Examples with LdapException org.forgerock.opendj.ldap.LdapException used on opensource projects

Example 61 with LdapException

use of org.forgerock.opendj.ldap.LdapException in project OpenAM by OpenRock.

the class LdapSearchHandlerTest method shouldThrowExceptionOnFailure.

@Test(expectedExceptions = QueryFailedException.class)
public void shouldThrowExceptionOnFailure() throws QueryFailedException, LdapException {
    LdapException error = LdapException.newLdapException(ResultCode.NO_SUCH_OBJECT);
    given(mockConnection.search(any(SearchRequest.class), anyCollection())).willThrow(error);
    handler.performSearch(mockConnection, mockRequest, Collections.<Entry>emptyList());
}

Example 62 with LdapException

use of org.forgerock.opendj.ldap.LdapException in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getFilteredRoleMemberships.

/**
     * Returns the filtered and non-filtered role memberships for this given user. This will execute a read on the user
     * entry to retrieve the nsRole attribute. The values of the attribute will be returned along with the non-filtered
     * role memberships.
     *
     * @param dn The DN of the user identity.
     * @return The DNs of the filtered roles this user is member of.
     * @throws IdRepoException If there was an error while retrieving the filtered or non-filtered role membership
     * information.
     */
private Set<String> getFilteredRoleMemberships(String dn) throws IdRepoException {
    Set<String> results = new CaseInsensitiveHashSet();
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        SearchResultEntry entry = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn, roleAttr));
        Attribute attr = entry.getAttribute(roleAttr);
        if (attr != null) {
            results.addAll(LDAPUtils.getAttributeValuesAsStringSet(attr));
        }
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while trying to retrieve filtered role memberships for " + dn + " using " + roleAttr + " attribute", ere);
        handleErrorResult(ere);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    results.addAll(getRoleMemberships(dn));
    return results;
}

Example 63 with LdapException

use of org.forgerock.opendj.ldap.LdapException in project OpenAM by OpenRock.

the class DJLDAPv3Repo method changePassword.

/**
     * Changes password for the given identity by binding as the user first (i.e. this is not password reset). In case
     * of Active Directory the password will be encoded first. This will issue a DELETE for the old password and an ADD
     * for the new password value.
     *
     * @param token Not used.
     * @param type The type of the identity, this should be always USER.
     * @param name The name of the identity.
     * @param attrName The name of the password attribute, usually "userpassword" or "unicodepwd".
     * @param oldPassword The current password of the identity.
     * @param newPassword The new password of the idenity.
     * @throws IdRepoException If the identity type is invalid, or the entry cannot be found, or some other LDAP error
     * occurs while changing the password (like password policy related errors).
     */
@Override
public void changePassword(SSOToken token, IdType type, String name, String attrName, String oldPassword, String newPassword) throws IdRepoException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("changePassword invoked");
    }
    if (!type.equals(IdType.USER)) {
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.CHANGE_PASSWORD_ONLY_FOR_USER, new Object[] { CLASS_NAME });
    }
    String dn = getDN(type, name);
    BindRequest bindRequest = LDAPRequests.newSimpleBindRequest(dn, oldPassword.toCharArray());
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    byte[] encodedOldPwd = helper.encodePassword(oldPassword);
    byte[] encodedNewPwd = helper.encodePassword(newPassword);
    modifyRequest.addModification(ModificationType.DELETE, attrName, encodedOldPwd);
    modifyRequest.addModification(ModificationType.ADD, attrName, encodedNewPwd);
    Connection conn = null;
    try {
        conn = bindConnectionFactory.getConnection();
        conn.bind(bindRequest);
        conn.modify(modifyRequest);
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while trying to change password for identity: " + name, ere);
        try {
            handleErrorResult(ere);
        } catch (IdRepoException e) {
            throw new PasswordPolicyException(e);
        }
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
}

Example 64 with LdapException

use of org.forgerock.opendj.ldap.LdapException in project OpenAM by OpenRock.

the class DJLDAPv3Repo method removeAttributes.

/**
     * Removes the specified attributes from the identity.
     *
     * @param token Not used.
     * @param type The type of the identity.
     * @param name The name of the identity.
     * @param attrNames The set of attribute names that needs to be removed from the identity.
     * @throws IdRepoException If there is no attribute name provided, or if the identity cannot be found, or there is
     * an error while modifying the entry.
     */
@Override
public void removeAttributes(SSOToken token, IdType type, String name, Set<String> attrNames) throws IdRepoException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("removeAttributes invoked");
    }
    attrNames = removeUndefinedAttributes(type, attrNames);
    if (attrNames.isEmpty()) {
        throw newIdRepoException(IdRepoErrorCode.ILLEGAL_ARGUMENTS);
    }
    String dn = getDN(type, name);
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    for (String attr : attrNames) {
        modifyRequest.addModification(ModificationType.DELETE, attr);
    }
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        conn.modify(modifyRequest);
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while removing attributes from identity: " + name + " attributes: " + attrNames, ere);
        handleErrorResult(ere);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
}

Example 65 with LdapException

use of org.forgerock.opendj.ldap.LdapException in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getGroupMembers.

/**
     * Returns the DNs of the members of this group. If the MemberURL attribute has been configured, then this
     * will also try to retrieve dynamic group members using the memberURL.
     *
     * @param dn The DN of the group to query.
     * @return The DNs of the members.
     * @throws IdRepoException If there is an error while trying to retrieve the members.
     */
private Set<String> getGroupMembers(String dn) throws IdRepoException {
    Set<String> results = new HashSet<String>();
    Connection conn = null;
    String[] attrs;
    if (memberURLAttr != null) {
        attrs = new String[] { uniqueMemberAttr, memberURLAttr };
    } else {
        attrs = new String[] { uniqueMemberAttr };
    }
    try {
        conn = connectionFactory.getConnection();
        SearchResultEntry entry = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn, attrs));
        Attribute attr = entry.getAttribute(uniqueMemberAttr);
        if (attr != null) {
            results.addAll(LDAPUtils.getAttributeValuesAsStringSet(attr));
        } else if (memberURLAttr != null) {
            attr = entry.getAttribute(memberURLAttr);
            if (attr != null) {
                for (ByteString byteString : attr) {
                    LDAPUrl url = LDAPUrl.valueOf(byteString.toString());
                    SearchRequest searchRequest = LDAPRequests.newSearchRequest(url.getName(), url.getScope(), url.getFilter(), DN_ATTR);
                    searchRequest.setTimeLimit(defaultTimeLimit);
                    searchRequest.setSizeLimit(defaultSizeLimit);
                    ConnectionEntryReader reader = conn.search(searchRequest);
                    while (reader.hasNext()) {
                        if (reader.isEntry()) {
                            results.add(reader.readEntry().getName().toString());
                        } else {
                            //ignore search result references
                            reader.readReference();
                        }
                    }
                }
            }
        }
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while retrieving group members for " + dn, ere);
        handleErrorResult(ere);
    } catch (SearchResultReferenceIOException srrioe) {
        //should never ever happen...
        DEBUG.error("Got reference instead of entry", srrioe);
        throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    return results;
}