Example 36 with ServiceSchemaManager
use of com.sun.identity.sm.ServiceSchemaManager in project OpenAM by OpenRock.
the class SCUtils method initialize.
/*
* Establishes the ServiceSchemaManager connection for future operations.
*/
private void initialize(String service, SSOToken token) {
serviceName = service;
ssoToken = token;
Exception exception = null;
try {
manager = new ServiceSchemaManager(serviceName, ssoToken);
} catch (SSOException e) {
exception = e;
} catch (SMSException e) {
exception = e;
}
if (exception != null && AMModelBase.debug.warningEnabled()) {
AMModelBase.debug.warning("SCUtils.initialize: " + serviceName, exception);
}
}
Also used :
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
SMSException(com.sun.identity.sm.SMSException)
MissingResourceException(java.util.MissingResourceException)
SSOException(com.iplanet.sso.SSOException)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
Example 37 with ServiceSchemaManager
use of com.sun.identity.sm.ServiceSchemaManager in project OpenAM by OpenRock.
the class AMObjectImpl method assignServices.
/**
* Assigns a set of services and the attributes for a service to the user.
*
* @param serviceNamesAndAttr
* Set of service names and the attributes for a service.
* @param store
* A boolean value. If the boolean value is 'true', 1) Checks if
* there is already an assigned service. 2) Checks if any of the
* assigned services are registered with the parent organization.
* 3) Combines the old Object Classes and the new Object classes
* and assigns them for a service. If the boolean value is
* 'false', 1) Assigns services without any check for existence
* of already assigned service. 2) Assigns only the new object
* classes.
*
* @throws AMException
* if there is an internal error in the AM Store
* @throws SSOException
* if the sign on is no longer valid
* @see com.iplanet.am.sdk.AMUserImpl#assignServices( java.util.Set
* serviceNames)
*/
public void assignServices(Map serviceNamesAndAttr, boolean store) throws AMException, SSOException {
if (!((profileType == AMObject.ORGANIZATION) || (profileType == AMObject.USER) || (profileType == AMObject.STATIC_GROUP) || (profileType == AMObject.DYNAMIC_GROUP) || (profileType == AMObject.ORGANIZATIONAL_UNIT) || (profileType == AMObject.ASSIGNABLE_DYNAMIC_GROUP) || (profileType == AMObject.GROUP))) {
throw new UnsupportedOperationException();
}
if ((serviceNamesAndAttr == null) || serviceNamesAndAttr.isEmpty()) {
return;
}
Set newOCs = new HashSet();
Set canAssign = new HashSet();
if (store) {
Set assignedServices = getAssignedServices();
Set toAssign = serviceNamesAndAttr.keySet();
Iterator it = toAssign.iterator();
while (it.hasNext()) {
// If already assigned service, then do nothing,
// else add the servicename to services to be
// assigned.
String thisService = (String) it.next();
if (!assignedServices.contains(thisService)) {
canAssign.add(thisService);
} else {
if (debug.warningEnabled()) {
debug.warning("AMObjectImpl.assignService()-> " + thisService + " is already assigned to " + entryDN);
}
}
}
/*
* Check if any of the assigned services are registered with the
* parent organization. If not then throw an exception. We cannot
* assign a service which is not registered with the parent
* organization.
*/
Set registered = null;
if (profileType == ORGANIZATION) {
registered = dsServices.getRegisteredServiceNames(null, entryDN);
} else {
registered = dsServices.getRegisteredServiceNames(null, getOrganizationDN());
}
it = canAssign.iterator();
while (it.hasNext()) {
if (!registered.contains((String) it.next())) {
throw new AMException(AMSDKBundle.getString("126", locale), "126");
}
}
} else {
canAssign = serviceNamesAndAttr.keySet();
}
newOCs = AMServiceUtils.getServiceObjectClasses(token, canAssign);
if (store) {
Set oldOCs = getAttribute("objectclass");
newOCs = AMCommonUtils.combineOCs(newOCs, oldOCs);
}
setAttribute("objectclass", newOCs);
Iterator it = canAssign.iterator();
while (it.hasNext()) {
String thisService = (String) it.next();
Map attrMap = (Map) serviceNamesAndAttr.get(thisService);
if ((attrMap == null) || attrMap.isEmpty()) {
attrMap = new HashMap();
}
try {
ServiceSchemaManager ssm = new ServiceSchemaManager(thisService, token);
ServiceSchema ss = null;
Object[] args = { thisService };
if (profileType == AMObject.USER) {
ss = ssm.getSchema(SchemaType.USER);
if (ss == null) {
ss = ssm.getSchema(SchemaType.DYNAMIC);
}
} else if ((profileType == AMObject.ORGANIZATION) || (profileType == AMObject.ORGANIZATIONAL_UNIT)) {
ss = ssm.getSchema(SchemaType.DOMAIN);
} else if ((profileType == AMObject.STATIC_GROUP) || (profileType == AMObject.DYNAMIC_GROUP) || (profileType == AMObject.ASSIGNABLE_DYNAMIC_GROUP) || (profileType == AMObject.GROUP)) {
ss = ssm.getSchema(SchemaType.GROUP);
}
if (ss == null) {
debug.warning(AMSDKBundle.getString("1001"));
throw new AMException(AMSDKBundle.getString("1001", args, locale), "1001", args);
}
if (ss.getServiceType() != SchemaType.DYNAMIC) {
attrMap = ss.validateAndInheritDefaults(attrMap, true);
}
/*
* Below we iterate through the attribute map to remove any
* attribute that do not have values (empty set) This is because
* the default behaviour when doing "setAttributes" with
* attributes containing no values is to "delete" that attribute
* from the entry. this is not the behaviour we want so the
* below check is a precaution to avoid that behaviour.
*/
attrMap = AMCommonUtils.removeEmptyValues(attrMap);
} catch (SMSException smse) {
debug.error("AMObjectImpl:assignService-> " + "unable to validate attributes for " + thisService, smse);
throw new AMException(AMSDKBundle.getString("908", locale), "908");
}
// TODO validate the attributes here...
setAttributes(attrMap);
}
if (store) {
store();
}
}
Also used :
TreeSet(java.util.TreeSet)
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
SMSException(com.sun.identity.sm.SMSException)
ServiceSchema(com.sun.identity.sm.ServiceSchema)
Iterator(java.util.Iterator)
HashMap(java.util.HashMap)
Map(java.util.Map)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
HashSet(java.util.HashSet)
Example 38 with ServiceSchemaManager
use of com.sun.identity.sm.ServiceSchemaManager in project OpenAM by OpenRock.
the class AMAuthLevelManager method updateGlobalAuthLevelMap.
/**
* Retreives and updates the service organization schema's global
* authentication level map with the changed authentication level.
*/
private void updateGlobalAuthLevelMap(String serviceName) {
if (debug.messageEnabled()) {
debug.message("updateGlobalAuthLevelMap for " + serviceName);
}
try {
ServiceSchemaManager ssm = new ServiceSchemaManager(serviceName, AuthD.getAuth().getSSOAuthSession());
ServiceSchema schema = ssm.getOrganizationSchema();
Map attrs = null;
if (schema != null) {
attrs = schema.getAttributeDefaults();
}
String module = moduleServiceMap.get(serviceName);
if ((module != null) && module.length() > 0) {
String attrName = AMAuthConfigUtils.getAuthLevelAttribute(attrs, module);
String authLevel = CollectionHelper.getMapAttr(attrs, attrName);
if ((authLevel != null) && (authLevel.length() > 0)) {
Integer level = Integer.valueOf(authLevel);
globalAuthLevelMap.put(module, level);
debug.message("authLevel is : {}", authLevel);
debug.message("globalAuthLevelMap is : {}", globalAuthLevelMap);
} else {
debug.warning("No auth level for module {}", module);
}
}
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.message("Error retrieving service schema ", e);
}
}
}
Also used :
ServiceSchema(com.sun.identity.sm.ServiceSchema)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
ConcurrentMap(java.util.concurrent.ConcurrentMap)
Collections.synchronizedMap(java.util.Collections.synchronizedMap)
Map(java.util.Map)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
SMSException(com.sun.identity.sm.SMSException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
SSOException(com.iplanet.sso.SSOException)
Example 39 with ServiceSchemaManager
use of com.sun.identity.sm.ServiceSchemaManager in project OpenAM by OpenRock.
the class AMAuthenticationManager method initAuthenticationService.
/**
* This code makes the authentication type list static. In case the list
* is expanded or shrinked, the server needs to be restarted.
*/
private static void initAuthenticationService() {
SSOToken token = getAdminToken();
try {
ServiceSchemaManager scm = new ServiceSchemaManager(ISAuthConstants.AUTH_SERVICE_NAME, token);
ServiceSchema schema = scm.getGlobalSchema();
Set<String> authenticators = (Set<String>) schema.getAttributeDefaults().get(ISAuthConstants.AUTHENTICATORS);
for (String module : authenticators) {
int index = module.lastIndexOf(".");
if (index != -1) {
module = module.substring(index + 1);
}
// Application is not one of the selectable instance type.
if (!module.equals(ISAuthConstants.APPLICATION_MODULE)) {
AUTH_TYPES.add(module);
}
String serviceName = MODULE_SERVICE_NAMES.get(module);
if (serviceName == null) {
serviceName = AuthUtils.getModuleServiceName(module);
try {
new ServiceSchemaManager(serviceName, token);
MODULE_SERVICE_NAMES.put(module, serviceName);
} catch (Exception e) {
GLOBAL_MODULE_NAMES.add(module);
AUTH_TYPES.remove(module);
}
}
}
if (DEBUG.messageEnabled()) {
DEBUG.message("Global module names: " + GLOBAL_MODULE_NAMES);
DEBUG.message("moduleServiceNames: " + MODULE_SERVICE_NAMES);
}
} catch (Exception smse) {
String installTime = SystemProperties.get(AdminTokenAction.AMADMIN_MODE);
if ((installTime != null) && installTime.equalsIgnoreCase("false")) {
DEBUG.error("Failed to get module types", smse);
}
}
}
Also used :
ServiceSchema(com.sun.identity.sm.ServiceSchema)
SSOToken(com.iplanet.sso.SSOToken)
HashSet(java.util.HashSet)
Set(java.util.Set)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
Example 40 with ServiceSchemaManager
use of com.sun.identity.sm.ServiceSchemaManager in project OpenAM by OpenRock.
the class AMAuthConfigUtils method getAllAuthModules.
/**
* Returns all supported authentication modules
*
* @param token Single Sign On token to be using for accessing configuration
* information.
* @return Map contains all modules, key is the module name (e.g. LDAP),
* value is the complete class name (example
* <code>com.sun.identity.authentication.modules.ldap.LDAP</code>)
*/
public static Map getAllAuthModules(SSOToken token) {
Map modules = new HashMap();
// if this is too slow, might need to consider listener option
try {
ServiceSchemaManager scm = new ServiceSchemaManager("iPlanetAMAuthService", token);
ServiceSchema global = scm.getGlobalSchema();
Map attrs = global.getAttributeDefaults();
Set classes = (Set) attrs.get("iplanet-am-auth-authenticators");
if (classes == null) {
return modules;
}
Iterator iter = classes.iterator();
while (iter.hasNext()) {
String name = (String) iter.next();
// skip Application module here since it is internal
if (name.equals("com.sun.identity.authentication.modules.application.Application")) {
continue;
}
if (debug.messageEnabled()) {
debug.message("getAllAuthModules. process " + name);
}
int dot = name.lastIndexOf('.');
if (dot > -1) {
String tmp = name.substring(dot + 1, name.length());
modules.put(tmp, name);
} else {
modules.put(name, name);
}
}
} catch (Exception e) {
// ignore exception
debug.error("getAllAuthModules", e);
}
return modules;
}
Also used :
ServiceSchema(com.sun.identity.sm.ServiceSchema)
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
Iterator(java.util.Iterator)
HashMap(java.util.HashMap)
Map(java.util.Map)
ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
Aggregations
ServiceSchemaManager (com.sun.identity.sm.ServiceSchemaManager)209
SMSException (com.sun.identity.sm.SMSException)146
ServiceSchema (com.sun.identity.sm.ServiceSchema)131
SSOException (com.iplanet.sso.SSOException)119
Set (java.util.Set)87
HashSet (java.util.HashSet)60
Map (java.util.Map)56
HashMap (java.util.HashMap)49
AttributeSchema (com.sun.identity.sm.AttributeSchema)46
SSOToken (com.iplanet.sso.SSOToken)43
Iterator (java.util.Iterator)40
CLIException (com.sun.identity.cli.CLIException)33
BeforeTest (org.testng.annotations.BeforeTest)27
AfterTest (org.testng.annotations.AfterTest)26
Test (org.testng.annotations.Test)26
CLIRequest (com.sun.identity.cli.CLIRequest)25
Parameters (org.testng.annotations.Parameters)18
ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)15
TreeSet (java.util.TreeSet)12
ByteString (org.forgerock.opendj.ldap.ByteString)11
