use of com.sun.identity.policy.remote.PolicyService in project OpenAM by OpenRock.
the class PolicyNotificationHandler method processPLLNotifications.
/**
* Processes PLL notifications
* @param notifications PLL notification to be processed
*/
void processPLLNotifications(Vector notifications) {
for (int i = 0; i < notifications.size(); i++) {
Notification notification = (Notification) notifications.elementAt(i);
if (debug.messageEnabled()) {
debug.message("PolicyNotificationHandler." + "processPLLNotifications():" + "got notification: " + notification.getContent());
}
try {
PolicyService ps = PolicyService.parseXML(notification.getContent());
PolicyNotification pn = ps.getPolicyNotification();
if (pn != null) {
processPolicyNotification(pn);
}
} catch (PolicyException pe) {
debug.error("PolicyNotificationHandler." + "processPLLNotifications():" + "invalid notifcation format", pe);
}
}
}
use of com.sun.identity.policy.remote.PolicyService in project OpenAM by OpenRock.
the class ResourceResultCache method sendPLLRequest.
/**
* Return a PolicyService object based on the XML document received
* from remote Policy Server. This is in response to a request that we
* send to the Policy server.
* @param policyServiceUrl The URL of the Policy Service
* @param preq The SessionRequest XML document
* @return PolicyService
* @exception SendRequestException is thrown if there was an error in
* sending the XML document or PolicyException if there are any parsing
* errors.
*/
public static PolicyService sendPLLRequest(URL policyServiceUrl, PolicyRequest preq) throws SendRequestException, PolicyException {
String lbcookie = null;
try {
lbcookie = getLBCookie(preq);
} catch (Exception e) {
throw new SendRequestException(e);
}
PolicyService policyService = new PolicyService();
policyService.setMethodID(PolicyService.POLICY_REQUEST_ID);
policyService.setPolicyRequest(preq);
String xmlString = policyService.toXMLString();
Request request = new Request(xmlString);
RequestSet requestSet = new RequestSet(PolicyService.POLICY_SERVICE);
requestSet.addRequest(request);
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.sendPLLRequest:" + "sending PLL request to URL=" + policyServiceUrl + ":\nPLL message=" + xmlString);
}
Vector responses = PLLClient.send(policyServiceUrl, lbcookie, requestSet);
Response response = (Response) responses.elementAt(0);
PolicyService ps = PolicyService.parseXML(response.getContent());
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.sendPLLRequest:" + "result=" + ps.toXMLString());
}
return ps;
}
use of com.sun.identity.policy.remote.PolicyService in project OpenAM by OpenRock.
the class ResourceResultCache method getResultsFromServer.
/**
* Returns a set of <code>ResourceResult</code> objects from server.
* Fresh resource results
* are fetched from policy server and returned.
* @param appToken application sso token to identify the client to policy
* service
*
* @param serviceName name of service for which to get resource results
* @param token session token of user for whom to get resource results
* @param resourceName resource name for which to get resource results
* @param scope the scope to be used while getting resource results
* @param actionNames action names for which to get resource results
* @param env environment map to use to get resource results
*
* @return a set of <code>ResourceResult</code> objects
*
* @throws PolicyException if can not get resource results
* @throws SSOException if session token is not valid
* @throws InvalidAppSSOTokenException if application session token
* is not valid
*/
private Set getResultsFromServer(SSOToken appToken, String serviceName, SSOToken token, String resourceName, String scope, Set actionNames, Map env) throws InvalidAppSSOTokenException, SSOException, PolicyException {
Set resourceResults = null;
Response response = null;
try {
URL policyServiceUrl = getPolicyServiceURL(token);
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.getResultsFromServer():" + ":serviceName=" + serviceName + ":token=" + token.getPrincipal().getName() + ":resourceName=" + resourceName + ":scope=" + scope + ":actionNames=" + actionNames + ":env" + ":policyServiceURL=" + policyServiceUrl + ":entering");
}
ResourceResultRequest rrRequest = new ResourceResultRequest();
rrRequest.setServiceName(serviceName);
rrRequest.setResourceName(resourceName);
rrRequest.setResourceScope(scope);
rrRequest.setUserSSOToken(token.getTokenID().toString());
Set responseAttributes = null;
if (env != null) {
rrRequest.setEnvParms(env);
responseAttributes = getResponseAttributes(env);
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.getResultsFromServer():" + "responseAttributes to get=" + responseAttributes);
}
if (responseAttributes != null) {
rrRequest.setResponseAttributes(responseAttributes);
}
}
PolicyRequest policyRequest = new PolicyRequest();
policyRequest.setAppSSOToken(appToken.getTokenID().toString());
policyRequest.setMethodID(PolicyRequest.POLICY_REQUEST_GET_RESOURCE_RESULTS);
policyRequest.setRequestId(newRequestID());
policyRequest.setResourceResultRequest(rrRequest);
PolicyService ps = sendPLLRequest(policyServiceUrl, policyRequest);
if (ps != null) {
PolicyResponse pr = ps.getPolicyResponse();
String exceptionMessage = pr.getExceptionMsg();
if (exceptionMessage != null) {
if (exceptionMessage.indexOf(PolicyResponse.APP_SSO_TOKEN_INVALID) >= 0) {
if (debug.warningEnabled()) {
debug.warning("ResourceResultCache." + "getResultsFromServer():" + " response exception " + exceptionMessage);
debug.warning("ResourceResultCache." + "getResultsFromServer():" + " appSSOToken is invalid");
debug.warning("ResourceResultCache." + "throwing InvalidAppSSOTokenException");
}
String[] args = { exceptionMessage };
throw new InvalidAppSSOTokenException(ResBundleUtils.rbName, "server_reported_invalid_app_sso_token", args, null);
} else {
debug.warning("ResourceResultCache." + "getResultsFromServer():" + "response exception message=" + exceptionMessage);
String[] args = { exceptionMessage };
throw new PolicyEvaluationException(ResBundleUtils.rbName, "server_reported_exception", args, null);
}
} else {
resourceResults = pr.getResourceResults();
}
}
} catch (SendRequestException sre) {
String[] args = { sre.getMessage() };
throw new PolicyEvaluationException(ResBundleUtils.rbName, "pll_send_request_exception", args, sre);
}
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.getResultsFromServer():" + "returning");
}
return resourceResults;
}
use of com.sun.identity.policy.remote.PolicyService in project OpenAM by OpenRock.
the class ResourceResultCache method getAdvicesHandleableByAM.
/**
* Returns names of policy advices that could be handled by OpenAM
* Enterprise if PEP redirects user agent to OpenAM.
*
* @param appToken application sso token that would be used while
* communicating to OpenAM
* @param refetchFromServer indicates whether to get the values fresh
* from OpenAM or return the values from local cache.
* If the server reports app sso token is invalid, a new app sso
* token is created and one more call is made to the server.
* @return names of policy advices that could be handled by OpenAM
* @throws InvalidAppSSOTokenException if the server reported that the
* app sso token provided was invalid
* @throws PolicyEvaluationException if the server reported any other error
* @throws PolicyException if there are problems in getting the advice
* names
* @throws SSOException if the appToken is detected to be invalid
* at the client
*/
Set getAdvicesHandleableByAM(SSOToken appToken, boolean refetchFromServer) throws InvalidAppSSOTokenException, PolicyException, SSOException {
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.getAdvicesHandleableByAM():" + ":entering");
}
if ((advicesHandleableByAM != null) && !refetchFromServer) {
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.getAdvicesHandleableByAM():" + ":returning cached advices" + advicesHandleableByAM);
}
return advicesHandleableByAM;
}
URL policyServiceURL = null;
if (appToken != null) {
try {
policyServiceURL = getPolicyServiceURL(appToken);
} catch (PolicyException pe) {
debug.error("ResourceResultCache.getAdvicesHandleableByAM():", pe);
throw pe;
}
}
if ((appToken != null) && (policyServiceURL != null)) {
PolicyRequest policyReq = new PolicyRequest();
policyReq.setAppSSOToken(appToken.getTokenID().toString());
policyReq.setAdvicesHandleableByAMRequest(new AdvicesHandleableByAMRequest());
policyReq.setMethodID(PolicyRequest.POLICY_REQUEST_ADVICES_HANDLEABLE_BY_AM_REQUEST);
try {
PolicyService ps = sendPLLRequest(policyServiceURL, policyReq);
if (ps != null) {
if (debug.messageEnabled()) {
debug.message("ResourceResultCache." + "getAdvicesHandleableByAM():" + "result=" + ps.toXMLString());
}
PolicyResponse psres = ps.getPolicyResponse();
String exceptionMessage = psres.getExceptionMsg();
if (exceptionMessage != null) {
if (exceptionMessage.indexOf(ResBundleUtils.getString("app_sso_token_invalid")) >= 0) {
if (debug.warningEnabled()) {
debug.warning("ResourceResultCache." + "getAdvicesHandleableByAM():" + " response exception " + exceptionMessage);
debug.warning("ResourceResultCache." + "AdvicesHandleableByAM():" + " appSSOToken is invalid");
debug.warning("ResourceResultCache." + "throwing InvalidAppSSOTokenException");
}
String[] args = { exceptionMessage };
throw new InvalidAppSSOTokenException(ResBundleUtils.rbName, "server_reported_invalid_app_sso_token", args, null);
} else {
if (debug.warningEnabled()) {
debug.warning("ResourceResultCache." + "AdvicesHandleableByAM():" + "response exception message=" + exceptionMessage);
}
String[] args = { exceptionMessage };
throw new PolicyEvaluationException(ResBundleUtils.rbName, "server_reported_exception", args, null);
}
}
if (psres.getMethodID() == PolicyResponse.POLICY_ADVICES_HANDLEABLE_BY_AM_RESPONSE) {
AdvicesHandleableByAMResponse advicesHandleableByAMResponse = psres.getAdvicesHandleableByAMResponse();
if (debug.messageEnabled()) {
debug.message("ResourceResultCache." + "getAdvicesHandleableByAM():" + advicesHandleableByAMResponse);
}
if (advicesHandleableByAMResponse != null) {
advicesHandleableByAM = advicesHandleableByAMResponse.getAdvicesHandleableByAM();
}
}
} else {
debug.error("ResourceResultCache.getAdvicesHandleableByAM()" + ":no result");
}
} catch (SendRequestException e) {
debug.error("ResourceResultCache.getAdvicesHandleableByAM():", e);
throw new PolicyException(e);
}
}
if (advicesHandleableByAM == null) {
advicesHandleableByAM = Collections.EMPTY_SET;
}
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.getAdvicesHandleableByAM():" + ":returning advicesHandleableByAM" + advicesHandleableByAM);
}
return advicesHandleableByAM;
}
use of com.sun.identity.policy.remote.PolicyService in project OpenAM by OpenRock.
the class ResourceResultCache method addRemotePolicyListener.
/**
* Registers a listener with policy service to recieve
* notifications on policy changes
* @param appToken session token identifying the client
* @param serviceName service name
* @param notificationURL end point on the client that listens for
* notifications
*
* @param reRegister flag indicating whether to register listener
* even if it was already registered. <code>true</code> indicates
* to register listener again even if it was previously registered
*/
boolean addRemotePolicyListener(SSOToken appToken, String serviceName, String notificationURL, boolean reRegister) {
boolean status = false;
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.addRemotePolicyListener():" + "serviceName=" + serviceName + ":notificationURL=" + notificationURL);
}
if (remotePolicyListeners.contains(serviceName) && !reRegister) {
if (debug.messageEnabled()) {
debug.message("ResourceResultCache.addRemotePolicyListener():" + "serviceName=" + serviceName + ":notificationURL=" + notificationURL + ":is already registered");
}
return status;
}
//else do the following
URL policyServiceURL = null;
if (appToken != null) {
try {
policyServiceURL = getPolicyServiceURL(appToken);
} catch (PolicyException pe) {
debug.error("ResourceResultCache.addRemotePolicyListener():" + "Can not add policy listner", pe);
}
}
if ((appToken != null) && (policyServiceURL != null)) {
PolicyListenerRequest listenerReq = new PolicyListenerRequest();
listenerReq.setServiceName(serviceName);
listenerReq.setNotificationURL(notificationURL);
PolicyRequest policyReq = new PolicyRequest();
policyReq.setAppSSOToken(appToken.getTokenID().toString());
policyReq.setMethodID(PolicyRequest.POLICY_REQUEST_ADD_POLICY_LISTENER);
policyReq.setPolicyListenerRequest(listenerReq);
try {
PolicyService ps = sendPLLRequest(policyServiceURL, policyReq);
if (ps != null) {
if (debug.messageEnabled()) {
debug.message("ResourceResultCache." + "addRemotePolicyListener():" + "result=" + ps.toXMLString());
}
PolicyResponse psres = ps.getPolicyResponse();
if (psres.getMethodID() == PolicyResponse.POLICY_ADD_LISTENER_RESPONSE) {
status = true;
remotePolicyListeners.add(serviceName);
if (debug.messageEnabled()) {
debug.message("ResourceResultCache." + "addRemotePolicyListener():" + "serviceName=" + serviceName + ":notificationURL=" + notificationURL + ":policyServiceURL=" + policyServiceURL + ":add succeeded");
}
}
} else {
debug.error("ResourceResultCache.addRemotePolicyListener():" + " no result");
}
} catch (Exception e) {
debug.error("ResourceResultCache.addRemotePolicyListener():", e);
}
}
return status;
}
Aggregations