Search in sources :

Example 6 with IdRepoFatalException

use of com.sun.identity.idm.IdRepoFatalException in project OpenAM by OpenRock.

the class IdServicesImpl method delete.

/*
    * (non-Javadoc)
    */
public void delete(SSOToken token, IdType type, String name, String orgName, String amsdkDN) throws IdRepoException, SSOException {
    if (type.equals(IdType.REALM)) {
        deleteRealmIdentity(token, name, orgName);
        return;
    }
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, orgName, name, null, IdOperation.DELETE, type);
    // Get the list of plugins that support the delete operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(orgName, IdOperation.DELETE, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    if (!name.equalsIgnoreCase(IdConstants.ANONYMOUS_USER)) {
        noOfSuccess--;
    }
    IdRepo idRepo;
    while (it.hasNext()) {
        idRepo = (IdRepo) it.next();
        try {
            if (idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
                idRepo.delete(token, type, amsdkDN);
            } else {
                idRepo.delete(token, type, name);
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.delete: " + "Unable to delete identity in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.delete: Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.delete: " + "Unable to delete identity in the following " + "repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            if (!ide.getErrorCode().equalsIgnoreCase(IdRepoErrorCode.UNABLE_FIND_ENTRY)) {
                origEx = ide;
            }
        }
    }
    if ((noOfSuccess <= 0) && (origEx != null)) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.delete: " + "Unable to delete identity " + type.getName() + " :: " + name + " in any of the configured data stores", origEx);
        }
        throw origEx;
    }
    removeIdentityFromPrivileges(name, type, amsdkDN, orgName);
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)

Example 7 with IdRepoFatalException

use of com.sun.identity.idm.IdRepoFatalException in project OpenAM by OpenRock.

the class IdServicesImpl method modifyMemberShip.

/*
    * (non-Javadoc)
    */
public void modifyMemberShip(SSOToken token, IdType type, String name, Set members, IdType membersType, int operation, String amOrgName) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.EDIT, type);
    // First get the list of plugins that support the create operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.EDIT, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    //check if the identity exist
    if (!isExists(token, type, name, amOrgName)) {
        Object[] args = { name, type.getName() };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args);
    }
    validateMembers(token, members, membersType, amOrgName);
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    while (it.hasNext()) {
        IdRepo idRepo = (IdRepo) it.next();
        if (!idRepo.getSupportedTypes().contains(membersType) || idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
            // IdRepo plugin does not support the idType for
            // memberships
            noOfSuccess--;
            continue;
        }
        try {
            idRepo.modifyMemberShip(token, type, name, members, membersType, operation);
        } catch (IdRepoUnsupportedOpException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.modifyMembership: " + "Unable to modify memberships  in the following" + " repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.modifyMembership: " + "Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.modifyMembership: " + "Unable to modify memberships in the following" + " repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.modifyMemberShip: " + "Unable to modify members for identity " + type.getName() + "::" + name + " in any configured data store", origEx);
        }
        if (origEx != null) {
            throw origEx;
        } else {
            Object[] args = { "modifyMemberShip", IdOperation.EDIT.getName() };
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
        }
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)

Example 8 with IdRepoFatalException

use of com.sun.identity.idm.IdRepoFatalException in project OpenAM by OpenRock.

the class IdServicesImpl method getAssignedServices.

public Set<String> getAssignedServices(SSOToken token, IdType type, String name, Map mapOfServiceNamesAndOCs, String amOrgName, String amsdkDN) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.READ, type);
    // Get the list of plugins that support the service operation.
    Set<IdRepo> configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.SERVICE, type);
    if (configuredPluginClasses == null || configuredPluginClasses.isEmpty()) {
        if (type.equals(IdType.REALM)) {
            return Collections.emptySet();
        }
    }
    int noOfSuccess = configuredPluginClasses.size();
    Set<String> resultsSet = new HashSet<String>();
    for (IdRepo repo : configuredPluginClasses) {
        try {
            Set<String> services;
            if (repo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
                services = repo.getAssignedServices(token, type, amsdkDN, mapOfServiceNamesAndOCs);
            } else {
                services = repo.getAssignedServices(token, type, name, mapOfServiceNamesAndOCs);
            }
            if (services != null && !services.isEmpty()) {
                resultsSet.addAll(services);
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (DEBUG.messageEnabled()) {
                DEBUG.message("IdServicesImpl.getAssignedServices: Services not supported for repository " + repo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = origEx == null ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.getAssignedServices: Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getAssignedServices: Unable to get services for identity in the " + "following repository " + repo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.getAssignedServices: Unable to get assigned services for identity " + type.getName() + "::" + name + " in any configured data store", origEx);
        }
        throw origEx;
    } else {
        return resultsSet;
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 9 with IdRepoFatalException

use of com.sun.identity.idm.IdRepoFatalException in project OpenAM by OpenRock.

the class IdServicesImpl method unassignService.

public void unassignService(SSOToken token, IdType type, String name, String serviceName, Map attrMap, String amOrgName, String amsdkDN) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.SERVICE, type);
    // Get the list of plugins that support the service operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.SERVICE, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    IdRepo idRepo = null;
    while (it.hasNext()) {
        IdRepo repo = (IdRepo) it.next();
        Map cMap = repo.getConfiguration();
        try {
            Map mappedAttributes = mapAttributeNames(attrMap, cMap);
            if (repo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN) && amsdkDN != null) {
                repo.unassignService(token, type, amsdkDN, serviceName, mappedAttributes);
            } else {
                repo.unassignService(token, type, name, serviceName, mappedAttributes);
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (idRepo != null && DEBUG.messageEnabled()) {
                DEBUG.message("IdServicesImpl.unassignService: " + "Unassign Service not supported for repository " + repo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.unassignService: Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.unassignService: " + "Unable to unassign service in the " + "following repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.unassignService: " + "Unable to unassign Service for identity " + type.getName() + "::" + name + " in any configured " + "data store ", origEx);
        }
        throw origEx;
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) Map(java.util.Map) AMHashMap(com.iplanet.am.sdk.AMHashMap) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException)

Example 10 with IdRepoFatalException

use of com.sun.identity.idm.IdRepoFatalException in project OpenAM by OpenRock.

the class IdServicesImpl method getMembers.

/*
    * (non-Javadoc)
    */
public Set getMembers(SSOToken token, IdType type, String name, String amOrgName, IdType membersType, String amsdkDN) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    checkPermission(token, amOrgName, name, null, IdOperation.READ, type);
    // Get the list of plugins that support the read operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    Set membersSet = new HashSet();
    Set amsdkMembers = new HashSet();
    boolean amsdkIncluded = false;
    while (it.hasNext()) {
        IdRepo idRepo = (IdRepo) it.next();
        if (!idRepo.getSupportedTypes().contains(membersType) || idRepo.getClass().getName().equals(IdConstants.SPECIAL_PLUGIN)) {
            // IdRepo plugin does not support the idType for
            // memberships
            noOfSuccess--;
            continue;
        }
        try {
            boolean isAMSDK = idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN);
            Set members = (isAMSDK && (amsdkDN != null)) ? idRepo.getMembers(token, type, amsdkDN, membersType) : idRepo.getMembers(token, type, name, membersType);
            if (isAMSDK) {
                amsdkMembers.addAll(members);
                amsdkIncluded = true;
            } else {
                membersSet.add(members);
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getMembers: " + "Unable to read identity members in the following" + " repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.getMembers: " + "Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.getMembers: " + "Unable to read identity members in the following" + " repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.getMembers: " + "Unable to get members for identity " + type.getName() + "::" + name + " in any configured data store", origEx);
        }
        if (origEx != null) {
            throw origEx;
        } else {
            return (Collections.EMPTY_SET);
        }
    } else {
        Set results = combineMembers(token, membersSet, membersType, amOrgName, amsdkIncluded, amsdkMembers);
        return results;
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) IdRepo(com.sun.identity.idm.IdRepo) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) IdRepoFatalException(com.sun.identity.idm.IdRepoFatalException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Aggregations

IdRepoException (com.sun.identity.idm.IdRepoException)20 IdRepoFatalException (com.sun.identity.idm.IdRepoFatalException)20 HashSet (java.util.HashSet)19 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)18 IdRepo (com.sun.identity.idm.IdRepo)18 IdRepoUnsupportedOpException (com.sun.identity.idm.IdRepoUnsupportedOpException)18 Set (java.util.Set)18 OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)17 Iterator (java.util.Iterator)17 CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)12 HashMap (java.util.HashMap)12 Map (java.util.Map)12 AMHashMap (com.iplanet.am.sdk.AMHashMap)11 SSOException (com.iplanet.sso.SSOException)6 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)5 DelegationException (com.sun.identity.delegation.DelegationException)5 SMSException (com.sun.identity.sm.SMSException)5 AMIdentity (com.sun.identity.idm.AMIdentity)3 IDirectoryServices (com.iplanet.am.sdk.common.IDirectoryServices)1 SSOToken (com.iplanet.sso.SSOToken)1