Example 41 with Attribute
use of org.forgerock.opendj.ldap.Attribute in project OpenAM by OpenRock.
the class LdapTokenAttributeConversion method mapFromEntry.
/**
* Convert an Entry into a more convenient Mapping of CoreTokenField to Object.
*
* This function is important because no every operation with LDAP needs to return a
* fully initialised Token. Instead users may be interested in only certain
* attributes of the Token, and choose to query just those as a performance enhancement.
*
* @param entry Non null entry to convert.
*
* @return A mapping of zero or more CoreTokenFields to Objects.
*/
public Map<CoreTokenField, Object> mapFromEntry(Entry entry) {
stripObjectClass(entry);
Map<CoreTokenField, Object> r = new LinkedHashMap<>();
for (Attribute a : entry.getAllAttributes()) {
AttributeDescription description = a.getAttributeDescription();
CoreTokenField field = CoreTokenField.fromLDAPAttribute(description.toString());
// Special case for Token Type
if (CoreTokenField.TOKEN_TYPE.equals(field)) {
String value = entry.parseAttribute(description).asString();
r.put(field, TokenType.valueOf(value));
continue;
}
if (CoreTokenFieldTypes.isCalendar(field)) {
String dateString = entry.parseAttribute(description).asString();
Calendar calendar = conversion.fromLDAPDate(dateString);
r.put(field, calendar);
} else if (CoreTokenFieldTypes.isString(field)) {
String value = entry.parseAttribute(description).asString();
if (EMPTY.equals(value)) {
value = "";
}
r.put(field, value);
} else if (CoreTokenFieldTypes.isInteger(field)) {
Integer value = entry.parseAttribute(description).asInteger();
r.put(field, value);
} else if (CoreTokenFieldTypes.isByteArray(field)) {
byte[] data = entry.parseAttribute(description).asByteString().toByteArray();
r.put(field, data);
} else {
throw new IllegalStateException();
}
}
return r;
}
Also used :
Attribute(org.forgerock.opendj.ldap.Attribute)
Calendar(java.util.Calendar)
CoreTokenField(org.forgerock.openam.tokens.CoreTokenField)
LinkedHashMap(java.util.LinkedHashMap)
AttributeDescription(org.forgerock.opendj.ldap.AttributeDescription)
Example 42 with Attribute
use of org.forgerock.opendj.ldap.Attribute in project OpenAM by OpenRock.
the class IndexChangeHandler method handleEntry.
@Override
public boolean handleEntry(SearchResultEntry entry) {
EntryChangeNotificationResponseControl control = null;
try {
// Retrieve details of the policy change.
control = entry.getControl(EntryChangeNotificationResponseControl.DECODER, new DecodeOptions());
} catch (DecodeException dE) {
DEBUG.error("Error occurred attempting to read policy rule change.", dE);
// Notify observers of the exception and proceed no further.
observable.notifyObservers(ErrorEventType.SEARCH_FAILURE.createEvent());
return true;
}
// Extract the realm from the DN to be passed as part of the event.
String dn = entry.getName().toString();
String orgName = dn.substring(dn.indexOf(SERVICE_DECLARATION) + SERVICE_DECLARATION.length());
String realm = dnMapper.orgNameToRealmName(orgName);
// Retrieve all sunxmlKeyValue attributes.
Attribute attributes = entry.getAttribute(AttributeDescription.valueOf("sunxmlKeyValue"));
for (ByteString attrValue : attributes) {
String attStrValue = attrValue.toString();
if (attStrValue.startsWith(INDEX_PATH_ATT)) {
// Extract the path index out of the attribute value.
String pathIndex = attStrValue.substring(INDEX_PATH_ATT.length() + 1);
switch(control.getChangeType()) {
case MODIFY:
// this will result in the old index remaining.
case ADD:
observable.notifyObservers(ModificationEventType.ADD.createEvent(pathIndex, realm));
break;
case DELETE:
observable.notifyObservers(ModificationEventType.DELETE.createEvent(pathIndex, realm));
break;
}
}
}
return true;
}
Also used :
Attribute(org.forgerock.opendj.ldap.Attribute)
ByteString(org.forgerock.opendj.ldap.ByteString)
EntryChangeNotificationResponseControl(org.forgerock.opendj.ldap.controls.EntryChangeNotificationResponseControl)
ByteString(org.forgerock.opendj.ldap.ByteString)
DecodeException(org.forgerock.opendj.ldap.DecodeException)
DecodeOptions(org.forgerock.opendj.ldap.DecodeOptions)
Example 43 with Attribute
use of org.forgerock.opendj.ldap.Attribute in project OpenAM by OpenRock.
the class LdifUtils method createSchemaFromLDIF.
/**
* Creates LDAP schema from LDIF file.
*
* @param ldif LDIF object.
* @param ld LDAP Connection.
* @throws IOException If an error occurs when reading the LDIF file.
*/
public static void createSchemaFromLDIF(LDIFChangeRecordReader ldif, final Connection ld) throws IOException {
while (ldif.hasNext()) {
final ChangeRecord changeRecord = ldif.readChangeRecord();
changeRecord.accept(new ChangeRecordVisitor<Void, Void>() {
@Override
public Void visitChangeRecord(Void aVoid, AddRequest change) {
try {
change.addControl(TransactionIdControl.newControl(AuditRequestContext.createSubTransactionIdValue()));
ld.add(change);
} catch (LdapException e) {
if (ResultCode.ENTRY_ALREADY_EXISTS.equals(e.getResult().getResultCode())) {
for (Attribute attr : change.getAllAttributes()) {
ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(change.getName());
modifyRequest.addModification(new Modification(ModificationType.ADD, attr));
try {
ld.modify(modifyRequest);
} catch (LdapException ex) {
DEBUG.warning("LDAPUtils.createSchemaFromLDIF - Could not modify schema: {}", modifyRequest, ex);
}
}
} else {
DEBUG.warning("LDAPUtils.createSchemaFromLDIF - Could not add to schema: {}", change, e);
}
}
return null;
}
@Override
public Void visitChangeRecord(Void aVoid, ModifyRequest change) {
try {
change.addControl(TransactionIdControl.newControl(AuditRequestContext.createSubTransactionIdValue()));
ld.modify(change);
} catch (LdapException e) {
DEBUG.warning("LDAPUtils.createSchemaFromLDIF - Could not modify schema: {}", change, e);
}
return null;
}
@Override
public Void visitChangeRecord(Void aVoid, ModifyDNRequest change) {
return null;
}
@Override
public Void visitChangeRecord(Void aVoid, DeleteRequest change) {
DEBUG.message("Delete request ignored: {}", changeRecord);
return null;
}
}, null);
}
}
Also used :
AddRequest(org.forgerock.opendj.ldap.requests.AddRequest)
ModifyDNRequest(org.forgerock.opendj.ldap.requests.ModifyDNRequest)
Modification(org.forgerock.opendj.ldap.Modification)
Attribute(org.forgerock.opendj.ldap.Attribute)
ModifyRequest(org.forgerock.opendj.ldap.requests.ModifyRequest)
ChangeRecord(org.forgerock.opendj.ldif.ChangeRecord)
LdapException(org.forgerock.opendj.ldap.LdapException)
DeleteRequest(org.forgerock.opendj.ldap.requests.DeleteRequest)
Example 44 with Attribute
use of org.forgerock.opendj.ldap.Attribute in project OpenAM by OpenRock.
the class DataLayer method getAttributes.
/**
* Returns attributes for the given attribute names.
*
* @param principal Authentication Principal.
* @param guid Distinguished name.
* @param attrNames Attribute names.
* @return collection of Attr.
*
* @supported.api
*/
public Collection<Attr> getAttributes(Principal principal, Guid guid, Collection<String> attrNames) {
String id = guid.getDn();
SearchRequest request = LDAPRequests.newSearchRequest(id, SearchScope.BASE_OBJECT, "(objectclass=*)", attrNames.toArray(EMPTY_STRING_ARRAY));
ConnectionEntryReader ldapEntry;
try {
ldapEntry = readLDAPEntry(principal, request);
if (ldapEntry == null) {
debug.warning("No attributes returned may not have permission to read");
return Collections.emptySet();
}
Collection<Attr> attributes = new ArrayList<>();
while (ldapEntry.hasNext()) {
if (ldapEntry.isEntry()) {
SearchResultEntry entry = ldapEntry.readEntry();
for (Attribute attr : entry.getAllAttributes()) {
attributes.add(new Attr(attr));
}
}
}
return attributes;
} catch (Exception e) {
debug.warning("Exception in DataLayer.getAttributes for DN: {}", id, e);
return null;
}
}
Also used :
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
Attribute(org.forgerock.opendj.ldap.Attribute)
ArrayList(java.util.ArrayList)
ByteString(org.forgerock.opendj.ldap.ByteString)
Attr(com.iplanet.services.ldap.Attr)
LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException)
LdapException(org.forgerock.opendj.ldap.LdapException)
IOException(java.io.IOException)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 45 with Attribute
use of org.forgerock.opendj.ldap.Attribute in project OpenAM by OpenRock.
the class DataLayer method addEntry.
/**
* Adds entry to the server.
*
* @param principal Authenticated Principal.
* @param guid Distinguished name.
* @param attrSet attribute set containing name/value pairs.
* @exception AccessRightsException if insufficient access>
* @exception EntryAlreadyExistsException if the entry already exists.
* @exception UMSException if fail to add entry.
*
* @supported.api
*/
public void addEntry(java.security.Principal principal, Guid guid, AttrSet attrSet) throws UMSException {
String id = guid.getDn();
ResultCode errorCode;
try {
AddRequest request = LDAPRequests.newAddRequest(id);
for (Attribute attribute : attrSet.toLDAPAttributeSet()) {
request.addAttribute(attribute);
}
int retry = 0;
while (retry <= connNumRetry) {
if (debug.messageEnabled()) {
debug.message("DataLayer.addEntry retry: " + retry);
}
try (Connection conn = getConnection(principal)) {
conn.add(request);
return;
} catch (LdapException e) {
errorCode = e.getResult().getResultCode();
if (!retryErrorCodes.contains(errorCode) || retry == connNumRetry) {
throw e;
}
retry++;
try {
Thread.sleep(connRetryInterval);
} catch (InterruptedException ex) {
}
}
}
} catch (LdapException e) {
if (debug.warningEnabled()) {
debug.warning("Exception in DataLayer.addEntry for DN: " + id, e);
}
errorCode = e.getResult().getResultCode();
String[] args = { id };
if (ResultCode.ENTRY_ALREADY_EXISTS.equals(errorCode)) {
throw new EntryAlreadyExistsException(i18n.getString(IUMSConstants.ENTRY_ALREADY_EXISTS, args), e);
} else if (ResultCode.INSUFFICIENT_ACCESS_RIGHTS.equals(errorCode)) {
throw new AccessRightsException(i18n.getString(IUMSConstants.INSUFFICIENT_ACCESS_ADD, args), e);
} else {
throw new UMSException(i18n.getString(IUMSConstants.UNABLE_TO_ADD_ENTRY, args), e);
}
}
}
Also used :
AddRequest(org.forgerock.opendj.ldap.requests.AddRequest)
Attribute(org.forgerock.opendj.ldap.Attribute)
Connection(org.forgerock.opendj.ldap.Connection)
ByteString(org.forgerock.opendj.ldap.ByteString)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Aggregations
Attribute (org.forgerock.opendj.ldap.Attribute)48
ByteString (org.forgerock.opendj.ldap.ByteString)35
LdapException (org.forgerock.opendj.ldap.LdapException)30
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)28
Connection (org.forgerock.opendj.ldap.Connection)25
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)16
HashSet (java.util.HashSet)14
IOException (java.io.IOException)13
LinkedAttribute (org.forgerock.opendj.ldap.LinkedAttribute)11
SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)10
SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)9
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)8
FileNotFoundException (java.io.FileNotFoundException)6
ArrayList (java.util.ArrayList)6
LinkedHashSet (java.util.LinkedHashSet)6
Set (java.util.Set)6
Modification (org.forgerock.opendj.ldap.Modification)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
HashMap (java.util.HashMap)5
ModifyRequest (org.forgerock.opendj.ldap.requests.ModifyRequest)5
