use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class AMModelBase method getSupportedEntityTypes.
/**
* Returns a map of suppported entity type to its localized name.
*
* @param realmName Name of Realm.
* @return a map of suppported entity type to its localized name.
*/
public Map getSupportedEntityTypes(String realmName) {
Map map = null;
if (realmName == null) {
realmName = "/";
}
try {
SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
AMIdentityRepository repo = new AMIdentityRepository(adminToken, realmName);
Set supportedTypes = repo.getSupportedIdTypes();
map = new HashMap(supportedTypes.size() * 2);
for (Iterator iter = supportedTypes.iterator(); iter.hasNext(); ) {
IdType type = (IdType) iter.next();
if ((!type.equals(IdType.AGENTONLY) && !type.equals(IdType.AGENTGROUP) && !type.equals(IdType.AGENT)) || (type.equals(IdType.AGENT) && (svcRevisionNumber < 30))) {
// add the "Agent" tab only if revision number of
// sunIdentityRepository service is less than 30.
// This is for backward compatibility to support
// this scenerio : OpenSSO 8.0 server against
// AM 7.x existing DIT (Coexistence).
map.put(type.getName(), getLocalizedString(type.getName()));
}
}
} catch (IdRepoException e) {
debug.warning("AMModelBase.getSupportedTypes", e);
} catch (SSOException e) {
debug.warning("AMModelBase.getSupportedTypes", e);
}
return (map != null) ? map : Collections.EMPTY_MAP;
}
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class GetAssignableServices method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
SSOToken adminSSOToken = getAdminSSOToken();
IOutput outputWriter = getOutputWriter();
String realm = getStringOptionValue(IArgument.REALM_NAME);
String idName = getStringOptionValue(ARGUMENT_ID_NAME);
String type = getStringOptionValue(ARGUMENT_ID_TYPE);
IdType idType = convert2IdType(type);
String[] params = { realm, type, idName };
try {
AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
Set set = amir.getAllowedIdOperations(idType);
if (!set.contains(IdOperation.SERVICE)) {
throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-support-service"), (Object[]) params), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_GET_ASSIGNABLE_SERVICES", params);
AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
Set services = amid.getAssignableServices();
if (idType.equals(IdType.USER)) {
services.remove(Constants.SVC_NAME_USER);
services.remove(Constants.SVC_NAME_AUTH_CONFIG);
services.remove(Constants.SVC_NAME_SAML);
}
if ((services != null) && !services.isEmpty()) {
String msg = getResourceString("assignable-service-result");
String[] arg = { "" };
for (Iterator i = services.iterator(); i.hasNext(); ) {
arg[0] = (String) i.next();
outputWriter.printlnMessage(MessageFormat.format(msg, (Object[]) arg));
}
} else {
outputWriter.printlnMessage(getResourceString("no-service-assignable"));
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_ASSIGNABLE_SERVICES", params);
} catch (IdRepoException e) {
String[] args = { realm, type, idName, e.getMessage() };
debugError("GetAssignableServices.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNABLE_SERVICES", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
String[] args = { realm, type, idName, e.getMessage() };
debugError("GetAssignableServices.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNABLE_SERVICES", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class GetAssignedServices method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
SSOToken adminSSOToken = getAdminSSOToken();
IOutput outputWriter = getOutputWriter();
String realm = getStringOptionValue(IArgument.REALM_NAME);
String idName = getStringOptionValue(ARGUMENT_ID_NAME);
String type = getStringOptionValue(ARGUMENT_ID_TYPE);
IdType idType = convert2IdType(type);
String[] params = { realm, type, idName };
try {
AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
Set set = amir.getAllowedIdOperations(idType);
if (!set.contains(IdOperation.SERVICE)) {
throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-support-service"), (Object[]) params), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_GET_ASSIGNED_SERVICES", params);
AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
Set services = amid.getAssignedServices();
if ((services != null) && !services.isEmpty()) {
String msg = getResourceString("assigned-service-result");
String[] arg = { "" };
for (Iterator i = services.iterator(); i.hasNext(); ) {
arg[0] = (String) i.next();
outputWriter.printlnMessage(MessageFormat.format(msg, (Object[]) arg));
}
} else {
outputWriter.printlnMessage(getResourceString("no-service-assigned"));
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_ASSIGNED_SERVICES", params);
} catch (IdRepoException e) {
String[] args = { realm, type, idName, e.getMessage() };
debugError("GetAssignedServices.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNED_SERVICES", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
String[] args = { realm, type, idName, e.getMessage() };
debugError("GetAssignedServices.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNED_SERVICES", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class DeleteIdentities method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
@Override
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
SSOToken adminSSOToken = getAdminSSOToken();
String realm = getStringOptionValue(IArgument.REALM_NAME);
String type = getStringOptionValue(ARGUMENT_ID_TYPE);
List idNames = (List) rc.getOption(ARGUMENT_ID_NAMES);
String file = getStringOptionValue(IArgument.FILE);
if (idNames == null) {
idNames = new ArrayList();
}
if (file != null) {
idNames.addAll(AttributeValues.parseValues(file));
}
if (idNames.isEmpty()) {
throw new CLIException(getResourceString("missing-identity-names"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
String displayableIdNames = tokenize(idNames);
String[] params = { realm, type, displayableIdNames };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_DELETE_IDENTITY", params);
// test if realm exists
try {
new OrganizationConfigManager(adminSSOToken, realm);
} catch (SMSException e) {
String[] args = { realm, type, displayableIdNames, e.getMessage() };
debugError("DeleteIdentities.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
Object[] msgArg = { realm };
throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-exist"), msgArg), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
try {
AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
IdType idType = convert2IdType(type);
Set setDelete = new HashSet();
for (Iterator i = idNames.iterator(); i.hasNext(); ) {
String idName = (String) i.next();
AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
boolean exist = false;
try {
exist = amid.isExists();
} catch (IdRepoException e) {
}
if (!exist) {
String[] args = { realm, type, displayableIdNames, "user " + idName + " does not exist" };
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
Object[] msgArg = { idName };
throw new CLIException(MessageFormat.format(getResourceString("identity-does-not-exist"), msgArg), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
setDelete.add(amid);
}
amir.deleteIdentities(setDelete);
IOutput outputWriter = getOutputWriter();
Object[] objects = { realm, type };
if (idNames.size() > 1) {
outputWriter.printlnMessage(MessageFormat.format(getResourceString("delete-identities-succeed"), objects));
} else {
outputWriter.printlnMessage(MessageFormat.format(getResourceString("delete-identity-succeed"), objects));
}
for (Iterator i = idNames.iterator(); i.hasNext(); ) {
outputWriter.printlnMessage(" " + (String) i.next());
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_DELETE_IDENTITY", params);
} catch (IdRepoException e) {
String[] args = { realm, type, displayableIdNames, e.getMessage() };
debugError("DeleteIdentities.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
String[] args = { realm, type, displayableIdNames, e.getMessage() };
debugError("DeleteIdentities.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class EntitiesModelImpl method getEntityNames.
/**
* Returns entity names.
*
* @param realmName Name of Realm.
* @param pattern Search Pattern.
* @param strType Entity Type.
*/
public IdSearchResults getEntityNames(String realmName, String strType, String pattern) throws AMConsoleException {
if (realmName == null) {
realmName = "/";
}
int sizeLimit = getSearchResultLimit();
int timeLimit = getSearchTimeOutLimit();
String[] params = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit) };
try {
IdSearchControl idsc = new IdSearchControl();
idsc.setMaxResults(sizeLimit);
idsc.setTimeOut(timeLimit);
idsc.setAllReturnAttributes(false);
/*
* For user identities we will modify the search filter so that
* we can search on a non naming attribute.
*/
IdType ltype = IdUtils.getType(strType);
if (ltype.equals(IdType.USER) && !pattern.equals("*")) {
Map searchMap = new HashMap(2);
Set patternSet = new HashSet(2);
patternSet.add(pattern);
searchMap.put(getUserSearchAttribute(), patternSet);
idsc.setSearchModifiers(IdSearchOpModifier.OR, searchMap);
/*
* change the pattern to * since we are passing a searchMap.
* pattern will be used in the default filter and given to
* the naming attribute (uid in this case). Here we are passing
* cn=John Doe in the searchMap, but the naming attribute is
* set to *.
* "(&(&(uid=*)(objectClass=inetOrgPerson))(|(cn=John Doe)))"
*/
pattern = "*";
}
logEvent("ATTEMPT_SEARCH_IDENTITY", params);
AMIdentityRepository repo = new AMIdentityRepository(getUserSSOToken(), realmName);
IdSearchResults results = repo.searchIdentities(ltype, pattern, idsc);
logEvent("SUCCEED_SEARCH_IDENTITY", params);
return results;
} catch (IdRepoException e) {
String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), getErrorString(e) };
logEvent("IDM_EXCEPTION_SEARCH_IDENTITY", paramsEx);
if (debug.warningEnabled()) {
debug.warning("EntitiesModelImpl.getEntityNames " + getErrorString(e));
}
throw new AMConsoleException("no.properties");
} catch (SSOException e) {
String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), getErrorString(e) };
logEvent("SSO_EXCEPTION_SEARCH_IDENTITY", paramsEx);
debug.warning("EntitiesModelImpl.getEntityNames ", e);
throw new AMConsoleException(getErrorString(e));
}
}
Aggregations