use of com.sun.identity.entitlement.ReferralPrivilege in project OpenAM by OpenRock.
the class OpenSSOIndexStore method search.
/**
* Search for policies.
*
* @param realm
* The realm of which the policy resides.
* @param indexes
* Policy indexes.
* @param subjectIndexes
* Subject indexes.
* @param bSubTree
* Whether in subtree mode.
* @param bReferral
* Whether there is a policy referral.
* @return An iterator of policies.
* @throws EntitlementException
* Should an error occur searching for policies.
*/
public Iterator<IPrivilege> search(String realm, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree, boolean bReferral) throws EntitlementException {
BufferedIterator iterator = (isMultiThreaded) ? new BufferedIterator() : new SimpleIterator();
// When not in subtree mode path indexes should be available.
if (!bSubTree && indexes.getPathIndexes().isEmpty()) {
return iterator;
}
// When in subtree mode parent path indexes should be available.
if (bSubTree && indexes.getParentPathIndexes().isEmpty()) {
return iterator;
}
Set setDNs = new HashSet();
if (indexCacheSize > 0) {
setDNs.addAll(searchPrivileges(indexes, subjectIndexes, bSubTree, iterator));
setDNs.addAll(searchReferrals(indexes, bSubTree, iterator));
}
if (bReferral) {
String tmp = LDAPUtils.isDN(realm) ? DNMapper.orgNameToRealmName(realm) : realm;
if (tmp.equals("/")) {
ReferralPrivilege ref = getOrgAliasReferral(indexes);
if (ref != null) {
iterator.add(ref);
}
}
}
if (indexCacheSize == 0 || isDSSearchNecessary()) {
threadPool.submit(new SearchTask(iterator, indexes, subjectIndexes, bSubTree, setDNs));
} else {
iterator.isDone();
}
return iterator;
}
use of com.sun.identity.entitlement.ReferralPrivilege in project OpenAM by OpenRock.
the class OpenSSOIndexStore method searchReferrals.
private Set<String> searchReferrals(ResourceSearchIndexes indexes, boolean bSubTree, BufferedIterator iterator) {
Set<String> setDNs = referralIndexCache.getMatchingEntries(indexes, null, bSubTree);
for (Iterator<String> i = setDNs.iterator(); i.hasNext(); ) {
String dn = (String) i.next();
ReferralPrivilege r = referralCache.getReferral(dn);
if (r != null) {
iterator.add(r);
} else {
i.remove();
}
}
return setDNs;
}
use of com.sun.identity.entitlement.ReferralPrivilege in project OpenAM by OpenRock.
the class OpenSSOIndexStore method add.
private void add(ReferralPrivilege referral) throws EntitlementException {
Subject adminSubject = getAdminSubject();
String realm = getRealm();
// clone so that canonicalized resource name will be localized.
ReferralPrivilege clone = (ReferralPrivilege) referral.clone();
clone.canonicalizeResources(adminSubject, DNMapper.orgNameToRealmName(realm));
dataStore.addReferral(adminSubject, realm, clone);
}
use of com.sun.identity.entitlement.ReferralPrivilege in project OpenAM by OpenRock.
the class DataStore method searchReferrals.
public Set<ReferralPrivilege> searchReferrals(SSOToken adminToken, String realm, String filter) throws EntitlementException {
Set<ReferralPrivilege> results = new HashSet<ReferralPrivilege>();
String baseDN = getSearchBaseDN(realm, REFERRAL_STORE);
if (SMSEntry.checkIfEntryExists(baseDN, adminToken)) {
try {
Iterator i = SMSEntry.search(adminToken, baseDN, filter, NO_LIMIT, NO_LIMIT, NOT_SORTED, NOT_SORTED, NO_EXCLUSIONS);
while (i.hasNext()) {
SMSDataEntry e = (SMSDataEntry) i.next();
ReferralPrivilege referral = ReferralPrivilege.getInstance(new JSONObject(e.getAttributeValue(SERIALIZABLE_INDEX_KEY)));
results.add(referral);
}
} catch (JSONException e) {
Object[] arg = { baseDN };
throw new EntitlementException(52, arg, e);
} catch (SMSException e) {
Object[] arg = { baseDN };
throw new EntitlementException(52, arg, e);
}
}
return results;
}
use of com.sun.identity.entitlement.ReferralPrivilege in project OpenAM by OpenRock.
the class PrivilegeUtils method policyToPrivileges.
public static void policyToPrivileges(Policy policy, Set<IPrivilege> privileges) throws SSOException, PolicyException, EntitlementException {
String policyName = policy.getName();
if (policy.isReferralPolicy()) {
Map<String, Set<String>> resources = getResources(policy);
Set<String> referredRealms = getReferrals(policy);
ReferralPrivilege rp = new ReferralPrivilege(policyName, resources, referredRealms);
rp.setDescription(policy.getDescription());
rp.setCreationDate(policy.getCreationDate());
rp.setCreatedBy(policy.getCreatedBy());
rp.setLastModifiedBy(policy.getLastModifiedBy());
rp.setLastModifiedDate(policy.getLastModifiedDate());
rp.setActive(policy.isActive());
privileges.add(rp);
} else {
Set<Entitlement> entitlements = rulesToEntitlement(policy);
EntitlementSubject eSubject = toEntitlementSubject(policy);
EntitlementCondition eCondition = toEntitlementCondition(policy);
Set<ResourceAttribute> resourceAttributesSet = toResourceAttributes(policy);
if (entitlements.size() == 1) {
privileges.add(createPrivilege(policyName, policyName, entitlements.iterator().next(), eSubject, eCondition, resourceAttributesSet, policy));
} else {
for (Entitlement e : entitlements) {
String pName = policyName + "_" + e.getName();
privileges.add(createPrivilege(pName, policyName, e, eSubject, eCondition, resourceAttributesSet, policy));
}
}
}
}
Aggregations