Example 11 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class LdapSPValidator method searchAgents.
private Map searchAgents(StringBuffer rootPrefix, String realm) throws Exception {
/*
* Search for attribute "sunIdentityServerDeviceKeyValue:
* sunIdentityServerAgentRootURL=<rootURL>"
*/
Map searchParams = new HashMap();
Set attrValues = new HashSet(2);
attrValues.add(PROVIDER_ID_ATTR_NAME + "=" + rootPrefix.toString());
searchParams.put(LDAP_ATTR_NAME, attrValues);
IdSearchControl idsc = new IdSearchControl();
idsc.setTimeOut(0);
idsc.setMaxResults(0);
idsc.setSearchModifiers(IdSearchOpModifier.AND, searchParams);
Set returnAttrs = new HashSet(4);
returnAttrs.add(LDAP_ATTR_NAME);
returnAttrs.add(LDAP_STATUS_ATTR_NAME);
idsc.setReturnAttributes(returnAttrs);
try {
SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
IdSearchResults sr = null;
if ((realm != null) && (realm.trim().length() > 0)) {
AMIdentityRepository idRepo = new AMIdentityRepository(adminToken, realm);
sr = idRepo.searchIdentities(IdType.AGENT, "*", idsc);
} else {
sr = amIdRepo.searchIdentities(IdType.AGENT, "*", idsc);
}
return sr.getResultAttributes();
} catch (IdRepoException ire) {
CDCServlet.debug.error("LdapSPValidator.searchAgents", ire);
throw new Exception(ire);
} catch (SSOException ssoe) {
CDCServlet.debug.error("LdapSPValidator.searchAgents", ssoe);
throw new Exception(ssoe);
}
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
SSOToken(com.iplanet.sso.SSOToken)
HashMap(java.util.HashMap)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
HashMap(java.util.HashMap)
Map(java.util.Map)
IdRepoException(com.sun.identity.idm.IdRepoException)
MalformedURLException(java.net.MalformedURLException)
SSOException(com.iplanet.sso.SSOException)
HashSet(java.util.HashSet)
Example 12 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class RealmTest method unassignServiceFromRealm.
@Parameters({ "realm", "service-name", "attribute-value" })
@Test(groups = { "cli-realm", "remove-svc-realm" }, dependsOnGroups = { "services" })
public void unassignServiceFromRealm(String realm, String serviceName, String attributeValue) throws CLIException, IdRepoException, SSOException {
String[] param = { realm };
entering("unassignServiceFromRealm", param);
String[] args = { "remove-svc-realm", CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME, realm, CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.SERVICE_NAME, serviceName };
CLIRequest req = new CLIRequest(null, args, getAdminSSOToken());
cmdManager.addToRequestQueue(req);
cmdManager.serviceRequestQueue();
AMIdentityRepository amir = new AMIdentityRepository(getAdminSSOToken(), realm);
AMIdentity ai = amir.getRealmIdentity();
Map map = ai.getServiceAttributes(serviceName);
Map orig = CollectionUtils.parseStringToMap(attributeValue);
assert !map.equals(orig);
exiting("unassignServiceFromRealm");
}
Also used :
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
CLIRequest(com.sun.identity.cli.CLIRequest)
HashMap(java.util.HashMap)
Map(java.util.Map)
Parameters(org.testng.annotations.Parameters)
Test(org.testng.annotations.Test)
BeforeTest(org.testng.annotations.BeforeTest)
AfterTest(org.testng.annotations.AfterTest)
Example 13 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class IdRepoDataStoreProvider method getUserID.
/**
* Returns user matching the search criteria.
* @param orgDN The realm to search the user. If null,
* searches the root realm.
* @param avPairs Attribute key/value pairs that will be used for
* searching the user. Key is the attribute name, value
* is a Set containing attribute value(s).
* @return Universal identifier of the matching user, null if
* the matching user could not be found.
* @throws DataStoreProviderException if error occurs during search or
* multiple matching users found.
*/
public String getUserID(String orgDN, Map<String, Set<String>> avPairs) throws DataStoreProviderException {
if (orgDN == null) {
orgDN = SMSEntry.getRootSuffix();
}
if (avPairs == null || avPairs.isEmpty()) {
throw new DataStoreProviderException(bundle.getString("nullAvPair"));
}
Set amIdSet = null;
try {
IdSearchControl searchControl = getIdSearchControl(avPairs, IdSearchOpModifier.AND);
AMIdentityRepository idRepo = getAMIdentityRepository(orgDN);
IdSearchResults searchResults = idRepo.searchIdentities(IdType.USER, "*", searchControl);
amIdSet = searchResults.getSearchResults();
} catch (IdRepoException ame) {
debug.error("IdRepoDataStoreProvider.getUserID(): IdRepoException", ame);
throw new DataStoreProviderException(ame);
} catch (SSOException ssoe) {
debug.error("IdRepoDataStoreProvider.getUserID() : SSOException", ssoe);
throw new DataStoreProviderException(ssoe);
}
if (amIdSet == null || amIdSet.isEmpty()) {
debug.message("IdRepoDataStoreProvider.getUserID : user not found");
return null;
} else if (amIdSet.size() > 1) {
debug.message("IdRepoDataStoreProvider.getUserID : multiple match");
throw new DataStoreProviderException(bundle.getString("multipleMatches"));
}
// single user found.
final AMIdentity amId = (AMIdentity) amIdSet.iterator().next();
final String universalId = IdUtils.getUniversalId(amId);
if (debug.messageEnabled()) {
debug.message("IdRepoDataStoreProvider.getUserID()" + " Name=: " + amId.getName() + " DN=: " + amId.getDN() + " univId=: " + universalId);
}
return universalId;
}
Also used :
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
Set(java.util.Set)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
Example 14 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class IdentitySubjectModelImpl method getEntityNames.
/**
* Returns entity names.
*
* @param pattern Search Pattern.
* @param strType Entity Type.
* @param realmName Name of Realm.
*/
public IdSearchResults getEntityNames(String realmName, String strType, String pattern) throws AMConsoleException {
if (realmName == null) {
realmName = "/";
}
if ((pattern == null) || (pattern.trim().length() == 0)) {
pattern = "*";
}
int sizeLimit = getSearchResultLimit();
int timeLimit = getSearchTimeOutLimit();
String[] params = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit) };
try {
AMIdentityRepository repo = new AMIdentityRepository(getUserSSOToken(), realmName);
IdType type = IdUtils.getType(strType);
IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(true);
idsc.setMaxResults(sizeLimit);
idsc.setTimeOut(timeLimit);
logEvent("ATTEMPT_SEARCH_IDENTITY", params);
IdSearchResults results = repo.searchIdentities(type, pattern, idsc);
logEvent("SUCCEED_SEARCH_IDENTITY", params);
return results;
} catch (IdRepoException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), strError };
logEvent("IDM_EXCEPTION_SEARCH_IDENTITY", paramsEx);
throw new AMConsoleException(strError);
} catch (SSOException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), strError };
logEvent("SSO_EXCEPTION_SEARCH_IDENTITY", paramsEx);
throw new AMConsoleException(strError);
}
}
Also used :
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
IdType(com.sun.identity.idm.IdType)
Example 15 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class WindowsDesktopSSO method searchUserAccount.
/**
* Searches for an account with user Id userID in the organization organization
* @param attributeValue The attributeValue to compare when searching for an
* identity in the organization
* @param organization organization or the organization name where the identity will be
* looked up
* @return the attribute value for the identity searched. Empty string if not found or
* null if an error occurs
*/
private String searchUserAccount(String attributeValue, String organization) throws AuthLoginException {
String classMethod = "WindowsDesktopSSO.searchUserAccount: ";
if (organization.isEmpty()) {
organization = "/";
}
if (debug.messageEnabled()) {
debug.message(classMethod + " searching for user " + attributeValue + " in the organization =" + organization);
}
// And the search criteria
IdSearchControl searchControl = new IdSearchControl();
searchControl.setMaxResults(1);
searchControl.setTimeOut(3000);
searchControl.setSearchModifiers(IdSearchOpModifier.OR, buildSearchControl(attributeValue));
searchControl.setAllReturnAttributes(false);
try {
AMIdentityRepository amirepo = new AMIdentityRepository(getSSOSession(), organization);
IdSearchResults searchResults = amirepo.searchIdentities(IdType.USER, "*", searchControl);
if (searchResults.getErrorCode() == IdSearchResults.SUCCESS && searchResults != null) {
Set<AMIdentity> results = searchResults.getSearchResults();
if (!results.isEmpty()) {
if (debug.messageEnabled()) {
debug.message(classMethod + results.size() + " result(s) obtained");
}
AMIdentity userDNId = results.iterator().next();
if (userDNId != null) {
if (debug.messageEnabled()) {
debug.message(classMethod + "user = " + userDNId.getUniversalId());
debug.message(classMethod + "attrs =" + userDNId.getAttributes(getUserAliasList()));
}
return attributeValue.trim();
}
}
}
} catch (IdRepoException idrepoex) {
String[] data = { attributeValue, organization };
throw new AuthLoginException(amAuthWindowsDesktopSSO, "idRepoSearch", data, idrepoex);
} catch (SSOException ssoe) {
String[] data = { attributeValue, organization };
throw new AuthLoginException(amAuthWindowsDesktopSSO, "ssoSearch", data, ssoe);
}
if (debug.messageEnabled()) {
debug.message(classMethod + " No results were found !");
}
return null;
}
Also used :
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
Aggregations
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)138
IdRepoException (com.sun.identity.idm.IdRepoException)103
SSOException (com.iplanet.sso.SSOException)94
AMIdentity (com.sun.identity.idm.AMIdentity)85
Set (java.util.Set)82
HashSet (java.util.HashSet)58
SSOToken (com.iplanet.sso.SSOToken)56
IdSearchControl (com.sun.identity.idm.IdSearchControl)36
IdSearchResults (com.sun.identity.idm.IdSearchResults)36
Iterator (java.util.Iterator)32
CLIException (com.sun.identity.cli.CLIException)29
HashMap (java.util.HashMap)29
IdType (com.sun.identity.idm.IdType)28
Map (java.util.Map)27
IOutput (com.sun.identity.cli.IOutput)26
SMSException (com.sun.identity.sm.SMSException)24
OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)20
List (java.util.List)13
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)12
Callback (javax.security.auth.callback.Callback)6
