Example 26 with DataStoreProviderException
use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.
the class IdRepoDataStoreProvider method isUserExists.
/**
* Checks if a given user exists.
* @param userID Universal identifier of the user to be checked.
* @return <code>true</code> if the user exists.
* @throws DataStoreProviderException if an error occurred.
*/
public boolean isUserExists(String userID) throws DataStoreProviderException {
if (userID == null) {
throw new DataStoreProviderException(bundle.getString("nullUserId"));
}
try {
SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
AMIdentity amId = IdUtils.getIdentity(adminToken, userID);
// treat inactive as user does not exist
return amId.isActive();
} catch (IdRepoException ide) {
debug.message("IdRepoDataStoreProvider.isUserExists()", ide);
return false;
} catch (SSOException ssoe) {
debug.error("IdRepoDataStoreProvider.isUserExists() : SSOException", ssoe);
throw new DataStoreProviderException(ssoe);
}
}
Also used :
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
SSOToken(com.iplanet.sso.SSOToken)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
Example 27 with DataStoreProviderException
use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.
the class FSAccountManager method writeAccountFedInfo.
/**
* Stores Account's federation Info in data store.
* @param userID user id
* @param fedInfo Account federation info as FSAccountFedInfo object.
* @param fedInfoKey Account Fed Info Key which contains NameSpace
* and opaque handle sent/received.
* @throws FSAccountMgmtException if illegal argument passed.
*/
public void writeAccountFedInfo(String userID, FSAccountFedInfoKey fedInfoKey, FSAccountFedInfo fedInfo) throws FSAccountMgmtException {
FSUtils.debug.message("FSAccountManager.writeAccountFedInfo() : called");
if (userID == null) {
FSUtils.debug.error("FSAccountManager.writeAccountFedInfo():" + "Invalid Argument : user ID is NULL");
throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
}
if (fedInfoKey == null) {
FSUtils.debug.error("FSAccountManager.writeAccountFedInfo():" + "Invalid Argument : FedInfo key is NULL");
throw new FSAccountMgmtException(IFSConstants.NULL_FED_INFO_KEY_OBJECT, null);
}
if (fedInfo == null) {
FSUtils.debug.error("FSAccountManager.writeAccountFedInfo():" + "Invalid Argument : FedInfo is NULL");
throw new FSAccountMgmtException(IFSConstants.NULL_FED_INFO_OBJECT, null);
}
try {
Set attrNames = new HashSet();
attrNames.add(FSAccountUtils.USER_FED_INFO_KEY_ATTR);
attrNames.add(FSAccountUtils.USER_FED_INFO_ATTR);
Map attrsMap = provider.getAttributes(userID, attrNames);
if (attrsMap == null) {
attrsMap = new HashMap();
}
Set existFedInfoKeySet = (Set) attrsMap.get(FSAccountUtils.USER_FED_INFO_KEY_ATTR);
if (existFedInfoKeySet == null) {
existFedInfoKeySet = new HashSet();
} else if (!existFedInfoKeySet.isEmpty()) {
Iterator i = existFedInfoKeySet.iterator();
String existFedInfoKeyStr = "";
String filter = FSAccountUtils.createFilter(fedInfoKey);
while (i.hasNext()) {
existFedInfoKeyStr = (String) i.next();
if (existFedInfoKeyStr.indexOf(filter) >= 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.writeAccountFedInfo():" + "AccountFedInfo Key Already Exists, " + "will overwrite.");
}
existFedInfoKeySet.remove(existFedInfoKeyStr);
break;
}
}
}
String fedInfoKeyStr = FSAccountUtils.objectToKeyString(fedInfoKey);
existFedInfoKeySet.add(fedInfoKeyStr);
Map attrMap = new HashMap();
attrMap.put(FSAccountUtils.USER_FED_INFO_KEY_ATTR, existFedInfoKeySet);
Set existFedInfoSet = (Set) attrsMap.get(FSAccountUtils.USER_FED_INFO_ATTR);
if (existFedInfoSet == null) {
existFedInfoSet = new HashSet();
} else if (!existFedInfoSet.isEmpty()) {
Iterator i = existFedInfoSet.iterator();
String existFedInfoStr = "";
String filter = FSAccountUtils.createFilter(fedInfoKey);
while (i.hasNext()) {
existFedInfoStr = (String) i.next();
if (existFedInfoStr.indexOf(filter) >= 0) {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.writeAccountFedInfo():" + " AccountFedInfo Already Exists, will " + "overwrite");
}
existFedInfoSet.remove(existFedInfoStr);
break;
}
}
}
String fedInfoStr = FSAccountUtils.objectToInfoString(fedInfo);
existFedInfoSet.add(fedInfoStr);
attrMap.put(FSAccountUtils.USER_FED_INFO_ATTR, existFedInfoSet);
provider.setAttributes(userID, attrMap);
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.writeAccountFedInfo(): Key : " + fedInfoKeyStr + ", Value : " + fedInfoStr + " : Added ");
}
String[] args = { userID, fedInfoStr, fedInfoKeyStr };
LogUtil.access(Level.INFO, LogUtil.WRITE_ACCOUNT_FED_INFO, args);
} catch (DataStoreProviderException de) {
FSUtils.debug.error("FSAccountManager.writeAccountFedInfo(): Exception: ", de);
throw new FSAccountMgmtException(de.getMessage());
}
}Example 28 with DataStoreProviderException
use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.
the class FSAccountManager method readAllFederatedProviderID.
/**
* Reads All Account's federation Info from data store for given
* user identity and providerID. Returns a Set of ProviderIDs
* with which user is federated (FedStatus is Active).
* @param userID user identity
* @param providerID local provider ID
* @return Set of ProviderIDs with which user is federated (FedStatus
* is Active).
* @throws FSAccountMgmtException if error occurred.
*/
public Set readAllFederatedProviderID(String providerID, String userID) throws FSAccountMgmtException {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.readAllFedProviderID() : userID=" + userID + ", providerID=" + providerID);
}
if (userID == null) {
FSUtils.debug.error("FSAccountManager.readAllFederatedProviderID()" + ":Invalid Argument : user ID is NULL");
throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
}
Set existFedInfoSet = null;
try {
existFedInfoSet = provider.getAttribute(userID, FSAccountUtils.USER_FED_INFO_ATTR);
} catch (DataStoreProviderException ame) {
FSUtils.debug.error("FSAccountManager.readAllFederatedProviderID():Exception:", ame);
throw new FSAccountMgmtException(ame.getMessage());
}
Set providerIDSet = new HashSet();
if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
Iterator i = existFedInfoSet.iterator();
String existFedInfoStr = "";
while (i.hasNext()) {
existFedInfoStr = (String) i.next();
FSAccountFedInfo afi = FSAccountUtils.stringToObject(existFedInfoStr);
if (afi.isFedStatusActive()) {
if (providerID == null) {
providerIDSet.add(afi.getProviderID());
} else if (existFedInfoStr.indexOf("|" + providerID + "|") != -1) {
providerIDSet.add(afi.getProviderID());
}
}
}
}
return providerIDSet;
}
Also used :
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
Set(java.util.Set)
HashSet(java.util.HashSet)
Iterator(java.util.Iterator)
HashSet(java.util.HashSet)
Example 29 with DataStoreProviderException
use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.
the class FSAccountManager method readAccountFedInfo.
/**
* Reads Account's federation Info from data store for given
* providerID and returns value as fedInfo object.
* Returns null if value not found for given providerID
* @param userID user ID.
* @param providerID Remote ProviderID value.
* @param nameIDValue fedinfo with this name ID value is to be found.
* @return Account's federation Info.
* Null if no Account Federation info value for given providerID.
* @throws FSAccountMgmtException if an error occurred.
*/
public FSAccountFedInfo readAccountFedInfo(String userID, String providerID, String nameIDValue) throws FSAccountMgmtException {
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.readAccountFedInfo() : user=" + userID + ", providerID=" + providerID + ", nameIDValue=" + nameIDValue);
}
if (userID == null) {
FSUtils.debug.error("FSAccountManager.readAccountFedInfo():" + "Invalid Argument : user ID is NULL");
throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
}
if ((providerID == null) || (providerID.length() <= 0)) {
FSUtils.debug.error("FSAccountManager.readAccountFedInfo():" + "Invalid Argument : providerID is NULL");
throw new FSAccountMgmtException(IFSConstants.NULL_PROVIDER_ID, null);
}
Set existFedInfoSet = null;
try {
existFedInfoSet = provider.getAttribute(userID, FSAccountUtils.USER_FED_INFO_ATTR);
} catch (DataStoreProviderException ame) {
FSUtils.debug.error("FSAccountManager.readAccountFedInfo():Exception:", ame);
throw new FSAccountMgmtException(ame.getMessage());
}
if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
String filter = FSAccountUtils.createFilter(providerID);
Iterator i = existFedInfoSet.iterator();
while (i.hasNext()) {
String existFedInfoStr = (String) i.next();
if (existFedInfoStr.indexOf(filter) >= 0 && (SP_FILTER == null || existFedInfoStr.indexOf(SP_FILTER) >= 0) && (nameIDValue == null || existFedInfoStr.indexOf(nameIDValue) >= 0)) {
// accountFedInfo exists for given providerID
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.readAccountFedInfo(): " + " value found: " + existFedInfoStr);
}
FSAccountFedInfo afi = FSAccountUtils.stringToObject(existFedInfoStr);
if (!afi.isFedStatusActive()) {
return null;
}
return afi;
}
}
}
if (FSUtils.debug.messageEnabled()) {
FSUtils.debug.message("FSAccountManager.readAccountFedInfo(): value with user: " + userID + " and providerID : " + providerID + " not found");
}
return null;
}
Also used :
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
Set(java.util.Set)
HashSet(java.util.HashSet)
Iterator(java.util.Iterator)
Example 30 with DataStoreProviderException
use of com.sun.identity.plugin.datastore.DataStoreProviderException in project OpenAM by OpenRock.
the class DefaultAccountMapper method getIdentity.
/**
* Returns the user's disntinguished name or the universal ID for the
* corresponding <code>SAML</code> <code>ManageNameIDRequest</code>.
* This method will be invoked by the <code>SAML</code> framework for
* retrieving the user identity while processing the
* <code>ManageIDRequest</code>.
* @param manageNameIDRequest <code>SAML</code>
* <code>ManageNameIDRequest</code> that needs to be mapped to the user.
* @param hostEntityID <code>EntityID</code> of the hosted provider.
* @param realm realm or the organization name that may be used to find
* the user information.
* @return user's disntinguished name or the universal ID.
* @exception SAML2Exception if any failure.
*/
public String getIdentity(ManageNameIDRequest manageNameIDRequest, String hostEntityID, String realm) throws SAML2Exception {
if (manageNameIDRequest == null) {
throw new SAML2Exception(bundle.getString("nullManageIDRequest"));
}
if (hostEntityID == null) {
throw new SAML2Exception(bundle.getString("nullHostEntityID"));
}
if (realm == null) {
throw new SAML2Exception(bundle.getString("nullRealm"));
}
NameID nameID = null;
EncryptedID encryptedID = manageNameIDRequest.getEncryptedID();
if (encryptedID != null) {
try {
final Set<PrivateKey> decryptionKeys = KeyUtil.getDecryptionKeys(getSSOConfig(realm, hostEntityID));
nameID = encryptedID.decrypt(decryptionKeys);
} catch (SAML2MetaException sme) {
debug.error("Unable to retrieve SAML entity config for entity: " + hostEntityID, sme);
}
} else {
nameID = manageNameIDRequest.getNameID();
}
String remoteEntityID = manageNameIDRequest.getIssuer().getValue();
if (debug.messageEnabled()) {
debug.message("DefaultAccountMapper.getIdentity(ManageNameIDReq)" + " realm = " + realm + " hostEntityID = " + hostEntityID);
}
try {
return dsProvider.getUserID(realm, SAML2Utils.getNameIDKeyMap(nameID, hostEntityID, remoteEntityID, realm, role));
} catch (DataStoreProviderException dse) {
debug.error("DefaultAccountMapper.getIdentity(MNIRequest,):" + " DataStoreProviderException", dse);
throw new SAML2Exception(dse.getMessage());
}
}
Also used :
SAML2Exception(com.sun.identity.saml2.common.SAML2Exception)
DataStoreProviderException(com.sun.identity.plugin.datastore.DataStoreProviderException)
PrivateKey(java.security.PrivateKey)
NameID(com.sun.identity.saml2.assertion.NameID)
EncryptedID(com.sun.identity.saml2.assertion.EncryptedID)
SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)
Aggregations
DataStoreProviderException (com.sun.identity.plugin.datastore.DataStoreProviderException)35
Set (java.util.Set)26
HashSet (java.util.HashSet)20
Iterator (java.util.Iterator)18
Map (java.util.Map)15
HashMap (java.util.HashMap)12
SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)9
SessionException (com.sun.identity.plugin.session.SessionException)8
ArrayList (java.util.ArrayList)8
List (java.util.List)7
SSOException (com.iplanet.sso.SSOException)6
AMIdentity (com.sun.identity.idm.AMIdentity)6
IdRepoException (com.sun.identity.idm.IdRepoException)6
SSOToken (com.iplanet.sso.SSOToken)5
DataStoreProvider (com.sun.identity.plugin.datastore.DataStoreProvider)5
EncryptedID (com.sun.identity.saml2.assertion.EncryptedID)5
NameID (com.sun.identity.saml2.assertion.NameID)5
SessionProvider (com.sun.identity.plugin.session.SessionProvider)4
SAMLException (com.sun.identity.saml.common.SAMLException)4
NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)3
