Example 1 with BufferedIterator
use of com.sun.identity.shared.BufferedIterator in project OpenAM by OpenRock.
the class DataStore method searchPrivileges.
private Set<IPrivilege> searchPrivileges(String realm, BufferedIterator iterator, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree, Set<String> excludeDNs) throws EntitlementException {
Set<IPrivilege> results = new HashSet<IPrivilege>();
String filter = getFilter(indexes, subjectIndexes, bSubTree);
String baseDN = getSearchBaseDN(realm, null);
if (PolicyConstants.DEBUG.messageEnabled()) {
PolicyConstants.DEBUG.message("[PolicyEval] DataStore.searchPrivileges");
PolicyConstants.DEBUG.message("[PolicyEval] search filter: " + filter);
PolicyConstants.DEBUG.message("[PolicyEval] search DN: " + baseDN);
}
if (filter != null) {
SSOToken token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
long start = DB_MONITOR_PRIVILEGE.start();
if (SMSEntry.checkIfEntryExists(baseDN, token)) {
try {
Iterator i = SMSEntry.search(token, baseDN, filter, NO_LIMIT, NO_LIMIT, NOT_SORTED, NOT_SORTED, excludeDNs);
while (i.hasNext()) {
SMSDataEntry e = (SMSDataEntry) i.next();
Privilege privilege = Privilege.getInstance(new JSONObject(e.getAttributeValue(SERIALIZABLE_INDEX_KEY)));
iterator.add(privilege);
results.add(privilege);
}
} catch (JSONException e) {
Object[] arg = { baseDN };
throw new EntitlementException(52, arg, e);
} catch (SMSException e) {
Object[] arg = { baseDN };
throw new EntitlementException(52, arg, e);
}
}
DB_MONITOR_PRIVILEGE.end(start);
}
return results;
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
SMSDataEntry(com.sun.identity.sm.SMSDataEntry)
SMSException(com.sun.identity.sm.SMSException)
JSONException(org.json.JSONException)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
JSONObject(org.json.JSONObject)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
BufferedIterator(com.sun.identity.shared.BufferedIterator)
Iterator(java.util.Iterator)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
HashSet(java.util.HashSet)
Example 2 with BufferedIterator
use of com.sun.identity.shared.BufferedIterator in project OpenAM by OpenRock.
the class DataStore method searchReferral.
/**
* Returns a set of referral privilege that satifies the resource and
* subject indexes.
*
* @param adminToken Subject who has the rights to read datastore.
* @param realm Realm name
* @param iterator Buffered iterator to have the result fed to it.
* @param indexes Resource search indexes.
* @param bSubTree <code>true</code> to do sub tree search
* @param excludeDNs Set of DN to be excluded from the search results.
* @return a set of privilege that satifies the resource and subject
* indexes.
*/
public Set<ReferralPrivilege> searchReferral(SSOToken adminToken, String realm, BufferedIterator iterator, ResourceSearchIndexes indexes, boolean bSubTree, Set<String> excludeDNs) throws EntitlementException {
Set<ReferralPrivilege> results = new HashSet<ReferralPrivilege>();
String filter = getFilter(indexes, null, bSubTree);
String baseDN = getSearchBaseDN(realm, REFERRAL_STORE);
if (PolicyConstants.DEBUG.messageEnabled()) {
PolicyConstants.DEBUG.message("[PolicyEval] DataStore.searchReferral");
PolicyConstants.DEBUG.message("[PolicyEval] search filter: " + filter);
PolicyConstants.DEBUG.message("[PolicyEval] search DN: " + baseDN);
}
if (filter != null) {
SSOToken token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
long start = DB_MONITOR_REFERRAL.start();
if (SMSEntry.checkIfEntryExists(baseDN, token)) {
try {
Iterator i = SMSEntry.search(token, baseDN, filter, NO_LIMIT, NO_LIMIT, NOT_SORTED, NOT_SORTED, excludeDNs);
while (i.hasNext()) {
SMSDataEntry e = (SMSDataEntry) i.next();
ReferralPrivilege referral = ReferralPrivilege.getInstance(new JSONObject(e.getAttributeValue(SERIALIZABLE_INDEX_KEY)));
iterator.add(referral);
results.add(referral);
}
iterator.isDone();
} catch (JSONException e) {
Object[] arg = { baseDN };
throw new EntitlementException(52, arg, e);
} catch (SMSException e) {
Object[] arg = { baseDN };
throw new EntitlementException(52, arg, e);
}
}
DB_MONITOR_REFERRAL.end(start);
}
return results;
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
SSOToken(com.iplanet.sso.SSOToken)
JSONObject(org.json.JSONObject)
SMSDataEntry(com.sun.identity.sm.SMSDataEntry)
SMSException(com.sun.identity.sm.SMSException)
BufferedIterator(com.sun.identity.shared.BufferedIterator)
Iterator(java.util.Iterator)
JSONException(org.json.JSONException)
HashSet(java.util.HashSet)
Example 3 with BufferedIterator
use of com.sun.identity.shared.BufferedIterator in project OpenAM by OpenRock.
the class OpenSSOIndexStore method search.
/**
* Search for policies.
*
* @param realm
* The realm of which the policy resides.
* @param indexes
* Policy indexes.
* @param subjectIndexes
* Subject indexes.
* @param bSubTree
* Whether in subtree mode.
* @param bReferral
* Whether there is a policy referral.
* @return An iterator of policies.
* @throws EntitlementException
* Should an error occur searching for policies.
*/
public Iterator<IPrivilege> search(String realm, ResourceSearchIndexes indexes, Set<String> subjectIndexes, boolean bSubTree, boolean bReferral) throws EntitlementException {
BufferedIterator iterator = (isMultiThreaded) ? new BufferedIterator() : new SimpleIterator();
// When not in subtree mode path indexes should be available.
if (!bSubTree && indexes.getPathIndexes().isEmpty()) {
return iterator;
}
// When in subtree mode parent path indexes should be available.
if (bSubTree && indexes.getParentPathIndexes().isEmpty()) {
return iterator;
}
Set setDNs = new HashSet();
if (indexCacheSize > 0) {
setDNs.addAll(searchPrivileges(indexes, subjectIndexes, bSubTree, iterator));
setDNs.addAll(searchReferrals(indexes, bSubTree, iterator));
}
if (bReferral) {
String tmp = LDAPUtils.isDN(realm) ? DNMapper.orgNameToRealmName(realm) : realm;
if (tmp.equals("/")) {
ReferralPrivilege ref = getOrgAliasReferral(indexes);
if (ref != null) {
iterator.add(ref);
}
}
}
if (indexCacheSize == 0 || isDSSearchNecessary()) {
threadPool.submit(new SearchTask(iterator, indexes, subjectIndexes, bSubTree, setDNs));
} else {
iterator.isDone();
}
return iterator;
}
Also used :
BufferedIterator(com.sun.identity.shared.BufferedIterator)
HashSet(java.util.HashSet)
Set(java.util.Set)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
SimpleIterator(com.sun.identity.entitlement.util.SimpleIterator)
HashSet(java.util.HashSet)
Aggregations
ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)3
BufferedIterator (com.sun.identity.shared.BufferedIterator)3
HashSet (java.util.HashSet)3
SSOToken (com.iplanet.sso.SSOToken)2
EntitlementException (com.sun.identity.entitlement.EntitlementException)2
SMSDataEntry (com.sun.identity.sm.SMSDataEntry)2
SMSException (com.sun.identity.sm.SMSException)2
Iterator (java.util.Iterator)2
JSONException (org.json.JSONException)2
JSONObject (org.json.JSONObject)2
IPrivilege (com.sun.identity.entitlement.IPrivilege)1
Privilege (com.sun.identity.entitlement.Privilege)1
SimpleIterator (com.sun.identity.entitlement.util.SimpleIterator)1
Set (java.util.Set)1
