Examples with ModifyRequest org.forgerock.opendj.ldap.requests.ModifyRequest used on opensource projects

Example 11 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class DJLDAPv3Repo method changePassword.

/**
     * Changes password for the given identity by binding as the user first (i.e. this is not password reset). In case
     * of Active Directory the password will be encoded first. This will issue a DELETE for the old password and an ADD
     * for the new password value.
     *
     * @param token Not used.
     * @param type The type of the identity, this should be always USER.
     * @param name The name of the identity.
     * @param attrName The name of the password attribute, usually "userpassword" or "unicodepwd".
     * @param oldPassword The current password of the identity.
     * @param newPassword The new password of the idenity.
     * @throws IdRepoException If the identity type is invalid, or the entry cannot be found, or some other LDAP error
     * occurs while changing the password (like password policy related errors).
     */
@Override
public void changePassword(SSOToken token, IdType type, String name, String attrName, String oldPassword, String newPassword) throws IdRepoException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("changePassword invoked");
    }
    if (!type.equals(IdType.USER)) {
        throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.CHANGE_PASSWORD_ONLY_FOR_USER, new Object[] { CLASS_NAME });
    }
    String dn = getDN(type, name);
    BindRequest bindRequest = LDAPRequests.newSimpleBindRequest(dn, oldPassword.toCharArray());
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    byte[] encodedOldPwd = helper.encodePassword(oldPassword);
    byte[] encodedNewPwd = helper.encodePassword(newPassword);
    modifyRequest.addModification(ModificationType.DELETE, attrName, encodedOldPwd);
    modifyRequest.addModification(ModificationType.ADD, attrName, encodedNewPwd);
    Connection conn = null;
    try {
        conn = bindConnectionFactory.getConnection();
        conn.bind(bindRequest);
        conn.modify(modifyRequest);
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while trying to change password for identity: " + name, ere);
        try {
            handleErrorResult(ere);
        } catch (IdRepoException e) {
            throw new PasswordPolicyException(e);
        }
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
}

Example 12 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class DJLDAPv3Repo method removeAttributes.

/**
     * Removes the specified attributes from the identity.
     *
     * @param token Not used.
     * @param type The type of the identity.
     * @param name The name of the identity.
     * @param attrNames The set of attribute names that needs to be removed from the identity.
     * @throws IdRepoException If there is no attribute name provided, or if the identity cannot be found, or there is
     * an error while modifying the entry.
     */
@Override
public void removeAttributes(SSOToken token, IdType type, String name, Set<String> attrNames) throws IdRepoException {
    if (DEBUG.messageEnabled()) {
        DEBUG.message("removeAttributes invoked");
    }
    attrNames = removeUndefinedAttributes(type, attrNames);
    if (attrNames.isEmpty()) {
        throw newIdRepoException(IdRepoErrorCode.ILLEGAL_ARGUMENTS);
    }
    String dn = getDN(type, name);
    ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(dn);
    for (String attr : attrNames) {
        modifyRequest.addModification(ModificationType.DELETE, attr);
    }
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        conn.modify(modifyRequest);
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while removing attributes from identity: " + name + " attributes: " + attrNames, ere);
        handleErrorResult(ere);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
}

Example 13 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class EmbeddedOpenDS method delOpenDSServer.

/**
     * Removes host:port from OpenDJ replication
     */
public static void delOpenDSServer(Connection lc, String delServer) {
    String replServerDN = "cn=" + delServer + ",cn=Servers,cn=admin data";
    final String[] attrs = { "ds-cfg-key-id" };
    Debug debug = Debug.getInstance(SetupConstants.DEBUG_NAME);
    if (lc == null) {
        debug.error("EmbeddedOpenDS:syncOpenDSServer():" + "Could not connect to local OpenDJ instance." + replServerDN);
        return;
    }
    String trustKey = null;
    try {
        SearchResultEntry le = lc.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(replServerDN, attrs));
        if (le != null) {
            Attribute la = le.getAttribute(attrs[0]);
            if (la != null) {
                trustKey = la.firstValueAsString();
            }
            String keyDN = "ds-cfg-key-id=" + trustKey + ",cn=instance keys,cn=admin data";
            lc.delete(LDAPRequests.newDeleteRequest(keyDN));
        } else {
            debug.error("EmbeddedOpenDS:syncOpenDSServer():" + "Could not find trustkey for:" + replServerDN);
        }
    } catch (Exception ex) {
        debug.error("EmbeddedOpenDS.syncOpenDSServer()." + " Error getting replication key:", ex);
    }
    try {
        lc.delete(LDAPRequests.newDeleteRequest(replServerDN));
    } catch (Exception ex) {
        debug.error("EmbeddedOpenDS.syncOpenDSServer()." + " Error getting deleting server entry:" + replServerDN, ex);
    }
    try {
        ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(replDN).addModification(new Modification(ModificationType.DELETE, Attributes.singletonAttribute("uniqueMember", "cn=" + delServer)));
        lc.modify(modifyRequest);
    } catch (Exception ex) {
        debug.error("EmbeddedOpenDS.syncOpenDSServer()." + " Error getting removing :" + replDN, ex);
    }
}

Example 14 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class LdifUtils method createSchemaFromLDIF.

/**
     * Creates LDAP schema from LDIF file.
     *
     * @param ldif LDIF object.
     * @param ld LDAP Connection.
     * @throws IOException If an error occurs when reading the LDIF file.
     */
public static void createSchemaFromLDIF(LDIFChangeRecordReader ldif, final Connection ld) throws IOException {
    while (ldif.hasNext()) {
        final ChangeRecord changeRecord = ldif.readChangeRecord();
        changeRecord.accept(new ChangeRecordVisitor<Void, Void>() {

            @Override
            public Void visitChangeRecord(Void aVoid, AddRequest change) {
                try {
                    change.addControl(TransactionIdControl.newControl(AuditRequestContext.createSubTransactionIdValue()));
                    ld.add(change);
                } catch (LdapException e) {
                    if (ResultCode.ENTRY_ALREADY_EXISTS.equals(e.getResult().getResultCode())) {
                        for (Attribute attr : change.getAllAttributes()) {
                            ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(change.getName());
                            modifyRequest.addModification(new Modification(ModificationType.ADD, attr));
                            try {
                                ld.modify(modifyRequest);
                            } catch (LdapException ex) {
                                DEBUG.warning("LDAPUtils.createSchemaFromLDIF - Could not modify schema: {}", modifyRequest, ex);
                            }
                        }
                    } else {
                        DEBUG.warning("LDAPUtils.createSchemaFromLDIF - Could not add to schema: {}", change, e);
                    }
                }
                return null;
            }

            @Override
            public Void visitChangeRecord(Void aVoid, ModifyRequest change) {
                try {
                    change.addControl(TransactionIdControl.newControl(AuditRequestContext.createSubTransactionIdValue()));
                    ld.modify(change);
                } catch (LdapException e) {
                    DEBUG.warning("LDAPUtils.createSchemaFromLDIF - Could not modify schema: {}", change, e);
                }
                return null;
            }

            @Override
            public Void visitChangeRecord(Void aVoid, ModifyDNRequest change) {
                return null;
            }

            @Override
            public Void visitChangeRecord(Void aVoid, DeleteRequest change) {
                DEBUG.message("Delete request ignored: {}", changeRecord);
                return null;
            }
        }, null);
    }
}

Example 15 with ModifyRequest

use of org.forgerock.opendj.ldap.requests.ModifyRequest in project OpenAM by OpenRock.

the class UpgradeEntitlementsStep method upgradeEntitlementIndexes.

private void upgradeEntitlementIndexes() throws UpgradeException {
    Connection conn = null;
    Connection modConn = null;
    try {
        conn = getConnection();
        //obtaining a second connection to perform the modifications.
        modConn = getConnection();
        SearchRequest sr = LDAPRequests.newSearchRequest(SMSEntry.getRootSuffix(), SearchScope.WHOLE_SUBTREE, ENTITLEMENT_INDEX_FILTER, SUN_KEY_VALUE, SUN_XML_KEY_VALUE);
        ConnectionEntryReader reader = conn.search(sr);
        int counter = 0;
        long lastReport = System.currentTimeMillis();
        while (reader.hasNext()) {
            if (reader.isEntry()) {
                if (System.currentTimeMillis() - lastReport > 3000) {
                    UpgradeProgress.reportEnd("upgrade.entitlement.privilege", counter, policyRuleCount);
                    lastReport = System.currentTimeMillis();
                }
                SearchResultEntry entry = reader.readEntry();
                Set<String> newValues = processEntry(entry);
                ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(entry.getName());
                modifyRequest.addModification(ModificationType.REPLACE, SUN_XML_KEY_VALUE, newValues.toArray());
                if (DEBUG.messageEnabled()) {
                    DEBUG.message("Upgrading entitlements index for: " + entry.getName());
                }
                modConn.modify(modifyRequest);
                counter++;
            } else {
                reader.readReference();
            }
        }
        UpgradeProgress.reportEnd("upgrade.entitlement.privilege", policyRuleCount, policyRuleCount);
    } catch (Exception ex) {
        DEBUG.error("An error occurred while upgrading the entitlement indexes", ex);
        throw new UpgradeException(ex);
    } finally {
        IOUtils.closeIfNotNull(conn);
        IOUtils.closeIfNotNull(modConn);
    }
}