Examples with DataStoreProviderException com.sun.identity.plugin.datastore.DataStoreProviderException used on opensource projects

Example 6 with DataStoreProviderException

use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.

the class DefaultIDPAccountMapper method getNameID.

/**
     * Returns the user's <code>NameID</code>information that contains
     * account federation with the corresponding remote and local entities.
     *
     * @param session Session object.
     * @param realm Realm where user resides.
     * @param hostEntityID <code>EntityID</code> of the hosted provider.
     * @param remoteEntityID <code>EntityID</code> of the remote provider.
     * @return the <code>NameID</code> corresponding to the authenticated user.
     *         null if the authenticated user does not container account
     *              federation information.
     * @exception WSFederationException if any failure.
     */
public NameIdentifier getNameID(Object session, String realm, String hostEntityID, String remoteEntityID) throws WSFederationException {
    String userID = null;
    try {
        SessionProvider sessionProv = SessionManager.getProvider();
        userID = sessionProv.getPrincipalName(session);
    } catch (SessionException se) {
        throw new WSFederationException(WSFederationUtils.bundle.getString("invalidSSOToken"));
    }
    IDPSSOConfigElement idpConfig = WSFederationUtils.getMetaManager().getIDPSSOConfig(realm, hostEntityID);
    String name2 = null;
    String attrName = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAMEID_ATTRIBUTE);
    if (attrName == null || attrName.length() == 0) {
        attrName = WSFederationConstants.UID;
    }
    try {
        Set attrValues = dsProvider.getAttribute(userID, attrName);
        if ((attrValues != null) && (!attrValues.isEmpty())) {
            name2 = (String) attrValues.iterator().next();
        } else {
            String[] args = { attrName, userID };
            throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "missingNameAttribute", args);
        }
    } catch (DataStoreProviderException dspe) {
        throw new WSFederationException(dspe);
    }
    String nameIdFormat = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAMEID_FORMAT);
    if (nameIdFormat == null || nameIdFormat.length() == 0) {
        nameIdFormat = WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN];
    }
    String strNameIncludesDomain = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.NAME_INCLUDES_DOMAIN);
    boolean nameIncludesDomain = Boolean.valueOf(strNameIncludesDomain);
    String name = null;
    if (nameIdFormat.equals(WSFederationConstants.NAMED_CLAIM_TYPES[WSFederationConstants.NAMED_CLAIM_UPN]) && !nameIncludesDomain) {
        // Need to get a domain from somewhere and append it to name2
        // Try user profile first
        String domainAttribute = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.DOMAIN_ATTRIBUTE);
        String upnDomain = null;
        if (domainAttribute != null && domainAttribute.length() > 0) {
            Set attrValues;
            try {
                attrValues = dsProvider.getAttribute(userID, domainAttribute);
            } catch (DataStoreProviderException dspe) {
                throw new WSFederationException(dspe);
            }
            if ((attrValues != null) && (!attrValues.isEmpty())) {
                upnDomain = (String) attrValues.iterator().next();
            }
        }
        if (upnDomain == null || upnDomain.length() == 0) {
            // Nothing on the user profile - get from config
            upnDomain = WSFederationMetaUtils.getAttribute(idpConfig, WSFederationConstants.UPN_DOMAIN);
        }
        if (upnDomain == null || upnDomain.length() == 0) {
            // OK - now we have a problem
            throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "noDomainConfigured", null);
        }
        name = name2 + "@" + upnDomain;
    } else {
        name = name2;
    }
    try {
        return new NameIdentifier(name, null, nameIdFormat);
    } catch (SAMLException se) {
        throw new WSFederationException(se);
    }
}

Example 7 with DataStoreProviderException

use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.

the class DefaultIDPAttributeMapper method getAttributes.

/**
     * Returns list of SAML <code>Attribute</code> objects for the 
     * IDP framework to insert into the generated <code>Assertion</code>. 
     * @param session Single sign-on session.
     * @param hostEntityID <code>EntityID</code> of the hosted entity.
     * @param remoteEntityID <code>EntityID</code> of the remote entity.
     * @param realm name of the realm.
     * @exception WSFederationException if any failure.
     */
public List getAttributes(Object session, String hostEntityID, String remoteEntityID, String realm) throws WSFederationException {
    if (hostEntityID == null) {
        throw new WSFederationException(bundle.getString("nullHostEntityID"));
    }
    if (realm == null) {
        throw new WSFederationException(bundle.getString("nullRealm"));
    }
    if (session == null) {
        throw new WSFederationException(bundle.getString("nullSSOToken"));
    }
    try {
        if (!SessionManager.getProvider().isValid(session)) {
            if (debug.warningEnabled()) {
                debug.warning("DefaultIDPAttributeMapper.getAttributes: " + "Invalid session");
            }
            return null;
        }
        Map configMap = getConfigAttributeMap(realm, hostEntityID);
        if (configMap == null || configMap.isEmpty()) {
            if (debug.messageEnabled()) {
                debug.message("DefaultIDPAttributeMapper.getAttributes:" + "Configuration map is not defined.");
            }
            return null;
        }
        List attributes = new ArrayList();
        Set localAttributes = new HashSet();
        localAttributes.addAll(configMap.values());
        Map valueMap = null;
        try {
            valueMap = dsProvider.getAttributes(SessionManager.getProvider().getPrincipalName(session), localAttributes);
        } catch (DataStoreProviderException dse) {
            if (debug.warningEnabled()) {
                debug.warning("DefaultIDPAttributeMapper.getAttributes: " + "Datastore exception", dse);
            }
        //continue to check in ssotoken.
        }
        Iterator iter = configMap.keySet().iterator();
        while (iter.hasNext()) {
            String samlAttribute = (String) iter.next();
            String localAttribute = (String) configMap.get(samlAttribute);
            String[] localAttributeValues = null;
            if (valueMap != null && !valueMap.isEmpty()) {
                Set values = (Set) valueMap.get(localAttribute);
                if (values == null || values.isEmpty()) {
                    if (debug.messageEnabled()) {
                        debug.message("DefaultIDPAttributeMapper.getAttribute:" + " user profile does not have value for " + localAttribute + " but is going to check ssotoken:");
                    }
                    localAttributeValues = SessionManager.getProvider().getProperty(session, localAttribute);
                    if (localAttributeValues != null && localAttributeValues.length == 0) {
                        localAttributeValues = null;
                    }
                } else {
                    localAttributeValues = (String[]) values.toArray(new String[values.size()]);
                }
            }
            if (localAttributeValues == null) {
                if (debug.messageEnabled()) {
                    debug.message("DefaultIDPAttributeMapper.getAttribute:" + " user does not have " + localAttribute);
                }
                continue;
            }
            attributes.add(getSAMLAttribute(samlAttribute, localAttributeValues));
        }
        return attributes;
    } catch (WSFederationException sme) {
        debug.error("DefaultIDPAttribute.getAttributes: " + "SAML Exception", sme);
        throw new WSFederationException(sme);
    } catch (SessionException se) {
        debug.error("DefaultIDPAttribute.getAttributes: " + "SessionException", se);
        throw new WSFederationException(se);
    }
}

Example 8 with DataStoreProviderException

use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.

the class IdRepoDataStoreProvider method getAttributes.

/**
     * Returns attribute values for a user. 
     * @param userID Universal identifier of the user. 
     * @param attrNames Set of attributes whose values are to be retrieved.
     * @return Map containing attribute key/value pair, key is the
     *  attribute name, value is a Set of values. 
     * @throws DataStoreProviderException if unable to retrieve the values. 
     */
public Map<String, Set<String>> getAttributes(String userID, Set<String> attrNames) throws DataStoreProviderException {
    if (userID == null) {
        throw new DataStoreProviderException(bundle.getString("nullUserId"));
    }
    if (attrNames == null) {
        throw new DataStoreProviderException(bundle.getString("nullAttrSet"));
    }
    try {
        SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
        AMIdentity amId = IdUtils.getIdentity(adminToken, userID);
        return amId.getAttributes(attrNames);
    } catch (SSOException ssoe) {
        debug.error("IdRepoDataStoreProvider.getAttribute(2): " + "invalid admin SSOtoken", ssoe);
        throw new DataStoreProviderException(ssoe);
    } catch (IdRepoException ide) {
        debug.error("IdRepoDataStoreProvider.getAttribute(2): " + "IdRepo exception", ide);
        throw new DataStoreProviderException(ide);
    }
}

Example 9 with DataStoreProviderException

use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.

the class IdRepoDataStoreProvider method getUserID.

/**
     * Returns user matching the search criteria.
     * @param orgDN The realm to search the user. If null,
     *  searches the root realm.
     * @param avPairs Attribute key/value pairs that will be used for 
     *  searching the user. Key is the attribute name, value 
     *  is a Set containing attribute value(s).
     * @return Universal identifier of the matching user, null if
     *  the matching user could not be found. 
     * @throws DataStoreProviderException if error occurs during search or
     *  multiple matching users found.
     */
public String getUserID(String orgDN, Map<String, Set<String>> avPairs) throws DataStoreProviderException {
    if (orgDN == null) {
        orgDN = SMSEntry.getRootSuffix();
    }
    if (avPairs == null || avPairs.isEmpty()) {
        throw new DataStoreProviderException(bundle.getString("nullAvPair"));
    }
    Set amIdSet = null;
    try {
        IdSearchControl searchControl = getIdSearchControl(avPairs, IdSearchOpModifier.AND);
        AMIdentityRepository idRepo = getAMIdentityRepository(orgDN);
        IdSearchResults searchResults = idRepo.searchIdentities(IdType.USER, "*", searchControl);
        amIdSet = searchResults.getSearchResults();
    } catch (IdRepoException ame) {
        debug.error("IdRepoDataStoreProvider.getUserID(): IdRepoException", ame);
        throw new DataStoreProviderException(ame);
    } catch (SSOException ssoe) {
        debug.error("IdRepoDataStoreProvider.getUserID() : SSOException", ssoe);
        throw new DataStoreProviderException(ssoe);
    }
    if (amIdSet == null || amIdSet.isEmpty()) {
        debug.message("IdRepoDataStoreProvider.getUserID : user not found");
        return null;
    } else if (amIdSet.size() > 1) {
        debug.message("IdRepoDataStoreProvider.getUserID : multiple match");
        throw new DataStoreProviderException(bundle.getString("multipleMatches"));
    }
    // single user found.
    final AMIdentity amId = (AMIdentity) amIdSet.iterator().next();
    final String universalId = IdUtils.getUniversalId(amId);
    if (debug.messageEnabled()) {
        debug.message("IdRepoDataStoreProvider.getUserID()" + " Name=: " + amId.getName() + " DN=: " + amId.getDN() + " univId=: " + universalId);
    }
    return universalId;
}

Example 10 with DataStoreProviderException

use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.

the class IdRepoDataStoreProvider method getAttribute.

/**
     * Returns values for a given attribute. 
     * @param userID Universal identifier of the user.
     * @param attrName Name of the attribute whose value to be retrieved.
     * @return Set of the values for the attribute.
     * @throws DataStoreProviderException if unable to retrieve the attribute. 
     */
public Set<String> getAttribute(String userID, String attrName) throws DataStoreProviderException {
    if (userID == null) {
        throw new DataStoreProviderException(bundle.getString("nullUserId"));
    }
    if (attrName == null) {
        throw new DataStoreProviderException(bundle.getString("nullAttrName"));
    }
    try {
        SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
        AMIdentity amId = IdUtils.getIdentity(adminToken, userID);
        return amId.getAttribute(attrName);
    } catch (SSOException ssoe) {
        debug.error("IdRepoDataStoreProvider.getAttribute(1): " + "invalid admin SSOtoken", ssoe);
        throw new DataStoreProviderException(ssoe);
    } catch (IdRepoException ide) {
        debug.error("IdRepoDataStoreProvider.getAttribute(1): " + "IdRepo exception", ide);
        throw new DataStoreProviderException(ide);
    }
}