Example 11 with IdSearchControl
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class OATH method getIdentity.
/**
* Gets the AMIdentity of a user with username equal to uName.
*
* @param uName username of the user to get.
* @return The AMIdentity of user with username equal to uName or null
* if error while trying to find user.
*/
private AMIdentity getIdentity(String uName) {
AMIdentity theID = null;
AMIdentityRepository amIdRepo = getAMIdentityRepository(getRequestOrg());
IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(true);
idsc.setAllReturnAttributes(true);
// search for the identity
Set<AMIdentity> results = Collections.EMPTY_SET;
try {
idsc.setMaxResults(0);
IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.USER, uName, idsc);
if (searchResults != null) {
results = searchResults.getSearchResults();
}
if (results == null || results.isEmpty()) {
throw new IdRepoException("OATH.getIdentity : User " + userName + " is not found");
} else if (results.size() > 1) {
throw new IdRepoException("OATH.getIdentity: More than one user found for the userName: " + userName);
}
theID = results.iterator().next();
} catch (IdRepoException e) {
debug.error("OATH.getIdentity: error searching Identities with username : " + userName, e);
} catch (SSOException e) {
debug.error("OATH.getIdentity: AuthOATH module exception : ", e);
}
return theID;
}
Also used :
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
Example 12 with IdSearchControl
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class IdentitySubjectModelImpl method getEntityNames.
/**
* Returns entity names.
*
* @param pattern Search Pattern.
* @param strType Entity Type.
* @param realmName Name of Realm.
*/
public IdSearchResults getEntityNames(String realmName, String strType, String pattern) throws AMConsoleException {
if (realmName == null) {
realmName = "/";
}
if ((pattern == null) || (pattern.trim().length() == 0)) {
pattern = "*";
}
int sizeLimit = getSearchResultLimit();
int timeLimit = getSearchTimeOutLimit();
String[] params = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit) };
try {
AMIdentityRepository repo = new AMIdentityRepository(getUserSSOToken(), realmName);
IdType type = IdUtils.getType(strType);
IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(true);
idsc.setMaxResults(sizeLimit);
idsc.setTimeOut(timeLimit);
logEvent("ATTEMPT_SEARCH_IDENTITY", params);
IdSearchResults results = repo.searchIdentities(type, pattern, idsc);
logEvent("SUCCEED_SEARCH_IDENTITY", params);
return results;
} catch (IdRepoException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), strError };
logEvent("IDM_EXCEPTION_SEARCH_IDENTITY", paramsEx);
throw new AMConsoleException(strError);
} catch (SSOException e) {
String strError = getErrorString(e);
String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), strError };
logEvent("SSO_EXCEPTION_SEARCH_IDENTITY", paramsEx);
throw new AMConsoleException(strError);
}
}
Also used :
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
IdType(com.sun.identity.idm.IdType)
Example 13 with IdSearchControl
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class WindowsDesktopSSO method searchUserAccount.
/**
* Searches for an account with user Id userID in the organization organization
* @param attributeValue The attributeValue to compare when searching for an
* identity in the organization
* @param organization organization or the organization name where the identity will be
* looked up
* @return the attribute value for the identity searched. Empty string if not found or
* null if an error occurs
*/
private String searchUserAccount(String attributeValue, String organization) throws AuthLoginException {
String classMethod = "WindowsDesktopSSO.searchUserAccount: ";
if (organization.isEmpty()) {
organization = "/";
}
if (debug.messageEnabled()) {
debug.message(classMethod + " searching for user " + attributeValue + " in the organization =" + organization);
}
// And the search criteria
IdSearchControl searchControl = new IdSearchControl();
searchControl.setMaxResults(1);
searchControl.setTimeOut(3000);
searchControl.setSearchModifiers(IdSearchOpModifier.OR, buildSearchControl(attributeValue));
searchControl.setAllReturnAttributes(false);
try {
AMIdentityRepository amirepo = new AMIdentityRepository(getSSOSession(), organization);
IdSearchResults searchResults = amirepo.searchIdentities(IdType.USER, "*", searchControl);
if (searchResults.getErrorCode() == IdSearchResults.SUCCESS && searchResults != null) {
Set<AMIdentity> results = searchResults.getSearchResults();
if (!results.isEmpty()) {
if (debug.messageEnabled()) {
debug.message(classMethod + results.size() + " result(s) obtained");
}
AMIdentity userDNId = results.iterator().next();
if (userDNId != null) {
if (debug.messageEnabled()) {
debug.message(classMethod + "user = " + userDNId.getUniversalId());
debug.message(classMethod + "attrs =" + userDNId.getAttributes(getUserAliasList()));
}
return attributeValue.trim();
}
}
}
} catch (IdRepoException idrepoex) {
String[] data = { attributeValue, organization };
throw new AuthLoginException(amAuthWindowsDesktopSSO, "idRepoSearch", data, idrepoex);
} catch (SSOException ssoe) {
String[] data = { attributeValue, organization };
throw new AuthLoginException(amAuthWindowsDesktopSSO, "ssoSearch", data, ssoe);
}
if (debug.messageEnabled()) {
debug.message(classMethod + " No results were found !");
}
return null;
}
Also used :
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
Example 14 with IdSearchControl
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class IdRepoSample method doCurrentRealm.
/*
* for the current Realm, get:
* 1. its AMIdentityRepository object
* 2. its AMIdentity (via getRealmIdentity())
* 3. realm for the AMIdentity (via getRealm())
* 4. name for the AMIdentity (via getName())
* 5. its subrealms (via
* OrganizationConfigManager.getSubOrganizationNames())
*/
private void doCurrentRealm() {
String currentAMIdName = null;
String currentRealmAMIdName = null;
try {
idRepo = new AMIdentityRepository(ssoToken, currentRealm);
AMIdentity currentRealmAMId = idRepo.getRealmIdentity();
currentRealmAMIdName = currentRealmAMId.getRealm();
currentAMIdName = currentRealmAMId.getName();
} catch (IdRepoException ire) {
System.err.println("doCurrentRealm:IdRepoException getting AMIdentityRepository" + " object for '" + currentRealm + "': " + ire.getMessage());
System.exit(7);
} catch (SSOException sse) {
System.err.println("doCurrentRealm: SSOException getting AMIdentityRepository" + " object for '" + currentRealm + "': " + sse.getMessage());
System.exit(8);
}
System.out.println("AMIdentity realm name for realm '" + currentRealm + "' is '" + currentRealmAMIdName + "'");
System.out.println("getting subrealms");
try {
currentSubRealms = (idRepo.searchIdentities(IdType.REALM, "*", new IdSearchControl())).getSearchResults();
} catch (SSOException ssoe) {
System.err.println("doCurrentRealm: SSOException getting subrealms for '" + currentRealm + "': " + ssoe.getMessage());
} catch (IdRepoException ire) {
System.err.println("doCurrentRealm: IdRepoException getting subrealms for '" + currentRealm + "': " + ire.getMessage());
}
sampleUtils.printResultsRealm("Realm '" + currentRealm + "'", currentSubRealms, "subrealms");
}
Also used :
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
SSOException(com.iplanet.sso.SSOException)
Example 15 with IdSearchControl
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class IdentityManager method getClientIdentity.
/**
* Gets a client's identity.
*
* @param clientName The client's name.
* @param realm The client's realm.
* @return The Clients identity.
* @throws UnauthorizedClientException If the client's identity cannot be found.
*/
public AMIdentity getClientIdentity(String clientName, String realm) throws UnauthorizedClientException {
final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
final AMIdentity amIdentity;
try {
final AMIdentityRepository amIdRepo = new AMIdentityRepository(token, realm);
final IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(true);
idsc.setAllReturnAttributes(true);
// search for the identity
idsc.setMaxResults(0);
final IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.AGENTONLY, clientName, idsc);
final Set<AMIdentity> results = searchResults.getSearchResults();
if (results == null || results.size() != 1) {
logger.error("No client profile or more than one profile found.");
throw new UnauthorizedClientException("Not able to get client from OpenAM");
}
amIdentity = results.iterator().next();
//if the client is deactivated return null
if (amIdentity.isActive()) {
return amIdentity;
} else {
return null;
}
} catch (Exception e) {
logger.error("Unable to get client AMIdentity: ", e);
throw new UnauthorizedClientException("Not able to get client from OpenAM");
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
Aggregations
IdSearchControl (com.sun.identity.idm.IdSearchControl)48
IdSearchResults (com.sun.identity.idm.IdSearchResults)43
IdRepoException (com.sun.identity.idm.IdRepoException)41
SSOException (com.iplanet.sso.SSOException)36
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)36
AMIdentity (com.sun.identity.idm.AMIdentity)35
Set (java.util.Set)25
HashSet (java.util.HashSet)20
SSOToken (com.iplanet.sso.SSOToken)15
Iterator (java.util.Iterator)14
IdType (com.sun.identity.idm.IdType)9
HashMap (java.util.HashMap)8
Map (java.util.Map)6
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)4
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)4
CLIException (com.sun.identity.cli.CLIException)3
IOutput (com.sun.identity.cli.IOutput)3
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)2
DelegationException (com.sun.identity.delegation.DelegationException)2
TreeSet (java.util.TreeSet)2
