Examples with IdRepo com.sun.identity.idm.IdRepo used on opensource projects

Search in sources :

Example 26 with IdRepo

use of com.sun.identity.idm.IdRepo in project OpenAM by OpenRock.

the class IdServicesImpl method getFullyQualifiedNames.

/**
    * Returns the set of fully qualified names for the identity.
    * The fully qualified names would be unique for a given datastore.
    *
    * @param token SSOToken that can be used by the datastore
    *     to determine the fully qualified name
    * @param type type of the identity
    * @param name name of the identity
    *
    * @return fully qualified names for the identity
    * @throws IdRepoException If there are repository related error conditions
    * @throws SSOException If identity's single sign on token is invalid
    */
public Set getFullyQualifiedNames(SSOToken token, IdType type, String name, String orgName) throws IdRepoException, SSOException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("IdServicesImpl::getFullyQualifiedNames " + "called for type: " + type + " name: " + name + " org: " + orgName);
    }
    // Get IdRepo plugins
    Set repos = idrepoCache.getIdRepoPlugins(orgName, IdOperation.READ, type);
    // Verify if it is an internal/special identity
    // to avoid calling other plugins for special users
    CaseInsensitiveHashSet answer = new CaseInsensitiveHashSet();
    if (isSpecialIdentity(token, name, type, orgName)) {
        for (Iterator items = repos.iterator(); items.hasNext(); ) {
            IdRepo idRepo = (IdRepo) items.next();
            if (idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
                answer.add(idRepo.getFullyQualifiedName(token, type, name));
            }
        }
        return (answer);
    }
    // Get the fully qualified names from IdRepo plugins
    IdRepoException firstException = null;
    if ((repos != null) && !repos.isEmpty()) {
        for (Iterator items = repos.iterator(); items.hasNext(); ) {
            IdRepo idRepo = (IdRepo) items.next();
            // Skip users in Special Repo
            if (idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
                continue;
            }
            try {
                String fqn = idRepo.getFullyQualifiedName(token, type, name);
                if (fqn != null) {
                    answer.add(fqn);
                }
            } catch (IdRepoException ide) {
                if (firstException == null) {
                    firstException = ide;
                }
            }
        }
    }
    if ((firstException != null) && answer.isEmpty()) {
        throw (firstException);
    }
    return (answer);
}
Also used : CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) Iterator(java.util.Iterator) IdRepoException(com.sun.identity.idm.IdRepoException)

Example 27 with IdRepo

use of com.sun.identity.idm.IdRepo in project OpenAM by OpenRock.

the class IdServicesImpl method isExists.

/*
    * (non-Javadoc)
    */
public boolean isExists(SSOToken token, IdType type, String name, String amOrgName) throws SSOException, IdRepoException {
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.READ, type);
    // Get the list of plugins that support the read operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    // To avoid loading other plugins
    if (isSpecialIdentity(token, name, type, amOrgName)) {
        try {
            for (Iterator items = configuredPluginClasses.iterator(); items.hasNext(); ) {
                IdRepo idRepo = (IdRepo) items.next();
                if (idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
                    return (idRepo.isExists(token, type, name));
                }
            }
        } catch (Exception idm) {
        // Ignore the exception
        }
    }
    // Iterate through other plugins
    Iterator it = configuredPluginClasses.iterator();
    boolean exists = false;
    try {
        while (it.hasNext()) {
            IdRepo idRepo = (IdRepo) it.next();
            exists = idRepo.isExists(token, type, name);
            if (exists) {
                break;
            }
        }
    } catch (Exception idm) {
    // Ignore the exception if not found in one plugin.
    // Iterate through all configured plugins and look for the
    // identity and if found break the loop, if not finally return
    // false.
    }
    return exists;
}
Also used : Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) DelegationException(com.sun.identity.delegation.DelegationException) IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException)

Example 28 with IdRepo

use of com.sun.identity.idm.IdRepo in project OpenAM by OpenRock.

the class IdServicesImpl method getAttributes.

/*
    * (non-Javadoc)
    */
public Map getAttributes(SSOToken token, IdType type, String name, String amOrgName, String amsdkDN) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.READ, type);
    // Get the list of plugins that support the read operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    // Verify if it is an internal/special identity
    // to avoid calling other plugins for special users
    Set attrMapsSet = new HashSet();
    if (isSpecialIdentity(token, name, type, amOrgName)) {
        try {
            for (Iterator items = configuredPluginClasses.iterator(); items.hasNext(); ) {
                IdRepo idRepo = (IdRepo) items.next();
                if (idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
                    attrMapsSet.add(idRepo.getAttributes(token, type, name));
                    return (combineAttrMaps(attrMapsSet, true));
                }
            }
        } catch (Exception e) {
        // Ignore and continue
        }
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    while (it.hasNext()) {
        IdRepo idRepo = (IdRepo) it.next();
        try {
            Map cMap = idRepo.getConfiguration();
            Map aMap = null;
            if (idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && (amsdkDN != null)) {
                aMap = idRepo.getAttributes(token, type, amsdkDN);
            } else {
                aMap = idRepo.getAttributes(token, type, name);
            }
            if (DEBUG.messageEnabled()) {
                DEBUG.message("IdServicesImpl.getAttributes: " + "before reverseMapAttributeNames aMap=" + IdRepoUtils.getAttrMapWithoutPasswordAttrs(aMap, null));
            }
            aMap = reverseMapAttributeNames(aMap, cMap);
            attrMapsSet.add(aMap);
            if (DEBUG.messageEnabled()) {
                for (Iterator iter = attrMapsSet.iterator(); iter.hasNext(); ) {
                    Map attrMap = (Map) iter.next();
                    DEBUG.message("IdServicesImpl.getAttributes: " + "after before reverseMapAttributeNames attrMapsSet=" + IdRepoUtils.getAttrMapWithoutPasswordAttrs(attrMap, null));
                }
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getAttributes: " + "Unable to read identity in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.getAttributes: " + "Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getAttributes: " + "Unable to read identity in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.getAttributes: " + "Unable to get attributes for identity " + type.getName() + "::" + name + " in any configured data store", origEx);
        }
        throw origEx;
    } else {
        Map returnMap = combineAttrMaps(attrMapsSet, true);
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.getAttributes exit: returnMap=" + IdRepoUtils.getAttrMapWithoutPasswordAttrs(returnMap, null));
        }
        return returnMap;
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) Map(java.util.Map) AMHashMap(com.iplanet.am.sdk.AMHashMap) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) DelegationException(com.sun.identity.delegation.DelegationException) IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 29 with IdRepo

use of com.sun.identity.idm.IdRepo in project OpenAM by OpenRock.

the class IdServicesImpl method getMemberships.

/*
    * (non-Javadoc)
    */
public Set getMemberships(SSOToken token, IdType type, String name, IdType membershipType, String amOrgName, String amsdkDN) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.READ, type);
    // Get the list of plugins that support the read operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    // If Special Identity, call SpecialRepo
    if (isSpecialIdentity(token, name, type, amOrgName)) {
        try {
            for (Iterator items = configuredPluginClasses.iterator(); items.hasNext(); ) {
                IdRepo idRepo = (IdRepo) items.next();
                if (idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
                    return (idRepo.getMemberships(token, type, name, membershipType));
                }
            }
        } catch (Exception e) {
        // Ignore and continue
        }
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    Set membershipsSet = new HashSet();
    Set amsdkMemberShips = new HashSet();
    boolean amsdkIncluded = false;
    while (it.hasNext()) {
        IdRepo idRepo = (IdRepo) it.next();
        if (!idRepo.getSupportedTypes().contains(membershipType) || idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
            // IdRepo plugin does not support the idType for
            // memberships
            noOfSuccess--;
            continue;
        }
        try {
            boolean isAMSDK = idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN);
            Set members = (isAMSDK && (amsdkDN != null)) ? idRepo.getMemberships(token, type, amsdkDN, membershipType) : idRepo.getMemberships(token, type, name, membershipType);
            if (isAMSDK) {
                amsdkMemberShips.addAll(members);
                amsdkIncluded = true;
            } else {
                membershipsSet.add(members);
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getMemberships: " + "Unable to get memberships in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.getMemberships: " + "Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getMemberships: " + "Unable to read identity in the following " + "repository " + idRepo.getClass().getName(), ide);
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.getMemberships: " + "Unable to get members for identity " + type.getName() + "::" + name + " in any configured data store", origEx);
        }
        if (origEx != null) {
            throw origEx;
        } else {
            return (Collections.EMPTY_SET);
        }
    } else {
        Set results = combineMembers(token, membershipsSet, membershipType, amOrgName, amsdkIncluded, amsdkMemberShips);
        return results;
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) DelegationException(com.sun.identity.delegation.DelegationException) IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 30 with IdRepo

use of com.sun.identity.idm.IdRepo in project OpenAM by OpenRock.

the class IdServicesImpl method getServiceAttributes.

public Map getServiceAttributes(SSOToken token, IdType type, String name, String serviceName, Set attrNames, String amOrgName, String amsdkDN, boolean isString) throws IdRepoException, SSOException {
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, attrNames, IdOperation.READ, type);
    // First get the list of plugins that support the create operation.
    // use IdOperation.READ insteadof IdOperation.SERVICE. IdRepo for
    // AD doesn't support SERVICE because service object classes can't
    // exist in user entry. So IdRepo.getServiceAttributes won't get
    // user attributes. But IdRepo.getServiceAttributes will also read
    // realm service attributes. We should move the code that reads
    // ealm service attributes in IdRepo.getServiceAttributes to this class
    // later. Only after that we can use IdOperation.SERVICE.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if (configuredPluginClasses == null || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    IdRepo idRepo = null;
    Set resultsSet = new HashSet();
    IdRepoException origEx = null;
    while (it.hasNext()) {
        IdRepo repo = (IdRepo) it.next();
        Map cMap = repo.getConfiguration();
        try {
            Map attrs = null;
            if (repo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
                attrs = (isString ? repo.getServiceAttributes(token, type, amsdkDN, serviceName, attrNames) : repo.getBinaryServiceAttributes(token, type, amsdkDN, serviceName, attrNames));
            } else {
                attrs = (isString ? repo.getServiceAttributes(token, type, name, serviceName, attrNames) : repo.getBinaryServiceAttributes(token, type, name, serviceName, attrNames));
            }
            attrs = reverseMapAttributeNames(attrs, cMap);
            resultsSet.add(attrs);
        } catch (IdRepoUnsupportedOpException ide) {
            if (idRepo != null && DEBUG.messageEnabled()) {
                DEBUG.message("IdServicesImpl.getServiceAttributes: " + "Services not supported for repository " + repo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.getServiceAttributes: Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getServiceAttributes: " + "Unable to get service " + "attributes for the repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.getServiceAttributes: " + "Unable to get service attributes for identity " + type.getName() + "::" + name + " in any configured data store", origEx);
        }
        throw origEx;
    } else {
        Map resultsMap = combineAttrMaps(resultsSet, isString);
        return resultsMap;
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) Map(java.util.Map) AMHashMap(com.iplanet.am.sdk.AMHashMap) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Aggregations

IdRepo (com.sun.identity.idm.IdRepo)34 HashSet (java.util.HashSet)30 IdRepoException (com.sun.identity.idm.IdRepoException)29 OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)28 Iterator (java.util.Iterator)28 Set (java.util.Set)28 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)25 IdRepoFatalException (com.sun.identity.idm.IdRepoFatalException)19 IdRepoUnsupportedOpException (com.sun.identity.idm.IdRepoUnsupportedOpException)19 HashMap (java.util.HashMap)19 Map (java.util.Map)18 AMHashMap (com.iplanet.am.sdk.AMHashMap)11 CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)11 SMSException (com.sun.identity.sm.SMSException)11 SSOException (com.iplanet.sso.SSOException)10 LinkedHashMap (java.util.LinkedHashMap)8 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)7 DelegationException (com.sun.identity.delegation.DelegationException)6 IdRepoListener (com.sun.identity.idm.IdRepoListener)4 RepoSearchResults (com.sun.identity.idm.RepoSearchResults)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial