Examples with PrivilegeManager com.sun.identity.entitlement.PrivilegeManager used on opensource projects

Search in sources :

Example 11 with PrivilegeManager

use of com.sun.identity.entitlement.PrivilegeManager in project OpenAM by OpenRock.

the class PrivilegeResource method privileges.

@GET
@Produces("application/json")
public String privileges(@Context HttpHeaders headers, @Context HttpServletRequest request, @QueryParam("realm") @DefaultValue("/") String realm, @QueryParam("filter") List filters) {
    try {
        Subject caller = getCaller(request);
        PrivilegeManager pm = PrivilegeManager.getInstance(realm, caller);
        Set<String> privilegeNames = pm.searchNames(getFilters(filters));
        JSONObject jo = new JSONObject();
        jo.put(RESULT, privilegeNames);
        return createResponseJSONString(200, headers, jo);
    } catch (JSONException e) {
        PrivilegeManager.debug.error("PrivilegeResource.privileges", e);
        throw getWebApplicationException(e, MimeType.JSON);
    } catch (RestException e) {
        PrivilegeManager.debug.error("PrivilegeResource.privileges", e);
        throw getWebApplicationException(headers, e, MimeType.JSON);
    } catch (EntitlementException e) {
        PrivilegeManager.debug.error("PrivilegeResource.privileges", e);
        throw getWebApplicationException(headers, e, MimeType.JSON);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) JSONObject(org.json.JSONObject) PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager) RestException(com.sun.identity.rest.RestException) JSONException(org.json.JSONException) Subject(javax.security.auth.Subject) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 12 with PrivilegeManager

use of com.sun.identity.entitlement.PrivilegeManager in project OpenAM by OpenRock.

the class ListXACML method getPolicyNames.

/**
     * Indicates the names of the Privileges that match both the Realm and Search Filters
     * provided.
     *
     * @throws CLIException If there was an unexpected error.
     */
private void getPolicyNames() throws CLIException {
    String currentPrivilegeName = null;
    try {
        PrivilegeManager pm = PrivilegeManager.getInstance(realm, adminSubject);
        String[] parameters = new String[1];
        parameters[0] = realm;
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_TO_GET_POLICY_NAMES_IN_REALM", parameters);
        Set<SearchFilter> filterSet = getFilters(filters);
        Set<String> privilegeNames = pm.searchNames(filterSet);
        if ((privilegeNames != null) && !privilegeNames.isEmpty()) {
            FileOutputStream fout = null;
            PrintWriter pwout = null;
            if (outfile != null) {
                try {
                    fout = new FileOutputStream(outfile, true);
                    pwout = new PrintWriter(fout, true);
                } catch (FileNotFoundException e) {
                    debugError("ListXACML.handleXACMLPolicyRequest", e);
                    try {
                        if (fout != null) {
                            fout.close();
                        }
                    } catch (IOException ex) {
                    //do nothing
                    }
                    throw new CLIException(e, ExitCodes.IO_EXCEPTION);
                } catch (SecurityException e) {
                    debugError("ListXACML.handleXACMLPolicyRequest", e);
                    try {
                        if (fout != null) {
                            fout.close();
                        }
                    } catch (IOException ex) {
                    //do nothing
                    }
                    throw new CLIException(e, ExitCodes.IO_EXCEPTION);
                }
            }
            String[] params = new String[2];
            params[0] = realm;
            StringBuilder buff = new StringBuilder();
            for (Iterator i = privilegeNames.iterator(); i.hasNext(); ) {
                currentPrivilegeName = (String) i.next();
                buff.append(currentPrivilegeName).append("\n");
            }
            if (pwout != null) {
                pwout.write(buff.toString());
            } else {
                outputWriter.printlnMessage(buff.toString());
            }
            if (pwout != null) {
                try {
                    pwout.close();
                    fout.close();
                } catch (IOException e) {
                //do nothing
                }
            }
        } else {
            String[] arg = { realm };
            outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-names-in-realm-no-policies"), (Object[]) arg));
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "GOT_POLICY_NAMES_IN_REALM", parameters);
        String[] arg = { realm };
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-names-in-realm-succeed"), (Object[]) arg));
    } catch (EntitlementException e) {
        String[] args = { realm, currentPrivilegeName, e.getMessage() };
        debugError("ListXACML.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_NAMES_IN_REALM", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager) FileNotFoundException(java.io.FileNotFoundException) SearchFilter(com.sun.identity.entitlement.util.SearchFilter) IOException(java.io.IOException) EntitlementException(com.sun.identity.entitlement.EntitlementException) FileOutputStream(java.io.FileOutputStream) Iterator(java.util.Iterator) CLIException(com.sun.identity.cli.CLIException) PrintWriter(java.io.PrintWriter)

Example 13 with PrivilegeManager

use of com.sun.identity.entitlement.PrivilegeManager in project OpenAM by OpenRock.

the class DeleteXACML method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    ldapLogin();
    SSOToken adminSSOToken = getAdminSSOToken();
    Subject adminSubject = SubjectUtils.createSubject(adminSSOToken);
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    // FIXME: change to use entitlementService.xacmlPrivilegEnabled()
    EntitlementConfiguration ec = EntitlementConfiguration.getInstance(adminSubject, "/");
    if (!ec.migratedToEntitlementService()) {
        String[] args = { realm, "ANY", "list-xacml not supported in  legacy policy mode" };
        debugError("DeleteXACML.handleRequest(): " + "delete-xacml not supported in  legacy policy mode");
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_POLICY_IN_REALM", args);
        throw new CLIException(getResourceString("delete-xacml-not-supported-in-legacy-policy-mode"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED, "delete-xacml");
    }
    List policyNames = (List) rc.getOption(ARGUMENT_POLICY_NAMES);
    String file = getStringOptionValue(IArgument.FILE);
    if (policyNames == null) {
        policyNames = new ArrayList();
    }
    if (file != null) {
        policyNames.addAll(AttributeValues.parseValues(file));
    }
    if (policyNames.isEmpty()) {
        throw new CLIException(getResourceString("missing-policy-names"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    IOutput outputWriter = getOutputWriter();
    String currentPolicyName = null;
    try {
        PrivilegeManager pm = PrivilegeManager.getInstance(realm, adminSubject);
        String[] params = new String[2];
        params[0] = realm;
        for (Iterator i = policyNames.iterator(); i.hasNext(); ) {
            currentPolicyName = (String) i.next();
            params[1] = currentPolicyName;
            writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_DELETE_POLICY_IN_REALM", params);
            pm.remove(currentPolicyName);
            writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_DELETE_POLICY_IN_REALM", params);
        }
        String[] arg = { realm };
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("delete-policy-in-realm-succeed"), (Object[]) arg));
    } catch (EntitlementException e) {
        String[] args = { realm, currentPolicyName, e.getMessage() };
        debugError("DeleteXACML.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_POLICY_IN_REALM", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) SSOToken(com.iplanet.sso.SSOToken) IOutput(com.sun.identity.cli.IOutput) PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager) EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) CLIException(com.sun.identity.cli.CLIException) ArrayList(java.util.ArrayList) List(java.util.List) Subject(javax.security.auth.Subject)

Example 14 with PrivilegeManager

use of com.sun.identity.entitlement.PrivilegeManager in project OpenAM by OpenRock.

the class OpenSSOApplicationPrivilegeManager method removePrivilege.

public void removePrivilege(String name) throws EntitlementException {
    if (isDsameUser() || delegatables.hasPrivilege(name)) {
        PrivilegeManager pm = PrivilegeManager.getInstance(getHiddenRealmDN(), dsameUserSubject);
        pm.remove(name);
        pm.remove(GHOST_PRIVILEGE_NAME_PREFIX + name);
        readables.removePrivilege(name);
        modifiables.removePrivilege(name);
        delegatables.removePrivilege(name);
    } else {
        throw new EntitlementException(326);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager) PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager)

Example 15 with PrivilegeManager

use of com.sun.identity.entitlement.PrivilegeManager in project OpenAM by OpenRock.

the class OpenSSOApplicationPrivilegeManager method addPrivilege.

public void addPrivilege(ApplicationPrivilege appPrivilege) throws EntitlementException {
    validatePrivilege(appPrivilege);
    Privilege[] privileges = toPrivilege(appPrivilege);
    PrivilegeManager pm = PrivilegeManager.getInstance(getHiddenRealmDN(), dsameUserSubject);
    for (Privilege p : privileges) {
        pm.add(p);
    }
    cachePrivilege(privileges[0]);
}
Also used : ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager) PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager) ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege) IPrivilege(com.sun.identity.entitlement.IPrivilege) Privilege(com.sun.identity.entitlement.Privilege) ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)

Aggregations

PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)31 Privilege (com.sun.identity.entitlement.Privilege)17 EntitlementException (com.sun.identity.entitlement.EntitlementException)13 HashMap (java.util.HashMap)8 Subject (javax.security.auth.Subject)8 SSOToken (com.iplanet.sso.SSOToken)6 Entitlement (com.sun.identity.entitlement.Entitlement)6 EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)6 AfterClass (org.testng.annotations.AfterClass)6 IPrivilege (com.sun.identity.entitlement.IPrivilege)5 RestException (com.sun.identity.rest.RestException)5 Produces (javax.ws.rs.Produces)5 AuthenticatedUsers (org.forgerock.openam.entitlement.conditions.subject.AuthenticatedUsers)5 JSONException (org.json.JSONException)5 ApplicationPrivilegeManager (com.sun.identity.entitlement.ApplicationPrivilegeManager)4 HashSet (java.util.HashSet)4 Cookie (javax.ws.rs.core.Cookie)4 BeforeClass (org.testng.annotations.BeforeClass)4 ApplicationPrivilege (com.sun.identity.entitlement.ApplicationPrivilege)3 ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial