Search in sources :

Example 36 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class IdentitySubjectAddViewBean method getPossibleValues.

/**
     * Returns a set of supported AMIdentity objects for a realm.
     */
private Set getPossibleValues(IdentitySubjectModel model, String realmName) {
    Set possibleValues = null;
    String entityType = (String) getPageSessionAttribute(ENTITY_TYPE);
    if ((entityType != null) && (entityType.length() > 0)) {
        String pattern = (String) propertySheetModel.getValue(FILTER);
        try {
            IdSearchResults results = model.getEntityNames(realmName, entityType, pattern);
            int errorCode = results.getErrorCode();
            switch(errorCode) {
                case IdSearchResults.SIZE_LIMIT_EXCEEDED:
                    setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.sizelimit.exceeded");
                    break;
                case IdSearchResults.TIME_LIMIT_EXCEEDED:
                    setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.timelimit.exceeded");
                    break;
            }
            possibleValues = results.getSearchResults();
            if ((possibleValues != null) && !possibleValues.isEmpty()) {
                // remove the system users which should not be displayed.
                Set hiddenUsers = model.getSpecialUsers(realmName);
                possibleValues.removeAll(hiddenUsers);
                // remove the identities that are already selected
                Set selected = getValues(addRemoveModel.getSelectedOptionList());
                if ((selected != null) && !selected.isEmpty()) {
                    Set amids = getAMIdentity(model, selected);
                    possibleValues.removeAll(amids);
                }
            }
        } catch (AMConsoleException e) {
            setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", e.getMessage());
        }
    }
    return (possibleValues != null) ? possibleValues : Collections.EMPTY_SET;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) IdSearchResults(com.sun.identity.idm.IdSearchResults) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)

Example 37 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class EntitiesModelImpl method getEntityNames.

/**
     * Returns entity names.
     *
     * @param realmName Name of Realm.
     * @param pattern Search Pattern.
     * @param strType Entity Type.
     */
public IdSearchResults getEntityNames(String realmName, String strType, String pattern) throws AMConsoleException {
    if (realmName == null) {
        realmName = "/";
    }
    int sizeLimit = getSearchResultLimit();
    int timeLimit = getSearchTimeOutLimit();
    String[] params = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit) };
    try {
        IdSearchControl idsc = new IdSearchControl();
        idsc.setMaxResults(sizeLimit);
        idsc.setTimeOut(timeLimit);
        idsc.setAllReturnAttributes(false);
        /*
            * For user identities we will modify the search filter so that
            * we can search on a non naming attribute. 
            */
        IdType ltype = IdUtils.getType(strType);
        if (ltype.equals(IdType.USER) && !pattern.equals("*")) {
            Map searchMap = new HashMap(2);
            Set patternSet = new HashSet(2);
            patternSet.add(pattern);
            searchMap.put(getUserSearchAttribute(), patternSet);
            idsc.setSearchModifiers(IdSearchOpModifier.OR, searchMap);
            /*
                * change the pattern to * since we are passing a searchMap.
                * pattern will be used in the default filter and given to
                * the naming attribute (uid in this case). Here we are passing
                * cn=John Doe in the searchMap, but the naming attribute is
                * set to *.
                * "(&(&(uid=*)(objectClass=inetOrgPerson))(|(cn=John Doe)))"
                */
            pattern = "*";
        }
        logEvent("ATTEMPT_SEARCH_IDENTITY", params);
        AMIdentityRepository repo = new AMIdentityRepository(getUserSSOToken(), realmName);
        IdSearchResults results = repo.searchIdentities(ltype, pattern, idsc);
        logEvent("SUCCEED_SEARCH_IDENTITY", params);
        return results;
    } catch (IdRepoException e) {
        String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), getErrorString(e) };
        logEvent("IDM_EXCEPTION_SEARCH_IDENTITY", paramsEx);
        if (debug.warningEnabled()) {
            debug.warning("EntitiesModelImpl.getEntityNames " + getErrorString(e));
        }
        throw new AMConsoleException("no.properties");
    } catch (SSOException e) {
        String[] paramsEx = { realmName, strType, pattern, Integer.toString(sizeLimit), Integer.toString(timeLimit), getErrorString(e) };
        logEvent("SSO_EXCEPTION_SEARCH_IDENTITY", paramsEx);
        debug.warning("EntitiesModelImpl.getEntityNames ", e);
        throw new AMConsoleException(getErrorString(e));
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) IdSearchResults(com.sun.identity.idm.IdSearchResults) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) IdSearchControl(com.sun.identity.idm.IdSearchControl) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Map(java.util.Map) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) HashSet(java.util.HashSet)

Example 38 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class HOTPService method getIdentity.

private AMIdentity getIdentity() {
    AMIdentity amIdentity = null;
    IdSearchControl idsc = new IdSearchControl();
    idsc.setRecursive(true);
    idsc.setTimeOut(0);
    final Set<String> returnAttributes = getReturnAttributes();
    idsc.setReturnAttributes(returnAttributes);
    // search for the identity
    Set<AMIdentity> results = Collections.EMPTY_SET;
    idsc.setMaxResults(0);
    IdSearchResults searchResults;
    try {
        searchResults = amIdentityRepo.searchIdentities(IdType.USER, userName, idsc);
        if (searchResults.getSearchResults().isEmpty() && !userSearchAttributes.isEmpty()) {
            if (DEBUG.messageEnabled()) {
                DEBUG.message("HOTP.getIdentity: searching user identity " + "with alternative attributes " + userSearchAttributes);
            }
            final Map<String, Set<String>> searchAVP = CollectionUtils.toAvPairMap(userSearchAttributes, userName);
            idsc.setSearchModifiers(IdSearchOpModifier.OR, searchAVP);
            // workaround as data store always adds 'user-naming-attribute' to searchfilter
            searchResults = amIdentityRepo.searchIdentities(IdType.USER, "*", idsc);
        }
        if (searchResults != null) {
            results = searchResults.getSearchResults();
        }
        if (results.isEmpty()) {
            DEBUG.error("HTOP:getIdentity : User " + userName + " is not found");
        } else if (results.size() > 1) {
            DEBUG.error("HTOP:getIdentity : More than one user found for the userName " + userName);
        } else {
            amIdentity = results.iterator().next();
        }
    } catch (IdRepoException e) {
        DEBUG.error("HTOP.getIdentity : Error searching Identities with username : " + userName, e);
    } catch (SSOException e) {
        DEBUG.error("HTOP.getIdentity : Module exception : ", e);
    }
    return amIdentity;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) IdSearchResults(com.sun.identity.idm.IdSearchResults) AMIdentity(com.sun.identity.idm.AMIdentity) IdSearchControl(com.sun.identity.idm.IdSearchControl) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException)

Example 39 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class ListAgentGroups method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    ldapLogin();
    SSOToken adminSSOToken = getAdminSSOToken();
    IOutput outputWriter = getOutputWriter();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String patternType = getStringOptionValue(IArgument.AGENT_TYPE);
    String filter = getStringOptionValue(IArgument.FILTER);
    if (patternType == null) {
        patternType = "";
    }
    if ((filter == null) || (filter.length() == 0)) {
        filter = "*";
    }
    String[] params = { realm, patternType, filter };
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_LIST_AGENT_GROUPS", params);
    try {
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        IdSearchResults isr = amir.searchIdentities(IdType.AGENTGROUP, filter, new IdSearchControl());
        Set results = isr.getSearchResults();
        if ((results != null) && !results.isEmpty()) {
            for (Iterator i = results.iterator(); i.hasNext(); ) {
                AMIdentity amid = (AMIdentity) i.next();
                if (!matchType(amid, patternType)) {
                    i.remove();
                }
            }
        }
        if ((results != null) && !results.isEmpty()) {
            for (Iterator i = results.iterator(); i.hasNext(); ) {
                AMIdentity amid = (AMIdentity) i.next();
                Object[] args = { amid.getName(), amid.getUniversalId() };
                outputWriter.printlnMessage(MessageFormat.format(getResourceString("format-search-agent-group-results"), args));
            }
        } else {
            outputWriter.printlnMessage(getResourceString("search-agent-group-no-entries"));
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_LIST_AGENT_GROUPS", params);
    } catch (IdRepoException e) {
        String[] args = { realm, patternType, filter, e.getMessage() };
        debugError("ListAgentGroups.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_LIST_AGENT_GROUPS", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, patternType, filter, e.getMessage() };
        debugError("ListAgentGroups.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_LIST_AGENT_GROUPS", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IdSearchResults(com.sun.identity.idm.IdSearchResults) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) IOutput(com.sun.identity.cli.IOutput) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) IdSearchControl(com.sun.identity.idm.IdSearchControl) Iterator(java.util.Iterator) CLIException(com.sun.identity.cli.CLIException)

Example 40 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class EntitiesViewBean method getEntityNames.

private void getEntityNames() {
    EntitiesModel model = (EntitiesModel) getModel();
    String filter = ((String) getDisplayFieldValue(TF_FILTER));
    if ((filter == null) || (filter.length() == 0)) {
        filter = "*";
        setDisplayFieldValue(TF_FILTER, "*");
    } else {
        filter = filter.trim();
    }
    try {
        String curRealm = (String) getPageSessionAttribute(AMAdminConstants.CURRENT_REALM);
        IdSearchResults results = model.getEntityNames(curRealm, getDisplayIDType(), filter);
        int errorCode = results.getErrorCode();
        switch(errorCode) {
            case IdSearchResults.SIZE_LIMIT_EXCEEDED:
                setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.sizelimit.exceeded");
                break;
            case IdSearchResults.TIME_LIMIT_EXCEEDED:
                setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.timelimit.exceeded");
                break;
        }
        populateTableModel(results.getSearchResults());
    } catch (AMConsoleException e) {
        setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", e.getMessage());
        // disable the add button if there was an error 
        CCButton b = (CCButton) getChild(TBL_BUTTON_ADD);
        b.setDisabled(true);
    }
}
Also used : IdSearchResults(com.sun.identity.idm.IdSearchResults) CCButton(com.sun.web.ui.view.html.CCButton) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) EntitiesModel(com.sun.identity.console.idm.model.EntitiesModel)

Aggregations

IdSearchResults (com.sun.identity.idm.IdSearchResults)60 IdRepoException (com.sun.identity.idm.IdRepoException)46 IdSearchControl (com.sun.identity.idm.IdSearchControl)43 SSOException (com.iplanet.sso.SSOException)39 AMIdentity (com.sun.identity.idm.AMIdentity)39 Set (java.util.Set)37 AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)36 HashSet (java.util.HashSet)28 SSOToken (com.iplanet.sso.SSOToken)17 Iterator (java.util.Iterator)16 Map (java.util.Map)12 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)11 HashMap (java.util.HashMap)11 IdType (com.sun.identity.idm.IdType)9 AMHashMap (com.iplanet.am.sdk.AMHashMap)6 CaseInsensitiveHashMap (com.sun.identity.common.CaseInsensitiveHashMap)4 UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)4 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)3 CLIException (com.sun.identity.cli.CLIException)3 IOutput (com.sun.identity.cli.IOutput)3