Search in sources :

Example 81 with ServiceConfig

use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.

the class SpecialRepo method search.

@Override
public RepoSearchResults search(SSOToken token, IdType type, CrestQuery crestQuery, int maxTime, int maxResults, Set<String> returnAttrs, boolean returnAllAttrs, int filterOp, Map<String, Set<String>> avPairs, boolean recursive) throws IdRepoException, SSOException {
    if (crestQuery.hasQueryFilter()) {
        throw new IdRepoException("SpecialRepo search does not support query filters");
    }
    Set userRes = new HashSet();
    Map userAttrs = new HashMap();
    int errorCode = RepoSearchResults.SUCCESS;
    String pattern = crestQuery.getQueryId();
    try {
        if (type.equals(IdType.USER)) {
            ServiceConfig userConfig = getUserConfig();
            // Support aliasing for "uid" at least..
            if (pattern.equals("*") && avPairs != null && !avPairs.isEmpty()) {
                Set uidVals = (Set) avPairs.get("uid");
                if (uidVals != null && !uidVals.isEmpty()) {
                    pattern = (String) uidVals.iterator().next();
                } else {
                    // empty results
                    return new RepoSearchResults(Collections.EMPTY_SET, RepoSearchResults.SUCCESS, Collections.EMPTY_MAP, type);
                }
            }
            // If wild card is used for pattern, do a search else a lookup
            if (pattern.indexOf('*') != -1) {
                userRes = userConfig.getSubConfigNames(pattern);
            } else {
                for (Iterator items = userConfig.getSubConfigNames().iterator(); items.hasNext(); ) {
                    String name = (String) items.next();
                    if (name.equalsIgnoreCase(pattern)) {
                        userRes.add(pattern);
                        break;
                    }
                }
            }
            if (userRes != null) {
                Iterator it = userRes.iterator();
                while (it.hasNext()) {
                    String u = (String) it.next();
                    ServiceConfig thisUser = userConfig.getSubConfig(u);
                    Map attrs = thisUser.getAttributes();
                    // BugID: 6309830
                    if (u.equalsIgnoreCase(IdConstants.AMADMIN_USER) || u.equalsIgnoreCase(IdConstants.ANONYMOUS_USER)) {
                        // The passwords for these would
                        // be returned from LDAP
                        attrs.remove("userPassword");
                    }
                    // Add the AMSDK root suffix to the DN attribute
                    replaceDNAttributeIfPresent(attrs);
                    userAttrs.put(u, attrs);
                }
            }
            return new RepoSearchResults(userRes, errorCode, userAttrs, type);
        } else {
            return new RepoSearchResults(Collections.EMPTY_SET, RepoSearchResults.SUCCESS, Collections.EMPTY_MAP, type);
        }
    } catch (SMSException smse) {
        debug.error("SpecialRepo.search: Unable to retrieve entries: ", smse);
        Object[] args = { NAME };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SEARCH_FAILED, args);
    }
}
Also used : Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) RepoSearchResults(com.sun.identity.idm.RepoSearchResults) Map(java.util.Map) HashMap(java.util.HashMap) CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 82 with ServiceConfig

use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.

the class AgentsRepo method delete.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#delete(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String)
     */
public void delete(SSOToken token, IdType type, String name) throws IdRepoException, SSOException {
    if (debug.messageEnabled()) {
        debug.message("AgentsRepo.delete() called: " + type + ": " + name);
    }
    if (initializationException != null) {
        debug.error("AgentsRepo.delete: " + "Realm " + realmName + " does not exist.");
        throw (initializationException);
    }
    ServiceConfig aCfg = null;
    try {
        if (type.equals(IdType.AGENTONLY) || type.equals(IdType.AGENT)) {
            ServiceConfig orgConfig = getOrgConfig(token);
            aCfg = orgConfig.getSubConfig(name);
            if (aCfg != null) {
                String agentType = orgConfig.getSubConfig(name).getSchemaID();
                boolean isSharedAgent = agentType.equals("SharedAgent");
                orgConfig.removeSubConfig(name);
                if (!isSharedAgent) {
                    removeIdentityFromAgentAuthenticators(name);
                }
            } else {
                // Agent not found, throw an exception
                Object[] args = { name, type.getName() };
                throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
            }
        } else if (type.equals(IdType.AGENTGROUP)) {
            ServiceConfig agentGroupConfig = getAgentGroupConfig(token);
            if (agentGroupConfig == null) {
                // Agent not found, throw an exception
                Object[] args = { name, type.getName() };
                throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
            }
            aCfg = agentGroupConfig.getSubConfig(name);
            if (aCfg != null) {
                // AgentGroup deletion should clear the group memberships of the agents that belong to this group.
                // Get the members that belong to this group and their config and set the agentgroup attribute to
                // an empty string.
                Set<String> members = getMembers(token, type, name, IdType.AGENTONLY);
                ServiceConfig memberCfg;
                for (String agent : members) {
                    memberCfg = getOrgConfig(token).getSubConfig(agent);
                    if (memberCfg != null) {
                        memberCfg.removeAttribute(AGENT_GROUP);
                    }
                }
                agentGroupConfig.removeSubConfig(name);
            } else {
                // Agent not found, throw an exception
                Object[] args = { name, type.getName() };
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args);
            }
        }
    } catch (SMSException smse) {
        debug.error("AgentsRepo.delete: Unable to delete agents ", smse);
        Object[] args = { NAME };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_READ_ATTRIBUTES, args);
    }
}
Also used : NotificationSet(com.iplanet.services.comm.share.NotificationSet) Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException)

Example 83 with ServiceConfig

use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.

the class AgentsRepo method setAttributes.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#setAttributes(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String, java.util.Map,
     *      boolean)
     */
public void setAttributes(SSOToken token, IdType type, String name, Map attributes, boolean isAdd) throws IdRepoException, SSOException {
    if (debug.messageEnabled()) {
        debug.message("AgentsRepo.setAttributes() called: " + type + ": " + name);
    }
    if (initializationException != null) {
        debug.error("AgentsRepo.setAttributes: " + "Realm " + realmName + " does not exist.");
        throw (initializationException);
    }
    if (attributes == null || attributes.isEmpty()) {
        if (debug.messageEnabled()) {
            debug.message("AgentsRepo.setAttributes(): Attributes " + "are empty");
        }
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ILLEGAL_ARGUMENTS, null);
    }
    ServiceConfig aCfg = null;
    try {
        if (type.equals(IdType.AGENTONLY) || type.equals(IdType.AGENT)) {
            ServiceConfig orgConfig = getOrgConfig(token);
            aCfg = orgConfig.getSubConfig(name);
        } else if (type.equals(IdType.AGENTGROUP)) {
            ServiceConfig agentGroupConfig = getAgentGroupConfig(token);
            if (agentGroupConfig == null) {
                Object[] args = { NAME, IdOperation.READ.getName() };
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
            }
            aCfg = agentGroupConfig.getSubConfig(name);
        } else {
            Object[] args = { NAME, IdOperation.READ.getName() };
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
        }
        Set vals = (Set) attributes.get("userpassword");
        if (vals != null && !AgentConfiguration.AGENT_TYPE_OAUTH2.equals(aCfg.getSchemaID())) {
            Set hashedVals = new HashSet();
            Iterator it = vals.iterator();
            while (it.hasNext()) {
                String val = (String) it.next();
                if (!val.startsWith(hashAlgStr)) {
                    hashedVals.add(hashAlgStr + Hash.hash(val));
                    attributes.remove("userpassword");
                    attributes.put("userpassword", hashedVals);
                }
            }
        }
        if (aCfg != null) {
            aCfg.setAttributes(attributes);
        } else {
            // Agent not found, throw an exception
            Object[] args = { name, type.getName() };
            throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, args));
        }
    } catch (SMSException smse) {
        debug.error("AgentsRepo.setAttributes(): Unable to set agent" + " attributes ", smse);
        Object[] args = { NAME, type.getName(), name };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
    }
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) NotificationSet(com.iplanet.services.comm.share.NotificationSet) Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) Iterator(java.util.Iterator) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 84 with ServiceConfig

use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.

the class AgentsRepo method getMembers.

/*
     * (non-Javadoc)
     *
     * @see com.sun.identity.idm.IdRepo#getMembers(com.iplanet.sso.SSOToken,
     *      com.sun.identity.idm.IdType, java.lang.String,
     *      com.sun.identity.idm.IdType)
     */
public Set getMembers(SSOToken token, IdType type, String name, IdType membersType) throws IdRepoException, SSOException {
    /*
         * name would be the name of the agentgroup.
         * membersType would be the IdType of the agent to be retrieved.
         * type would be the IdType of the agentgroup.
         */
    if (debug.messageEnabled()) {
        debug.message("AgentsRepo.getMembers called" + type + ": " + name + ": " + membersType);
    }
    if (initializationException != null) {
        debug.error("AgentsRepo.getMembers: " + "Realm " + realmName + " does not exist.");
        throw (initializationException);
    }
    Set results = new HashSet();
    if (type.equals(IdType.USER) || type.equals(IdType.AGENT)) {
        debug.error("AgentsRepo.getMembers: Membership operation is " + "not supported for Users or Agents");
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIP_TO_USERS_AND_AGENTS_NOT_ALLOWED, null);
    }
    if (!membersType.equals(IdType.AGENTONLY) && !membersType.equals(IdType.AGENT)) {
        debug.error("AgentsRepo.getMembers: Cannot get member from a " + "non-agent type " + membersType.getName());
        Object[] args = { NAME };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.MEMBERSHIPS_FOR_NOT_USERS_NOT_ALLOWED, args);
    }
    if (type.equals(IdType.AGENTGROUP)) {
        try {
            // Search and get the serviceconfig of the agents and get the value of the attribute 'agentgroup' and
            // if the agent belongs to the agentgroup, add the agent/member to the result set.
            ServiceConfig orgConfig = getOrgConfig(token);
            for (String agent : orgConfig.getSubConfigNames()) {
                ServiceConfig agentConfig;
                agentConfig = orgConfig.getSubConfig(agent);
                if (agentConfig != null) {
                    String group = CollectionHelper.getMapAttr(agentConfig.getAttributes(), AGENT_GROUP);
                    if (name.equalsIgnoreCase(group)) {
                        results.add(agent);
                    }
                }
            }
        } catch (SMSException sme) {
            debug.error("AgentsRepo.getMembers: Caught " + "exception while getting agents" + " from groups", sme);
            Object[] args = { NAME, type.getName(), name };
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.ERROR_SETTING_ATTRIBUTES, args);
        }
    } else {
        Object[] args = { NAME, IdOperation.READ.getName() };
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED, args);
    }
    return (results);
}
Also used : IdRepoUnsupportedOpException(com.sun.identity.idm.IdRepoUnsupportedOpException) NotificationSet(com.iplanet.services.comm.share.NotificationSet) Set(java.util.Set) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) ServiceConfig(com.sun.identity.sm.ServiceConfig) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Example 85 with ServiceConfig

use of com.sun.identity.sm.ServiceConfig in project OpenAM by OpenRock.

the class AgentsRepo method getGroupNames.

private Set<String> getGroupNames(ServiceConfig orgConfig, String agentName) throws SSOException, SMSException {
    Set<String> results = new HashSet<String>(2);
    ServiceConfig agentConfig = orgConfig.getSubConfig(agentName);
    if (agentConfig != null) {
        String groupName = CollectionHelper.getMapAttr(agentConfig.getAttributes(), AGENT_GROUP);
        if (groupName != null && !groupName.isEmpty()) {
            results.add(groupName);
        }
    }
    return results;
}
Also used : ServiceConfig(com.sun.identity.sm.ServiceConfig) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet)

Aggregations

ServiceConfig (com.sun.identity.sm.ServiceConfig)285 SMSException (com.sun.identity.sm.SMSException)180 Set (java.util.Set)144 SSOException (com.iplanet.sso.SSOException)143 ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)124 HashSet (java.util.HashSet)119 Map (java.util.Map)101 HashMap (java.util.HashMap)96 SSOToken (com.iplanet.sso.SSOToken)52 Iterator (java.util.Iterator)41 IdRepoException (com.sun.identity.idm.IdRepoException)27 UpgradeException (org.forgerock.openam.upgrade.UpgradeException)22 EntitlementException (com.sun.identity.entitlement.EntitlementException)19 LinkedHashSet (java.util.LinkedHashSet)18 OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)17 CLIException (com.sun.identity.cli.CLIException)16 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)16 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)13 ServiceNotFoundException (com.sun.identity.sm.ServiceNotFoundException)13 ServiceSchema (com.sun.identity.sm.ServiceSchema)12