Example 96 with EntitlementException
use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.
the class PolicyResponseProvider method getResponseProvider.
/**
* Constructs a legacy response provider based on the information in this adapter.
*
* @return the legacy response provider
* @throws EntitlementException if an error occurs constructing the response provider.
*/
@JsonIgnore
public ResponseProvider getResponseProvider() throws EntitlementException {
try {
ResponseProvider rp = Class.forName(className).asSubclass(ResponseProvider.class).newInstance();
Map<String, Set<String>> properties = new HashMap<String, Set<String>>();
properties.put(propertyName, propertyValues);
rp.setProperties(properties);
return rp;
} catch (Exception ex) {
throw new EntitlementException(510, ex);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
ResponseProvider(com.sun.identity.policy.interfaces.ResponseProvider)
JSONException(org.json.JSONException)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOException(com.iplanet.sso.SSOException)
PolicyException(com.sun.identity.policy.PolicyException)
JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore)
Example 97 with EntitlementException
use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.
the class PolicyResponseProvider method evaluate.
/**
* Called by the entitlements framework to fetch its resource attributes;
* cascades the call through to the configured response provider implementation
*
* @param adminSubject The admin user executing the policy eval
* @param realm The realm of the policy eval
* @param subject The user who is subject to the policy eval
* @param resourceName The resource name of the policy eval
* @param environment environment map from the policy eval client
* @return The attributes (only one since resource attributes are singled)
* @throws EntitlementException
*/
public Map<String, Set<String>> evaluate(Subject adminSubject, String realm, Subject subject, String resourceName, Map<String, Set<String>> environment) throws EntitlementException {
try {
ResponseProvider rp = getResponseProvider();
SSOToken token = (subject != null) ? getSSOToken(subject) : null;
Map<String, Set<String>> result = rp.getResponseDecision(token, environment);
return result;
} catch (SSOException ex) {
throw new EntitlementException(510, ex);
} catch (PolicyException ex) {
throw new EntitlementException(510, ex);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
HashSet(java.util.HashSet)
PolicyException(com.sun.identity.policy.PolicyException)
ResponseProvider(com.sun.identity.policy.interfaces.ResponseProvider)
SSOException(com.iplanet.sso.SSOException)
Example 98 with EntitlementException
use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.
the class OpenSSOIndexStore method getReferredResources.
/**
* Returns a set of resources that are referred to this realm.
*
* @param applicationTypeName Application type name,
* @return a set of resources that are referred to this realm.
* @throws EntitlementException if resources cannot be returned.
*/
@Override
public Set<String> getReferredResources(String applicationTypeName) throws EntitlementException {
String realm = getRealm();
if (realm.equals("/")) {
return Collections.EMPTY_SET;
}
if (LDAPUtils.isDN(realm)) {
realm = DNMapper.orgNameToRealmName(realm);
}
SSOToken adminToken = SubjectUtils.getSSOToken(superAdminSubject);
try {
Set<String> results = new HashSet<String>();
Set<String> realms = getPeerRealms(realm);
realms.addAll(getParentRealms(realm));
String filter = "(&(ou=" + DataStore.REFERRAL_APPLS + "=" + applicationTypeName + ")(ou=" + DataStore.REFERRAL_REALMS + "=" + realm + "))";
Map<String, Set<ReferralPrivilege>> referrals = new HashMap<String, Set<ReferralPrivilege>>();
for (String rlm : realms) {
referrals.put(rlm, dataStore.searchReferrals(adminToken, rlm, filter));
}
for (String rlm : referrals.keySet()) {
Set<ReferralPrivilege> rPrivileges = referrals.get(rlm);
String realmName = LDAPUtils.isDN(rlm) ? DNMapper.orgNameToRealmName(rlm) : rlm;
for (ReferralPrivilege r : rPrivileges) {
Map<String, Set<String>> map = r.getOriginalMapApplNameToResources();
for (String a : map.keySet()) {
Application appl = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realmName, a);
if (appl.getApplicationType().getName().equals(applicationTypeName)) {
results.addAll(map.get(a));
}
}
}
}
results.addAll(getOrgAliasMappingResources(realm, applicationTypeName));
return results;
} catch (SMSException ex) {
PolicyConstants.DEBUG.error("OpenSSOIndexStore.getReferredResources", ex);
Object[] param = { realm };
throw new EntitlementException(275, param);
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
SMSException(com.sun.identity.sm.SMSException)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
Application(com.sun.identity.entitlement.Application)
HashSet(java.util.HashSet)
Example 99 with EntitlementException
use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.
the class EntitlementService method storeApplicationType.
/**
* Stores the application type to data store.
*
* @param applicationType Application type object.
* @throws EntitlementException if application type cannot be stored.
*/
public void storeApplicationType(ApplicationType applicationType) throws EntitlementException {
try {
SSOToken token = SubjectUtils.getSSOToken(getAdminSubject());
if (token == null) {
Object[] arg = { applicationType.getName() };
throw new EntitlementException(246, arg);
}
ServiceConfig conf = getApplicationTypeCollectionConfig(token);
if (conf != null) {
ServiceConfig sc = conf.getSubConfig(applicationType.getName());
if (sc == null) {
conf.addSubConfig(applicationType.getName(), EntitlementUtils.APPLICATION_TYPE, 0, getApplicationTypeData(applicationType));
} else {
sc.setAttributes(getApplicationTypeData(applicationType));
}
}
} catch (SMSException ex) {
Object[] arg = { applicationType.getName() };
throw new EntitlementException(241, arg, ex);
} catch (SSOException ex) {
Object[] arg = { applicationType.getName() };
throw new EntitlementException(241, arg, ex);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOToken(com.iplanet.sso.SSOToken)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
Example 100 with EntitlementException
use of com.sun.identity.entitlement.EntitlementException in project OpenAM by OpenRock.
the class EntitlementService method addSubjectAttributeNames.
/**
* Returns subject attribute names.
*
* @param applicationName Application name.
* @param names subject attribute names.
* @throws EntitlementException if subject attribute names cannot be
* returned.
*/
public void addSubjectAttributeNames(String applicationName, Set<String> names) throws EntitlementException {
if ((names == null) || names.isEmpty()) {
return;
}
try {
SSOToken token = getSSOToken();
if (token == null) {
throw new EntitlementException(225);
}
Application appl = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realm, applicationName);
if (appl != null) {
appl.addAttributeNames(names);
}
ServiceConfig applConf = getApplicationSubConfig(token, realm, applicationName);
String parentRealm = realm;
while (applConf == null) {
parentRealm = getParentRealm(parentRealm);
if (parentRealm == null) {
break;
}
applConf = getApplicationSubConfig(token, parentRealm, applicationName);
}
if (applConf != null) {
Set<String> orig = (Set<String>) applConf.getAttributes().get(ATTR_NAME_SUBJECT_ATTR_NAMES);
if ((orig == null) || orig.isEmpty()) {
orig = new HashSet<String>();
}
orig.addAll(names);
Map<String, Set<String>> map = new HashMap<String, Set<String>>();
map.put(ATTR_NAME_SUBJECT_ATTR_NAMES, orig);
applConf.setAttributes(map);
}
} catch (SMSException ex) {
throw new EntitlementException(220, ex);
} catch (SSOException ex) {
throw new EntitlementException(220, ex);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOToken(com.iplanet.sso.SSOToken)
HashSet(java.util.HashSet)
Set(java.util.Set)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
HashMap(java.util.HashMap)
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
Application(com.sun.identity.entitlement.Application)
Aggregations
EntitlementException (com.sun.identity.entitlement.EntitlementException)221
Subject (javax.security.auth.Subject)68
HashSet (java.util.HashSet)58
SSOException (com.iplanet.sso.SSOException)51
Set (java.util.Set)50
SSOToken (com.iplanet.sso.SSOToken)47
SMSException (com.sun.identity.sm.SMSException)45
Application (com.sun.identity.entitlement.Application)37
Test (org.testng.annotations.Test)37
HashMap (java.util.HashMap)34
ResourceException (org.forgerock.json.resource.ResourceException)33
ResourceResponse (org.forgerock.json.resource.ResourceResponse)32
Privilege (com.sun.identity.entitlement.Privilege)22
JsonValue (org.forgerock.json.JsonValue)19
JSONException (org.json.JSONException)19
CLIException (com.sun.identity.cli.CLIException)18
ApplicationPrivilegeManager (com.sun.identity.entitlement.ApplicationPrivilegeManager)17
ServiceConfig (com.sun.identity.sm.ServiceConfig)17
ResourceType (org.forgerock.openam.entitlement.ResourceType)17
PolicyException (com.sun.identity.policy.PolicyException)16
