Search in sources :

Example 21 with SearchRequest

use of org.forgerock.opendj.ldap.requests.SearchRequest in project OpenAM by OpenRock.

the class SMSLdapObject method getSearchRequest.

private SearchRequest getSearchRequest(String dn, String filter, SearchScope scope, int numOfEntries, int timeLimit, boolean sortResults, boolean ascendingOrder, String sortAttribute, String... attributes) {
    SearchRequest request = LDAPRequests.newSearchRequest(dn, scope, filter, attributes).setDereferenceAliasesPolicy(DereferenceAliasesPolicy.NEVER).setTimeLimit(timeLimit);
    if (numOfEntries > 0) {
        request.setSizeLimit(numOfEntries);
    }
    if (sortResults) {
        SortKey sortKey = new SortKey(sortAttribute, !ascendingOrder);
        request.addControl(ServerSideSortRequestControl.newControl(true, sortKey));
    }
    return request;
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) SortKey(org.forgerock.opendj.ldap.SortKey)

Example 22 with SearchRequest

use of org.forgerock.opendj.ldap.requests.SearchRequest in project OpenAM by OpenRock.

the class SMSLdapObject method searchSubOrganizationNames.

private Set<String> searchSubOrganizationNames(SSOToken token, String dn, String filter, int numOfEntries, boolean sortResults, boolean ascendingOrder, boolean recursive) throws SMSException, SSOException {
    SearchRequest request = getSearchRequest(dn, filter, recursive ? SearchScope.WHOLE_SUBTREE : SearchScope.SINGLE_LEVEL, numOfEntries, 0, sortResults, ascendingOrder, getOrgNamingAttribute(), O_ATTR);
    int retry = 0;
    while (retry <= connNumRetry) {
        if (debug.messageEnabled()) {
            debug.message("SMSLdapObject.searchSubOrganizationNames() retry: " + retry);
        }
        try (Connection conn = getConnection(token.getPrincipal())) {
            // Get the suborganization names
            ConnectionEntryReader iterResults = conn.search(request);
            iterResults.hasNext();
            return toDNStrings(iterResults, dn, SUBORG_CANNOT_OBTAIN);
        } catch (LdapException e) {
            ResultCode errorCode = e.getResult().getResultCode();
            if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
                if (errorCode.equals(ResultCode.NO_SUCH_OBJECT)) {
                    debug.message("SMSLdapObject.searchSubOrganizationNames(): suborg not present: {}", dn);
                    break;
                } else {
                    debug.warning("SMSLdapObject.searchSubOrganizationName(): Unable to search: {}", dn, e);
                    throw new SMSException(e, "sms-suborg-cannot-search");
                }
            }
            retry++;
            try {
                Thread.sleep(connRetryInterval);
            } catch (InterruptedException ex) {
            // ignored
            }
        }
    }
    return Collections.emptySet();
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) SMSException(com.sun.identity.sm.SMSException) Connection(org.forgerock.opendj.ldap.Connection) LdapException(org.forgerock.opendj.ldap.LdapException) ResultCode(org.forgerock.opendj.ldap.ResultCode)

Example 23 with SearchRequest

use of org.forgerock.opendj.ldap.requests.SearchRequest in project OpenAM by OpenRock.

the class LdapQueryBuilder method getEntries.

private Collection<Entry> getEntries(Connection connection) throws CoreTokenException {
    // Prepare the search
    Filter ldapFilter = getLDAPFilter();
    SearchRequest searchRequest = LDAPRequests.newSearchRequest(dataLayerConfiguration.getTokenStoreRootSuffix(), SearchScope.WHOLE_SUBTREE, ldapFilter, requestedAttributes);
    searchRequest.setSizeLimit(sizeLimit);
    if (isPagingResults()) {
        searchRequest = searchRequest.addControl(SimplePagedResultsControl.newControl(true, pageSize, pagingCookie));
    }
    // Perform the search
    Collection<Entry> entries = createResultsList();
    final Result result = handler.performSearch(connection, searchRequest, entries);
    if (isPagingResults()) {
        try {
            SimplePagedResultsControl control = result.getControl(SimplePagedResultsControl.DECODER, new DecodeOptions());
            if (control == null) {
                if (debug.warningEnabled()) {
                    debug.warning("There was no paged result control in the search response, it is recommended to " + "set the CTS user's size-limit at least to " + (pageSize + 1));
                }
                pagingCookie = getEmptyPagingCookie();
            } else {
                pagingCookie = control.getCookie();
            }
        } catch (DecodeException e) {
            throw new CoreTokenException("Failed to decode Paging Cookie", e);
        }
    }
    if (debug.messageEnabled()) {
        debug.message(MessageFormat.format(CoreTokenConstants.DEBUG_HEADER + "Query: matched {0} results\n" + "Search Request: {1}\n" + "Filter: {2}\n" + "Result: {3}", entries.size(), searchRequest, ldapFilter.toString(), result));
    }
    return entries;
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) Entry(org.forgerock.opendj.ldap.Entry) Filter(org.forgerock.opendj.ldap.Filter) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException) SimplePagedResultsControl(org.forgerock.opendj.ldap.controls.SimplePagedResultsControl) DecodeException(org.forgerock.opendj.ldap.DecodeException) DecodeOptions(org.forgerock.opendj.ldap.DecodeOptions) Result(org.forgerock.opendj.ldap.responses.Result)

Example 24 with SearchRequest

use of org.forgerock.opendj.ldap.requests.SearchRequest in project OpenAM by OpenRock.

the class LdapAdapterTest method shouldReturnNullWhenObjectNotFound.

@Test
public void shouldReturnNullWhenObjectNotFound() throws Exception {
    // Given
    String tokenId = "badger";
    DN testDN = DN.rootDN();
    SearchRequest request = LDAPRequests.newSingleEntrySearchRequest(testDN);
    LdapException exception = LdapException.newLdapException(ResultCode.NO_SUCH_OBJECT);
    given(mockConnection.searchSingleEntry(request)).willThrow(exception);
    given(mockConversion.generateTokenDN(anyString())).willReturn(testDN);
    // When
    Token result = adapter.read(mockConnection, tokenId);
    // Then
    assertThat(result).isNull();
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) DN(org.forgerock.opendj.ldap.DN) PartialToken(org.forgerock.openam.sm.datalayer.api.query.PartialToken) Token(org.forgerock.openam.cts.api.tokens.Token) LdapException(org.forgerock.opendj.ldap.LdapException) Test(org.testng.annotations.Test)

Example 25 with SearchRequest

use of org.forgerock.opendj.ldap.requests.SearchRequest in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getGroupMembers.

/**
     * Returns the DNs of the members of this group. If the MemberURL attribute has been configured, then this
     * will also try to retrieve dynamic group members using the memberURL.
     *
     * @param dn The DN of the group to query.
     * @return The DNs of the members.
     * @throws IdRepoException If there is an error while trying to retrieve the members.
     */
private Set<String> getGroupMembers(String dn) throws IdRepoException {
    Set<String> results = new HashSet<String>();
    Connection conn = null;
    String[] attrs;
    if (memberURLAttr != null) {
        attrs = new String[] { uniqueMemberAttr, memberURLAttr };
    } else {
        attrs = new String[] { uniqueMemberAttr };
    }
    try {
        conn = connectionFactory.getConnection();
        SearchResultEntry entry = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn, attrs));
        Attribute attr = entry.getAttribute(uniqueMemberAttr);
        if (attr != null) {
            results.addAll(LDAPUtils.getAttributeValuesAsStringSet(attr));
        } else if (memberURLAttr != null) {
            attr = entry.getAttribute(memberURLAttr);
            if (attr != null) {
                for (ByteString byteString : attr) {
                    LDAPUrl url = LDAPUrl.valueOf(byteString.toString());
                    SearchRequest searchRequest = LDAPRequests.newSearchRequest(url.getName(), url.getScope(), url.getFilter(), DN_ATTR);
                    searchRequest.setTimeLimit(defaultTimeLimit);
                    searchRequest.setSizeLimit(defaultSizeLimit);
                    ConnectionEntryReader reader = conn.search(searchRequest);
                    while (reader.hasNext()) {
                        if (reader.isEntry()) {
                            results.add(reader.readEntry().getName().toString());
                        } else {
                            //ignore search result references
                            reader.readReference();
                        }
                    }
                }
            }
        }
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while retrieving group members for " + dn, ere);
        handleErrorResult(ere);
    } catch (SearchResultReferenceIOException srrioe) {
        //should never ever happen...
        DEBUG.error("Got reference instead of entry", srrioe);
        throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    return results;
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) Attribute(org.forgerock.opendj.ldap.Attribute) LinkedAttribute(org.forgerock.opendj.ldap.LinkedAttribute) ByteString(org.forgerock.opendj.ldap.ByteString) Connection(org.forgerock.opendj.ldap.Connection) ByteString(org.forgerock.opendj.ldap.ByteString) SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException) ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) LDAPUrl(org.forgerock.opendj.ldap.LDAPUrl) LdapException(org.forgerock.opendj.ldap.LdapException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) LinkedHashSet(java.util.LinkedHashSet) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Aggregations

SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)32 ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)26 LdapException (org.forgerock.opendj.ldap.LdapException)25 Connection (org.forgerock.opendj.ldap.Connection)20 SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)19 ByteString (org.forgerock.opendj.ldap.ByteString)18 ResultCode (org.forgerock.opendj.ldap.ResultCode)15 HashSet (java.util.HashSet)13 SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)10 Attribute (org.forgerock.opendj.ldap.Attribute)9 DN (org.forgerock.opendj.ldap.DN)9 SSOException (com.iplanet.sso.SSOException)8 PolicyException (com.sun.identity.policy.PolicyException)8 InvalidNameException (com.sun.identity.policy.InvalidNameException)7 NameNotFoundException (com.sun.identity.policy.NameNotFoundException)7 LinkedHashSet (java.util.LinkedHashSet)7 SMSException (com.sun.identity.sm.SMSException)6 Filter (org.forgerock.opendj.ldap.Filter)6 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)5 ArrayList (java.util.ArrayList)4