Example 11 with RDN
use of org.forgerock.opendj.ldap.RDN in project OpenAM by OpenRock.
the class CreateServiceConfig method createOrganization.
/*
* create the sub-organization.
*/
static void createOrganization(SSOToken token, String orgDN) throws SMSException {
// Check if the organization already exists
try {
// Normalize DN, so it can be parsed and compared
Object[] args1 = { orgDN };
DN ldapName = DN.valueOf(orgDN);
orgDN = ldapName.toString();
if (orgDN.length() == 0) {
SMSEntry.debug.error("CreateServiceConfig." + "createOrganization() : Detected invalid characters. " + "Invalid realm name: " + args1[0]);
throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME, "sms-invalid-org-name", args1));
}
CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token, orgDN);
if (cEntry.isDirty()) {
cEntry.refresh();
}
SMSEntry e = cEntry.getClonedSMSEntry();
if (!e.isNewEntry()) {
SMSEntry.debug.error("Organization already exists: " + orgDN);
throw (new OrganizationAlreadyExistsException(IUMSConstants.UMS_BUNDLE_NAME, IUMSConstants.SMS_organization_already_exists_no_args, null));
}
// Reverse RDN order
List<RDN> rdns = new ArrayList<>();
for (RDN rdn : ldapName) {
rdns.add(0, rdn);
}
// Need to start from baseDN, to create intermediate nodes
String partdn = rdns.get(0).toString();
// Obtain the baseDN
int index = 0;
while (index < rdns.size() - 1 && !partdn.equalsIgnoreCase(DNMapper.serviceDN)) {
partdn = rdns.get(++index).toString() + "," + partdn;
}
// Check the intermediate nodes
while (index < rdns.size() - 1) {
partdn = rdns.get(++index).toString() + "," + partdn;
cEntry = CachedSMSEntry.getInstance(token, partdn);
if (cEntry.isDirty()) {
cEntry.refresh();
}
e = cEntry.getClonedSMSEntry();
if (e.isNewEntry()) {
// Create the realm
// Add needed object classes
e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_REALM_SERVICE);
e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
e.save(token);
cEntry.refresh(e);
}
}
} catch (SSOException ssoe) {
SMSEntry.debug.error("CreateServiceConfig: Unable to " + "create organization ", ssoe);
throw (new SMSException(SMSEntry.bundle.getString("sms-INVALID_SSO_TOKEN"), "sms-INVALID_SSO_TOKEN"));
}
}
Also used :
ArrayList(java.util.ArrayList)
RDN(org.forgerock.opendj.ldap.RDN)
DN(org.forgerock.opendj.ldap.DN)
SSOException(com.iplanet.sso.SSOException)
RDN(org.forgerock.opendj.ldap.RDN)
Example 12 with RDN
use of org.forgerock.opendj.ldap.RDN in project OpenAM by OpenRock.
the class DNMapper method realmNameToAMSDKName.
/**
* Converts realm name to AMSDK compliant organization name
*/
public static String realmNameToAMSDKName(String realmName) {
String dn = orgNameToDN(realmName);
String dnlc = dn.toLowerCase();
if (debug.messageEnabled()) {
debug.message("DNMapper.realmNameToAMSDKName realmName =" + realmName);
debug.message("DNMapper.realmNameToAMSDKName orgDN =" + dn);
}
// Check for baseDN and internal hidden realm names
if ((dnlc.equals(SMSEntry.baseDN)) && (!dnlc.equals(SMSEntry.amsdkbaseDN))) {
return (SMSEntry.amsdkbaseDN);
}
if (dnlc.equals(SMSEntry.baseDN) || dnlc.startsWith(SMSEntry.SUN_INTERNAL_REALM_PREFIX)) {
return (SMSEntry.baseDN);
}
// If realm is not enabled, remove "ou=services" node
StringBuilder buf = new StringBuilder(dn.length());
String orgAttr = OrgConfigViaAMSDK.getNamingAttrForOrg();
// If orgAttr is null or is "o", return after removing "ou=services"
if (orgAttr == null || orgAttr.equalsIgnoreCase(SMSEntry.ORGANIZATION_RDN)) {
String answer = replaceString(dn, ",ou=services,", ",");
if (debug.messageEnabled()) {
debug.message("DNMapper.realmNameToAMSDKName sdkName =" + answer);
}
return (answer);
}
// Remove the baseDN and parse the DN
int index = dnlc.indexOf(serviceDN);
if (index == -1) {
// Try the baseDN
index = dnlc.indexOf(SMSEntry.baseDN);
}
String answer = (index == -1) ? dn : dn.substring(0, index - 1);
DN answerDN = DN.valueOf(answer);
for (RDN rdn : answerDN) {
buf.append(orgAttr).append(SMSEntry.EQUALS).append(rdnValue(rdn));
buf.append(',');
}
// Append baseDN and return
buf.append(SMSEntry.baseDN);
if (debug.messageEnabled()) {
debug.message("DNMapper.realmNameToAMSDKName sdkName =" + buf.toString());
}
return (buf.toString());
}Example 13 with RDN
use of org.forgerock.opendj.ldap.RDN in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSubtree.
/**
* Private method used by "removeEntry" to delete an entire subtree
*/
private void removeSubtree(SSOToken token, String entryDN, boolean softDelete) throws AMException, SSOException {
int type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
Guid guid = new Guid(entryDN);
PersistentObject po = UMSObject.getObjectHandle(internalToken, guid);
// first get all the children of the object
SearchControl control = new SearchControl();
control.setSearchScope(SearchControl.SCOPE_SUB);
String searchFilter = "(|(objectclass=*)(objectclass=ldapsubEntry))";
List list = new ArrayList();
// get number of RDNs in the entry itself
int entryRDNs = DN.valueOf(entryDN).size();
// to count maximum level of RDNs in the search return
int maxRDNCount = entryRDNs;
// go through all search results, add DN to the list, and
// set the maximun RDN count, will be used to remove DNs
SearchResults children = po.getChildren(searchFilter, control);
while (children.hasMoreElements()) {
PersistentObject object = children.next();
DN dn = DN.valueOf(object.getDN());
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): " + "found child: " + object.getDN());
}
int count = dn.size();
if (count > maxRDNCount) {
maxRDNCount = count;
}
list.add(dn);
}
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): max " + "RDNs: " + maxRDNCount);
}
// go through all search results, delete entries from the
// bottom up, starting from entries whose's RDN count
// equals the maxRDNCount
// TODO : If the list has too many entries, then the multiple
// iteration in the inner for loop may be the bottleneck.
// One enhancement to the existing algorithm is to store all
// the entries by level in a different List. Per Sai's comments
int len = list.size();
for (int i = maxRDNCount; i >= entryRDNs; i--) {
for (int j = 0; j < len; j++) {
DN dn = (DN) list.get(j);
// check if we need delete it now
if (dn.size() == i) {
// remove the entry
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl." + "removeEntry(): del " + dn.toString());
}
String rfcDN = dn.toString();
type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
type = getObjectType(internalToken, rfcDN);
} catch (AMException ae) {
// Not a managed type, just delete it.
Guid g = new Guid(rfcDN);
UMSObject.removeObject(token, g);
}
// Do a non-recursive delete
if (type != AMObject.UNKNOWN_OBJECT_TYPE && type != AMObject.UNDETERMINED_OBJECT_TYPE) {
try {
removeSingleEntry(token, rfcDN, type, softDelete);
} catch (AMPreCallBackException amp) {
debug.error("DirectoryServicesImpl." + "removeSubTree: Aborting delete of: " + rfcDN + " due to pre-callback exception", amp);
}
}
// remove the deleted entry from the list
list.remove(j);
// move back pointer, as current element is removed
j--;
// reduce list length
len--;
}
}
}
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(type);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
ArrayList(java.util.ArrayList)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
RDN(org.forgerock.opendj.ldap.RDN)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
List(java.util.List)
ArrayList(java.util.ArrayList)
SearchControl(com.iplanet.ums.SearchControl)
AMPreCallBackException(com.iplanet.am.sdk.AMPreCallBackException)
Example 14 with RDN
use of org.forgerock.opendj.ldap.RDN in project OpenAM by OpenRock.
the class SMSAuditor method getRealmFromDN.
/**
* Extract the realm from the LDAP DN
* @param dn The DN from which to extract the realm
* @return The extracted realm's name
*/
public static String getRealmFromDN(String dn) {
Stack stack = new Stack();
for (Iterator<RDN> itr = DN.valueOf(dn).iterator(); itr.hasNext(); ) {
RDN rdn = itr.next();
if (LDAPUtils.rdnType(rdn).equals("ou") && LDAPUtils.rdnValue(rdn).equals("GlobalConfig")) {
return null;
} else if (LDAPUtils.rdnType(rdn).equals("o")) {
stack.push(LDAPUtils.rdnValue(rdn));
}
}
StringBuilder builder = new StringBuilder();
while (!stack.empty()) {
builder.append("/");
builder.append(stack.pop());
}
if (builder.length() > 0) {
return builder.toString();
}
return "/";
}Example 15 with RDN
use of org.forgerock.opendj.ldap.RDN in project OpenAM by OpenRock.
the class PolicyUtils method getDNDisplayString.
/**
* Returns a display string for an LDAP distinguished name.
*
* @param strDN distinguished name.
* @return display string for the LDAP distinguished name.
*/
public static String getDNDisplayString(String strDN) {
String displayString = null;
/*
* Given a value of cn=Accounting Managers,ou=groups,dc=iplanet,dc=com,
* this method returns com > iplanet > groups > Accounting Managers
*/
DN dn = DN.valueOf(strDN);
if (!LDAPUtils.isDN(strDN)) {
displayString = strDN;
} else {
List<RDN> rdns = new ArrayList<>();
for (RDN rdn : dn) {
rdns.add(0, rdn);
}
StringBuilder buff = new StringBuilder(1024);
for (int i = 0; i < rdns.size(); i++) {
RDN rdn = rdns.get(i);
buff.append(LDAPUtils.rdnValue(rdn));
if (i < rdns.size() - 1) {
buff.append(" > ");
}
}
displayString = buff.toString();
}
return displayString;
}Aggregations
RDN (org.forgerock.opendj.ldap.RDN)18
DN (org.forgerock.opendj.ldap.DN)17
ArrayList (java.util.ArrayList)7
HashSet (java.util.HashSet)4
Iterator (java.util.Iterator)4
Set (java.util.Set)4
SSOException (com.iplanet.sso.SSOException)3
Map (java.util.Map)3
AMException (com.iplanet.am.sdk.AMException)2
AMStoreConnection (com.iplanet.am.sdk.AMStoreConnection)2
AttrSet (com.iplanet.services.ldap.AttrSet)2
OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)2
TreeSet (java.util.TreeSet)2
AMObject (com.iplanet.am.sdk.AMObject)1
AMOrganization (com.iplanet.am.sdk.AMOrganization)1
AMOrganizationalUnit (com.iplanet.am.sdk.AMOrganizationalUnit)1
AMPreCallBackException (com.iplanet.am.sdk.AMPreCallBackException)1
AMRole (com.iplanet.am.sdk.AMRole)1
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)1
AMUser (com.iplanet.am.sdk.AMUser)1
