Search in sources :

Example 76 with AMIdentityRepository

use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.

the class AMModelBase method getSupportedEntityTypes.

/**
     * Returns a map of suppported entity type to its localized name.
     *
     * @param realmName Name of Realm.
     * @return a map of suppported entity type to its localized name.
     */
public Map getSupportedEntityTypes(String realmName) {
    Map map = null;
    if (realmName == null) {
        realmName = "/";
    }
    try {
        SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
        AMIdentityRepository repo = new AMIdentityRepository(adminToken, realmName);
        Set supportedTypes = repo.getSupportedIdTypes();
        map = new HashMap(supportedTypes.size() * 2);
        for (Iterator iter = supportedTypes.iterator(); iter.hasNext(); ) {
            IdType type = (IdType) iter.next();
            if ((!type.equals(IdType.AGENTONLY) && !type.equals(IdType.AGENTGROUP) && !type.equals(IdType.AGENT)) || (type.equals(IdType.AGENT) && (svcRevisionNumber < 30))) {
                // add the "Agent" tab only if revision number of
                // sunIdentityRepository service is less than 30.
                // This is for backward compatibility to support 
                // this scenerio : OpenSSO 8.0 server against
                // AM 7.x existing DIT (Coexistence).
                map.put(type.getName(), getLocalizedString(type.getName()));
            }
        }
    } catch (IdRepoException e) {
        debug.warning("AMModelBase.getSupportedTypes", e);
    } catch (SSOException e) {
        debug.warning("AMModelBase.getSupportedTypes", e);
    }
    return (map != null) ? map : Collections.EMPTY_MAP;
}
Also used : SSOToken(com.iplanet.sso.SSOToken) TreeSet(java.util.TreeSet) HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) Iterator(java.util.Iterator) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) HashMap(java.util.HashMap) Map(java.util.Map) IdType(com.sun.identity.idm.IdType)

Example 77 with AMIdentityRepository

use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.

the class GetAssignableServices method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    SSOToken adminSSOToken = getAdminSSOToken();
    IOutput outputWriter = getOutputWriter();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String idName = getStringOptionValue(ARGUMENT_ID_NAME);
    String type = getStringOptionValue(ARGUMENT_ID_TYPE);
    IdType idType = convert2IdType(type);
    String[] params = { realm, type, idName };
    try {
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        Set set = amir.getAllowedIdOperations(idType);
        if (!set.contains(IdOperation.SERVICE)) {
            throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-support-service"), (Object[]) params), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_GET_ASSIGNABLE_SERVICES", params);
        AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
        Set services = amid.getAssignableServices();
        if (idType.equals(IdType.USER)) {
            services.remove(Constants.SVC_NAME_USER);
            services.remove(Constants.SVC_NAME_AUTH_CONFIG);
            services.remove(Constants.SVC_NAME_SAML);
        }
        if ((services != null) && !services.isEmpty()) {
            String msg = getResourceString("assignable-service-result");
            String[] arg = { "" };
            for (Iterator i = services.iterator(); i.hasNext(); ) {
                arg[0] = (String) i.next();
                outputWriter.printlnMessage(MessageFormat.format(msg, (Object[]) arg));
            }
        } else {
            outputWriter.printlnMessage(getResourceString("no-service-assignable"));
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_ASSIGNABLE_SERVICES", params);
    } catch (IdRepoException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetAssignableServices.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNABLE_SERVICES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetAssignableServices.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNABLE_SERVICES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IOutput(com.sun.identity.cli.IOutput) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) Iterator(java.util.Iterator) IdRepoException(com.sun.identity.idm.IdRepoException) CLIException(com.sun.identity.cli.CLIException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType)

Example 78 with AMIdentityRepository

use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.

the class GetAssignedServices method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    SSOToken adminSSOToken = getAdminSSOToken();
    IOutput outputWriter = getOutputWriter();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String idName = getStringOptionValue(ARGUMENT_ID_NAME);
    String type = getStringOptionValue(ARGUMENT_ID_TYPE);
    IdType idType = convert2IdType(type);
    String[] params = { realm, type, idName };
    try {
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        Set set = amir.getAllowedIdOperations(idType);
        if (!set.contains(IdOperation.SERVICE)) {
            throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-support-service"), (Object[]) params), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_GET_ASSIGNED_SERVICES", params);
        AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
        Set services = amid.getAssignedServices();
        if ((services != null) && !services.isEmpty()) {
            String msg = getResourceString("assigned-service-result");
            String[] arg = { "" };
            for (Iterator i = services.iterator(); i.hasNext(); ) {
                arg[0] = (String) i.next();
                outputWriter.printlnMessage(MessageFormat.format(msg, (Object[]) arg));
            }
        } else {
            outputWriter.printlnMessage(getResourceString("no-service-assigned"));
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_ASSIGNED_SERVICES", params);
    } catch (IdRepoException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetAssignedServices.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNED_SERVICES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetAssignedServices.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_ASSIGNED_SERVICES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IOutput(com.sun.identity.cli.IOutput) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) Iterator(java.util.Iterator) IdRepoException(com.sun.identity.idm.IdRepoException) CLIException(com.sun.identity.cli.CLIException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType)

Example 79 with AMIdentityRepository

use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.

the class DeleteIdentities method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    SSOToken adminSSOToken = getAdminSSOToken();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String type = getStringOptionValue(ARGUMENT_ID_TYPE);
    List idNames = (List) rc.getOption(ARGUMENT_ID_NAMES);
    String file = getStringOptionValue(IArgument.FILE);
    if (idNames == null) {
        idNames = new ArrayList();
    }
    if (file != null) {
        idNames.addAll(AttributeValues.parseValues(file));
    }
    if (idNames.isEmpty()) {
        throw new CLIException(getResourceString("missing-identity-names"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    String displayableIdNames = tokenize(idNames);
    String[] params = { realm, type, displayableIdNames };
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_DELETE_IDENTITY", params);
    // test if realm exists
    try {
        new OrganizationConfigManager(adminSSOToken, realm);
    } catch (SMSException e) {
        String[] args = { realm, type, displayableIdNames, e.getMessage() };
        debugError("DeleteIdentities.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
        Object[] msgArg = { realm };
        throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-exist"), msgArg), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    try {
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        IdType idType = convert2IdType(type);
        Set setDelete = new HashSet();
        for (Iterator i = idNames.iterator(); i.hasNext(); ) {
            String idName = (String) i.next();
            AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
            boolean exist = false;
            try {
                exist = amid.isExists();
            } catch (IdRepoException e) {
            }
            if (!exist) {
                String[] args = { realm, type, displayableIdNames, "user " + idName + " does not exist" };
                writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
                Object[] msgArg = { idName };
                throw new CLIException(MessageFormat.format(getResourceString("identity-does-not-exist"), msgArg), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            }
            setDelete.add(amid);
        }
        amir.deleteIdentities(setDelete);
        IOutput outputWriter = getOutputWriter();
        Object[] objects = { realm, type };
        if (idNames.size() > 1) {
            outputWriter.printlnMessage(MessageFormat.format(getResourceString("delete-identities-succeed"), objects));
        } else {
            outputWriter.printlnMessage(MessageFormat.format(getResourceString("delete-identity-succeed"), objects));
        }
        for (Iterator i = idNames.iterator(); i.hasNext(); ) {
            outputWriter.printlnMessage("    " + (String) i.next());
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_DELETE_IDENTITY", params);
    } catch (IdRepoException e) {
        String[] args = { realm, type, displayableIdNames, e.getMessage() };
        debugError("DeleteIdentities.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, type, displayableIdNames, e.getMessage() };
        debugError("DeleteIdentities.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_IDENTITY", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) HashSet(java.util.HashSet) SMSException(com.sun.identity.sm.SMSException) ArrayList(java.util.ArrayList) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) IOutput(com.sun.identity.cli.IOutput) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) Iterator(java.util.Iterator) CLIException(com.sun.identity.cli.CLIException) ArrayList(java.util.ArrayList) List(java.util.List) HashSet(java.util.HashSet)

Example 80 with AMIdentityRepository

use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.

the class EntitiesModelImpl method getEntityNames.

/**
     * Returns entity names.
     *
     * @param realmName Name of Realm.
     * @param pattern Search Pattern.
     * @param strType Entity Type.
     */
public IdSearchResults getEntityNames(String realmName, String strType, String pattern) throws AMConsoleException {
    if (realmName == null) {
        realmName = "/";
    }
    int sizeLimit = getSearchResultLimit();
    int timeLimit = getSearchTimeOutLimit();
    String[] params = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit) };
    try {
        IdSearchControl idsc = new IdSearchControl();
        idsc.setMaxResults(sizeLimit);
        idsc.setTimeOut(timeLimit);
        idsc.setAllReturnAttributes(false);
        /*
            * For user identities we will modify the search filter so that
            * we can search on a non naming attribute. 
            */
        IdType ltype = IdUtils.getType(strType);
        if (ltype.equals(IdType.USER) && !pattern.equals("*")) {
            Map searchMap = new HashMap(2);
            Set patternSet = new HashSet(2);
            patternSet.add(pattern);
            searchMap.put(getUserSearchAttribute(), patternSet);
            idsc.setSearchModifiers(IdSearchOpModifier.OR, searchMap);
            /*
                * change the pattern to * since we are passing a searchMap.
                * pattern will be used in the default filter and given to
                * the naming attribute (uid in this case). Here we are passing
                * cn=John Doe in the searchMap, but the naming attribute is
                * set to *.
                * "(&(&(uid=*)(objectClass=inetOrgPerson))(|(cn=John Doe)))"
                */
            pattern = "*";
        }
        logEvent("ATTEMPT_SEARCH_IDENTITY", params);
        AMIdentityRepository repo = new AMIdentityRepository(getUserSSOToken(), realmName);
        IdSearchResults results = repo.searchIdentities(ltype, pattern, idsc);
        logEvent("SUCCEED_SEARCH_IDENTITY", params);
        return results;
    } catch (IdRepoException e) {
        String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), getErrorString(e) };
        logEvent("IDM_EXCEPTION_SEARCH_IDENTITY", paramsEx);
        if (debug.warningEnabled()) {
            debug.warning("EntitiesModelImpl.getEntityNames " + getErrorString(e));
        }
        throw new AMConsoleException("no.properties");
    } catch (SSOException e) {
        String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), getErrorString(e) };
        logEvent("SSO_EXCEPTION_SEARCH_IDENTITY", paramsEx);
        debug.warning("EntitiesModelImpl.getEntityNames ", e);
        throw new AMConsoleException(getErrorString(e));
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) IdSearchResults(com.sun.identity.idm.IdSearchResults) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) IdSearchControl(com.sun.identity.idm.IdSearchControl) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) HashSet(java.util.HashSet)

Aggregations

AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)138 IdRepoException (com.sun.identity.idm.IdRepoException)103 SSOException (com.iplanet.sso.SSOException)94 AMIdentity (com.sun.identity.idm.AMIdentity)85 Set (java.util.Set)82 HashSet (java.util.HashSet)58 SSOToken (com.iplanet.sso.SSOToken)56 IdSearchControl (com.sun.identity.idm.IdSearchControl)36 IdSearchResults (com.sun.identity.idm.IdSearchResults)36 Iterator (java.util.Iterator)32 CLIException (com.sun.identity.cli.CLIException)29 HashMap (java.util.HashMap)29 IdType (com.sun.identity.idm.IdType)28 Map (java.util.Map)27 IOutput (com.sun.identity.cli.IOutput)26 SMSException (com.sun.identity.sm.SMSException)24 OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)20 List (java.util.List)13 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)12 Callback (javax.security.auth.callback.Callback)6