Example 96 with PolicyException
use of com.sun.identity.policy.PolicyException in project OpenAM by OpenRock.
the class SampleCondition method getConditionDecision.
/**
* Gets the decision computed by this condition object.
*
* @param token single sign on token of the user
*
* @param env request specific environment map of key/value pairs.
* SampleCondition doesn't use this parameter.
*
* @return the condition decision. The condition decision
* encapsulates whether a policy applies for the request.
*
* Policy framework continues evaluating a policy only if it
* applies to the request as indicated by the CondtionDecision.
* Otherwise, further evaluation of the policy is skipped.
*
* @throws SSOException if the token is invalid
*/
public ConditionDecision getConditionDecision(SSOToken token, Map env) throws PolicyException, SSOException {
boolean allowed = false;
String userDN = token.getPrincipal().getName();
// user DN is in the format like "uid=username,ou=people,dc=example,dc=com"
int beginIndex = userDN.indexOf("=");
int endIndex = userDN.indexOf(",");
if (beginIndex >= endIndex) {
throw (new PolicyException("invalid user DN"));
}
String userName = userDN.substring(beginIndex + 1, endIndex);
if (userName.length() >= nameLength) {
allowed = true;
}
return new ConditionDecision(allowed);
}
Also used :
PolicyException(com.sun.identity.policy.PolicyException)
ConditionDecision(com.sun.identity.policy.ConditionDecision)
Example 97 with PolicyException
use of com.sun.identity.policy.PolicyException in project OpenAM by OpenRock.
the class SampleResponseProvider method getResponseDecision.
/**
* Gets the response attributes computed by this ResponseProvider object,
* based on the sso token and map of environment parameters
*
* @param token single-sign-on token of the user
*
* @param env specific environment map of key/value pairs
* @return a Map of response attributes.
* Keys of the Map are attribute names ATTRIBUTE_NAME or
* Value is a Set of Strings representing response attribute
* values.
*
* @throws PolicyException if the decision could not be computed
* @throws SSOException if SSO token is not valid
*
*/
public Map getResponseDecision(SSOToken token, Map env) throws PolicyException, SSOException {
Map respMap = new HashMap();
Set attrs = (Set) properties.get(ATTRIBUTE_NAME);
Set values = null;
if ((attrs != null) && !(attrs.isEmpty())) {
try {
if (token.getPrincipal() != null) {
AMIdentity id = IdUtils.getIdentity(token);
Map idRepoMap = id.getAttributes(attrs);
if (idRepoMap != null) {
for (Iterator iter = attrs.iterator(); iter.hasNext(); ) {
String attrName = (String) iter.next();
values = new HashSet();
Set subValues = (Set) idRepoMap.get(attrName);
if (subValues != null) {
values.addAll(subValues);
}
respMap.put(attrName, values);
}
}
} else {
throw (new PolicyException("SSOToken principal is null"));
}
} catch (IdRepoException ide) {
throw new PolicyException(ide);
}
}
return respMap;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
PolicyException(com.sun.identity.policy.PolicyException)
AMIdentity(com.sun.identity.idm.AMIdentity)
Iterator(java.util.Iterator)
IdRepoException(com.sun.identity.idm.IdRepoException)
HashMap(java.util.HashMap)
Map(java.util.Map)
HashSet(java.util.HashSet)
Example 98 with PolicyException
use of com.sun.identity.policy.PolicyException in project OpenAM by OpenRock.
the class PolicyModelImpl method getActiveResponseProviderTypes.
/**
* Returns a map of active response provider types for a realm to its
* display name.
*
* @param realmName Name of Realm.
* @return a map of active response provider types for a realm to its
* display name.
*/
public Map getActiveResponseProviderTypes(String realmName) {
Map providerTypes = null;
try {
PolicyManager policyMgr = getPolicyManager(realmName);
if (policyMgr != null) {
ResponseProviderTypeManager providerTypeMgr = policyMgr.getResponseProviderTypeManager();
if (providerTypeMgr != null) {
Set types = providerTypeMgr.getSelectedResponseProviderTypeNames();
providerTypes = new HashMap(types.size() * 2);
for (Iterator iter = types.iterator(); iter.hasNext(); ) {
String rName = (String) iter.next();
providerTypes.put(rName, providerTypeMgr.getDisplayName(rName));
}
}
}
} catch (AMConsoleException e) {
debug.warning("PolicyModelImpl.getActiveResponseProviderTypes", e);
} catch (SSOException e) {
debug.warning("PolicyModelImpl.getActiveResponseProviderTypes", e);
} catch (NameNotFoundException e) {
debug.warning("PolicyModelImpl.getActiveResponseProviderTypes", e);
} catch (PolicyException e) {
debug.warning("PolicyModelImpl.getActiveResponseProviderTypes", e);
}
return (providerTypes == null) ? Collections.EMPTY_MAP : providerTypes;
}
Also used :
PolicyManager(com.sun.identity.policy.PolicyManager)
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
Iterator(java.util.Iterator)
SSOException(com.iplanet.sso.SSOException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
ResponseProviderTypeManager(com.sun.identity.policy.ResponseProviderTypeManager)
Example 99 with PolicyException
use of com.sun.identity.policy.PolicyException in project OpenAM by OpenRock.
the class PolicyModelImpl method getSubjectPossibleValues.
/**
* Returns a set of possible values for a subject type.
*
* @param realmName Name of Realm.
* @param subjectType Name of Subject Type.
* @param filter wildcards for filtering the results.
* @return a set of possible values for a subject type.
* @throws AMConsoleException if values cannot be obtained.
*/
public ValidValues getSubjectPossibleValues(String realmName, String subjectType, String filter) throws AMConsoleException {
debug.error("PolicyModelImpl.getSubjectPossibleValues()");
ValidValues values = null;
if ((filter == null) || (filter.trim().length() == 0)) {
filter = "*";
}
try {
PolicyManager policyMgr = getPolicyManager(realmName);
if (policyMgr != null) {
SubjectTypeManager subjectTypeMgr = policyMgr.getSubjectTypeManager();
Subject subject = subjectTypeMgr.getSubject(subjectType);
values = subject.getValidValues(getUserSSOToken(), filter);
}
} catch (AMConsoleException e) {
debug.warning("PolicyModelImpl.getSubjectPossibleValues", e);
} catch (NameNotFoundException e) {
debug.warning("PolicyModelImpl.getSubjectPossibleValues", e);
throw new AMConsoleException(getErrorString(e));
} catch (SSOException e) {
debug.warning("PolicyModelImpl.getSubjectPossibleValues", e);
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
debug.warning("PolicyModelImpl.getSubjectPossibleValues", e);
throw new AMConsoleException(getErrorString(e));
}
return values;
}
Also used :
PolicyManager(com.sun.identity.policy.PolicyManager)
SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager)
ValidValues(com.sun.identity.policy.ValidValues)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Subject(com.sun.identity.policy.interfaces.Subject)
Example 100 with PolicyException
use of com.sun.identity.policy.PolicyException in project OpenAM by OpenRock.
the class PolicyModelImpl method getSubjectSyntax.
/**
* Returns syntax for a subject.
*
* @param realmName Name of Realm.
* @param subjectType Name of Subject type.
* @return syntax for a subject.
*/
public Syntax getSubjectSyntax(String realmName, String subjectType) {
Syntax syntax = Syntax.NONE;
try {
PolicyManager policyMgr = getPolicyManager(realmName);
if (policyMgr != null) {
SubjectTypeManager subjectTypeMgr = policyMgr.getSubjectTypeManager();
Subject subject = subjectTypeMgr.getSubject(subjectType);
syntax = subject.getValueSyntax(getUserSSOToken());
}
} catch (SSOException e) {
debug.warning("PolicyModelImpl.getActiveSubjectTypes", e);
} catch (NameNotFoundException e) {
debug.warning("PolicyModelImpl.getActiveSubjectTypes", e);
} catch (PolicyException e) {
debug.warning("PolicyModelImpl.getActiveSubjectTypes", e);
} catch (AMConsoleException e) {
debug.warning("PolicyModelImpl.getActiveSubjectTypes", e);
}
return syntax;
}
Also used :
PolicyManager(com.sun.identity.policy.PolicyManager)
SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
Syntax(com.sun.identity.policy.Syntax)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Subject(com.sun.identity.policy.interfaces.Subject)
Aggregations
PolicyException (com.sun.identity.policy.PolicyException)151
SSOException (com.iplanet.sso.SSOException)64
HashSet (java.util.HashSet)63
Set (java.util.Set)57
Iterator (java.util.Iterator)50
PolicyManager (com.sun.identity.policy.PolicyManager)35
NameNotFoundException (com.sun.identity.policy.NameNotFoundException)32
HashMap (java.util.HashMap)28
Map (java.util.Map)27
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)26
ByteString (org.forgerock.opendj.ldap.ByteString)16
EntitlementException (com.sun.identity.entitlement.EntitlementException)14
LdapException (org.forgerock.opendj.ldap.LdapException)13
ResultCode (org.forgerock.opendj.ldap.ResultCode)13
Connection (org.forgerock.opendj.ldap.Connection)12
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)12
InvalidNameException (com.sun.identity.policy.InvalidNameException)11
ValidValues (com.sun.identity.policy.ValidValues)11
IOException (java.io.IOException)11
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)11
