Example 26 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class ProxyPETest method createUser.
private void createUser(SSOToken adminToken) throws IdRepoException, SSOException {
AMIdentityRepository amir = new AMIdentityRepository(adminToken, "/");
Map<String, Set<String>> attrValues = new HashMap<String, Set<String>>();
Set<String> set = new HashSet<String>();
set.add(TEST_USER_NAME);
attrValues.put("givenname", set);
attrValues.put("sn", set);
attrValues.put("cn", set);
attrValues.put("userpassword", set);
testUser = amir.createIdentity(IdType.USER, TEST_USER_NAME, attrValues);
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
HashSet(java.util.HashSet)
Example 27 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class IdentityManager method getClientIdentity.
/**
* Gets a client's identity.
*
* @param clientName The client's name.
* @param realm The client's realm.
* @return The Clients identity.
* @throws UnauthorizedClientException If the client's identity cannot be found.
*/
public AMIdentity getClientIdentity(String clientName, String realm) throws UnauthorizedClientException {
final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
final AMIdentity amIdentity;
try {
final AMIdentityRepository amIdRepo = new AMIdentityRepository(token, realm);
final IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(true);
idsc.setAllReturnAttributes(true);
// search for the identity
idsc.setMaxResults(0);
final IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.AGENTONLY, clientName, idsc);
final Set<AMIdentity> results = searchResults.getSearchResults();
if (results == null || results.size() != 1) {
logger.error("No client profile or more than one profile found.");
throw new UnauthorizedClientException("Not able to get client from OpenAM");
}
amIdentity = results.iterator().next();
//if the client is deactivated return null
if (amIdentity.isActive()) {
return amIdentity;
} else {
return null;
}
} catch (Exception e) {
logger.error("Unable to get client AMIdentity: ", e);
throw new UnauthorizedClientException("Not able to get client from OpenAM");
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
Example 28 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class OpenAMClientDAO method read.
/**
* {@inheritDoc}
*/
public Client read(String clientId, OAuth2Request request) throws UnauthorizedClientException {
Map<String, Set<String>> clientAttributes = new HashMap<String, Set<String>>();
try {
AMIdentity theID = null;
final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
final String realm = request.getParameter(OAuth2Constants.Custom.REALM);
AMIdentityRepository repo = idRepoFactory.create(realm, token);
IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(true);
idsc.setAllReturnAttributes(true);
// search for the identity
Set<AMIdentity> results;
idsc.setMaxResults(0);
IdSearchResults searchResults = repo.searchIdentities(IdType.AGENTONLY, clientId, idsc);
results = searchResults.getSearchResults();
if (results == null || results.size() != 1) {
logger.error("OpenAMClientDAO.read(): No client profile or more than one profile found.");
throw new UnauthorizedClientException("Not able to get client from OpenAM");
}
theID = results.iterator().next();
//if the client is deactivated return null
if (!theID.isActive()) {
theID = null;
} else {
clientAttributes = theID.getAttributes();
}
} catch (UnauthorizedClientException e) {
logger.error("OpenAMClientDAO.read(): Unable to get client AMIdentity: ", e);
throw new UnauthorizedClientException("Not able to get client from OpenAM");
} catch (SSOException e) {
logger.error("OpenAMClientDAO.read(): Unable to get client AMIdentity: ", e);
throw new UnauthorizedClientException("Not able to get client from OpenAM");
} catch (IdRepoException e) {
logger.error("OpenAMClientDAO.read(): Unable to get client AMIdentity: ", e);
throw new UnauthorizedClientException("Not able to get client from OpenAM");
}
Client client = createClient(clientAttributes);
client.setClientID(clientId);
return client;
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
SSOToken(com.iplanet.sso.SSOToken)
HashMap(java.util.HashMap)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
AMIdentity(com.sun.identity.idm.AMIdentity)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
OAuth2Client(org.forgerock.oauth2.core.OAuth2Constants.OAuth2Client)
Client(org.forgerock.openidconnect.Client)
Example 29 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class AgentConfiguration method deleteAgentGroups.
/**
* Deletes agent groups.
*
* @param ssoToken Single Sign On token that is to be used for deletion.
* @param realm Realm where agent groups reside.
* @param agentGroups Set of Agent Group object.
* @throws IdRepoException if unable to delete groups.
* @throws SSOException if the Single Sign On token is invalid or has
* expired.
* @throws SMSException if there are errors in service management layers.
*/
public static void deleteAgentGroups(SSOToken ssoToken, String realm, Set agentGroups) throws IdRepoException, SSOException, SMSException {
if ((agentGroups != null) && !agentGroups.isEmpty()) {
for (Iterator i = agentGroups.iterator(); i.hasNext(); ) {
AMIdentity group = (AMIdentity) i.next();
unheritPropertyValues(group);
}
AMIdentityRepository repo = new AMIdentityRepository(ssoToken, realm);
repo.deleteIdentities(agentGroups);
}
}
Also used :
AMIdentity(com.sun.identity.idm.AMIdentity)
Iterator(java.util.Iterator)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
Example 30 with AMIdentityRepository
use of com.sun.identity.idm.AMIdentityRepository in project OpenAM by OpenRock.
the class RealmSetServiceAttributeValues method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
SSOToken adminSSOToken = getAdminSSOToken();
IOutput outputWriter = getOutputWriter();
String realm = getStringOptionValue(IArgument.REALM_NAME);
String serviceName = getStringOptionValue(IArgument.SERVICE_NAME);
String datafile = getStringOptionValue(IArgument.DATA_FILE);
List attrValues = rc.getOption(IArgument.ATTRIBUTE_VALUES);
boolean bAppend = isOptionSet(OPT_APPEND);
if ((datafile == null) && (attrValues == null)) {
throw new CLIException(getResourceString("missing-attributevalues"), ExitCodes.INCORRECT_OPTION, rc.getSubCommand().getName());
}
Map<String, Set<String>> attributeValues = AttributeValues.parse(getCommandManager(), datafile, attrValues);
attributeValues = processFileAttributes(attributeValues);
try {
AMIdentityRepository repo = new AMIdentityRepository(adminSSOToken, realm);
AMIdentity ai = repo.getRealmIdentity();
Set servicesFromIdRepo = ai.getAssignedServices();
if (servicesFromIdRepo.contains(serviceName)) {
handleDynamicAttributes(ai, realm, serviceName, attributeValues, bAppend);
} else {
handleOrganizatioAttribute(realm, serviceName, attributeValues, bAppend);
}
} catch (IdRepoException e) {
String[] args = { realm, e.getMessage() };
debugError("RealmSetServiceAttributeValues.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_SET_SVC_ATTR_VALUES_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
String[] args = { realm, e.getMessage() };
debugError("RealmSetServiceAttributeValues.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_SET_SVC_ATTR_VALUES_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
IOutput(com.sun.identity.cli.IOutput)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
CLIException(com.sun.identity.cli.CLIException)
List(java.util.List)
SSOException(com.iplanet.sso.SSOException)
Aggregations
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)138
IdRepoException (com.sun.identity.idm.IdRepoException)103
SSOException (com.iplanet.sso.SSOException)94
AMIdentity (com.sun.identity.idm.AMIdentity)85
Set (java.util.Set)82
HashSet (java.util.HashSet)58
SSOToken (com.iplanet.sso.SSOToken)56
IdSearchControl (com.sun.identity.idm.IdSearchControl)36
IdSearchResults (com.sun.identity.idm.IdSearchResults)36
Iterator (java.util.Iterator)32
CLIException (com.sun.identity.cli.CLIException)29
HashMap (java.util.HashMap)29
IdType (com.sun.identity.idm.IdType)28
Map (java.util.Map)27
IOutput (com.sun.identity.cli.IOutput)26
SMSException (com.sun.identity.sm.SMSException)24
OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)20
List (java.util.List)13
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)12
Callback (javax.security.auth.callback.Callback)6
