Example 66 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method search.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#search(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Map,
* boolean, int, int, java.util.Set)
*/
public RepoSearchResults search(SSOToken token, IdType type, String pattern, Map avPairs, boolean recursive, int maxResults, int maxTime, Set returnAttrs) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AMSDKRepo: search called" + type + ": " + pattern + ": " + avPairs);
}
String searchDN = orgDN;
int profileType = getProfileType(type);
if (type.equals(IdType.USER)) {
searchDN = "ou=" + getDefaultPeopleContainerName() + "," + orgDN;
} else if (type.equals(IdType.AGENT)) {
searchDN = "ou=" + getDefaultAgentContainerName() + "," + orgDN;
} else if (type.equals(IdType.GROUP)) {
searchDN = "ou=" + getDefaultGroupContainerName() + "," + orgDN;
}
// String avFilter = AMObjectImpl.constructFilter(avPairs);
AMSearchControl ctrl = new AMSearchControl();
ctrl.setMaxResults(maxResults);
ctrl.setTimeOut(maxTime);
ctrl.setSearchScope(AMConstants.SCOPE_ONE);
if (returnAttrs == null || returnAttrs.isEmpty()) {
ctrl.setAllReturnAttributes(true);
} else {
ctrl.setReturnAttributes(returnAttrs);
}
AMSearchResults results;
try {
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
switch(profileType) {
case AMObject.USER:
AMPeopleContainer pc = amsc.getPeopleContainer(searchDN);
if (avPairs == null || avPairs.isEmpty()) {
results = pc.searchUsers(pattern, avPairs, ctrl);
} else {
// avPairs is being passed. Create an OR condition
// filter.
String avFilter = constructFilter(IdRepo.OR_MOD, avPairs);
results = pc.searchUsers(pattern, ctrl, avFilter);
}
if (recursive) {
// It could be an Auth
// search and if no matching user found then we need
// to do a scope-sub search
Set usersFound = results.getSearchResults();
if (usersFound == null || usersFound.isEmpty()) {
// matching is found.
if (avPairs == null || avPairs.isEmpty()) {
AMOrganization org = amsc.getOrganization(orgDN);
ctrl.setSearchScope(AMConstants.SCOPE_SUB);
results = org.searchUsers(pattern, ctrl);
} else {
String avFilter = constructFilter(IdRepo.OR_MOD, avPairs);
AMOrganization org = amsc.getOrganization(orgDN);
ctrl.setSearchScope(AMConstants.SCOPE_SUB);
results = org.searchUsers("*", ctrl, avFilter);
}
}
}
break;
case 100:
AMOrganizationalUnit ou = amsc.getOrganizationalUnit(searchDN);
results = ou.searchEntities(pattern, avPairs, null, ctrl);
// results = ou.searchEntities(pattern, ctrl, avFilter, null);
break;
case AMObject.GROUP:
case AMObject.STATIC_GROUP:
AMGroupContainer gc = amsc.getGroupContainer(searchDN);
results = gc.searchGroups(pattern, avPairs, ctrl);
break;
case AMObject.ROLE:
AMOrganization org = amsc.getOrganization(searchDN);
results = org.searchRoles(pattern, ctrl);
break;
case AMObject.FILTERED_ROLE:
org = amsc.getOrganization(searchDN);
results = org.searchFilteredRoles(pattern, ctrl);
break;
default:
Object[] args = { CLASS_NAME, type.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SEARCH_OPERATION_NOT_SUPPORTED, args);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.search: Unable to perform search operation", ame);
;
throw IdUtils.convertAMException(ame);
}
return new RepoSearchResults(results.getSearchResults(), results.getErrorCode(), results.getResultAttributes(), type);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
IdRepoException(com.sun.identity.idm.IdRepoException)
RepoSearchResults(com.sun.identity.idm.RepoSearchResults)
Example 67 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method create.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#create(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Map)
*/
public String create(SSOToken token, IdType type, String name, Map attrMap) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AMSDKIdRepo: Create called on " + type + ": " + name);
}
String dn = null;
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
try {
int orgType = amsc.getAMObjectType(orgDN);
if (orgType != AMObject.ORGANIZATION) {
debug.error("AMSDKRepo.create(): Incorrectly configured " + " plugin: Org DN is wrong = " + orgDN);
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_NOT_CONFIGURED_CORRECTLY, null);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.create(): An exception occured while " + " initializing AM SDK ", ame);
Object[] args = { CLASS_NAME, IdOperation.CREATE.getName() };
IdRepoException ide = new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_INITIALIZE_PLUGIN, args);
ide.setLDAPErrorCode(ame.getLDAPErrorCode());
throw ide;
}
AMOrganization amOrg = amsc.getOrganization(orgDN);
Map entityNamesAndAttrs = new HashMap();
entityNamesAndAttrs.put(name, attrMap);
try {
if (type.equals(IdType.USER)) {
Set res = amOrg.createEntities(AMObject.USER, entityNamesAndAttrs);
AMEntity entity = (AMEntity) res.iterator().next();
dn = entity.getDN();
} else if (type.equals(IdType.AGENT)) {
Set res = amOrg.createEntities(100, entityNamesAndAttrs);
AMEntity entity = (AMEntity) res.iterator().next();
dn = entity.getDN();
} else if (type.equals(IdType.GROUP)) {
String gcDN = AMNamingAttrManager.getNamingAttr(AMObject.GROUP_CONTAINER) + "=" + getDefaultGroupContainerName() + "," + orgDN;
AMGroupContainer amgc = amsc.getGroupContainer(gcDN);
Set groups = amgc.createStaticGroups(entityNamesAndAttrs);
AMStaticGroup group = (AMStaticGroup) groups.iterator().next();
dn = group.getDN();
} else if (type.equals(IdType.ROLE)) {
Set roles = amOrg.createRoles(entityNamesAndAttrs);
AMRole role = (AMRole) roles.iterator().next();
dn = role.getDN();
} else if (type.equals(IdType.FILTEREDROLE)) {
Set roles = amOrg.createFilteredRoles(entityNamesAndAttrs);
AMFilteredRole role = (AMFilteredRole) roles.iterator().next();
dn = role.getDN();
}
} catch (AMException ame) {
debug.warning("AMSDKRepo.create(): Caught AMException..", ame);
throw IdUtils.convertAMException(ame);
}
return dn;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
IdRepoException(com.sun.identity.idm.IdRepoException)
Map(java.util.Map)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
Example 68 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method getDsSvrCfg.
private ServerInstance getDsSvrCfg(LDAPUser.Type authType) throws IdRepoException {
ServerInstance svrCfg = null;
try {
DSConfigMgr dsCfg = DSConfigMgr.getDSConfigMgr();
svrCfg = dsCfg.getServerInstance(authType);
} catch (LDAPServiceException ldex) {
if (debug.messageEnabled()) {
debug.message("AMSDKRepo: getFullyQualifiedName" + " LDAPServiceException: " + ldex.getMessage());
}
Object[] args = { CLASS_NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SEARCH_FAILED, args);
}
return (svrCfg);
}
Also used :
IdRepoException(com.sun.identity.idm.IdRepoException)
DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr)
LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException)
ServerInstance(com.iplanet.services.ldap.ServerInstance)
Example 69 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method getAttributes.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set)
*/
public Map getAttributes(SSOToken token, IdType type, String name, Set attrNames) throws IdRepoException, SSOException {
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
String dn = getDN(type, name);
int profileType = getProfileType(type);
if (debug.messageEnabled()) {
debug.message("AMSDKIdRepo: getAttributes called" + ": " + type + ": " + name + " DN: '" + dn + "'");
}
// Use adminToken if present
if (adminToken != null) {
token = adminToken;
}
try {
if (amsc.isValidEntry(dn)) {
IDirectoryServices dsServices = AMDirectoryAccessFactory.getDirectoryServices();
return dsServices.getAttributes(token, dn, attrNames, false, false, profileType);
} else {
Object[] args = { name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NOT_VALID_ENTRY, args);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.getAttributes(): AMException ", ame);
throw IdUtils.convertAMException(ame);
}
}
Also used :
IDirectoryServices(com.iplanet.am.sdk.common.IDirectoryServices)
IdRepoException(com.sun.identity.idm.IdRepoException)
Example 70 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method unassignService.
public void unassignService(SSOToken token, IdType type, String name, String serviceName, Map attrMap) throws IdRepoException, SSOException {
if (type.equals(IdType.AGENT) || type.equals(IdType.GROUP)) {
Object[] args = { this.getClass().getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICES_NOT_SUPPORTED_FOR_AGENTS_AND_GROUPS, args);
}
// Use adminToken if present
if (adminToken != null) {
token = adminToken;
}
if (type.equals(IdType.USER)) {
// Get the object classes that need to be remove from Service Schema
Set removeOCs = (Set) attrMap.get("objectclass");
Set attrNameSet = new HashSet();
attrNameSet.add("objectclass");
Map objectClassesMap = getAttributes(token, type, name, attrNameSet);
Set OCValues = (Set) objectClassesMap.get("objectclass");
removeOCs = AMCommonUtils.updateAndGetRemovableOCs(OCValues, removeOCs);
// Get the attributes that need to be removed
Set removeAttrs = new HashSet();
Iterator iter1 = removeOCs.iterator();
while (iter1.hasNext()) {
String oc = (String) iter1.next();
IDirectoryServices dsServices = AMDirectoryAccessFactory.getDirectoryServices();
Set attrs = dsServices.getAttributesForSchema(oc);
Iterator iter2 = attrs.iterator();
while (iter2.hasNext()) {
String attrName = (String) iter2.next();
removeAttrs.add(attrName.toLowerCase());
}
}
// Will be AMHashMap, So the attr names will be in lower case
Map avPair = getAttributes(token, type, name);
Iterator itr = avPair.keySet().iterator();
while (itr.hasNext()) {
String attrName = (String) itr.next();
if (removeAttrs.contains(attrName)) {
try {
// remove attribute one at a time, so if the first
// one fails, it will keep continue to remove
// other attributes.
Map tmpMap = new AMHashMap();
tmpMap.put(attrName, Collections.EMPTY_SET);
setAttributes(token, type, name, tmpMap, false);
} catch (Exception ex) {
if (debug.messageEnabled()) {
debug.message("AMUserImpl.unassignServices()" + "Error occured while removing attribute: " + attrName);
}
}
}
}
// Now update the object class attribute
Map tmpMap = new AMHashMap();
tmpMap.put("objectclass", OCValues);
setAttributes(token, type, name, tmpMap, false);
} else if (type.equals(IdType.ROLE)) {
try {
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
String roleDN = getDN(type, name);
AMRole role = amsc.getRole(roleDN);
AMTemplate templ = role.getTemplate(serviceName, AMTemplate.DYNAMIC_TEMPLATE);
if (templ != null && templ.isExists()) {
templ.delete();
}
/*
* amdm.unRegisterService(token, orgDN, AMObject.ORGANIZATION,
* serviceName, AMTemplate.DYNAMIC_TEMPLATE);
*/
} catch (AMException ame) {
debug.error("AMSDKRepo.unassignService: Caught AMException", ame);
throw IdUtils.convertAMException(ame);
}
} else if (type.equals(IdType.FILTEREDROLE) || type.equals(IdType.REALM)) {
try {
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
String roleDN = getDN(type, name);
AMFilteredRole role = amsc.getFilteredRole(roleDN);
AMTemplate templ = role.getTemplate(serviceName, AMTemplate.DYNAMIC_TEMPLATE);
if (templ != null && templ.isExists()) {
templ.delete();
}
/*
* amdm.unRegisterService(token, orgDN, AMObject.ORGANIZATION,
* serviceName, AMTemplate.DYNAMIC_TEMPLATE);
*/
} catch (AMException ame) {
debug.error("AMSDKRepo.unassignService: Caught AMException", ame);
throw IdUtils.convertAMException(ame);
}
} else {
Object[] args = { this.getClass().getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SERVICES_NOT_SUPPORTED_FOR_AGENTS_AND_GROUPS, args);
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SMSException(com.sun.identity.sm.SMSException)
LDAPUtilException(org.forgerock.openam.ldap.LDAPUtilException)
InvalidPasswordException(com.sun.identity.authentication.spi.InvalidPasswordException)
IDirectoryServices(com.iplanet.am.sdk.common.IDirectoryServices)
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
Iterator(java.util.Iterator)
Map(java.util.Map)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
HashSet(java.util.HashSet)
Aggregations
IdRepoException (com.sun.identity.idm.IdRepoException)403
SSOException (com.iplanet.sso.SSOException)275
Set (java.util.Set)224
AMIdentity (com.sun.identity.idm.AMIdentity)221
HashSet (java.util.HashSet)183
Map (java.util.Map)121
Iterator (java.util.Iterator)118
SSOToken (com.iplanet.sso.SSOToken)112
HashMap (java.util.HashMap)110
SMSException (com.sun.identity.sm.SMSException)103
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)96
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)67
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)58
IdType (com.sun.identity.idm.IdType)57
CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)51
CLIException (com.sun.identity.cli.CLIException)48
IOutput (com.sun.identity.cli.IOutput)45
IdSearchResults (com.sun.identity.idm.IdSearchResults)44
IdSearchControl (com.sun.identity.idm.IdSearchControl)39
IdRepoUnsupportedOpException (com.sun.identity.idm.IdRepoUnsupportedOpException)35
