Examples with ConnectionEntryReader org.forgerock.opendj.ldif.ConnectionEntryReader used on opensource projects

Example 16 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class IdRepoUtils method getADAMInstanceGUID.

private static String getADAMInstanceGUID(Map attrValues) throws Exception {
    try (ConnectionFactory factory = getLDAPConnection(attrValues);
        Connection ld = factory.getConnection()) {
        String attrName = "schemaNamingContext";
        String[] attrs = { attrName };
        ConnectionEntryReader res = ld.search(LDAPRequests.newSearchRequest("", SearchScope.BASE_OBJECT, "(objectclass=*)"));
        if (res.hasNext()) {
            SearchResultEntry entry = res.readEntry();
            Attribute ldapAttr = entry.getAttribute(attrName);
            if (ldapAttr != null) {
                String value = ldapAttr.firstValueAsString();
                int index = value.lastIndexOf("=");
                if (index != -1) {
                    return value.substring(index + 1).trim();
                }
            }
        }
    }
    return null;
}

Example 17 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class UmaLabelsStore method query.

private Set<ResourceSetLabel> query(String realm, String username, Filter filter, boolean includeResourceSets) throws ResourceException {
    try (Connection connection = getConnection()) {
        Set<ResourceSetLabel> result = new HashSet<>();
        String[] attrs;
        if (includeResourceSets) {
            attrs = new String[] { ID_ATTR, NAME_ATTR, TYPE_ATTR, RESOURCE_SET_ATTR };
        } else {
            attrs = new String[] { ID_ATTR, NAME_ATTR, TYPE_ATTR };
        }
        ConnectionEntryReader searchResult = connection.search(LDAPRequests.newSearchRequest(getUserDn(realm, username), SearchScope.SUBORDINATES, filter, attrs));
        while (searchResult.hasNext()) {
            if (searchResult.isReference()) {
                debug.warning("Encountered reference {} searching for resource set labels for user {} in realm {}", searchResult.readReference(), username, realm);
            } else {
                final SearchResultEntry entry = searchResult.readEntry();
                result.add(getResourceSetLabel(entry, getResourceSetIds(entry)));
            }
        }
        return result;
    } catch (LdapException e) {
        if (e.getResult().getResultCode().equals(ResultCode.NO_SUCH_OBJECT)) {
            return Collections.emptySet();
        }
        throw new InternalServerErrorException("Could not complete search", e);
    } catch (SearchResultReferenceIOException e) {
        throw new InternalServerErrorException("Shouldn't get a reference as these have been handled", e);
    }
}

Example 18 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getRoleMembers.

/**
     * Returns the DNs of the members of this role. To do that this will execute an LDAP search with a filter looking
     * for nsRoleDN=roleDN.
     *
     * @param dn The DN of the role to query.
     * @return The DNs of the members.
     * @throws IdRepoException If there is an error while trying to retrieve the role members.
     */
private Set<String> getRoleMembers(String dn) throws IdRepoException {
    Set<String> results = new HashSet<String>();
    DN roleBase = getBaseDN(IdType.ROLE);
    Filter filter = Filter.equality(roleDNAttr, dn);
    SearchRequest searchRequest = LDAPRequests.newSearchRequest(roleBase, roleScope, filter, DN_ATTR);
    searchRequest.setTimeLimit(defaultTimeLimit);
    searchRequest.setSizeLimit(defaultSizeLimit);
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        ConnectionEntryReader reader = conn.search(searchRequest);
        while (reader.hasNext()) {
            if (reader.isEntry()) {
                results.add(reader.readEntry().getName().toString());
            } else {
                //ignore search result references
                reader.readReference();
            }
        }
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while trying to retrieve filtered role members for " + dn, ere);
        handleErrorResult(ere);
    } catch (SearchResultReferenceIOException srrioe) {
        //should never ever happen...
        DEBUG.error("Got reference instead of entry", srrioe);
        throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    return results;
}

Example 19 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getDN.

private String getDN(IdType type, String name, boolean shouldGenerate, String searchAttr) throws IdRepoException {
    Object cachedDn = null;
    if (dnCacheEnabled) {
        cachedDn = dnCache.get(generateDNCacheKey(name, type));
    }
    if (cachedDn != null) {
        return cachedDn.toString();
    }
    String dn = null;
    DN searchBase = getBaseDN(type);
    if (shouldGenerate) {
        return searchBase.child(getSearchAttribute(type), name).toString();
    }
    if (searchAttr == null) {
        searchAttr = getSearchAttribute(type);
    }
    Filter filter = Filter.and(Filter.equality(searchAttr, name), getObjectClassFilter(type));
    SearchRequest searchRequest = LDAPRequests.newSearchRequest(searchBase, defaultScope, filter, DN_ATTR);
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        ConnectionEntryReader reader = conn.search(searchRequest);
        SearchResultEntry entry = null;
        while (reader.hasNext()) {
            if (reader.isEntry()) {
                if (entry != null) {
                    throw newIdRepoException(ResultCode.CLIENT_SIDE_UNEXPECTED_RESULTS_RETURNED, IdRepoErrorCode.LDAP_EXCEPTION_OCCURRED, CLASS_NAME, ResultCode.CLIENT_SIDE_UNEXPECTED_RESULTS_RETURNED.intValue());
                }
                entry = reader.readEntry();
            } else {
                //ignore references
                reader.readReference();
            }
        }
        if (entry == null) {
            DEBUG.message("Unable to find entry with name: " + name + " under searchbase: " + searchBase + " with scope: " + defaultScope);
            throw new IdentityNotFoundException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, ResultCode.CLIENT_SIDE_NO_RESULTS_RETURNED, new Object[] { name, type.getName() });
        }
        dn = entry.getName().toString();
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while querying entry DN", ere);
        handleErrorResult(ere);
    } catch (SearchResultReferenceIOException srrioe) {
        //should never ever happen...
        DEBUG.error("Got reference instead of entry", srrioe);
        throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    if (dnCacheEnabled && !shouldGenerate) {
        dnCache.put(generateDNCacheKey(name, type), dn);
    }
    return dn;
}

Example 20 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getFilteredRoleMembers.

/**
     * Returns the DNs of the members of this filtered role. To do that this will execute a read on the filtered role
     * entry to get the values of the nsRoleFilter attribute, and then it will perform searches using the retrieved
     * filters.
     *
     * @param dn The DN of the filtered role to query.
     * @return The DNs of the members.
     * @throws IdRepoException If there is an error while trying to retrieve the filtered role members.
     */
private Set<String> getFilteredRoleMembers(String dn) throws IdRepoException {
    Set<String> results = new HashSet<String>();
    Connection conn = null;
    try {
        conn = connectionFactory.getConnection();
        SearchResultEntry entry = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn, roleFilterAttr));
        Attribute filterAttr = entry.getAttribute(roleFilterAttr);
        if (filterAttr != null) {
            for (ByteString byteString : filterAttr) {
                Filter filter = Filter.valueOf(byteString.toString());
                //TODO: would it make sense to OR these filters and run a single search?
                SearchRequest searchRequest = LDAPRequests.newSearchRequest(rootSuffix, defaultScope, filter.toString(), DN_ATTR);
                searchRequest.setTimeLimit(defaultTimeLimit);
                searchRequest.setSizeLimit(defaultSizeLimit);
                ConnectionEntryReader reader = conn.search(searchRequest);
                while (reader.hasNext()) {
                    if (reader.isEntry()) {
                        results.add(reader.readEntry().getName().toString());
                    } else {
                        //ignore search result references
                        reader.readReference();
                    }
                }
            }
        }
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while trying to retrieve filtered role members for " + dn, ere);
        handleErrorResult(ere);
    } catch (SearchResultReferenceIOException srrioe) {
        //should never ever happen...
        DEBUG.error("Got reference instead of entry", srrioe);
        throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    return results;
}