Example 81 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class IdServicesImpl method getServiceAttributesAscending.
/**
* Non-javadoc, non-public methods
* Get the service attributes of the name identity. Traverse to the global
* configuration if necessary until all attributes are found or reached
* the global area whichever occurs first.
*
* @param token is the sso token of the person performing this operation.
* @param type is the identity type of the name parameter.
* @param name is the identity we are interested in.
* @param serviceName is the service we are interested in
* @param attrNames are the name of the attributes wer are interested in.
* @param amOrgName is the orgname.
* @param amsdkDN is the amsdkDN.
* @throws IdRepoException if there are repository related error conditions.
* @throws SSOException if user's single sign on token is invalid.
*/
public Map getServiceAttributesAscending(SSOToken token, IdType type, String name, String serviceName, Set attrNames, String amOrgName, String amsdkDN) throws IdRepoException, SSOException {
Map finalResult = new HashMap();
Set finalAttrName = new HashSet();
String nextName = name;
String nextAmOrgName = amOrgName;
String nextAmsdkDN = amsdkDN;
IdType nextType = type;
Set missingAttr = new HashSet(attrNames);
do {
// amsdkDN will change as we move up the tree.
try {
Map serviceResult = getServiceAttributes(token, nextType, nextName, serviceName, missingAttr, nextAmOrgName, nextAmsdkDN);
if (DEBUG.messageEnabled()) {
DEBUG.message("IdServicesImpl." + "getServiceAttributesAscending:" + " nextType=" + nextType + "; nextName=" + nextName + "; serviceName=" + serviceName + "; missingAttr=" + missingAttr + "; nextAmOrgName=" + nextAmOrgName + "; nextAmsdkDN=" + nextAmsdkDN);
DEBUG.message(" getServiceAttributesAscending: " + "serviceResult=" + serviceResult);
DEBUG.message(" getServiceAttributesAscending: " + " finalResult=" + finalResult);
DEBUG.message(" getServiceAttributesAscending: " + " finalAttrName=" + finalAttrName);
}
if (serviceResult != null) {
Set srvNameReturned = serviceResult.keySet();
// save the newly found attrs
// amsdk returns emptyset when attrname is not present.
Iterator nameIt = srvNameReturned.iterator();
while (nameIt.hasNext()) {
String attr = (String) nameIt.next();
Set attrValue = (Set) serviceResult.get(attr);
if (!attrValue.isEmpty()) {
finalResult.put(attr, attrValue);
finalAttrName.add(attr);
}
}
if (DEBUG.messageEnabled()) {
DEBUG.message(" getServiceAttributesAscending:" + " serviceResult=" + serviceResult);
DEBUG.message(" getServiceAttributesAscending:" + " finalResult=" + finalResult);
}
}
if (finalAttrName.containsAll(attrNames)) {
if (DEBUG.messageEnabled()) {
DEBUG.message("exit getServiceAttributesAscending:" + " finalResult=" + finalResult);
}
return (finalResult);
}
// find the missing attributes
missingAttr.clear();
Iterator it = attrNames.iterator();
while (it.hasNext()) {
String attrName = (String) it.next();
if (!finalAttrName.contains(attrName)) {
missingAttr.add(attrName);
}
}
} catch (IdRepoException idrepo) {
if (DEBUG.warningEnabled()) {
DEBUG.warning(" getServiceAttributesAscending: " + "idrepoerr", idrepo);
}
} catch (SSOException ssoex) {
if (DEBUG.warningEnabled()) {
DEBUG.warning(" getServiceAttributesAscending: " + "ssoex", ssoex);
}
}
// go up to the parent org
try {
if (nextType.equals(IdType.USER) || nextType.equals(IdType.AGENT)) {
// try the user or agent's correct realm.
nextAmsdkDN = nextAmOrgName;
nextType = IdType.REALM;
} else {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, nextAmOrgName);
OrganizationConfigManager parentOCM = ocm.getParentOrgConfigManager();
String parentName = parentOCM.getOrganizationName();
if (DEBUG.messageEnabled()) {
DEBUG.message(" getServiceAttributesAscending: " + "parentName=" + parentName);
}
nextType = IdType.REALM;
if (nextAmOrgName.equalsIgnoreCase(parentName)) {
// at root.
nextName = null;
} else {
nextAmOrgName = parentName;
}
nextAmOrgName = parentName;
nextAmsdkDN = parentName;
}
} catch (SMSException smse) {
if (DEBUG.warningEnabled()) {
DEBUG.warning(" getServiceAttributesAscending: " + "smserror", smse);
}
nextName = null;
}
} while (nextName != null);
// get the rest from global.
if (!missingAttr.isEmpty()) {
try {
ServiceSchemaManager ssm = new ServiceSchemaManager(serviceName, token);
ServiceSchema schema = ssm.getDynamicSchema();
Map gAttrs = schema.getAttributeDefaults();
Iterator missingIt = missingAttr.iterator();
while (missingIt.hasNext()) {
String missingAttrName = (String) missingIt.next();
finalResult.put(missingAttrName, gAttrs.get(missingAttrName));
}
} catch (SMSException smse) {
if (DEBUG.messageEnabled()) {
DEBUG.message("IdServicesImpl(): getServiceAttributeAscending " + " Failed to get global default.", smse);
}
}
}
if (DEBUG.messageEnabled()) {
DEBUG.message("exit end getServiceAttributesAscending: " + " finalResult=" + finalResult);
}
return finalResult;
}
Also used :
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
IdType(com.sun.identity.idm.IdType)
ServiceSchema(com.sun.identity.sm.ServiceSchema)
OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager)
Iterator(java.util.Iterator)
Map(java.util.Map)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
Example 82 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class IdServicesImpl method assignService.
public void assignService(SSOToken token, IdType type, String name, String serviceName, SchemaType stype, Map attrMap, String amOrgName, String amsdkDN) throws IdRepoException, SSOException {
IdRepoException origEx = null;
// Check permission first. If allowed then proceed, else the
// checkPermission method throws an "402" exception.
checkPermission(token, amOrgName, name, null, IdOperation.SERVICE, type);
// Get the list of plugins that support the service operation.
Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.SERVICE, type);
if (configuredPluginClasses == null || configuredPluginClasses.isEmpty()) {
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
}
Iterator it = configuredPluginClasses.iterator();
int noOfSuccess = configuredPluginClasses.size();
IdRepo idRepo = null;
while (it.hasNext()) {
IdRepo repo = (IdRepo) it.next();
Map cMap = repo.getConfiguration();
try {
Map mappedAttributes = mapAttributeNames(attrMap, cMap);
if (repo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
repo.assignService(token, type, amsdkDN, serviceName, stype, mappedAttributes);
} else {
repo.assignService(token, type, name, serviceName, stype, mappedAttributes);
}
} catch (IdRepoUnsupportedOpException ide) {
if (idRepo != null && DEBUG.messageEnabled()) {
DEBUG.message("IdServicesImpl.assignService: " + "Assign Services not supported for repository " + repo.getClass().getName() + " :: " + ide.getMessage());
}
noOfSuccess--;
origEx = (origEx == null) ? ide : origEx;
} catch (IdRepoFatalException idf) {
// fatal ..throw it all the way up
DEBUG.error("IdServicesImpl.assignService: FatalException ", idf);
throw idf;
} catch (IdRepoException ide) {
if (idRepo != null && DEBUG.warningEnabled()) {
DEBUG.warning("IdServicesImpl.assignService: " + "Unable to assign Service identity in " + "the following repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
}
noOfSuccess--;
origEx = (origEx == null) ? ide : origEx;
}
}
if (noOfSuccess == 0) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdServicesImpl.assignService: " + "Unable to assign service for identity " + type.getName() + "::" + name + " in any configured data store ", origEx);
}
throw origEx;
}
}
Also used :
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
IdRepo(com.sun.identity.idm.IdRepo)
IdRepoException(com.sun.identity.idm.IdRepoException)
Iterator(java.util.Iterator)
Map(java.util.Map)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)
Example 83 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class IdServicesImpl method setActiveStatus.
/*
* (non-Javadoc)
*/
public void setActiveStatus(SSOToken token, IdType type, String name, String amOrgName, String amsdkDN, boolean active) throws SSOException, IdRepoException {
IdRepoException origEx = null;
// Check permission first. If allowed then proceed, else the
// checkPermission method throws an "402" exception.
checkPermission(token, amOrgName, name, null, IdOperation.EDIT, type);
// First get the list of plugins that support the edit operation.
Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.EDIT, type);
if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
}
Iterator it = configuredPluginClasses.iterator();
int noOfSuccess = configuredPluginClasses.size();
while (it.hasNext()) {
IdRepo idRepo = (IdRepo) it.next();
try {
if (idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
idRepo.setActiveStatus(token, type, amsdkDN, active);
} else {
idRepo.setActiveStatus(token, type, name, active);
}
} catch (IdRepoUnsupportedOpException ide) {
if (idRepo != null && DEBUG.warningEnabled()) {
DEBUG.warning("IdServicesImpl:setActiveStatus: " + "Unable to set attributes in the following " + "repository" + idRepo.getClass().getName() + " :: " + ide.getMessage());
}
noOfSuccess--;
origEx = (origEx == null) ? ide : origEx;
} catch (IdRepoFatalException idf) {
// fatal ..throw it all the way up
DEBUG.error("IsActive: Fatal Exception ", idf);
throw idf;
} catch (IdRepoException ide) {
if (idRepo != null && DEBUG.warningEnabled()) {
DEBUG.warning("Unable to setActiveStatus in the " + "following repository" + idRepo.getClass().getName() + " :: " + ide.getMessage());
}
noOfSuccess--;
// the ds and this entry might exist in one of the other ds.
if (!ide.getErrorCode().equalsIgnoreCase(IdRepoErrorCode.UNABLE_FIND_ENTRY) || (origEx == null)) {
origEx = ide;
}
}
}
if (noOfSuccess == 0) {
DEBUG.error("Unable to setActiveStatus for identity " + type.getName() + "::" + name + " in any configured " + "datastore", origEx);
throw origEx;
}
}
Also used :
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
IdRepo(com.sun.identity.idm.IdRepo)
IdRepoException(com.sun.identity.idm.IdRepoException)
Iterator(java.util.Iterator)
IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)
Example 84 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class IdServicesImpl method delete.
/*
* (non-Javadoc)
*/
public void delete(SSOToken token, IdType type, String name, String orgName, String amsdkDN) throws IdRepoException, SSOException {
if (type.equals(IdType.REALM)) {
deleteRealmIdentity(token, name, orgName);
return;
}
IdRepoException origEx = null;
// Check permission first. If allowed then proceed, else the
// checkPermission method throws an "402" exception.
checkPermission(token, orgName, name, null, IdOperation.DELETE, type);
// Get the list of plugins that support the delete operation.
Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(orgName, IdOperation.DELETE, type);
if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
}
Iterator it = configuredPluginClasses.iterator();
int noOfSuccess = configuredPluginClasses.size();
if (!name.equalsIgnoreCase(IdConstants.ANONYMOUS_USER)) {
noOfSuccess--;
}
IdRepo idRepo;
while (it.hasNext()) {
idRepo = (IdRepo) it.next();
try {
if (idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
idRepo.delete(token, type, amsdkDN);
} else {
idRepo.delete(token, type, name);
}
} catch (IdRepoUnsupportedOpException ide) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdServicesImpl.delete: " + "Unable to delete identity in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
}
noOfSuccess--;
origEx = (origEx == null) ? ide : origEx;
} catch (IdRepoFatalException idf) {
// fatal ..throw it all the way up
DEBUG.error("IdServicesImpl.delete: Fatal Exception ", idf);
throw idf;
} catch (IdRepoException ide) {
if (idRepo != null && DEBUG.warningEnabled()) {
DEBUG.warning("IdServicesImpl.delete: " + "Unable to delete identity in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
}
noOfSuccess--;
if (!ide.getErrorCode().equalsIgnoreCase(IdRepoErrorCode.UNABLE_FIND_ENTRY)) {
origEx = ide;
}
}
}
if ((noOfSuccess <= 0) && (origEx != null)) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdServicesImpl.delete: " + "Unable to delete identity " + type.getName() + " :: " + name + " in any of the configured data stores", origEx);
}
throw origEx;
}
removeIdentityFromPrivileges(name, type, amsdkDN, orgName);
}
Also used :
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
IdRepo(com.sun.identity.idm.IdRepo)
IdRepoException(com.sun.identity.idm.IdRepoException)
Iterator(java.util.Iterator)
IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)
Example 85 with IdRepoException
use of com.sun.identity.idm.IdRepoException in project OpenAM by OpenRock.
the class IdServicesImpl method getSupportedTypes.
public Set getSupportedTypes(SSOToken token, String amOrgName) throws IdRepoException, SSOException {
Set unionSupportedTypes = new HashSet();
Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName);
if (configuredPluginClasses == null || configuredPluginClasses.isEmpty()) {
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
}
Iterator it = configuredPluginClasses.iterator();
while (it.hasNext()) {
IdRepo repo = (IdRepo) it.next();
Set supportedTypes = repo.getSupportedTypes();
if (supportedTypes != null && !supportedTypes.isEmpty()) {
unionSupportedTypes.addAll(supportedTypes);
}
}
// Check if the supportedTypes is defined as supported in
// the global schema.
unionSupportedTypes.retainAll(IdUtils.supportedTypes);
return unionSupportedTypes;
}
Also used :
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
IdRepo(com.sun.identity.idm.IdRepo)
IdRepoException(com.sun.identity.idm.IdRepoException)
Iterator(java.util.Iterator)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
Aggregations
IdRepoException (com.sun.identity.idm.IdRepoException)403
SSOException (com.iplanet.sso.SSOException)275
Set (java.util.Set)224
AMIdentity (com.sun.identity.idm.AMIdentity)221
HashSet (java.util.HashSet)183
Map (java.util.Map)121
Iterator (java.util.Iterator)118
SSOToken (com.iplanet.sso.SSOToken)112
HashMap (java.util.HashMap)110
SMSException (com.sun.identity.sm.SMSException)103
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)96
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)67
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)58
IdType (com.sun.identity.idm.IdType)57
CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)51
CLIException (com.sun.identity.cli.CLIException)48
IOutput (com.sun.identity.cli.IOutput)45
IdSearchResults (com.sun.identity.idm.IdSearchResults)44
IdSearchControl (com.sun.identity.idm.IdSearchControl)39
IdRepoUnsupportedOpException (com.sun.identity.idm.IdRepoUnsupportedOpException)35
