Search in sources :

Example 1 with AgentsRepo

use of com.sun.identity.idm.plugins.internal.AgentsRepo in project OpenAM by OpenRock.

the class OrganizationConfigManager method createSubOrganization.

/**
     * Creates a sub-organization under the current
     * organization and sets the specified attributes. The sub-organization
     * created can be only one level below the current organization. For
     * multiple levels this method must be called recursively with the
     * corresponding <code>OrganizationConfigManager
     * </code>. The organization
     * name must not have forward slash ("/"). For eg., the actual organization
     * name 'iplanet' cannot be 'iplan/et' because we are using '/' as the
     * seperator here. The attributes for the organization can be <code>
     * null</code>;
     * else would contain service name as the key and another <code>Map</code>
     * as the value that would contain the key-values pair for the services.
     * 
     * @param subOrgName
     *            the name of the sub-organization.
     * @param attributes
     *            Map of attributes for the organization per service. The
     *            parameter Map attributes contains another Map as its value,
     *            which then has attribute names and values. The way it is
     *            arranged is: Map::attributes --> Key: String::ServiceName
     *            Value: Map::svcAttributes Map::svcAttributes --> Key:
     *            String::AttributeName Value: Set::AttributeValues
     * 
     * @return organization config manager of the newly created
     *         sub-organization.
     * @throws SMSException
     *             if creation of sub-organization failed, or if creation of
     *             sub-organization is attempted when configuration is not
     *             migrated to realms.
     */
public OrganizationConfigManager createSubOrganization(String subOrgName, Map attributes) throws SMSException {
    validateConfigImpl();
    /*
         * Since the "Map attributes" can contain more than one service name,
         * creation of the sub organization is be achieved in 2 steps. i) create
         * the sub-organization without the attributes ii) for the service names
         * in the Map call setAttributes(...)
         */
    boolean orgExists = false;
    String subOrgDN = normalizeDN(subOrgName, orgDN);
    try {
        // Check if realm exists, this throws SMSException
        // if realm does not exist
        // This is to avoid duplicate creation of realms.
        new OrganizationConfigManager(token, subOrgDN);
        SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization() " + "Realm Already Exists.. " + subOrgDN);
        orgExists = true;
    } catch (SMSException smse) {
        try {
            orgExists = !getRealmByAlias(subOrgName).isEmpty();
        } catch (SSOException e) {
            SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization:", e);
        }
        if (!orgExists) {
            SMSEntry.debug.message("OrganizationConfigManager::createSubOrganization() New Realm, creating realm: {} - {}", subOrgName, smse);
        }
    }
    Object[] args = { subOrgName };
    if (orgExists) {
        throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME, "sms-organization_already_exists1", args));
    }
    StringTokenizer st = new StringTokenizer(specialCharsString, SEPERATOR);
    while (st.hasMoreTokens()) {
        String obj = (String) st.nextToken();
        if (subOrgName.indexOf(obj) > -1) {
            SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization() : Invalid realm name: " + subOrgName);
            SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization() : Detected invalid chars: " + obj);
            Object[] args1 = { subOrgName };
            throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME, SMSEntry.bundle.getString("sms-invalid-org-name"), args1));
        }
    }
    validateOrgName(subOrgName);
    // Create the AMSDK organization first
    if ((coexistMode) || (realmEnabled && isCopyOrgEnabled())) {
        amsdk.createSubOrganization(subOrgName);
    }
    if ((realmEnabled || subOrgDN.toLowerCase().startsWith(SMSEntry.SUN_INTERNAL_REALM_PREFIX)) && getSubOrganizationNames(subOrgName, false).isEmpty()) {
        CreateServiceConfig.createOrganization(token, subOrgDN);
    }
    // Update the attributes
    // If in coexistMode and serviceName is idRepoService
    // the following call sets the attributes to AMSDK organization also.
    OrganizationConfigManager ocm = getSubOrgConfigManager(subOrgName);
    if ((attributes != null) && (!attributes.isEmpty())) {
        for (Iterator svcNames = attributes.keySet().iterator(); svcNames.hasNext(); ) {
            String serviceName = (String) svcNames.next();
            Map svcAttributes = (Map) attributes.get(serviceName);
            if ((svcAttributes != null) && (!svcAttributes.isEmpty())) {
                ocm.setAttributes(serviceName, svcAttributes);
            }
        }
    }
    if (realmEnabled) {
        AgentsRepo agentsRepo = new AgentsRepo();
        HashMap config = new HashMap(1);
        HashSet realmName = new HashSet(1);
        realmName.add(subOrgDN);
        config.put("agentsRepoRealmName", realmName);
        try {
            agentsRepo.initialize(config);
            agentsRepo.createAgentGroupConfig(token);
        } catch (IdRepoException ide) {
            SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization:", ide);
        }
    }
    // to be added.
    if (realmEnabled && !coexistMode) {
        loadDefaultServices(token, ocm);
    }
    // new suborg dn.
    if (realmEnabled && isCopyOrgEnabled()) {
        registerSvcsForOrg(subOrgName, subOrgDN);
        OrganizationConfigManager subOrg = getSubOrgConfigManager(subOrgName);
        ServiceConfig s = subOrg.getServiceConfig(ServiceManager.REALM_SERVICE);
        if (s != null) {
            try {
                Iterator items = s.getSubConfigNames().iterator();
                while (items.hasNext()) {
                    ServiceConfig subConfig = s.getSubConfig((String) items.next());
                    if (subConfig.getSchemaID().equalsIgnoreCase(IdConstants.AMSDK_PLUGIN_NAME)) {
                        Map amsdkConfig = new HashMap();
                        Set vals = new HashSet();
                        vals.add(orgNamingAttrInLegacyMode + SMSEntry.EQUALS + subOrgName + SMSEntry.COMMA + amSDKOrgDN);
                        amsdkConfig.put("amSDKOrgName", vals);
                        subConfig.setAttributes(amsdkConfig);
                    }
                    break;
                }
            } catch (SSOException ssoe) {
                SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization:", ssoe);
                throw (new SMSException(SMSEntry.bundle.getString(SMS_INVALID_SSO_TOKEN), SMS_INVALID_SSO_TOKEN));
            }
        }
    }
    if (realmEnabled) {
        try {
            if (coexistMode) {
                DelegationUtils.createRealmPrivileges(token, orgName);
            } else {
                OrganizationConfigManager parentOrg = getParentOrgConfigManager();
                DelegationUtils.copyRealmPrivilegesFromParent(token, parentOrg, ocm);
            }
        } catch (SSOException ssoe) {
            if (SMSEntry.debug.messageEnabled()) {
                SMSEntry.debug.message("Creating delegation permissions for: " + orgName + " failed", ssoe);
            }
        } catch (SMSException smse) {
            if (SMSEntry.debug.messageEnabled()) {
                SMSEntry.debug.message("Creating delegation permissions for: " + orgName + " failed", smse);
            }
        } catch (DelegationException de) {
            if (SMSEntry.debug.messageEnabled()) {
                SMSEntry.debug.message("Creating delegation permissions for: " + orgName + " failed", de);
            }
        }
    }
    // Return the newly created organization config manager
    return (ocm);
}
Also used : AgentsRepo(com.sun.identity.idm.plugins.internal.AgentsRepo) Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) HashMap(java.util.HashMap) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) DelegationException(com.sun.identity.delegation.DelegationException) StringTokenizer(java.util.StringTokenizer) Iterator(java.util.Iterator) HashMap(java.util.HashMap) Map(java.util.Map) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Aggregations

SSOException (com.iplanet.sso.SSOException)1 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)1 DelegationException (com.sun.identity.delegation.DelegationException)1 IdRepoException (com.sun.identity.idm.IdRepoException)1 AgentsRepo (com.sun.identity.idm.plugins.internal.AgentsRepo)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 Iterator (java.util.Iterator)1 Map (java.util.Map)1 Set (java.util.Set)1 StringTokenizer (java.util.StringTokenizer)1