Examples with ModifyRequest org.forgerock.opendj.ldap.requests.ModifyRequest used on opensource projects

Example 6 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class DataLayer method modify.

/**
     * Modifies an ldap entry.
     * 
     * @param principal Authentication Principal.
     * @param guid globally unique identifier for the entry.
     * @param modifications Set of modifications for the entry.
     * @exception AccessRightsException if insufficient access
     * @exception EntryNotFoundException if the entry is not found.
     * @exception UMSException if failure
     *
     * @supported.api
     */
public void modify(Principal principal, Guid guid, Collection<Modification> modifications) throws UMSException {
    String id = guid.getDn();
    ResultCode errorCode;
    try {
        ModifyRequest request = LDAPRequests.newModifyRequest(id);
        for (Modification modification : modifications) {
            request.addModification(modification);
        }
        int retry = 0;
        while (retry <= connNumRetry) {
            if (debug.messageEnabled()) {
                debug.message("DataLayer.modify retry: " + retry);
            }
            try (Connection conn = getConnection(principal)) {
                conn.modify(request);
                return;
            } catch (LdapException e) {
                if (!retryErrorCodes.contains("" + e.getResult().getResultCode().toString()) || retry == connNumRetry) {
                    throw e;
                }
                retry++;
                try {
                    Thread.sleep(connRetryInterval);
                } catch (InterruptedException ex) {
                }
            }
        }
    } catch (LdapException e) {
        if (debug.warningEnabled()) {
            debug.warning("Exception in DataLayer.modify for DN: " + id, e);
        }
        errorCode = e.getResult().getResultCode();
        if (ResultCode.NO_SUCH_OBJECT.equals(errorCode)) {
            throw new EntryNotFoundException(id, e);
        } else if (ResultCode.INSUFFICIENT_ACCESS_RIGHTS.equals(errorCode)) {
            throw new AccessRightsException(id, e);
        } else {
            throw new UMSException(id, e);
        }
    }
}

Example 7 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class SMSLdapObject method copyModItemsToModifyRequest.

// Method to covert JNDI ModificationItems to LDAPModificationSet
private static ModifyRequest copyModItemsToModifyRequest(DN dn, ModificationItem[] mods) throws SMSException {
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    try {
        for (ModificationItem mod : mods) {
            Attribute attribute = mod.getAttribute();
            LinkedAttribute attr = new LinkedAttribute(attribute.getID());
            for (NamingEnumeration ne = attribute.getAll(); ne.hasMore(); ) {
                attr.add(ne.next());
            }
            switch(mod.getModificationOp()) {
                case DirContext.ADD_ATTRIBUTE:
                    modifyRequest.addModification(new Modification(ModificationType.ADD, attr));
                    break;
                case DirContext.REPLACE_ATTRIBUTE:
                    modifyRequest.addModification(new Modification(ModificationType.REPLACE, attr));
                    break;
                case DirContext.REMOVE_ATTRIBUTE:
                    modifyRequest.addModification(new Modification(ModificationType.DELETE, attr));
                    break;
            }
        }
    } catch (NamingException nne) {
        throw new SMSException(nne, "sms-cannot-copy-fromModItemToModSet");
    }
    return modifyRequest;
}

Example 8 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class SMSLdapObject method modify.

/**
     * Save the entry using the token provided. The principal provided will be
     * used to get the proxy connection.
     */
public void modify(SSOToken token, String dn, ModificationItem[] mods) throws SMSException, SSOException {
    int retry = 0;
    ModifyRequest request = copyModItemsToModifyRequest(DN.valueOf(dn), mods);
    while (retry <= connNumRetry) {
        debug.message("SMSLdapObject.modify() retry: {}", retry);
        try (Connection conn = getConnection(token.getPrincipal())) {
            conn.modify(request);
            debug.message("SMSLdapObject.modify(): Successfully modified entry: {}", dn);
            break;
        } catch (LdapException e) {
            ResultCode errorCode = e.getResult().getResultCode();
            if (!retryErrorCodes.contains(errorCode) || retry == connNumRetry) {
                debug.error("SMSLdapObject.modify(): Error modifying: {} By Principal {}", dn, token.getPrincipal().getName(), e);
                throw new SMSException(e, "sms-entry-cannot-modify");
            }
            retry++;
            try {
                Thread.sleep(connRetryInterval);
            } catch (InterruptedException ex) {
            // ignored
            }
        }
    }
}

Example 9 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class DJLDAPv3Repo method changePassword.

/**
     * Changes password for the given identity by binding as the user first (i.e. this is not password reset). In case
     * of Active Directory the password will be encoded first. This will issue a DELETE for the old password and an ADD
     * for the new password value.
     *
     * @param token Not used.
     * @param type The type of the identity, this should be always USER.
     * @param name The name of the identity.
     * @param attrName The name of the password attribute, usually "userpassword" or "unicodepwd".
     * @param oldPassword The current password of the identity.
     * @param newPassword The new password of the idenity.
     * @throws IdRepoException If the identity type is invalid, or the entry cannot be found, or some other LDAP error
     * occurs while changing the password (like password policy related errors).
     */
@Override
public void changePassword(SSOToken token, IdType type, String name, String attrName, String oldPassword, String newPassword) throws IdRepoException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("changePassword invoked");
    }
    if (!type.equals(IdType.USER)) {
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.CHANGE_PASSWORD_ONLY_FOR_USER, new Object[] { CLASS_NAME });
    }
    String dn = getDN(type, name);
    BindRequest bindRequest = LDAPRequests.newSimpleBindRequest(dn, oldPassword.toCharArray());
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    byte[] encodedOldPwd = helper.encodePassword(oldPassword);
    byte[] encodedNewPwd = helper.encodePassword(newPassword);
    modifyRequest.addModification(ModificationType.DELETE, attrName, encodedOldPwd);
    modifyRequest.addModification(ModificationType.ADD, attrName, encodedNewPwd);
    Connection conn = null;
    try {
        conn = bindConnectionFactory.getConnection();
        conn.bind(bindRequest);
        conn.modify(modifyRequest);
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while trying to change password for identity: " + name, ere);
        try {
            handleErrorResult(ere);
        } catch (IdRepoException e) {
            throw new PasswordPolicyException(e);
        }
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
}

Example 10 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class DJLDAPv3Repo method removeAttributes.

/**
     * Removes the specified attributes from the identity.
     *
     * @param token Not used.
     * @param type The type of the identity.
     * @param name The name of the identity.
     * @param attrNames The set of attribute names that needs to be removed from the identity.
     * @throws IdRepoException If there is no attribute name provided, or if the identity cannot be found, or there is
     * an error while modifying the entry.
     */
@Override
public void removeAttributes(SSOToken token, IdType type, String name, Set<String> attrNames) throws IdRepoException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("removeAttributes invoked");
    }
    attrNames = removeUndefinedAttributes(type, attrNames);
    if (attrNames.isEmpty()) {
        throw newIdRepoException(IdRepoErrorCode.ILLEGAL_ARGUMENTS);
    }
    String dn = getDN(type, name);
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    for (String attr : attrNames) {
        modifyRequest.addModification(ModificationType.DELETE, attr);
    }
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        conn.modify(modifyRequest);
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while removing attributes from identity: " + name + " attributes: " + attrNames, ere);
        handleErrorResult(ere);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
}