpenAM by OpenRock.
the class PolicyManager method initialise.
private static void initialise() {
// Do this outside of a static block to avoid issues on container shutdown/restart
adminSubject = SubjectUtils.createSubject((SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()));
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(adminSubject, "/");
migratedToEntitlementService = ec.migratedToEntitlementService();
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
Example 7 with EntitlementConfiguration
use of com.sun.identity.entitlement.EntitlementConfiguration in project OpenAM by OpenRock.
the class SubRealmObserver method registerListener.
private static void registerListener() {
SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(SubjectUtils.createSubject(adminToken), "/");
if (ec.migratedToEntitlementService()) {
try {
ServiceConfigManager scm = new ServiceConfigManager(IdConstants.REPO_SERVICE, adminToken);
scm.addListener(new SubRealmObserver());
} catch (SMSException e) {
PrivilegeManager.debug.error("SubRealmObserver.registerListener", e);
} catch (SSOException e) {
PrivilegeManager.debug.error("SubRealmObserver.registerListener", e);
}
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SMSException(com.sun.identity.sm.SMSException)
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
SSOException(com.iplanet.sso.SSOException)
ServiceConfigManager(com.sun.identity.sm.ServiceConfigManager)
Example 8 with EntitlementConfiguration
use of com.sun.identity.entitlement.EntitlementConfiguration in project OpenAM by OpenRock.
the class EntitlementServiceTest method hasEntitlementDITs.
@Test
public void hasEntitlementDITs() {
SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(SubjectUtils.createSubject(adminToken), "/");
boolean result = ec.hasEntitlementDITs();
UnittestLog.logMessage("EntitlementServiceTest.hasEntitlementDITs: returns " + result);
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
Test(org.testng.annotations.Test)
Example 9 with EntitlementConfiguration
use of com.sun.identity.entitlement.EntitlementConfiguration in project OpenAM by OpenRock.
the class CreateXACML method ensureEntitlementServiceActive.
private void ensureEntitlementServiceActive(Subject adminSubject, String realm) throws CLIException {
// FIXME: change to use entitlementService.xacmlPrivilegEnabled()
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(adminSubject, "/");
if (!ec.migratedToEntitlementService()) {
String[] args = { realm, "ANY", "create-xacml not supported in legacy policy mode" };
debugError("CreateXACML.handleRequest(): create-xacml not supported in legacy policy mode");
writeLog(LOG_ERROR, INFO, "FAILED_CREATE_POLICY_IN_REALM", args);
throw new CLIException(getResourceString("create-xacml-not-supported-in-legacy-policy-mode"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED, "create-xacml");
}
}
Also used :
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
CLIException(com.sun.identity.cli.CLIException)
Example 10 with EntitlementConfiguration
use of com.sun.identity.entitlement.EntitlementConfiguration in project OpenAM by OpenRock.
the class DeleteXACML method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
SSOToken adminSSOToken = getAdminSSOToken();
Subject adminSubject = SubjectUtils.createSubject(adminSSOToken);
String realm = getStringOptionValue(IArgument.REALM_NAME);
// FIXME: change to use entitlementService.xacmlPrivilegEnabled()
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(adminSubject, "/");
if (!ec.migratedToEntitlementService()) {
String[] args = { realm, "ANY", "list-xacml not supported in legacy policy mode" };
debugError("DeleteXACML.handleRequest(): " + "delete-xacml not supported in legacy policy mode");
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_POLICY_IN_REALM", args);
throw new CLIException(getResourceString("delete-xacml-not-supported-in-legacy-policy-mode"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED, "delete-xacml");
}
List policyNames = (List) rc.getOption(ARGUMENT_POLICY_NAMES);
String file = getStringOptionValue(IArgument.FILE);
if (policyNames == null) {
policyNames = new ArrayList();
}
if (file != null) {
policyNames.addAll(AttributeValues.parseValues(file));
}
if (policyNames.isEmpty()) {
throw new CLIException(getResourceString("missing-policy-names"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
IOutput outputWriter = getOutputWriter();
String currentPolicyName = null;
try {
PrivilegeManager pm = PrivilegeManager.getInstance(realm, adminSubject);
String[] params = new String[2];
params[0] = realm;
for (Iterator i = policyNames.iterator(); i.hasNext(); ) {
currentPolicyName = (String) i.next();
params[1] = currentPolicyName;
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_DELETE_POLICY_IN_REALM", params);
pm.remove(currentPolicyName);
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_DELETE_POLICY_IN_REALM", params);
}
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("delete-policy-in-realm-succeed"), (Object[]) arg));
} catch (EntitlementException e) {
String[] args = { realm, currentPolicyName, e.getMessage() };
debugError("DeleteXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOToken(com.iplanet.sso.SSOToken)
IOutput(com.sun.identity.cli.IOutput)
PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager)
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
ArrayList(java.util.ArrayList)
Iterator(java.util.Iterator)
CLIException(com.sun.identity.cli.CLIException)
ArrayList(java.util.ArrayList)
List(java.util.List)
Subject(javax.security.auth.Subject)
Aggregations
EntitlementConfiguration (com.sun.identity.entitlement.EntitlementConfiguration)10
SSOToken (com.iplanet.sso.SSOToken)6
CLIException (com.sun.identity.cli.CLIException)3
SSOException (com.iplanet.sso.SSOException)2
EntitlementException (com.sun.identity.entitlement.EntitlementException)2
PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)2
IdRepoException (com.sun.identity.idm.IdRepoException)2
SMSException (com.sun.identity.sm.SMSException)2
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
HashSet (java.util.HashSet)2
Map (java.util.Map)2
Set (java.util.Set)2
Subject (javax.security.auth.Subject)2
Test (org.testng.annotations.Test)2
LDAPServiceException (com.iplanet.services.ldap.LDAPServiceException)1
IOutput (com.sun.identity.cli.IOutput)1
ConfigMonitoring (com.sun.identity.common.ConfigMonitoring)1
ConfigurationException (com.sun.identity.common.configuration.ConfigurationException)1
DirUserObject (com.sun.identity.common.configuration.ServerConfigXML.DirUserObject)1
