Example 76 with ServiceConfig
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class SFOConfigValidator method processSFO.
private void processSFO(SSOToken ssoToken) {
boolean isSessionFailoverEnabled = false;
String sessionStoreUserName = null;
String sessionStorePassword = null;
HashMap clusterMemberMap = new HashMap();
// in milli-second
int connectionMaxWaitTime = 5000;
String jdbcDriverClass = null;
String sessionRepositoryURL = null;
int minPoolSize = 8;
int maxPoolSize = 32;
// in milli-second
int maxWaitTimeForConstraint = 6000;
boolean isPropertyNotificationEnabled = false;
Set notificationProperties;
toolOutWriter.printMessage("sfo-validate-cfg-prop");
try {
ServiceConfigManager scm = new ServiceConfigManager(amSessionService, ssoToken);
ServiceConfig serviceConfig = scm.getGlobalConfig(null);
String subCfgName = SiteConfiguration.getSiteIdByURL(ssoToken, getSessionServerURL());
ServiceConfig subConfig = serviceConfig.getSubConfig(subCfgName);
String[] params = { getSessionServerURL() };
if (subConfig != null) {
Map sessionAttrs = subConfig.getAttributes();
boolean sfoEnabled = Boolean.valueOf(CollectionHelper.getMapAttr(sessionAttrs, CoreTokenConstants.IS_SFO_ENABLED, "false")).booleanValue();
if (sfoEnabled) {
isSessionFailoverEnabled = true;
toolOutWriter.printMessage("sfo-cfg-enabled", params);
sessionStoreUserName = CollectionHelper.getMapAttr(sessionAttrs, SESSION_STORE_USERNAME, "amsvrusr");
sessionStorePassword = CollectionHelper.getMapAttr(sessionAttrs, SESSION_STORE_PASSWORD, "password");
connectionMaxWaitTime = Integer.parseInt(CollectionHelper.getMapAttr(sessionAttrs, CONNECT_MAX_WAIT_TIME, "5000"));
jdbcDriverClass = CollectionHelper.getMapAttr(sessionAttrs, JDBC_DRIVER_CLASS, "");
sessionRepositoryURL = CollectionHelper.getMapAttr(sessionAttrs, IPLANET_AM_SESSION_REPOSITORY_URL, "");
validateClusterList(sessionRepositoryURL);
minPoolSize = Integer.parseInt(CollectionHelper.getMapAttr(sessionAttrs, MIN_POOL_SIZE, "8"));
maxPoolSize = Integer.parseInt(CollectionHelper.getMapAttr(sessionAttrs, MAX_POOL_SIZE, "32"));
toolOutWriter.printMessage("sfo-cfg-prop-details");
String[] params1 = { sessionStoreUserName, sessionRepositoryURL, Integer.toString(connectionMaxWaitTime), Integer.toString(minPoolSize), Integer.toString(maxPoolSize) };
toolOutWriter.printMessage("sfo-cfg-params", params1);
} else {
toolOutWriter.printMessage("sfo-cfg-not-enabled", params);
}
} else {
toolOutWriter.printMessage("sfo-cfg-not-enabled", params);
}
} catch (Exception ex) {
toolOutWriter.printError("sfo-cfg-prop-notfound");
toolOutWriter.printStatusMsg(false, "sfo-validate-cfg-prop");
Debug.getInstance(DEBUG_NAME).error("SFOConfigValidator.processSFO: " + "Exception in validating sfo configuration " + "information", ex);
}
}
Also used :
Set(java.util.Set)
HashMap(java.util.HashMap)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
HashMap(java.util.HashMap)
Map(java.util.Map)
ServiceConfigManager(com.sun.identity.sm.ServiceConfigManager)
Example 77 with ServiceConfig
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method removeAttributes.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#removeAttributes(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set)
*/
public void removeAttributes(SSOToken token, IdType type, String name, Set attrNames) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AgentsRepo.removeAttributes() called: " + type + ": " + name);
}
if (initializationException != null) {
debug.error("AgentsRepo.removeAttributes: " + "Realm " + realmName + " does not exist.");
throw (initializationException);
}
if (attrNames == null || attrNames.isEmpty()) {
if (debug.messageEnabled()) {
debug.message("AgentsRepo.removeAttributes(): Attributes " + "are empty");
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ILLEGAL_ARGUMENTS, null);
} else {
if (debug.messageEnabled()) {
debug.message("AgentsRepo.removeAttributes(): Attribute " + " names" + attrNames);
}
}
ServiceConfig aCfg = null;
try {
if (type.equals(IdType.AGENTONLY)) {
ServiceConfig orgConfig = getOrgConfig(token);
aCfg = orgConfig.getSubConfig(name);
Iterator it = attrNames.iterator();
while (it.hasNext()) {
String attrName = (String) it.next();
if (aCfg != null) {
aCfg.removeAttribute(attrName);
} else {
// Agent not found, throw an exception
Object[] args = { name, type.getName() };
throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
}
}
}
} catch (SMSException smse) {
debug.error("AgentsRepo.removeAttributes(): Unable to remove " + "agent attributes ", smse);
Object[] args = { NAME, type.getName(), name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
}
}
Also used :
ServiceConfig(com.sun.identity.sm.ServiceConfig)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
Iterator(java.util.Iterator)
Example 78 with ServiceConfig
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method getMemberships.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getMemberships(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String,
* com.sun.identity.idm.IdType)
*/
public Set getMemberships(SSOToken token, IdType type, String name, IdType membershipType) throws IdRepoException, SSOException {
/*
* name would be the name of the agent.
* membersType would be the IdType of the agentgroup to be retrieved.
* type would be the IdType of the agent.
*/
if (debug.messageEnabled()) {
debug.message("AgentsRepo.getMemberships called " + type + ": " + name + ": " + membershipType);
}
if (initializationException != null) {
debug.error("AgentsRepo.getMemberships: " + "Realm " + realmName + " does not exist.");
throw (initializationException);
}
// Memberships can be returned for agents.
if (!type.equals(IdType.AGENT) && !type.equals(IdType.AGENTONLY) && !type.equals(IdType.AGENTGROUP)) {
debug.message("AgentsRepo:getMemberships supported only for agents");
Object[] args = { NAME };
throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIPS_OTHER_THAN_AGENTS_NOT_ALLOWED, args));
}
// Set to maintain the members
Set results = new HashSet();
if (membershipType.equals(IdType.AGENTGROUP)) {
try {
// Search and get the serviceconfig of the agent and get the value of the 'agentgroup' attribute and
// if the agent belongs to the agentgroup, add the agentgroup to the result set.
ServiceConfig orgConfig = getOrgConfig(token);
results = getGroupNames(orgConfig, name);
} catch (SMSException sme) {
debug.error("AgentsRepo.getMemberships: Caught " + "exception while getting memberships" + " for Agent", sme);
Object[] args = { NAME, type.getName(), name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
}
} else {
// throw unsupported operation exception
Object[] args = { NAME, IdOperation.READ.getName(), membershipType.getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
}
return (results);
}
Also used :
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
NotificationSet(com.iplanet.services.comm.share.NotificationSet)
Set(java.util.Set)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
Example 79 with ServiceConfig
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method modifyMemberShip.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#modifyMemberShip(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set,
* com.sun.identity.idm.IdType, int)
*/
public void modifyMemberShip(SSOToken token, IdType type, String name, Set<String> members, IdType membersType, int operation) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AgentsRepo: modifyMemberShip called " + type + ": " + name + ": " + members + ": " + membersType);
}
if (initializationException != null) {
debug.error("AgentsRepo.modifyMemberShip: Realm " + realmName + " does not exist.");
throw initializationException;
}
if (members == null || members.isEmpty()) {
debug.error("AgentsRepo.modifyMemberShip: Members set is empty");
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ILLEGAL_ARGUMENTS, null);
}
if (type.equals(IdType.USER) || type.equals(IdType.AGENT)) {
debug.error("AgentsRepo.modifyMembership: Membership to users and agents is not supported");
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED, null);
}
if (!membersType.equals(IdType.AGENTONLY)) {
debug.error("AgentsRepo.modifyMembership: A non-agent type cannot be made a member of any identity " + membersType.getName());
Object[] args = { NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIPS_FOR_NOT_USERS_NOT_ALLOWED, args);
}
if (type.equals(IdType.AGENTGROUP)) {
try {
// Search and get the serviceconfig of the agent and set the agentgroup attribute with the value of
// the agentgroup name eg., 'AgentGroup1'. One agent instance should belong to at most one group.
ServiceConfig orgConfig = getOrgConfig(token);
ServiceConfig agentConfig;
for (String agent : members) {
agentConfig = orgConfig.getSubConfig(agent);
if (agentConfig != null) {
switch(operation) {
case ADDMEMBER:
Map<String, Set<String>> agentGroup = new HashMap<String, Set<String>>(1);
agentGroup.put(AGENT_GROUP, asSet(name));
agentConfig.setAttributes(agentGroup);
break;
case REMOVEMEMBER:
agentConfig.removeAttribute(AGENT_GROUP);
break;
}
}
}
} catch (SMSException sme) {
debug.error("AgentsRepo.modifyMembership: Caught exception while adding/removing agents to groups", sme);
Object[] args = { NAME, type.getName(), name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
}
} else {
// throw an exception
debug.error("AgentsRepo.modifyMembership: Memberships cannot be modified for type= " + type.getName());
Object[] args = { NAME, type.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_CANNOT_BE_MODIFIED, args);
}
}
Also used :
NotificationSet(com.iplanet.services.comm.share.NotificationSet)
Set(java.util.Set)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
Example 80 with ServiceConfig
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class SpecialRepo method getAttributes.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
public Map getAttributes(SSOToken token, IdType type, String name) throws IdRepoException, SSOException {
if (isSpecialUser(type, name)) {
try {
ServiceConfig userConfig = getUserConfig();
// Get SubConfig of the user
ServiceConfig usc1 = userConfig.getSubConfig(name);
if (usc1 != null) {
// Return without the userPassword attribute
// BugID: 6309830
Map answer = usc1.getAttributes();
if (name.equalsIgnoreCase(IdConstants.AMADMIN_USER) || name.equalsIgnoreCase(IdConstants.ANONYMOUS_USER)) {
// The passwords for these would
// be returned from AMSDK plugin
answer.remove("userPassword");
}
// Add the AMSDK root suffix to the DN attribute
replaceDNAttributeIfPresent(answer);
return (answer);
}
// User not found, thrown exception
Object[] args = { name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NOT_VALID_ENTRY, args);
} catch (SMSException smse) {
debug.error("SpecialRepo: Unable to read user attributes ", smse);
Object[] args = { NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_READ_ATTRIBUTES, args);
}
}
Object[] args = { NAME, IdOperation.READ.getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
}
Also used :
IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException)
ServiceConfig(com.sun.identity.sm.ServiceConfig)
SMSException(com.sun.identity.sm.SMSException)
IdRepoException(com.sun.identity.idm.IdRepoException)
Map(java.util.Map)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
Aggregations
ServiceConfig (com.sun.identity.sm.ServiceConfig)285
SMSException (com.sun.identity.sm.SMSException)180
Set (java.util.Set)144
SSOException (com.iplanet.sso.SSOException)143
ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)124
HashSet (java.util.HashSet)119
Map (java.util.Map)101
HashMap (java.util.HashMap)96
SSOToken (com.iplanet.sso.SSOToken)52
Iterator (java.util.Iterator)41
IdRepoException (com.sun.identity.idm.IdRepoException)27
UpgradeException (org.forgerock.openam.upgrade.UpgradeException)22
EntitlementException (com.sun.identity.entitlement.EntitlementException)19
LinkedHashSet (java.util.LinkedHashSet)18
OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)17
CLIException (com.sun.identity.cli.CLIException)16
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)16
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)13
ServiceNotFoundException (com.sun.identity.sm.ServiceNotFoundException)13
ServiceSchema (com.sun.identity.sm.ServiceSchema)12
