Example 21 with ResultCode
use of org.forgerock.opendj.ldap.ResultCode in project OpenAM by OpenRock.
the class DirectoryServicesImpl method getMembers.
/**
* Get members for roles, dynamic group or static group
*
* @param token
* SSOToken
* @param entryDN
* DN of the role or group
* @param objectType
* objectType of the target object, AMObject.ROLE or
* AMObject.GROUP
* @return Set Member DNs
*/
public Set getMembers(SSOToken token, String entryDN, int objectType) throws AMException {
try {
SearchResults results;
switch(objectType) {
case AMObject.ROLE:
case AMObject.MANAGED_ROLE:
ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(entryDN));
results = role.getMemberIDs();
return searchResultsToSet(results);
case AMObject.FILTERED_ROLE:
FilteredRole filteredRole = (FilteredRole) UMSObject.getObject(token, new Guid(entryDN));
results = filteredRole.getMemberIDs();
return searchResultsToSet(results);
case AMObject.GROUP:
case AMObject.STATIC_GROUP:
StaticGroup group = (StaticGroup) UMSObject.getObject(token, new Guid(entryDN));
results = group.getMemberIDs();
return searchResultsToSet(results);
case AMObject.DYNAMIC_GROUP:
DynamicGroup dynamicGroup = (DynamicGroup) UMSObject.getObject(token, new Guid(entryDN));
results = dynamicGroup.getMemberIDs();
return searchResultsToSet(results);
case AMObject.ASSIGNABLE_DYNAMIC_GROUP:
// TODO: See if it works after removing this workaround
// fake object to get around UMS problem.
// UMS AssignableDynamicGroup has a class resolver, it is
// added to resolver list in static block. So I need to
// construct a dummy AssignableDynamicGroup
AssignableDynamicGroup adgroup = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(entryDN));
results = adgroup.getMemberIDs();
return searchResultsToSet(results);
default:
throw new AMException(token, "114");
}
} catch (EntryNotFoundException e) {
debug.error("DirectoryServicesImpl.getMembers() entryDN " + entryDN + " objectType: " + objectType + " Unable to get members: ", e);
String msgid = getEntryNotFoundMsgID(objectType);
String entryName = getEntryName(e);
Object[] args = { entryName };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.getMembers() entryDN " + entryDN + " objectType: " + objectType + " Unable to get members: ", e);
LdapException le = (LdapException) e.getRootCause();
if (le != null) {
ResultCode resultCode = le.getResult().getResultCode();
if (ResultCode.SIZE_LIMIT_EXCEEDED.equals(resultCode) || ResultCode.ADMIN_LIMIT_EXCEEDED.equals(resultCode)) {
throw new AMException(token, "505", e);
}
}
throw new AMException(token, "454", e);
}
}
Also used :
DynamicGroup(com.iplanet.ums.DynamicGroup)
AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)
UMSException(com.iplanet.ums.UMSException)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
StaticGroup(com.iplanet.ums.StaticGroup)
ManagedRole(com.iplanet.ums.ManagedRole)
FilteredRole(com.iplanet.ums.FilteredRole)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
LdapException(org.forgerock.opendj.ldap.LdapException)
AssignableDynamicGroup(com.iplanet.ums.AssignableDynamicGroup)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Example 22 with ResultCode
use of org.forgerock.opendj.ldap.ResultCode in project OpenAM by OpenRock.
the class SMSLdapObject method modify.
/**
* Save the entry using the token provided. The principal provided will be
* used to get the proxy connection.
*/
public void modify(SSOToken token, String dn, ModificationItem[] mods) throws SMSException, SSOException {
int retry = 0;
ModifyRequest request = copyModItemsToModifyRequest(DN.valueOf(dn), mods);
while (retry <= connNumRetry) {
debug.message("SMSLdapObject.modify() retry: {}", retry);
try (Connection conn = getConnection(token.getPrincipal())) {
conn.modify(request);
debug.message("SMSLdapObject.modify(): Successfully modified entry: {}", dn);
break;
} catch (LdapException e) {
ResultCode errorCode = e.getResult().getResultCode();
if (!retryErrorCodes.contains(errorCode) || retry == connNumRetry) {
debug.error("SMSLdapObject.modify(): Error modifying: {} By Principal {}", dn, token.getPrincipal().getName(), e);
throw new SMSException(e, "sms-entry-cannot-modify");
}
retry++;
try {
Thread.sleep(connRetryInterval);
} catch (InterruptedException ex) {
// ignored
}
}
}
}
Also used :
SMSException(com.sun.identity.sm.SMSException)
Connection(org.forgerock.opendj.ldap.Connection)
ModifyRequest(org.forgerock.opendj.ldap.requests.ModifyRequest)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Example 23 with ResultCode
use of org.forgerock.opendj.ldap.ResultCode in project OpenAM by OpenRock.
the class SMSLdapObject method getSubEntries.
private Set<String> getSubEntries(SSOToken token, String dn, String filter, int numOfEntries, boolean sortResults, boolean ascendingOrder) throws SMSException, SSOException {
SearchRequest request = getSearchRequest(dn, filter, SearchScope.SINGLE_LEVEL, numOfEntries, 0, sortResults, ascendingOrder, getNamingAttribute(), O_ATTR);
int retry = 0;
Set<String> answer = new LinkedHashSet<>();
ConnectionEntryReader results;
while (retry <= connNumRetry) {
debug.message("SMSLdapObject.subEntries() retry: {}", retry);
try (Connection conn = getConnection(token.getPrincipal())) {
// Get the sub entries
ConnectionEntryReader iterResults = conn.search(request);
iterResults.hasNext();
results = iterResults;
// Construct the results and return
try {
while (results != null && results.hasNext()) {
try {
if (results.isReference()) {
debug.warning("Skipping reference result: {}", results.readReference());
continue;
}
SearchResultEntry entry = results.readEntry();
// Workaround for 3823, where (objectClass=*) is used
if (entry.getName().toString().toLowerCase().startsWith("ou=")) {
answer.add(entry.getName().rdn().getFirstAVA().getAttributeValue().toString());
}
} catch (SearchResultReferenceIOException e) {
debug.error("SMSLdapObject.subEntries: Reference should be handled already for dn {}", dn, e);
}
}
} catch (LdapException e) {
debug.warning("SMSLdapObject.subEntries: Error in obtaining sub-entries: {}", dn, e);
throw new SMSException(e, "sms-entry-cannot-obtain");
}
break;
} catch (LdapException e) {
ResultCode errorCode = e.getResult().getResultCode();
if (errorCode.equals(ResultCode.NO_SUCH_OBJECT)) {
debug.message("SMSLdapObject.subEntries(): entry not present: {}", dn);
break;
}
if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
debug.warning("SMSLdapObject.subEntries: Unable to search for sub-entries: {}", dn, e);
throw new SMSException(e, "sms-entry-cannot-search");
}
retry++;
try {
Thread.sleep(connRetryInterval);
} catch (InterruptedException ex) {
// ignored
}
}
}
debug.message("SMSLdapObject.subEntries: Successfully obtained sub-entries for {}", dn);
return answer;
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
SMSException(com.sun.identity.sm.SMSException)
Connection(org.forgerock.opendj.ldap.Connection)
SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException)
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 24 with ResultCode
use of org.forgerock.opendj.ldap.ResultCode in project OpenAM by OpenRock.
the class SMSLdapObject method searchObjects.
private ConnectionEntryReader searchObjects(SSOToken token, String startDN, String filter, int numOfEntries, int timeLimit, boolean sortResults, boolean ascendingOrder, Connection conn) throws SSOException, SMSException {
ConnectionEntryReader results = null;
int retry = 0;
SearchRequest request = getSearchRequest(startDN, filter, SearchScope.WHOLE_SUBTREE, numOfEntries, timeLimit);
while (retry <= connNumRetry) {
if (debug.messageEnabled()) {
debug.message("SMSLdapObject.search() retry: " + retry);
}
try {
results = conn.search(request);
results.hasNext();
return results;
} catch (LdapException e) {
ResultCode errorCode = e.getResult().getResultCode();
if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
debug.warning("SMSLdapObject.search(): LDAP exception in search for filter match: {}", filter, e);
throw new SMSException(e, "sms-error-in-searching");
}
retry++;
try {
Thread.sleep(connRetryInterval);
} catch (InterruptedException ex) {
//ignored
}
}
}
return null;
}
Also used :
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
SMSException(com.sun.identity.sm.SMSException)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Example 25 with ResultCode
use of org.forgerock.opendj.ldap.ResultCode in project OpenAM by OpenRock.
the class SMSLdapObject method searchObjectsEx.
private ConnectionEntryReader searchObjectsEx(SSOToken token, String startDN, String filter, int numOfEntries, int timeLimit, boolean sortResults, boolean ascendingOrder, Connection conn) throws SSOException, SMSException {
ConnectionEntryReader results = null;
int retry = 0;
SearchRequest request = getSearchRequest(startDN, filter, SearchScope.WHOLE_SUBTREE, numOfEntries, timeLimit, SMSEntry.ATTR_KEYVAL, SMSEntry.ATTR_XML_KEYVAL);
while (retry <= connNumRetry) {
if (debug.messageEnabled()) {
debug.message("SMSLdapObject.search() retry: " + retry);
}
try {
ConnectionEntryReader iterResults = conn.search(request);
iterResults.hasNext();
results = iterResults;
break;
} catch (LdapException e) {
ResultCode errorCode = e.getResult().getResultCode();
if (errorCode.equals(ResultCode.SIZE_LIMIT_EXCEEDED)) {
debug.warning("SMSLdapObject.search: size limit {} exceeded", numOfEntries);
break;
}
if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
debug.warning("SMSLdapObject.search(): LDAP exception in search for filter match: {}", filter, e);
throw new SMSException(e, "sms-error-in-searching");
}
retry++;
try {
Thread.sleep(connRetryInterval);
} catch (InterruptedException ex) {
//ignored
}
}
}
return results;
}
Also used :
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
SMSException(com.sun.identity.sm.SMSException)
LdapException(org.forgerock.opendj.ldap.LdapException)
ResultCode(org.forgerock.opendj.ldap.ResultCode)
Aggregations
ResultCode (org.forgerock.opendj.ldap.ResultCode)49
LdapException (org.forgerock.opendj.ldap.LdapException)37
Connection (org.forgerock.opendj.ldap.Connection)29
ByteString (org.forgerock.opendj.ldap.ByteString)18
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)18
SMSException (com.sun.identity.sm.SMSException)17
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)17
SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)15
HashSet (java.util.HashSet)14
PolicyException (com.sun.identity.policy.PolicyException)13
SSOException (com.iplanet.sso.SSOException)9
InvalidNameException (com.sun.identity.policy.InvalidNameException)9
NameNotFoundException (com.sun.identity.policy.NameNotFoundException)9
SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)7
ValidValues (com.sun.identity.policy.ValidValues)6
LinkedHashSet (java.util.LinkedHashSet)6
InternalSearchOperation (org.opends.server.protocols.internal.InternalSearchOperation)6
AMException (com.iplanet.am.sdk.AMException)4
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)4
IOException (java.io.IOException)4
