use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class SpecialRepo method search.
@Override
public RepoSearchResults search(SSOToken token, IdType type, CrestQuery crestQuery, int maxTime, int maxResults, Set<String> returnAttrs, boolean returnAllAttrs, int filterOp, Map<String, Set<String>> avPairs, boolean recursive) throws IdRepoException, SSOException {
if (crestQuery.hasQueryFilter()) {
throw new IdRepoException("SpecialRepo search does not support query filters");
}
Set userRes = new HashSet();
Map userAttrs = new HashMap();
int errorCode = RepoSearchResults.SUCCESS;
String pattern = crestQuery.getQueryId();
try {
if (type.equals(IdType.USER)) {
ServiceConfig userConfig = getUserConfig();
// Support aliasing for "uid" at least..
if (pattern.equals("*") && avPairs != null && !avPairs.isEmpty()) {
Set uidVals = (Set) avPairs.get("uid");
if (uidVals != null && !uidVals.isEmpty()) {
pattern = (String) uidVals.iterator().next();
} else {
// empty results
return new RepoSearchResults(Collections.EMPTY_SET, RepoSearchResults.SUCCESS, Collections.EMPTY_MAP, type);
}
}
// If wild card is used for pattern, do a search else a lookup
if (pattern.indexOf('*') != -1) {
userRes = userConfig.getSubConfigNames(pattern);
} else {
for (Iterator items = userConfig.getSubConfigNames().iterator(); items.hasNext(); ) {
String name = (String) items.next();
if (name.equalsIgnoreCase(pattern)) {
userRes.add(pattern);
break;
}
}
}
if (userRes != null) {
Iterator it = userRes.iterator();
while (it.hasNext()) {
String u = (String) it.next();
ServiceConfig thisUser = userConfig.getSubConfig(u);
Map attrs = thisUser.getAttributes();
// BugID: 6309830
if (u.equalsIgnoreCase(IdConstants.AMADMIN_USER) || u.equalsIgnoreCase(IdConstants.ANONYMOUS_USER)) {
// The passwords for these would
// be returned from LDAP
attrs.remove("userPassword");
}
// Add the AMSDK root suffix to the DN attribute
replaceDNAttributeIfPresent(attrs);
userAttrs.put(u, attrs);
}
}
return new RepoSearchResults(userRes, errorCode, userAttrs, type);
} else {
return new RepoSearchResults(Collections.EMPTY_SET, RepoSearchResults.SUCCESS, Collections.EMPTY_MAP, type);
}
} catch (SMSException smse) {
debug.error("SpecialRepo.search: Unable to retrieve entries: ", smse);
Object[] args = { NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SEARCH_FAILED, args);
}
}
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method delete.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#delete(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
public void delete(SSOToken token, IdType type, String name) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AgentsRepo.delete() called: " + type + ": " + name);
}
if (initializationException != null) {
debug.error("AgentsRepo.delete: " + "Realm " + realmName + " does not exist.");
throw (initializationException);
}
ServiceConfig aCfg = null;
try {
if (type.equals(IdType.AGENTONLY) || type.equals(IdType.AGENT)) {
ServiceConfig orgConfig = getOrgConfig(token);
aCfg = orgConfig.getSubConfig(name);
if (aCfg != null) {
String agentType = orgConfig.getSubConfig(name).getSchemaID();
boolean isSharedAgent = agentType.equals("SharedAgent");
orgConfig.removeSubConfig(name);
if (!isSharedAgent) {
removeIdentityFromAgentAuthenticators(name);
}
} else {
// Agent not found, throw an exception
Object[] args = { name, type.getName() };
throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
}
} else if (type.equals(IdType.AGENTGROUP)) {
ServiceConfig agentGroupConfig = getAgentGroupConfig(token);
if (agentGroupConfig == null) {
// Agent not found, throw an exception
Object[] args = { name, type.getName() };
throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
}
aCfg = agentGroupConfig.getSubConfig(name);
if (aCfg != null) {
// AgentGroup deletion should clear the group memberships of the agents that belong to this group.
// Get the members that belong to this group and their config and set the agentgroup attribute to
// an empty string.
Set<String> members = getMembers(token, type, name, IdType.AGENTONLY);
ServiceConfig memberCfg;
for (String agent : members) {
memberCfg = getOrgConfig(token).getSubConfig(agent);
if (memberCfg != null) {
memberCfg.removeAttribute(AGENT_GROUP);
}
}
agentGroupConfig.removeSubConfig(name);
} else {
// Agent not found, throw an exception
Object[] args = { name, type.getName() };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args);
}
}
} catch (SMSException smse) {
debug.error("AgentsRepo.delete: Unable to delete agents ", smse);
Object[] args = { NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_READ_ATTRIBUTES, args);
}
}
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method setAttributes.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#setAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Map,
* boolean)
*/
public void setAttributes(SSOToken token, IdType type, String name, Map attributes, boolean isAdd) throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
debug.message("AgentsRepo.setAttributes() called: " + type + ": " + name);
}
if (initializationException != null) {
debug.error("AgentsRepo.setAttributes: " + "Realm " + realmName + " does not exist.");
throw (initializationException);
}
if (attributes == null || attributes.isEmpty()) {
if (debug.messageEnabled()) {
debug.message("AgentsRepo.setAttributes(): Attributes " + "are empty");
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ILLEGAL_ARGUMENTS, null);
}
ServiceConfig aCfg = null;
try {
if (type.equals(IdType.AGENTONLY) || type.equals(IdType.AGENT)) {
ServiceConfig orgConfig = getOrgConfig(token);
aCfg = orgConfig.getSubConfig(name);
} else if (type.equals(IdType.AGENTGROUP)) {
ServiceConfig agentGroupConfig = getAgentGroupConfig(token);
if (agentGroupConfig == null) {
Object[] args = { NAME, IdOperation.READ.getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
}
aCfg = agentGroupConfig.getSubConfig(name);
} else {
Object[] args = { NAME, IdOperation.READ.getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
}
Set vals = (Set) attributes.get("userpassword");
if (vals != null && !AgentConfiguration.AGENT_TYPE_OAUTH2.equals(aCfg.getSchemaID())) {
Set hashedVals = new HashSet();
Iterator it = vals.iterator();
while (it.hasNext()) {
String val = (String) it.next();
if (!val.startsWith(hashAlgStr)) {
hashedVals.add(hashAlgStr + Hash.hash(val));
attributes.remove("userpassword");
attributes.put("userpassword", hashedVals);
}
}
}
if (aCfg != null) {
aCfg.setAttributes(attributes);
} else {
// Agent not found, throw an exception
Object[] args = { name, type.getName() };
throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
}
} catch (SMSException smse) {
debug.error("AgentsRepo.setAttributes(): Unable to set agent" + " attributes ", smse);
Object[] args = { NAME, type.getName(), name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
}
}
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method getMembers.
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getMembers(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String,
* com.sun.identity.idm.IdType)
*/
public Set getMembers(SSOToken token, IdType type, String name, IdType membersType) throws IdRepoException, SSOException {
/*
* name would be the name of the agentgroup.
* membersType would be the IdType of the agent to be retrieved.
* type would be the IdType of the agentgroup.
*/
if (debug.messageEnabled()) {
debug.message("AgentsRepo.getMembers called" + type + ": " + name + ": " + membersType);
}
if (initializationException != null) {
debug.error("AgentsRepo.getMembers: " + "Realm " + realmName + " does not exist.");
throw (initializationException);
}
Set results = new HashSet();
if (type.equals(IdType.USER) || type.equals(IdType.AGENT)) {
debug.error("AgentsRepo.getMembers: Membership operation is " + "not supported for Users or Agents");
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED, null);
}
if (!membersType.equals(IdType.AGENTONLY) && !membersType.equals(IdType.AGENT)) {
debug.error("AgentsRepo.getMembers: Cannot get member from a " + "non-agent type " + membersType.getName());
Object[] args = { NAME };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIPS_FOR_NOT_USERS_NOT_ALLOWED, args);
}
if (type.equals(IdType.AGENTGROUP)) {
try {
// Search and get the serviceconfig of the agents and get the value of the attribute 'agentgroup' and
// if the agent belongs to the agentgroup, add the agent/member to the result set.
ServiceConfig orgConfig = getOrgConfig(token);
for (String agent : orgConfig.getSubConfigNames()) {
ServiceConfig agentConfig;
agentConfig = orgConfig.getSubConfig(agent);
if (agentConfig != null) {
String group = CollectionHelper.getMapAttr(agentConfig.getAttributes(), AGENT_GROUP);
if (name.equalsIgnoreCase(group)) {
results.add(agent);
}
}
}
} catch (SMSException sme) {
debug.error("AgentsRepo.getMembers: Caught " + "exception while getting agents" + " from groups", sme);
Object[] args = { NAME, type.getName(), name };
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
}
} else {
Object[] args = { NAME, IdOperation.READ.getName() };
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
}
return (results);
}
use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.
the class AgentsRepo method getGroupNames.
private Set<String> getGroupNames(ServiceConfig orgConfig, String agentName) throws SSOException, SMSException {
Set<String> results = new HashSet<String>(2);
ServiceConfig agentConfig = orgConfig.getSubConfig(agentName);
if (agentConfig != null) {
String groupName = CollectionHelper.getMapAttr(agentConfig.getAttributes(), AGENT_GROUP);
if (groupName != null && !groupName.isEmpty()) {
results.add(groupName);
}
}
return results;
}
Aggregations