use of com.sun.identity.idm.plugins.internal.AgentsRepo in project OpenAM by OpenRock.
the class OrganizationConfigManager method createSubOrganization.
/**
* Creates a sub-organization under the current
* organization and sets the specified attributes. The sub-organization
* created can be only one level below the current organization. For
* multiple levels this method must be called recursively with the
* corresponding <code>OrganizationConfigManager
* </code>. The organization
* name must not have forward slash ("/"). For eg., the actual organization
* name 'iplanet' cannot be 'iplan/et' because we are using '/' as the
* seperator here. The attributes for the organization can be <code>
* null</code>;
* else would contain service name as the key and another <code>Map</code>
* as the value that would contain the key-values pair for the services.
*
* @param subOrgName
* the name of the sub-organization.
* @param attributes
* Map of attributes for the organization per service. The
* parameter Map attributes contains another Map as its value,
* which then has attribute names and values. The way it is
* arranged is: Map::attributes --> Key: String::ServiceName
* Value: Map::svcAttributes Map::svcAttributes --> Key:
* String::AttributeName Value: Set::AttributeValues
*
* @return organization config manager of the newly created
* sub-organization.
* @throws SMSException
* if creation of sub-organization failed, or if creation of
* sub-organization is attempted when configuration is not
* migrated to realms.
*/
public OrganizationConfigManager createSubOrganization(String subOrgName, Map attributes) throws SMSException {
validateConfigImpl();
/*
* Since the "Map attributes" can contain more than one service name,
* creation of the sub organization is be achieved in 2 steps. i) create
* the sub-organization without the attributes ii) for the service names
* in the Map call setAttributes(...)
*/
boolean orgExists = false;
String subOrgDN = normalizeDN(subOrgName, orgDN);
try {
// Check if realm exists, this throws SMSException
// if realm does not exist
// This is to avoid duplicate creation of realms.
new OrganizationConfigManager(token, subOrgDN);
SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization() " + "Realm Already Exists.. " + subOrgDN);
orgExists = true;
} catch (SMSException smse) {
try {
orgExists = !getRealmByAlias(subOrgName).isEmpty();
} catch (SSOException e) {
SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization:", e);
}
if (!orgExists) {
SMSEntry.debug.message("OrganizationConfigManager::createSubOrganization() New Realm, creating realm: {} - {}", subOrgName, smse);
}
}
Object[] args = { subOrgName };
if (orgExists) {
throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME, "sms-organization_already_exists1", args));
}
StringTokenizer st = new StringTokenizer(specialCharsString, SEPERATOR);
while (st.hasMoreTokens()) {
String obj = (String) st.nextToken();
if (subOrgName.indexOf(obj) > -1) {
SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization() : Invalid realm name: " + subOrgName);
SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization() : Detected invalid chars: " + obj);
Object[] args1 = { subOrgName };
throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME, SMSEntry.bundle.getString("sms-invalid-org-name"), args1));
}
}
validateOrgName(subOrgName);
// Create the AMSDK organization first
if ((coexistMode) || (realmEnabled && isCopyOrgEnabled())) {
amsdk.createSubOrganization(subOrgName);
}
if ((realmEnabled || subOrgDN.toLowerCase().startsWith(SMSEntry.SUN_INTERNAL_REALM_PREFIX)) && getSubOrganizationNames(subOrgName, false).isEmpty()) {
CreateServiceConfig.createOrganization(token, subOrgDN);
}
// Update the attributes
// If in coexistMode and serviceName is idRepoService
// the following call sets the attributes to AMSDK organization also.
OrganizationConfigManager ocm = getSubOrgConfigManager(subOrgName);
if ((attributes != null) && (!attributes.isEmpty())) {
for (Iterator svcNames = attributes.keySet().iterator(); svcNames.hasNext(); ) {
String serviceName = (String) svcNames.next();
Map svcAttributes = (Map) attributes.get(serviceName);
if ((svcAttributes != null) && (!svcAttributes.isEmpty())) {
ocm.setAttributes(serviceName, svcAttributes);
}
}
}
if (realmEnabled) {
AgentsRepo agentsRepo = new AgentsRepo();
HashMap config = new HashMap(1);
HashSet realmName = new HashSet(1);
realmName.add(subOrgDN);
config.put("agentsRepoRealmName", realmName);
try {
agentsRepo.initialize(config);
agentsRepo.createAgentGroupConfig(token);
} catch (IdRepoException ide) {
SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization:", ide);
}
}
// to be added.
if (realmEnabled && !coexistMode) {
loadDefaultServices(token, ocm);
}
// new suborg dn.
if (realmEnabled && isCopyOrgEnabled()) {
registerSvcsForOrg(subOrgName, subOrgDN);
OrganizationConfigManager subOrg = getSubOrgConfigManager(subOrgName);
ServiceConfig s = subOrg.getServiceConfig(ServiceManager.REALM_SERVICE);
if (s != null) {
try {
Iterator items = s.getSubConfigNames().iterator();
while (items.hasNext()) {
ServiceConfig subConfig = s.getSubConfig((String) items.next());
if (subConfig.getSchemaID().equalsIgnoreCase(IdConstants.AMSDK_PLUGIN_NAME)) {
Map amsdkConfig = new HashMap();
Set vals = new HashSet();
vals.add(orgNamingAttrInLegacyMode + SMSEntry.EQUALS + subOrgName + SMSEntry.COMMA + amSDKOrgDN);
amsdkConfig.put("amSDKOrgName", vals);
subConfig.setAttributes(amsdkConfig);
}
break;
}
} catch (SSOException ssoe) {
SMSEntry.debug.error("OrganizationConfigManager::" + "createSubOrganization:", ssoe);
throw (new SMSException(SMSEntry.bundle.getString(SMS_INVALID_SSO_TOKEN), SMS_INVALID_SSO_TOKEN));
}
}
}
if (realmEnabled) {
try {
if (coexistMode) {
DelegationUtils.createRealmPrivileges(token, orgName);
} else {
OrganizationConfigManager parentOrg = getParentOrgConfigManager();
DelegationUtils.copyRealmPrivilegesFromParent(token, parentOrg, ocm);
}
} catch (SSOException ssoe) {
if (SMSEntry.debug.messageEnabled()) {
SMSEntry.debug.message("Creating delegation permissions for: " + orgName + " failed", ssoe);
}
} catch (SMSException smse) {
if (SMSEntry.debug.messageEnabled()) {
SMSEntry.debug.message("Creating delegation permissions for: " + orgName + " failed", smse);
}
} catch (DelegationException de) {
if (SMSEntry.debug.messageEnabled()) {
SMSEntry.debug.message("Creating delegation permissions for: " + orgName + " failed", de);
}
}
}
// Return the newly created organization config manager
return (ocm);
}
Aggregations