Example 21 with SearchResultEntry
use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.
the class AMCRLStore method getCRL.
/**
* Checks certificate and returns corresponding stored CRL in ldap store
*
* @param certificate
*/
public X509CRL getCRL(X509Certificate certificate) throws IOException {
SearchResultEntry crlEntry = null;
X509CRL crl = null;
if (storeParam.isDoCRLCaching()) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: Trying to get CRL from cache");
}
crl = getCRLFromCache(certificate);
}
try (Connection ldc = getConnection()) {
if (ldc == null) {
return null;
}
if (crl == null) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: crl is null");
}
if (mCrlAttrName == null) {
crlEntry = getLdapEntry(ldc, CERTIFICATE_REVOCATION_LIST, CERTIFICATE_REVOCATION_LIST_BINARY);
} else {
crlEntry = getLdapEntry(ldc, mCrlAttrName);
}
crl = getCRLFromEntry(crlEntry);
}
if (storeParam.isDoUpdateCRLs() && needCRLUpdate(crl)) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: need CRL update");
}
X509CRL tmpcrl = null;
IssuingDistributionPointExtension crlIDPExt = null;
try {
if (crl != null) {
crlIDPExt = getCRLIDPExt(crl);
}
} catch (Exception e) {
debug.message("AMCRLStore.getCRL: crlIDPExt is null");
}
CRLDistributionPointsExtension crlDPExt = null;
try {
crlDPExt = getCRLDPExt(certificate);
} catch (Exception e) {
debug.message("AMCRLStore.getCRL: crlDPExt is null");
}
if ((tmpcrl == null) && (crlIDPExt != null)) {
tmpcrl = getUpdateCRLFromCrlIDP(crlIDPExt);
}
if ((tmpcrl == null) && (crlDPExt != null)) {
tmpcrl = getUpdateCRLFromCrlDP(crlDPExt);
}
if (tmpcrl != null) {
if (crlEntry == null) {
crlEntry = getLdapEntry(ldc);
}
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: new crl = " + tmpcrl);
}
if (crlEntry != null) {
updateCRL(ldc, crlEntry.getName().toString(), tmpcrl.getEncoded());
}
}
crl = tmpcrl;
}
if (storeParam.isDoCRLCaching()) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: Updating CRL cache");
}
updateCRLCache(certificate, crl);
}
} catch (Exception e) {
debug.error("AMCRLStore.getCRL: Error in getting CRL : ", e);
}
return crl;
}
Also used :
IssuingDistributionPointExtension(com.iplanet.security.x509.IssuingDistributionPointExtension)
X509CRL(java.security.cert.X509CRL)
CRLDistributionPointsExtension(sun.security.x509.CRLDistributionPointsExtension)
HttpURLConnection(java.net.HttpURLConnection)
Connection(org.forgerock.opendj.ldap.Connection)
LdapException(org.forgerock.opendj.ldap.LdapException)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
LocalizedIllegalArgumentException(org.forgerock.i18n.LocalizedIllegalArgumentException)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 22 with SearchResultEntry
use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.
the class DataLayer method read.
/**
* Reads an ldap entry.
*
* @param principal Authentication Principal.
* @param guid Globally unique identifier for the entry.
* @param attrNames Attributes to read.
* @return an attribute set representing the entry in LDAP.
* @exception EntryNotFoundException if the entry is not found.
* @exception UMSException if fail to read the entry.
*
* @supported.api
*/
public AttrSet read(java.security.Principal principal, Guid guid, String[] attrNames) throws UMSException {
String id = guid.getDn();
ConnectionEntryReader entryReader;
SearchRequest request = LDAPRequests.newSearchRequest(id, SearchScope.BASE_OBJECT, "(objectclass=*)", attrNames);
entryReader = readLDAPEntry(principal, request);
if (entryReader == null) {
throw new AccessRightsException(id);
}
Collection<Attribute> attrs = new ArrayList<>();
try (ConnectionEntryReader reader = entryReader) {
while (reader.hasNext()) {
if (reader.isReference()) {
reader.readReference();
//TODO AME-7017
}
SearchResultEntry entry = entryReader.readEntry();
for (Attribute attr : entry.getAllAttributes()) {
attrs.add(attr);
}
}
if (attrs.isEmpty()) {
throw new EntryNotFoundException(i18n.getString(IUMSConstants.ENTRY_NOT_FOUND, new String[] { id }));
}
return new AttrSet(attrs);
} catch (IOException e) {
throw new UMSException(i18n.getString(IUMSConstants.UNABLE_TO_READ_ENTRY, new String[] { id }), e);
}
}
Also used :
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
Attribute(org.forgerock.opendj.ldap.Attribute)
ArrayList(java.util.ArrayList)
ByteString(org.forgerock.opendj.ldap.ByteString)
IOException(java.io.IOException)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 23 with SearchResultEntry
use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.
the class UpgradeUtils method getExistingValues.
/**
* Returns a set of valid attributes values for an attribute.
*
* @param subConfig the <code>ServiceConfig</code> object.
* @param attrName the attribute name.
* @param defaultVal set of attribute values to validate with the
* the existing attribute values.
*/
static Set getExistingValues(ServiceConfig subConfig, String attrName, Set defaultVal) {
Set<String> valSet = new HashSet<>();
String classMethod = "UpgradeUtils:getExistingValues : ";
try (Connection conn = getLDAPConnection()) {
if (conn != null) {
String dn = subConfig.getDN();
SearchResultEntry result = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn));
if (result != null) {
for (Attribute attribute : result.getAllAttributes()) {
String attributeName = attribute.getAttributeDescriptionAsString();
if (attributeName != null && ATTR_SUN_KEY_VALUE.equalsIgnoreCase(attributeName)) {
for (ByteString value : attribute) {
String valueString = value.toString();
int index = valueString.indexOf("=");
if (index != -1) {
String key = valueString.substring(0, index);
if (attributeName.equalsIgnoreCase(key)) {
String v = valueString.substring(index + 1, valueString.length());
if (defaultVal.contains(v)) {
valSet.add(v);
}
}
}
}
}
}
}
}
} catch (Exception e) {
debug.error(classMethod + "Error retreving attribute values ", e);
}
if (debug.messageEnabled()) {
debug.message(classMethod + "Default Values are :" + valSet);
}
return valSet;
}
Also used :
Attribute(org.forgerock.opendj.ldap.Attribute)
ByteString(org.forgerock.opendj.ldap.ByteString)
Connection(org.forgerock.opendj.ldap.Connection)
ByteString(org.forgerock.opendj.ldap.ByteString)
LoginException(javax.security.auth.login.LoginException)
InvalidAuthContextException(com.sun.identity.authentication.internal.InvalidAuthContextException)
UnknownPropertyNameException(com.sun.identity.common.configuration.UnknownPropertyNameException)
PolicyException(com.sun.identity.policy.PolicyException)
FileNotFoundException(java.io.FileNotFoundException)
SSOException(com.iplanet.sso.SSOException)
LdapException(org.forgerock.opendj.ldap.LdapException)
SMSException(com.sun.identity.sm.SMSException)
IOException(java.io.IOException)
AMException(com.iplanet.am.sdk.AMException)
ConfigurationException(com.sun.identity.common.configuration.ConfigurationException)
HashSet(java.util.HashSet)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 24 with SearchResultEntry
use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.
the class UserIdRepo method getADAMInstanceGUID.
private String getADAMInstanceGUID(Map userRepo) throws Exception {
try (Connection ld = getLDAPConnection(userRepo)) {
String attrName = "schemaNamingContext";
ConnectionEntryReader res = ld.search(LDAPRequests.newSearchRequest("", SearchScope.BASE_OBJECT, "(objectclass=*)"));
if (res.hasNext()) {
SearchResultEntry entry = res.readEntry();
Attribute ldapAttr = entry.getAttribute(attrName);
if (ldapAttr != null) {
String value = ldapAttr.firstValueAsString();
int index = value.lastIndexOf("=");
if (index != -1) {
return value.substring(index + 1).trim();
}
}
}
}
return null;
}
Also used :
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
Attribute(org.forgerock.opendj.ldap.Attribute)
Connection(org.forgerock.opendj.ldap.Connection)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Example 25 with SearchResultEntry
use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.
the class EmbeddedOpenDS method getAdminPort.
/**
* Get admin port of the OpenDJ server
*
* @param username The username of the directory admin
* @param password The password of the directory admin
* @param hostname The hostname of the directory server
* @param port The port of the directory server
* @return The admin port
*/
public static String getAdminPort(String username, String password, String hostname, String port) {
final String adminConnectorDN = "cn=Administration Connector,cn=config";
final String[] attrs = { "ds-cfg-listen-port" };
String adminPort = null;
Connection ld = null;
try (Connection conn = getLDAPConnection(hostname, port, username, password)) {
if (conn != null) {
SearchResultEntry le = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(adminConnectorDN, attrs));
if (le != null) {
Attribute la = le.getAttribute(attrs[0]);
if (la != null) {
adminPort = la.firstValueAsString();
}
}
}
} catch (Exception ex) {
Debug.getInstance(SetupConstants.DEBUG_NAME).error("EmbeddedOpenDS.getAdminPort(). Error getting admin port:", ex);
}
return adminPort;
}
Also used :
Attribute(org.forgerock.opendj.ldap.Attribute)
Connection(org.forgerock.opendj.ldap.Connection)
ByteString(org.forgerock.opendj.ldap.ByteString)
FileNotFoundException(java.io.FileNotFoundException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
LdapException(org.forgerock.opendj.ldap.LdapException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
IOException(java.io.IOException)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Aggregations
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)62
LdapException (org.forgerock.opendj.ldap.LdapException)46
ByteString (org.forgerock.opendj.ldap.ByteString)43
Connection (org.forgerock.opendj.ldap.Connection)43
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)43
Attribute (org.forgerock.opendj.ldap.Attribute)30
HashSet (java.util.HashSet)25
SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)24
SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)19
IOException (java.io.IOException)18
PolicyException (com.sun.identity.policy.PolicyException)15
ResultCode (org.forgerock.opendj.ldap.ResultCode)15
SSOException (com.iplanet.sso.SSOException)14
DN (org.forgerock.opendj.ldap.DN)11
InvalidNameException (com.sun.identity.policy.InvalidNameException)10
NameNotFoundException (com.sun.identity.policy.NameNotFoundException)10
LinkedAttribute (org.forgerock.opendj.ldap.LinkedAttribute)10
ArrayList (java.util.ArrayList)9
BindResult (org.forgerock.opendj.ldap.responses.BindResult)8
CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)7
