Search in sources :

Example 76 with OrganizationConfigManager

use of com.sun.identity.sm.OrganizationConfigManager in project OpenAM by OpenRock.

the class ConfigMonitoring method getAllRealmsSpecific.

/*
     *  this is like getAllRealms("/"), but refined to get the specific
     *  attributes needed.  probably the eventual version... for agents
     *  and agent groups, anyway.
     */
private void getAllRealmsSpecific(String startRealm) {
    String classMethod = "ConfigMonitoring.getAllRealmsSpecific: ";
    StringBuilder sb = new StringBuilder(classMethod);
    if (debug.messageEnabled()) {
        sb.append("orgnames starting from ").append(startRealm).append(":\n").append("  ").append(startRealm).append("\n");
    }
    try {
        OrganizationConfigManager orgMgr = new OrganizationConfigManager(ssoToken, startRealm);
        Set orgs = orgMgr.getSubOrganizationNames("*", true);
        /*
             *  the orgs Set of realms seems to have some sort of
             *  ordering to it, going through each of "/"'s realms.
             *  don't know that we need to count on it, but it's
             *  nice.
             */
        /*
             *  get agent and agent group information
             */
        AMIdentityRepository idRepo = null;
        AMIdentity thisRealmAMId = null;
        String currentRealmAMIdName = null;
        try {
            idRepo = new AMIdentityRepository(ssoToken, "/");
            thisRealmAMId = idRepo.getRealmIdentity();
            currentRealmAMIdName = thisRealmAMId.getRealm();
            /*
                 *  get agents and agent groups information
                 */
            getAgentsAndGroupsInfo("/", idRepo, thisRealmAMId);
        } catch (IdRepoException ire) {
            debug.error(classMethod + "IdRepoException getting AMIdentityRepository" + " object for realm: /: " + ire.getMessage());
            /*
                 *  if we can't get the AMIdentityRepository, there's
                 *  not much we can do
                 */
            return;
        } catch (SSOException ssoe) {
            debug.error(classMethod + "SSOException getting info for realm /: " + ssoe.getMessage());
            /*
                 *  likewise, if there's an issue with our SSOToken...
                 *  there's not much we can do
                 */
            return;
        }
        // then all the subrealms; they have leading "/"
        for (Iterator it = orgs.iterator(); it.hasNext(); ) {
            String ss = "/" + (String) it.next();
            if (debug.messageEnabled()) {
                sb.append("  ").append(ss).append("\n");
            }
            try {
                idRepo = new AMIdentityRepository(ssoToken, ss);
                thisRealmAMId = idRepo.getRealmIdentity();
                currentRealmAMIdName = thisRealmAMId.getRealm();
                /*
                     *  get agents and agent groups information
                     */
                getAgentsAndGroupsInfo(ss, idRepo, thisRealmAMId);
            } catch (IdRepoException ire) {
                debug.error(classMethod + "IdRepoException getting AMIdentityRepository" + " object for realm: " + ss + ": " + ire.getMessage());
            } catch (SSOException ssoe) {
                debug.error(classMethod + "SSOException getting info for realm " + ss + ": " + ssoe.getMessage());
            }
        }
        if (debug.messageEnabled()) {
            debug.message(sb.toString());
        }
    } catch (SMSException e) {
        debug.error(classMethod + "SMSException getting OrgConfigMgr: " + e.getMessage());
    }
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) SMSException(com.sun.identity.sm.SMSException) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) SSOException(com.iplanet.sso.SSOException)

Example 77 with OrganizationConfigManager

use of com.sun.identity.sm.OrganizationConfigManager in project OpenAM by OpenRock.

the class STSInstanceConfigStoreBase method getSubrealms.

@SuppressWarnings("unchecked")
private Set<String> getSubrealms(Set<String> currentRealms) throws SMSException {
    Set<String> subrealms = new HashSet<>();
    for (String realm : currentRealms) {
        OrganizationConfigManager ocm = new OrganizationConfigManager(getAdminToken(), realm);
        subrealms.addAll(catenateRealmNames(realm, ocm.getSubOrganizationNames()));
    }
    return subrealms;
}
Also used : OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) HashSet(java.util.HashSet)

Example 78 with OrganizationConfigManager

use of com.sun.identity.sm.OrganizationConfigManager in project OpenAM by OpenRock.

the class STSInstanceConfigStoreBase method persistSTSInstance.

/**
     * Persists the STS instance into the SMS.
     * @param stsInstanceId the identifier for the to-be-published sts instance
     * @param realm The realm in which the sts instance should be deployed
     * @param instance The to-be-persisted state.
     * @throws STSPublishException if the SMS encounters a problem during persistence.
     */
@Override
public void persistSTSInstance(String stsInstanceId, String realm, T instance) throws STSPublishException {
    /*
          Note on having to explicitly specify the realm as a parameter, when it could, theoretically, be obtained from the T instance parameter:
          although both the RestSTSInstanceConfig and the SoapSTSInstanceConfig have a DeploymentConfig reference, it is not defined
          in STSInstanceConfig (which would allow it to be referenced in this method), because the SoapSTSInstanceConfig class
          encapsulates a DeploymentConfig subclass, the SoapDeploymentConfig, as some additional deployment information is
          required for a soap deployment. I don't want to declare the DeploymentConfig base in the STSInstanceConfig class, as this
          would require an explicit down-cast in the SoapSTSInstanceConfig, and I don't want to add some generic complexity to
          the STSInstanceConfig class to model DeploymentConfig subclasses - the builder hierarchy in the STSInstanceConfig
          hierarchy is already complicated enough. So the realm parameter is added explicitly, as the calling context knows
          whether it is dealing with a soap or rest sts instance.
         */
    try {
        /*
            Model for code below taken from AMAuthenticationManager.createAuthenticationInstance, as the 'multiple authN module per realm'
            model applies to the STS, and the AMAuthenticationManager seems to implement the SMS persistence concern of these semantics.
             */
        OrganizationConfigManager organizationConfigManager = new OrganizationConfigManager(getAdminToken(), realm);
        Map<String, Set<String>> instanceConfigAttributes = instanceConfigMarshaller.toMap(instance);
        if (!organizationConfigManager.getAssignedServices().contains(serviceName)) {
            organizationConfigManager.assignService(serviceName, null);
        }
        ServiceConfig orgConfig = organizationConfigManager.getServiceConfig(serviceName);
        if (orgConfig == null) {
            orgConfig = organizationConfigManager.addServiceConfig(serviceName, null);
        }
        orgConfig.addSubConfig(stsInstanceId, ISAuthConstants.SERVER_SUBSCHEMA, PRIORITY_ZERO, instanceConfigAttributes);
        if (logger.isDebugEnabled()) {
            logger.debug("Persisted " + restOrSoap() + " sts instance with id " + stsInstanceId + " in realm " + realm);
        }
    } catch (SMSException e) {
        throw new STSPublishException(ResourceException.INTERNAL_ERROR, "Exception caught persisting " + restOrSoap() + " instance " + stsInstanceId + "Exception: " + e, e);
    } catch (SSOException e) {
        throw new STSPublishException(ResourceException.INTERNAL_ERROR, "Exception caught persisting " + restOrSoap() + " instance" + stsInstanceId + "Exception: " + e, e);
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) STSPublishException(org.forgerock.openam.sts.STSPublishException) SSOException(com.iplanet.sso.SSOException)

Example 79 with OrganizationConfigManager

use of com.sun.identity.sm.OrganizationConfigManager in project OpenAM by OpenRock.

the class RealmTest method addRealmAttribute.

@Parameters({ "realm" })
@Test(groups = { "cli-realm", "add-realm-attrs" }, dependsOnMethods = { "assignedServiceToRealm" })
public void addRealmAttribute(String realm) throws CLIException, IdRepoException, SMSException, SSOException {
    String[] param = { realm };
    entering("addRealmAttribute", param);
    String[] args = { "set-realm-attrs", CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME, realm, CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.SERVICE_NAME, "sunIdentityRepositoryService", CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.ATTRIBUTE_VALUES, "sunOrganizationAliases=dummy" };
    SSOToken adminSSOToken = getAdminSSOToken();
    CLIRequest req = new CLIRequest(null, args, adminSSOToken);
    cmdManager.addToRequestQueue(req);
    cmdManager.serviceRequestQueue();
    OrganizationConfigManager orgMgr = new OrganizationConfigManager(adminSSOToken, realm);
    Map map = orgMgr.getAttributes("sunIdentityRepositoryService");
    Set values = (Set) map.get("sunOrganizationAliases");
    assert (values.contains("dummy"));
    values.remove("dummy");
    orgMgr.setAttributes("sunIdentityRepositoryService", map);
    exiting("addRealmAttribute");
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) CLIRequest(com.sun.identity.cli.CLIRequest) HashMap(java.util.HashMap) Map(java.util.Map) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest) AfterTest(org.testng.annotations.AfterTest)

Example 80 with OrganizationConfigManager

use of com.sun.identity.sm.OrganizationConfigManager in project OpenAM by OpenRock.

the class RealmTest method createRealm.

@Parameters({ "realm" })
@BeforeTest(groups = { "cli-realm", "create-realm" })
public void createRealm(String realm) throws CLIException, SMSException {
    String[] param = { realm };
    entering("createRealm", param);
    String[] args = { "create-realm", CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME, realm };
    CLIRequest req = new CLIRequest(null, args, getAdminSSOToken());
    cmdManager.addToRequestQueue(req);
    cmdManager.serviceRequestQueue();
    String parentRealm = RealmUtils.getParentRealm(realm);
    String realmName = RealmUtils.getChildRealm(realm);
    OrganizationConfigManager ocm = new OrganizationConfigManager(getAdminSSOToken(), parentRealm);
    Set names = ocm.getSubOrganizationNames(realmName, true);
    assert (names.size() == 1);
    String name = (String) names.iterator().next();
    assert name.equals(realmName);
    exiting("createRealm");
}
Also used : Set(java.util.Set) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) CLIRequest(com.sun.identity.cli.CLIRequest) Parameters(org.testng.annotations.Parameters) BeforeTest(org.testng.annotations.BeforeTest)

Aggregations

OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)144 SMSException (com.sun.identity.sm.SMSException)87 Set (java.util.Set)79 HashSet (java.util.HashSet)54 SSOException (com.iplanet.sso.SSOException)50 Map (java.util.Map)48 HashMap (java.util.HashMap)40 SSOToken (com.iplanet.sso.SSOToken)33 IdRepoException (com.sun.identity.idm.IdRepoException)32 Iterator (java.util.Iterator)28 AMIdentity (com.sun.identity.idm.AMIdentity)23 CLIException (com.sun.identity.cli.CLIException)21 AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)20 ServiceConfig (com.sun.identity.sm.ServiceConfig)17 IOutput (com.sun.identity.cli.IOutput)15 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)15 List (java.util.List)10 ForbiddenException (org.forgerock.json.resource.ForbiddenException)9 BadRequestException (org.forgerock.json.resource.BadRequestException)8 InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)8