Example 71 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method search.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#search(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, int, int,
* java.util.Set, boolean, int, java.util.Map)
*/
public RepoSearchResults search(SSOToken token, IdType type, String pattern, int maxTime, int maxResults, Set returnAttrs, boolean returnAllAttrs, int filterOp, Map avPairs, boolean recursive) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AMSDKRepo: search called" + type + ": " + pattern + ": " + avPairs);
}
String searchDN = orgDN;
int profileType = getProfileType(type);
if (type.equals(IdType.GROUP)) {
searchDN = "ou=" + getDefaultGroupContainerName() + "," + orgDN;
}
AMSearchControl ctrl = new AMSearchControl();
ctrl.setMaxResults(maxResults);
ctrl.setTimeOut(maxTime);
ctrl.setSearchScope(AMConstants.SCOPE_ONE);
if (returnAllAttrs) {
ctrl.setAllReturnAttributes(true);
} else {
if (returnAttrs != null && !returnAttrs.isEmpty()) {
ctrl.setReturnAttributes(returnAttrs);
}
}
AMSearchResults results;
try {
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
switch(profileType) {
case AMObject.USER:
if (pcDN != null) {
if (!dataStoreRecursive) {
searchDN = pcDN;
} else {
ctrl.setSearchScope(AMConstants.SCOPE_SUB);
}
} else {
if (!dataStoreRecursive) {
searchDN = "ou=" + getDefaultPeopleContainerName() + "," + orgDN;
} else {
ctrl.setSearchScope(AMConstants.SCOPE_SUB);
}
}
AMPeopleContainer pc = amsc.getPeopleContainer(searchDN);
if (avPairs == null || avPairs.isEmpty()) {
results = pc.searchUsers(pattern, avPairs, ctrl);
} else {
// avPairs is being passed. Create an OR condition
// filter.
String avFilter = constructFilter(filterOp, avPairs);
results = pc.searchUsers(pattern, ctrl, avFilter);
}
break;
case 100:
// IdType is Agent.
if (agentDN != null) {
if (!dataStoreRecursive) {
searchDN = agentDN;
} else {
ctrl.setSearchScope(AMConstants.SCOPE_SUB);
}
} else {
if (!dataStoreRecursive) {
searchDN = "ou=" + getDefaultAgentContainerName() + "," + orgDN;
} else {
ctrl.setSearchScope(AMConstants.SCOPE_SUB);
}
}
AMOrganizationalUnit ou = amsc.getOrganizationalUnit(searchDN);
// fix 6515502
if (avPairs == null || avPairs.isEmpty()) {
results = ou.searchEntities(pattern, avPairs, null, ctrl);
} else {
// avPairs is being passed. Create an OR condition
// filter.
String avFilter = constructFilter(filterOp, avPairs);
results = ou.searchEntities(pattern, ctrl, avFilter, null);
}
break;
case AMObject.GROUP:
case AMObject.STATIC_GROUP:
AMGroupContainer gc = amsc.getGroupContainer(searchDN);
results = gc.searchStaticGroups(pattern, avPairs, ctrl);
break;
case AMObject.ROLE:
AMOrganization org = amsc.getOrganization(searchDN);
results = org.searchRoles(pattern, ctrl);
break;
case AMObject.FILTERED_ROLE:
org = amsc.getOrganization(searchDN);
results = org.searchFilteredRoles(pattern, ctrl);
break;
default:
Object[] args = { CLASS_NAME, type.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SEARCH_OPERATION_NOT_SUPPORTED, args);
}
} catch (AMException ame) {
String amErrorCode = ame.getErrorCode();
if (!amErrorCode.equals("341")) {
debug.error("AMSDKRepo.search: Unable to perform search operation", ame);
}
if (profileType == 100 && amErrorCode.equals("341")) {
// then return empty results
return new RepoSearchResults(new HashSet(), RepoSearchResults.SUCCESS, Collections.EMPTY_MAP, type);
}
throw IdUtils.convertAMException(ame);
}
return new RepoSearchResults(results.getSearchResults(), results.getErrorCode(), results.getResultAttributes(), type);
}
Also used :
IdRepoException(com.sun.identity.idm.IdRepoException)
RepoSearchResults(com.sun.identity.idm.RepoSearchResults)
HashSet(java.util.HashSet)
Example 72 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method getFullyQualifiedName.
/**
* Returns the fully qualified name for the identity. It is expected that
* the fully qualified name would be unique, hence it is recommended to
* prefix the name with the data store name or protocol. Used by IdRepo
* framework to check for equality of two identities
*
* @param token
* administrator SSOToken that can be used by the datastore to
* determine the fully qualified name
* @param type
* type of the identity
* @param name
* name of the identity
*
* @return fully qualified name for the identity within the data store
*/
public String getFullyQualifiedName(SSOToken token, IdType type, String name) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AMSDKRepo: getFullyQualifiedName." + " type=" + type + "; name=" + name);
}
// given idtype and name, we will do search to get its FDN.
if ((name == null) || (name.length() == 0)) {
Object[] args = { CLASS_NAME, "" };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_FIND_ENTRY, args);
}
String dn;
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
dn = getDN(type, name);
boolean exists = amsc.isValidEntry(dn);
ServerInstance svrCfg = getDsSvrCfg(LDAPUser.Type.AUTH_ADMIN);
return ("amsdk://" + svrCfg.getServerName() + ":" + svrCfg.getPort() + "/" + dn);
}
Also used :
IdRepoException(com.sun.identity.idm.IdRepoException)
ServerInstance(com.iplanet.services.ldap.ServerInstance)
Example 73 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method getBinaryAttributes.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getBinaryAttributes(
* com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType,
* java.lang.String, java.util.Set)
*/
public Map getBinaryAttributes(SSOToken token, IdType type, String name, Set attrNames) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AMSDKIdRepo: getBinaryAttributes called" + ": " + type + ": " + name);
}
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
String dn = getDN(type, name);
int profileType = getProfileType(type);
// Use adminToken if present
if (adminToken != null) {
token = adminToken;
}
try {
if (amsc.isValidEntry(dn)) {
IDirectoryServices dsServices = AMDirectoryAccessFactory.getDirectoryServices();
return dsServices.getAttributesByteValues(token, dn, attrNames, profileType);
} else {
Object[] args = { name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NOT_VALID_ENTRY, args);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.getBinaryAttributes(): AMException ", ame);
throw IdUtils.convertAMException(ame);
}
}
Also used :
IDirectoryServices(com.iplanet.am.sdk.common.IDirectoryServices)
IdRepoException(com.sun.identity.idm.IdRepoException)
Example 74 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method modifyMemberShip.
public void modifyMemberShip(SSOToken token, IdType type, String name, Set members, IdType membersType, int operation) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AMSDKRepo: modifyMemberShip called " + type + ": " + name + ": " + members + ": " + membersType);
}
if (members == null || members.isEmpty()) {
debug.error("AMSDKRepo.modifyMemberShip: Members set is empty");
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ILLEGAL_ARGUMENTS, null);
}
if (type.equals(IdType.USER) || type.equals(IdType.AGENT)) {
debug.error("AMSDKRepo.modifyMembership: Memberhsip to users and" + " agents is not supported");
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED, null);
}
if (!membersType.equals(IdType.USER)) {
debug.error("AMSDKRepo.modifyMembership: A non-user type cannot " + " be made a member of any identity" + membersType.getName());
Object[] args = { CLASS_NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIPS_FOR_NOT_USERS_NOT_ALLOWED, args);
}
Set usersSet = new HashSet();
Iterator it = members.iterator();
while (it.hasNext()) {
String curr = (String) it.next();
String dn = getDN(membersType, curr);
usersSet.add(dn);
}
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
if (type.equals(IdType.GROUP)) {
String gdn = getDN(type, name);
AMStaticGroup group = amsc.getStaticGroup(gdn);
try {
switch(operation) {
case ADDMEMBER:
group.addUsers(usersSet);
break;
case REMOVEMEMBER:
group.removeUsers(usersSet);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.modifyMembership: Caught " + "exception while adding users to groups", ame);
throw IdUtils.convertAMException(ame);
}
} else if (type.equals(IdType.ROLE)) {
String gdn = getDN(type, name);
AMRole role = amsc.getRole(gdn);
try {
switch(operation) {
case ADDMEMBER:
role.addUsers(usersSet);
break;
case REMOVEMEMBER:
role.removeUsers(usersSet);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.modifyMembership: Caught " + "exception while " + " adding/removing users" + " to roles", ame);
throw IdUtils.convertAMException(ame);
}
} else {
// throw an exception
debug.error("AMSDKRepo.modifyMembership: Memberships cannot be" + "modified for type= " + type.getName());
Object[] args = { CLASS_NAME, type.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_CANNOT_BE_MODIFIED, args);
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
IdRepoException(com.sun.identity.idm.IdRepoException)
Iterator(java.util.Iterator)
HashSet(java.util.HashSet)
Example 75 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class AMSDKRepo method getAttributes.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
public Map getAttributes(SSOToken token, IdType type, String name) throws IdRepoException, SSOException {
AMStoreConnection amsc = (sc == null) ? new AMStoreConnection(token) : sc;
String dn = getDN(type, name);
int profileType = getProfileType(type);
if (debug.messageEnabled()) {
debug.message("AMSDKIdRepo: getAttributes called" + ": " + type + ": " + name + " DN: '" + dn + "'");
}
// Use adminToken if present
if (adminToken != null) {
token = adminToken;
}
try {
if (amsc.isValidEntry(dn)) {
IDirectoryServices dsServices = AMDirectoryAccessFactory.getDirectoryServices();
return dsServices.getAttributes(token, dn, false, false, profileType);
} else {
Object[] args = { name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NOT_VALID_ENTRY, args);
}
} catch (AMException ame) {
debug.error("AMSDKRepo.getAttributes(): AMException ", ame);
throw IdUtils.convertAMException(ame);
}
}
Also used :
IDirectoryServices(com.iplanet.am.sdk.common.IDirectoryServices)
IdRepoException(com.sun.identity.idm.IdRepoException)
Aggregations
IdRepoException (com.sun.identity.idm.IdRepoException)403
SSOException (com.iplanet.sso.SSOException)275
Set (java.util.Set)224
AMIdentity (com.sun.identity.idm.AMIdentity)221
HashSet (java.util.HashSet)183
Map (java.util.Map)121
Iterator (java.util.Iterator)118
SSOToken (com.iplanet.sso.SSOToken)112
HashMap (java.util.HashMap)110
SMSException (com.sun.identity.sm.SMSException)103
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)96
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)67
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)58
IdType (com.sun.identity.idm.IdType)57
CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)51
CLIException (com.sun.identity.cli.CLIException)48
IOutput (com.sun.identity.cli.IOutput)45
IdSearchResults (com.sun.identity.idm.IdSearchResults)44
IdSearchControl (com.sun.identity.idm.IdSearchControl)39
IdRepoUnsupportedOpException (com.sun.identity.idm.IdRepoUnsupportedOpException)35
