Example 21 with IdSearchResults
use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.
the class IdentityMembershipConditionAddViewBean method getPossibleValues.
/**
* Returns a set of supported AMIdentity objects for a realm.
*/
private Set getPossibleValues(IdentitySubjectModel model, String realmName) {
Set possibleValues = null;
String entityType = (String) getPageSessionAttribute(ENTITY_TYPE);
if ((entityType != null) && (entityType.length() > 0)) {
String pattern = (String) propertySheetModel.getValue(FILTER);
try {
IdSearchResults results = model.getEntityNames(realmName, entityType, pattern);
int errorCode = results.getErrorCode();
switch(errorCode) {
case IdSearchResults.SIZE_LIMIT_EXCEEDED:
setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.sizelimit.exceeded");
break;
case IdSearchResults.TIME_LIMIT_EXCEEDED:
setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.timelimit.exceeded");
break;
}
possibleValues = results.getSearchResults();
if ((possibleValues != null) && !possibleValues.isEmpty()) {
// remove the system users which should not be displayed.
Set hiddenUsers = model.getSpecialUsers(realmName);
possibleValues.removeAll(hiddenUsers);
// remove the identities that are already selected
Set selected = getValues(addRemoveModel.getSelectedOptionList());
if ((selected != null) && !selected.isEmpty()) {
Set amids = helper.getAMIdentity(model.getUserSSOToken(), selected);
possibleValues.removeAll(amids);
}
}
} catch (AMConsoleException e) {
setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", e.getMessage());
}
}
return (possibleValues != null) ? possibleValues : Collections.EMPTY_SET;
}
Also used :
Set(java.util.Set)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 22 with IdSearchResults
use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.
the class IdentityMembershipConditionEditViewBean method getPossibleValues.
/**
* Returns a set of supported AMIdentity objects for a realm.
*/
private Set getPossibleValues(IdentitySubjectModel model, String realmName) {
Set possibleValues = null;
String entityType = (String) getPageSessionAttribute(ENTITY_TYPE);
if ((entityType != null) && (entityType.length() > 0)) {
String pattern = (String) propertySheetModel.getValue(FILTER);
try {
IdSearchResults results = model.getEntityNames(realmName, entityType, pattern);
int errorCode = results.getErrorCode();
switch(errorCode) {
case IdSearchResults.SIZE_LIMIT_EXCEEDED:
setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.sizelimit.exceeded");
break;
case IdSearchResults.TIME_LIMIT_EXCEEDED:
setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.timelimit.exceeded");
break;
}
possibleValues = results.getSearchResults();
if ((possibleValues != null) && !possibleValues.isEmpty()) {
// remove the system users which should not be displayed.
Set hiddenUsers = model.getSpecialUsers(realmName);
possibleValues.removeAll(hiddenUsers);
// remove the identities that are already selected
Set selected = getValues(addRemoveModel.getSelectedOptionList());
if ((selected != null) && !selected.isEmpty()) {
Set amids = helper.getAMIdentity(model.getUserSSOToken(), selected);
possibleValues.removeAll(amids);
}
}
} catch (AMConsoleException e) {
setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", e.getMessage());
}
}
return (possibleValues != null) ? possibleValues : Collections.EMPTY_SET;
}
Also used :
Set(java.util.Set)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Example 23 with IdSearchResults
use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.
the class DevicePrintModule method getIdentity.
/**
* Gets the user's AMIdentity from LDAP.
*
* @return The AMIdentity for the user.
*/
public AMIdentity getIdentity() {
AMIdentity amIdentity = null;
AMIdentityRepository amIdRepo = getAMIdentityRepository(getRequestOrg());
IdSearchControl idsc = new IdSearchControl();
idsc.setAllReturnAttributes(true);
Set<AMIdentity> results = Collections.EMPTY_SET;
try {
idsc.setMaxResults(0);
IdSearchResults searchResults = amIdRepo.searchIdentities(IdType.USER, userName, idsc);
if (searchResults != null) {
results = searchResults.getSearchResults();
}
if (results.isEmpty()) {
DEBUG.error("DevicePrintModule.getIdentity : User " + userName + " is not found");
} else if (results.size() > 1) {
DEBUG.error("DevicePrintModule.getIdentity : More than one user found for the userName " + userName);
} else {
amIdentity = results.iterator().next();
}
} catch (IdRepoException e) {
DEBUG.error("DevicePrintModule.getIdentity : Error searching Identities with username : " + userName, e);
} catch (SSOException e) {
DEBUG.error("DevicePrintModule.getIdentity : Module exception : ", e);
}
return amIdentity;
}
Also used :
IdSearchResults(com.sun.identity.idm.IdSearchResults)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
Example 24 with IdSearchResults
use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.
the class SearchIdentities method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
SSOToken adminSSOToken = getAdminSSOToken();
IOutput outputWriter = getOutputWriter();
String realm = getStringOptionValue(IArgument.REALM_NAME);
String type = getStringOptionValue(ARGUMENT_ID_TYPE);
String filter = getStringOptionValue(IArgument.FILTER);
String[] params = { realm, type, filter };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_SEARCH_IDENTITIES", params);
// test if realm exists
try {
new OrganizationConfigManager(adminSSOToken, realm);
} catch (SMSException e) {
String[] args = { realm, type, filter, e.getMessage() };
debugError("SearchIdentities.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_SEARCH_IDENTITIES", args);
Object[] msgArg = { realm };
throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-exist"), msgArg), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
try {
AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
IdType idType = convert2IdType(type);
IdSearchResults isr = amir.searchIdentities(idType, filter, new IdSearchControl());
Set results = isr.getSearchResults();
if ((results != null) && !results.isEmpty()) {
if (idType.equals(IdType.USER)) {
IdSearchResults specialUsersResults = amir.getSpecialIdentities(IdType.USER);
results.removeAll(specialUsersResults.getSearchResults());
}
for (Iterator i = results.iterator(); i.hasNext(); ) {
AMIdentity amid = (AMIdentity) i.next();
String[] args = { amid.getName(), amid.getUniversalId() };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("format-search-identities-results"), (Object[]) args));
}
} else {
outputWriter.printlnMessage(getResourceString("search-identities-no-entries"));
}
outputWriter.printlnMessage(MessageFormat.format(getResourceString("search-identities-succeed"), (Object[]) params));
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_SEARCH_IDENTITIES", params);
} catch (IdRepoException e) {
String[] args = { realm, type, filter, e.getMessage() };
debugError("SearchIdentities.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_SEARCH_IDENTITIES", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
String[] args = { realm, type, filter, e.getMessage() };
debugError("SearchIdentities.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_SEARCH_IDENTITIES", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
SMSException(com.sun.identity.sm.SMSException)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
IdType(com.sun.identity.idm.IdType)
IOutput(com.sun.identity.cli.IOutput)
OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
Iterator(java.util.Iterator)
CLIException(com.sun.identity.cli.CLIException)
Example 25 with IdSearchResults
use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.
the class LoginState method searchIdentity.
/**
* Search for identities given the identity type, identity name
* Use common method from LazyConfig.AUTHD for getIdentity
*
* @param idType identity type for user
* @param userTokenID user token identifier
* @param populate whether to retrieve all attributes or not
* @return IdSearchResults for given the identity type and identity name
* @throws IdRepoException if it fails to search user
* @throws SSOException if <code>SSOToken</code> is not valid
*/
IdSearchResults searchIdentity(IdType idType, String userTokenID, boolean populate) throws IdRepoException, SSOException {
if (DEBUG.messageEnabled()) {
DEBUG.message("In searchAutehnticatedUser: idType " + idType);
DEBUG.message("In getUserProfile : Search for user " + userTokenID);
}
IdSearchResults searchResults = null;
Set returnSet = mergeSet(aliasAttrNames, USER_ATTRIBUTES);
int maxResults = 2;
int maxTime = 0;
String pattern;
Map avPairs;
boolean isRecursive = true;
IdSearchControl idsc = new IdSearchControl();
idsc.setRecursive(isRecursive);
idsc.setTimeOut(maxTime);
if (populate) {
idsc.setAllReturnAttributes(true);
} else {
idsc.setReturnAttributes(returnSet);
}
if (DEBUG.messageEnabled()) {
DEBUG.message("alias attr=" + aliasAttrNames + ", attr=" + USER_ATTRIBUTES + ",merge=" + returnSet);
}
if (DEBUG.messageEnabled()) {
DEBUG.message("Search for Identity " + userTokenID);
}
// search for the identity
Set result = Collections.EMPTY_SET;
try {
idsc.setMaxResults(0);
searchResults = amIdRepo.searchIdentities(idType, userTokenID, idsc);
if (searchResults != null) {
result = searchResults.getSearchResults();
}
} catch (SSOException sso) {
if (DEBUG.messageEnabled()) {
DEBUG.message("SSOException Error searching Identity " + " with username " + sso.getMessage());
}
} catch (IdRepoException e) {
if (DEBUG.messageEnabled()) {
DEBUG.message("IdRepoException : Error searching " + " Identities with username : " + e.getMessage());
}
}
if (result.isEmpty() && (aliasAttrNames != null) && (!aliasAttrNames.isEmpty())) {
if (DEBUG.messageEnabled()) {
DEBUG.message("No identity found, try Alias attrname.");
}
pattern = "*";
avPairs = toAvPairMap(aliasAttrNames, userTokenID);
if (DEBUG.messageEnabled()) {
DEBUG.message("Search for Filter (avPairs) :" + avPairs);
DEBUG.message("userTokenID : " + userTokenID);
DEBUG.message("userDN : " + userDN);
DEBUG.message("idType :" + idType);
DEBUG.message("pattern :" + pattern);
DEBUG.message("isRecursive :" + isRecursive);
DEBUG.message("maxResults :" + maxResults);
DEBUG.message("maxTime :" + maxTime);
DEBUG.message("returnSet :" + returnSet);
}
Set resultAlias = Collections.EMPTY_SET;
try {
idsc.setMaxResults(maxResults);
idsc.setSearchModifiers(IdSearchOpModifier.OR, avPairs);
searchResults = amIdRepo.searchIdentities(idType, pattern, idsc);
if (searchResults != null) {
resultAlias = searchResults.getSearchResults();
}
if ((resultAlias.isEmpty()) && (userDN != null) && (!userDN.equalsIgnoreCase(userTokenID))) {
avPairs = toAvPairMap(aliasAttrNames, userDN);
if (DEBUG.messageEnabled()) {
DEBUG.message("Search for Filter (avPairs) " + "with userDN : " + avPairs);
}
idsc.setMaxResults(maxResults);
idsc.setSearchModifiers(IdSearchOpModifier.OR, avPairs);
searchResults = amIdRepo.searchIdentities(idType, pattern, idsc);
}
} catch (SSOException sso) {
if (DEBUG.messageEnabled()) {
DEBUG.message("SSOException : Error searching " + "Identities with aliasattrname : " + sso.getMessage());
}
} catch (IdRepoException e) {
if (DEBUG.messageEnabled()) {
DEBUG.message("IdRepoException : Error searching " + "Identities : " + e.getMessage());
}
}
}
return searchResults;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
IdSearchResults(com.sun.identity.idm.IdSearchResults)
IdSearchControl(com.sun.identity.idm.IdSearchControl)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
IdSearchResults (com.sun.identity.idm.IdSearchResults)60
IdRepoException (com.sun.identity.idm.IdRepoException)46
IdSearchControl (com.sun.identity.idm.IdSearchControl)43
SSOException (com.iplanet.sso.SSOException)39
AMIdentity (com.sun.identity.idm.AMIdentity)39
Set (java.util.Set)37
AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)36
HashSet (java.util.HashSet)28
SSOToken (com.iplanet.sso.SSOToken)17
Iterator (java.util.Iterator)16
Map (java.util.Map)12
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)11
HashMap (java.util.HashMap)11
IdType (com.sun.identity.idm.IdType)9
AMHashMap (com.iplanet.am.sdk.AMHashMap)6
CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)4
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)4
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)3
CLIException (com.sun.identity.cli.CLIException)3
IOutput (com.sun.identity.cli.IOutput)3
