Example 36 with SMSException
use of com.sun.identity.sm.SMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getServiceAttributesWithQualifier.
/**
* Method to get the attribute names of a service with CosQualifier. For
* example: Return set could be ["iplanet-am-web-agent-allow-list
* merge-schemes", "iplanet-am-web-agent-deny-list merge-schemes"] This only
* returns Dynamic attributes
*/
private Set getServiceAttributesWithQualifier(SSOToken token, String serviceName) throws SMSException, SSOException {
ServiceSchemaManager ssm = new ServiceSchemaManager(serviceName, token);
ServiceSchema ss = null;
try {
ss = ssm.getSchema(SchemaType.DYNAMIC);
} catch (SMSException sme) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.getServiceNames(): No " + "schema defined for SchemaType.DYNAMIC type");
}
}
if (ss == null) {
return Collections.EMPTY_SET;
}
Set attrNames = new HashSet();
Set attrSchemaNames = ss.getAttributeSchemaNames();
Iterator itr = attrSchemaNames.iterator();
while (itr.hasNext()) {
String attrSchemaName = (String) itr.next();
AttributeSchema attrSchema = ss.getAttributeSchema(attrSchemaName);
String name = attrSchemaName + " " + attrSchema.getCosQualifier();
attrNames.add(name);
}
return attrNames;
}
Also used :
ServiceSchema(com.sun.identity.sm.ServiceSchema)
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
TreeSet(java.util.TreeSet)
HashSet(java.util.HashSet)
AttrSet(com.iplanet.services.ldap.AttrSet)
SMSException(com.sun.identity.sm.SMSException)
Iterator(java.util.Iterator)
AttributeSchema(com.sun.identity.sm.AttributeSchema)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
HashSet(java.util.HashSet)
Example 37 with SMSException
use of com.sun.identity.sm.SMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method createOrganization.
private void createOrganization(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException, SSOException {
// Invoke the Pre Processing plugin. Note: we need to obtain
// the parent org of this organization to obtain the
// plugin classes for the parent org.
String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
String entryDN = getNamingAttribute(AMObject.ORGANIZATION) + "=" + profileName + "," + parentObj.getDN();
attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATION), profileName);
TemplateManager tempMgr = TemplateManager.getTemplateManager();
com.iplanet.ums.Organization org = null;
CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganization", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
attrSet = combineOCs(creationTemp, attrSet);
// COMPLIANCE: DCTREE
if (dcTreeImpl.isRequired()) {
AttrSet[] attrSetArray = dcTreeImpl.splitAttrSet(parentObj.getDN(), attrSet);
org = new com.iplanet.ums.Organization(creationTemp, attrSetArray[0]);
// create the DC node first. If it fails then the org node will not
// be created at all. No clean up needed afterwards then.
dcTreeImpl.createDomain(token, new Guid(entryDN), attrSet);
} else {
org = new com.iplanet.ums.Organization(creationTemp, attrSet);
}
try {
parentObj.addChild(org);
} catch (UMSException ue) {
// clean up DC node
if (dcTreeImpl.isRequired()) {
dcTreeImpl.removeDomain(token, entryDN);
}
if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
// COMPLIANCE
// If the existing entry is marked for deletion, then
// the error message should be different.
complianceImpl.checkIfDeletedOrg(token, org.getDN());
}
throw ue;
}
if (ComplianceServicesImpl.isAdminGroupsEnabled(org.getDN())) {
complianceImpl.createAdminGroups(token, org);
}
// mode, the corresponding realm must also be created.
if (ServiceManager.isCoexistenceMode() && ServiceManager.isRealmEnabled()) {
try {
// Check if realm exisits, this throws SMSException
// if realm does not exist
new OrganizationConfigManager(token, entryDN);
} catch (SMSException smse) {
// Organization does not exist, create it
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::createOrganization " + "creating realm: " + org.getDN());
}
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, orgDN);
ocm.createSubOrganization(profileName, null);
} catch (SMSException se) {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::" + "createOrganization unable to create realm: " + org.getDN(), se);
}
}
}
}
// If in legacy mode, add the default services
if (ServiceManager.isCoexistenceMode()) {
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, entryDN);
OrganizationConfigManager.loadDefaultServices(token, ocm);
} catch (SMSException smse) {
// Unable to load default services
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl::createOrganization " + "Unable to load services: " + org.getDN());
}
}
}
// Invoke Post processing impls. Note: orgDN is parent org
callBackHelper.postProcess(token, org.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
}
Also used :
CreationTemplate(com.iplanet.ums.CreationTemplate)
UMSException(com.iplanet.ums.UMSException)
SMSException(com.sun.identity.sm.SMSException)
OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager)
TemplateManager(com.iplanet.ums.TemplateManager)
Guid(com.iplanet.ums.Guid)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 38 with SMSException
use of com.sun.identity.sm.SMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeEntry.
/**
* Remove an entry from the directory.
*
* @param token
* SSOToken
* @param entryDN
* dn of the profile to be removed
* @param objectType
* profile type
* @param recursive
* if true, remove all sub entries & the object
* @param softDelete
* Used to let pre/post callback plugins know that this delete is
* either a soft delete (marked for deletion) or a purge/hard
* delete itself, otherwise, remove the object only
*/
public void removeEntry(SSOToken token, String entryDN, int objectType, boolean recursive, boolean softDelete) throws AMException, SSOException {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): Removing: " + entryDN + " & recursive: " + recursive);
}
if (recursive) {
// will list all entries in the sub-tree and delete them
// one by one.
removeSubtree(token, entryDN, softDelete);
} else {
removeSingleEntry(token, entryDN, objectType, softDelete);
}
// realm must also be deleted.
if (objectType == AMObject.ORGANIZATION && ServiceManager.isCoexistenceMode() && ServiceManager.isRealmEnabled()) {
try {
// Check if realm exisits, this throws SMSException
// if realm does not exist
OrganizationConfigManager ocm = new OrganizationConfigManager(token, entryDN);
// Since the above did not throw an exception, the
// realm must be deleted
ocm.deleteSubOrganization(null, recursive);
} catch (SMSException smse) {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl::removeEntry " + "unable to delete corresponding realm: " + entryDN);
}
}
}
}
Also used :
SMSException(com.sun.identity.sm.SMSException)
OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager)
Example 39 with SMSException
use of com.sun.identity.sm.SMSException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method registerService.
/**
* Register a service for an org or org unit policy to a profile
*
* @param token
* token
* @param orgDN
* DN of the org
* @param serviceName
* Service Name
*/
public void registerService(SSOToken token, String orgDN, String serviceName) throws AMException, SSOException {
try {
// This returns a valid set only if the service has
// Dynamic attributes
Set attrNames = getServiceAttributesWithQualifier(token, serviceName);
if ((attrNames != null) && !attrNames.isEmpty()) {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(orgDN));
DirectCOSDefinition dcos = createCOSDefinition(serviceName, attrNames);
COSManager cm = COSManager.getCOSManager(token, po.getGuid());
cm.addDefinition(dcos);
}
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.registerService() " + "Insufficient access rights to register service: " + serviceName, e);
throw new AMException(token, "460");
} catch (EntryAlreadyExistsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.registerService() " + "Service " + serviceName + " already registered", e);
}
Object[] args = { serviceName };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("464", args, locale), "464", args);
} catch (SMSException e) {
debug.error("DirectoryServicesImpl.registerService() Unable to " + "register service: " + serviceName, e);
throw new AMException(token, "914");
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.registerService() Unable to " + "register service: " + serviceName, e);
throw new AMException(token, "914", e);
}
}
Also used :
DirectCOSDefinition(com.iplanet.ums.cos.DirectCOSDefinition)
AccessRightsException(com.iplanet.ums.AccessRightsException)
Set(java.util.Set)
OrderedSet(com.sun.identity.shared.datastruct.OrderedSet)
TreeSet(java.util.TreeSet)
HashSet(java.util.HashSet)
AttrSet(com.iplanet.services.ldap.AttrSet)
UMSException(com.iplanet.ums.UMSException)
SMSException(com.sun.identity.sm.SMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
COSManager(com.iplanet.ums.cos.COSManager)
EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException)
Example 40 with SMSException
use of com.sun.identity.sm.SMSException in project OpenAM by OpenRock.
the class AMAuthenticationManager method createAuthenticationInstance.
/**
* Creates an <code>AMAuthenticationInstance</code> instance with the
* specified parameters.
*
* @param name Name of the authentication module instance.
* @param type Type of the authentication module instance.
* @param attributes A Map of parameters for this module instance.
* @return <code>AMAuthenticationInstance</code> object is newly created.
* @throws AMConfigurationException if error occurred during the
* authentication creation.
*/
public AMAuthenticationInstance createAuthenticationInstance(String name, String type, Map attributes) throws AMConfigurationException {
if (name.indexOf(' ') != -1) {
throw new AMConfigurationException(BUNDLE_NAME, "invalidAuthenticationInstanceName", null);
}
Set moduleTypes = getAuthenticationTypes();
if (!moduleTypes.contains(type)) {
throw new AMConfigurationException(BUNDLE_NAME, "wrongType", new Object[] { type });
}
AMAuthenticationInstance instance = getAuthenticationInstance(name);
if (instance != null) {
if (instance.getServiceConfig() != null) {
throw new AMConfigurationException(BUNDLE_NAME, "authInstanceExist", new Object[] { name });
} else {
throw new AMConfigurationException(BUNDLE_NAME, "authInstanceIsGlobal", new Object[] { name });
}
}
String serviceName = getServiceName(type);
ServiceSchema schema = null;
try {
ServiceSchemaManager ssm = new ServiceSchemaManager(serviceName, token);
schema = ssm.getSchema(SchemaType.GLOBAL);
} catch (SSOException e) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("Token doesn't have access to service: " + token + " -> " + serviceName);
}
} catch (SMSException e) {
// normal exception for service without global configuration.
// no need to log anything.
}
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(token, realm);
// Check if service is assigned
if (!ocm.getAssignedServices().contains(serviceName)) {
ocm.assignService(serviceName, null);
}
ServiceConfig orgConfig = ocm.getServiceConfig(serviceName);
if (orgConfig == null) {
orgConfig = ocm.addServiceConfig(serviceName, null);
}
ServiceConfig subConfig = orgConfig;
if (!name.equals(type)) {
orgConfig.addSubConfig(name, ISAuthConstants.SERVER_SUBSCHEMA, 0, attributes);
subConfig = orgConfig.getSubConfig(name);
} else {
// if the module instance name equals to its type, set the
// the attributes in its organization config, not sub config.
subConfig.setAttributes(attributes);
}
//AMAuthLevelManager listeners are in place, so let's reinitialize to be on the safe side.
if (!SystemProperties.isServerMode()) {
buildModuleInstanceForService(realm, serviceName);
}
return new AMAuthenticationInstance(name, type, subConfig, schema);
} catch (Exception e) {
throw new AMConfigurationException(e);
}
}
Also used :
ServiceSchema(com.sun.identity.sm.ServiceSchema)
HashSet(java.util.HashSet)
Set(java.util.Set)
SMSException(com.sun.identity.sm.SMSException)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager)
SSOException(com.iplanet.sso.SSOException)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
Aggregations
SMSException (com.sun.identity.sm.SMSException)704
SSOException (com.iplanet.sso.SSOException)525
Set (java.util.Set)272
HashSet (java.util.HashSet)200
SSOToken (com.iplanet.sso.SSOToken)185
Map (java.util.Map)166
ServiceConfig (com.sun.identity.sm.ServiceConfig)164
HashMap (java.util.HashMap)158
CLIException (com.sun.identity.cli.CLIException)149
ServiceSchema (com.sun.identity.sm.ServiceSchema)138
Iterator (java.util.Iterator)133
ServiceSchemaManager (com.sun.identity.sm.ServiceSchemaManager)131
ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)104
IOutput (com.sun.identity.cli.IOutput)96
IdRepoException (com.sun.identity.idm.IdRepoException)86
OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)84
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)83
AttributeSchema (com.sun.identity.sm.AttributeSchema)66
IOException (java.io.IOException)55
List (java.util.List)51
