use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class OpenAMScopeValidator method getTimestamps.
private AMHashMap getTimestamps(String username, String realm, String modifyTimestamp, String createTimestamp) throws IdRepoException, SSOException {
final SSOToken token = AccessController.doPrivileged(AdminTokenAction.getInstance());
final AMIdentityRepository amIdRepo = new AMIdentityRepository(token, realm);
final IdSearchControl searchConfig = new IdSearchControl();
searchConfig.setReturnAttributes(new HashSet<String>(Arrays.asList(modifyTimestamp, createTimestamp)));
searchConfig.setMaxResults(0);
final IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.USER, username, searchConfig);
final Iterator searchResultsItr = searchResults.getResultAttributes().values().iterator();
if (searchResultsItr.hasNext()) {
return (AMHashMap) searchResultsItr.next();
} else {
logger.warning("Error retrieving timestamps from datastore");
throw new IdRepoException();
}
}
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class PWResetUserValidationModelImpl method isUserExists.
/**
* Returns <code>true</code> if the user exists. If more than one users is
* found then it will return false and view bean will display an error
* message.
*
* @param userAttrValue User attribute value to search for.
* @param userAttrName User attribute name to search for.
* @param realm Base realm
* @return <code>true</code> if user exists.
*/
public boolean isUserExists(String userAttrValue, String userAttrName, String realm) {
boolean found = false;
try {
AMIdentityRepository amir = new AMIdentityRepository(ssoToken, realm);
Map searchMap = new HashMap(2);
Set searchSet = new HashSet(2);
searchSet.add(userAttrValue);
searchMap.put(userAttrName, searchSet);
IdSearchControl isCtl = new IdSearchControl();
isCtl.setSearchModifiers(IdSearchOpModifier.AND, searchMap);
IdSearchResults isr = amir.searchIdentities(IdType.USER, "*", isCtl);
Set results = isr.getSearchResults();
if ((results != null) && !results.isEmpty()) {
if (results.size() > 1) {
errorMsg = getLocalizedString("multipleUsersExists.message");
} else {
AMIdentity amid = (AMIdentity) results.iterator().next();
userRealm = amid.getRealm();
userId = amid.getUniversalId();
found = true;
}
} else {
errorMsg = getLocalizedString("userNotExists.message");
writeLog("logUserNotExists.message", userAttrName);
}
} catch (SSOException e) {
debug.error("PWResetUserValidationModelImpl.isUserExists", e);
errorMsg = getErrorString(e);
} catch (IdRepoException e) {
debug.error("PWResetUserValidationModelImpl.isUserExists", e);
errorMsg = getErrorString(e);
}
return found;
}
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class IdRepoSampleCreateId method createAMId.
public void createAMId() {
/*
* just create the identities with this selection.
* to "exercise" identities, use the
* "search identities" selection to find one to
* exercise.
*/
IdType idtype = sampleUtils.getIdTypeToCreateOrDelete();
if (idtype == null) {
return;
}
IdType tmpIdtype = idtype;
if (idtype.equals(IdType.AGENT)) {
tmpIdtype = IdType.AGENTONLY;
}
try {
/*
* get and display list of identities of idtype
* for reference...
*/
IdSearchResults adRes = idRepo.searchIdentities(tmpIdtype, "*", new IdSearchControl());
Set adResSet = adRes.getSearchResults();
if (!adResSet.isEmpty()) {
System.out.println(" Current list of " + idtype.getName() + "s:");
for (Iterator it = adResSet.iterator(); it.hasNext(); ) {
System.out.println("\t" + ((AMIdentity) it.next()).getName());
}
} else {
System.out.println(" No " + idtype.getName() + "s found.");
}
String idName = sampleUtils.getLine("Enter idName to create: ");
Map attrs = new HashMap();
Set vals = new HashSet();
AMIdentity tmpId = null;
if (idtype.equals(IdType.AGENT)) {
String tmpS = sampleUtils.getLine(idName + "'s password: ");
vals = new HashSet();
vals.add(tmpS);
attrs.put("userpassword", vals);
tmpId = idRepo.createIdentity(IdType.AGENTONLY, idName, attrs);
idtype = IdType.AGENTONLY;
} else if (idtype.equals(IdType.AGENTONLY) || idtype.equals(IdType.AGENTGROUP)) {
String tmpS = sampleUtils.getLine(idName + "'s agentType: ");
vals.add(tmpS);
attrs.put(AGENT_TYPE_ATTR, vals);
tmpS = sampleUtils.getLine(idName + "'s password: ");
vals = new HashSet();
vals.add(tmpS);
attrs.put("userpassword", vals);
tmpId = idRepo.createIdentity(idtype, idName, attrs);
} else if (idtype.equals(IdType.USER)) {
String tmpS = sampleUtils.getLine(idName + "'s password: ");
vals.add(tmpS);
attrs.put("userpassword", vals);
vals = new HashSet();
tmpS = sampleUtils.getLine(idName + "'s last name: ");
vals.add(tmpS);
attrs.put("sn", vals);
vals = new HashSet();
vals.add(idName + " " + tmpS);
attrs.put("cn", vals);
vals = new HashSet();
vals.add(idName);
// "full name"
attrs.put("givenname", vals);
tmpId = idRepo.createIdentity(IdType.USER, idName, attrs);
} else if (idtype.equals(IdType.REALM)) {
String tmpS = sampleUtils.getLine(idName + " active/inactive [a,i]: ");
String actVal = "Active";
if (tmpS.startsWith("i")) {
actVal = "Inactive";
}
vals.add(actVal);
attrs.put("sunOrganizationStatus", vals);
tmpId = idRepo.createIdentity(IdType.REALM, idName, attrs);
}
// identity should exist, since it was just created
if (tmpId != null) {
System.out.println(" Created " + idtype.getName() + " identity '" + idName + "' isExists = " + tmpId.isExists());
// now show list of the identities of type created
adRes = idRepo.searchIdentities(idtype, "*", new IdSearchControl());
adResSet = adRes.getSearchResults();
if (!adResSet.isEmpty()) {
System.out.println(" Current list of " + idtype.getName() + "s:");
for (Iterator it = adResSet.iterator(); it.hasNext(); ) {
System.out.println("\t" + ((AMIdentity) it.next()).getName());
}
} else {
System.out.println(" Odd, no " + idtype.getName() + "s found.");
}
IdSearchControl WSCcontrol = new IdSearchControl();
String providerName = idName;
WSCcontrol.setAllReturnAttributes(true);
IdSearchResults WSCresults = idRepo.searchIdentities(IdType.AGENTONLY, providerName, WSCcontrol);
Set agents = WSCresults.getSearchResults();
System.out.println("WSC Agents before removeMember: " + agents);
if (idtype.equals(IdType.AGENTONLY) || idtype.equals(IdType.AGENTGROUP)) {
String POLLINT = "com.sun.am.policy.am.polling.interval";
// now get the attributes of the identities of type created
Map attrMap = null;
String name = null;
String type = null;
name = tmpId.getName();
attrMap = tmpId.getAttributes();
if (!attrMap.isEmpty()) {
Set keySet = attrMap.keySet();
for (Iterator it = keySet.iterator(); it.hasNext(); ) {
String key = (String) it.next();
if (key.equalsIgnoreCase(POLLINT)) {
System.out.println("Value before " + "removeAttribute: " + POLLINT + "=" + attrMap.get(POLLINT));
Set attrNameSet = null;
attrNameSet = new HashSet();
attrNameSet.add(key);
System.out.println("Attribute to remove :" + key);
tmpId.removeAttributes(attrNameSet);
}
if (key.equalsIgnoreCase("userpassword")) {
System.out.println("Value check for pwd " + "userpassword =" + attrMap.get("userpassword"));
}
}
} else {
System.out.println(name + " has no attributes.");
}
// get/check after remove
attrMap = tmpId.getAttributes();
if (!attrMap.isEmpty()) {
System.out.println("Has key after removeAttribute : " + POLLINT + " : true/false :" + attrMap.keySet().contains(POLLINT));
if (attrMap.keySet().contains(POLLINT)) {
System.out.println("Value after removeAttribute : " + POLLINT + "=" + attrMap.get(POLLINT));
}
}
vals = new HashSet();
vals.add("WebAgent");
attrs.put(AGENT_TYPE_ATTR, vals);
AMIdentity agroupIdentity = null;
if (!((tmpId.getType()).equals(IdType.AGENTGROUP))) {
System.out.println("\nChecking membership operations");
IdSearchResults res = idRepo.searchIdentities(IdType.AGENTGROUP, "myagrp", new IdSearchControl());
Set resSet = res.getSearchResults();
if (!resSet.isEmpty()) {
Iterator iter = resSet.iterator();
if (iter.hasNext()) {
agroupIdentity = (AMIdentity) iter.next();
}
} else {
agroupIdentity = idRepo.createIdentity(IdType.AGENTGROUP, "myagrp", attrs);
}
// Test for getMembers()
System.out.println("Obtained agent group =" + agroupIdentity.getName());
System.out.println("\nAdding member to agent group: " + tmpId.getName());
agroupIdentity.addMember(tmpId);
System.out.println("\nGetting member from agent " + "group: " + agroupIdentity.getMembers(IdType.AGENTONLY));
// Test for getMemberships()
Set agentgroupsOfAgent = tmpId.getMemberships(IdType.AGENTGROUP);
System.out.println("Agent's agentGroup memberships = ");
Iterator agiter = agentgroupsOfAgent.iterator();
while (agiter.hasNext()) {
AMIdentity id = (AMIdentity) agiter.next();
System.out.println("AgentGroup of agent = " + id.getName());
System.out.println("AgentGroup of agent " + "isExists: " + id.isExists());
}
System.out.println("\nRemoving member from agent " + "group: " + tmpId.getName());
agroupIdentity.removeMember(tmpId);
System.out.println("\nAfter removeMember : Getting " + "member from agent group: " + agroupIdentity.getMembers(IdType.AGENTONLY));
}
}
IdSearchControl WSCcnt = new IdSearchControl();
WSCcnt.setAllReturnAttributes(true);
IdSearchResults WSCres = idRepo.searchIdentities(IdType.AGENTONLY, providerName, WSCcnt);
Set wscagents = WSCres.getSearchResults();
System.out.println("WSC Agents after removeMember: " + wscagents);
// Test for avpairs filter while searching..
IdSearchControl avcontrol = new IdSearchControl();
avcontrol.setAllReturnAttributes(true);
avcontrol.setTimeOut(0);
Map kvPairMap = new HashMap();
Set avset = new HashSet();
avset.add("WSCAgent");
kvPairMap.put(AGENT_TYPE_ATTR, avset);
avcontrol.setSearchModifiers(IdSearchOpModifier.OR, kvPairMap);
IdSearchResults avresults = idRepo.searchIdentities(IdType.AGENTONLY, "*", avcontrol);
Set avagents = avresults.getSearchResults();
System.out.println("WSC Agents with avpairs as filter: " + avagents);
// Test : Search for WSPAgent type with its WSP End point
// attribute value known. This search should not return
// multiple WSP profies instead should return just one that
// has given WSP end point attribute value.
IdSearchControl wspcontrol = new IdSearchControl();
wspcontrol.setAllReturnAttributes(true);
wspcontrol.setTimeOut(0);
Map wspkvPairMap = new HashMap();
Set wspset = new HashSet();
wspset.add("WSPAgent");
wspkvPairMap.put(AGENT_TYPE_ATTR, wspset);
wspset = new HashSet();
//String endpoint = "default";
String endpoint = "testendpoint1";
wspset.add(endpoint);
wspkvPairMap.put(WSP_ENDPOINT, wspset);
wspcontrol.setSearchModifiers(IdSearchOpModifier.OR, wspkvPairMap);
IdSearchResults wspresults = idRepo.searchIdentities(IdType.AGENTONLY, "*", wspcontrol);
Set wspagents = wspresults.getSearchResults();
System.out.println("WSP Agents with avpairs as filter: " + wspagents);
}
} catch (IdRepoException ire) {
System.err.println("idRepoProcessing IdRepoException " + "creating '" + idtype + "': " + ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("idRepoProcessing: SSOException " + "creating '" + idtype + "': " + ssoe.getMessage());
}
return;
}
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class IdRepoSampleDeleteId method deleteAMId.
public void deleteAMId() {
IdType idtype = sampleUtils.getIdTypeToCreateOrDelete();
if (idtype == null) {
return;
}
if (idtype.equals(IdType.AGENT)) {
System.out.println("Use IdType 'agentonly' for deletion of " + "agents.\nOnly operation supported for IdType 'agent' is " + "READ");
return;
}
try {
/*
* get and display list of identities of idtype
* for reference...
*/
IdSearchResults adRes = idRepo.searchIdentities(idtype, "*", new IdSearchControl());
Set adResSet = adRes.getSearchResults();
System.out.println("Found " + adResSet.size() + " entries of type " + idtype.getName() + ".");
AMIdentity amid = null;
if (adResSet.size() > 0) {
int i;
String ans = null;
Object[] ids = adResSet.toArray();
System.out.println("AMIdentities:");
for (i = 0; i < ids.length; i++) {
amid = (AMIdentity) ids[i];
System.out.println("\t" + i + ": " + amid.getName());
}
System.out.println("\t" + i + ": No selection");
ans = sampleUtils.getLine("Select id: [0.." + ids.length + "]: ");
i = sampleUtils.getIntValue(ans);
if (i == ids.length) {
// no selection
return;
} else if ((i < 0) || (i > ids.length)) {
System.err.println(ans + " is an invalid selection.");
return;
}
amid = (AMIdentity) ids[i];
boolean doAnyway = false;
String tmpS = amid.getName().toLowerCase();
if (amid.getType().equals(IdType.USER)) {
if (tmpS.equals("dsameuser") || tmpS.equals("amadmin") || tmpS.equals("amservice-urlaccessagent") || tmpS.equals("anonymous")) {
System.out.println("VERY BAD idea deleting user " + amid.getName());
} else {
doAnyway = true;
}
} else if (amid.getType().equals(IdType.REALM)) {
// need to select from returned set
// but not "/"!
doAnyway = true;
} else {
// no (default) AGENTs to worry about.
doAnyway = true;
}
if (doAnyway) {
Set tmpSet = new HashSet();
tmpSet.add(amid);
idRepo.deleteIdentities(tmpSet);
} else {
System.out.println("Not deleting " + amid.getName());
}
} else {
System.out.println("No identities of type " + idtype.getName() + " found.");
}
/*
* now show the (updated) list of the
* identities of type idtype
*/
adRes = idRepo.searchIdentities(idtype, "*", new IdSearchControl());
adResSet = adRes.getSearchResults();
System.out.print(" Current list of " + idtype.getName() + "s");
if (!adResSet.isEmpty()) {
System.out.println(":");
for (Iterator it = adResSet.iterator(); it.hasNext(); ) {
System.out.println("\t" + ((AMIdentity) it.next()).getName());
}
} else {
System.out.println(" is empty");
}
} catch (IdRepoException ire) {
System.err.println("idRepoProcessing: IdRepoException" + " Deleting Identity: " + ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("idRepoProcessing: SSOException" + " Deleting Identity: " + ssoe.getMessage());
}
return;
}
use of com.sun.identity.idm.IdSearchControl in project OpenAM by OpenRock.
the class IdRepoSampleSearchIds method searchAMIds.
public void searchAMIds() {
IdType idtype = sampleUtils.getIdType(idRepo);
if (idtype == null) {
return;
}
IdSearchControl isc = new IdSearchControl();
isc.setAllReturnAttributes(true);
// recursive setting is done via the data store config
String pattern = sampleUtils.getLine(" Enter search pattern", "*");
try {
IdSearchResults adRes = idRepo.searchIdentities(idtype, pattern, isc);
Set adResSet = adRes.getSearchResults();
processType(idtype, adResSet);
} catch (IdRepoException ire) {
System.err.println("idRepoProcessing: IdRepoException" + " Searching Identities for '" + idtype + "' and pattern '" + pattern + "': " + ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("idRepoProcessing: SSOException" + " Searching Identities for '" + idtype + "' and pattern '" + pattern + "': " + ssoe.getMessage());
}
return;
}
Aggregations