Search in sources :

Example 31 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class SMSLdapObject method searchSubOrganizationNames.

private Set<String> searchSubOrganizationNames(SSOToken token, String dn, String filter, int numOfEntries, boolean sortResults, boolean ascendingOrder, boolean recursive) throws SMSException, SSOException {
    SearchRequest request = getSearchRequest(dn, filter, recursive ? SearchScope.WHOLE_SUBTREE : SearchScope.SINGLE_LEVEL, numOfEntries, 0, sortResults, ascendingOrder, getOrgNamingAttribute(), O_ATTR);
    int retry = 0;
    while (retry <= connNumRetry) {
        if (debug.messageEnabled()) {
            debug.message("SMSLdapObject.searchSubOrganizationNames() retry: " + retry);
        }
        try (Connection conn = getConnection(token.getPrincipal())) {
            // Get the suborganization names
            ConnectionEntryReader iterResults = conn.search(request);
            iterResults.hasNext();
            return toDNStrings(iterResults, dn, SUBORG_CANNOT_OBTAIN);
        } catch (LdapException e) {
            ResultCode errorCode = e.getResult().getResultCode();
            if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
                if (errorCode.equals(ResultCode.NO_SUCH_OBJECT)) {
                    debug.message("SMSLdapObject.searchSubOrganizationNames(): suborg not present: {}", dn);
                    break;
                } else {
                    debug.warning("SMSLdapObject.searchSubOrganizationName(): Unable to search: {}", dn, e);
                    throw new SMSException(e, "sms-suborg-cannot-search");
                }
            }
            retry++;
            try {
                Thread.sleep(connRetryInterval);
            } catch (InterruptedException ex) {
            // ignored
            }
        }
    }
    return Collections.emptySet();
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) SMSException(com.sun.identity.sm.SMSException) Connection(org.forgerock.opendj.ldap.Connection) LdapException(org.forgerock.opendj.ldap.LdapException) ResultCode(org.forgerock.opendj.ldap.ResultCode)

Example 32 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class DJLDAPv3Repo method getGroupMembers.

/**
     * Returns the DNs of the members of this group. If the MemberURL attribute has been configured, then this
     * will also try to retrieve dynamic group members using the memberURL.
     *
     * @param dn The DN of the group to query.
     * @return The DNs of the members.
     * @throws IdRepoException If there is an error while trying to retrieve the members.
     */
private Set<String> getGroupMembers(String dn) throws IdRepoException {
    Set<String> results = new HashSet<String>();
    Connection conn = null;
    String[] attrs;
    if (memberURLAttr != null) {
        attrs = new String[] { uniqueMemberAttr, memberURLAttr };
    } else {
        attrs = new String[] { uniqueMemberAttr };
    }
    try {
        conn = connectionFactory.getConnection();
        SearchResultEntry entry = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn, attrs));
        Attribute attr = entry.getAttribute(uniqueMemberAttr);
        if (attr != null) {
            results.addAll(LDAPUtils.getAttributeValuesAsStringSet(attr));
        } else if (memberURLAttr != null) {
            attr = entry.getAttribute(memberURLAttr);
            if (attr != null) {
                for (ByteString byteString : attr) {
                    LDAPUrl url = LDAPUrl.valueOf(byteString.toString());
                    SearchRequest searchRequest = LDAPRequests.newSearchRequest(url.getName(), url.getScope(), url.getFilter(), DN_ATTR);
                    searchRequest.setTimeLimit(defaultTimeLimit);
                    searchRequest.setSizeLimit(defaultSizeLimit);
                    ConnectionEntryReader reader = conn.search(searchRequest);
                    while (reader.hasNext()) {
                        if (reader.isEntry()) {
                            results.add(reader.readEntry().getName().toString());
                        } else {
                            //ignore search result references
                            reader.readReference();
                        }
                    }
                }
            }
        }
    } catch (LdapException ere) {
        DEBUG.error("An error occurred while retrieving group members for " + dn, ere);
        handleErrorResult(ere);
    } catch (SearchResultReferenceIOException srrioe) {
        //should never ever happen...
        DEBUG.error("Got reference instead of entry", srrioe);
        throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
    } finally {
        IOUtils.closeIfNotNull(conn);
    }
    return results;
}
Also used : SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) Attribute(org.forgerock.opendj.ldap.Attribute) LinkedAttribute(org.forgerock.opendj.ldap.LinkedAttribute) ByteString(org.forgerock.opendj.ldap.ByteString) Connection(org.forgerock.opendj.ldap.Connection) ByteString(org.forgerock.opendj.ldap.ByteString) SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException) ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) LDAPUrl(org.forgerock.opendj.ldap.LDAPUrl) LdapException(org.forgerock.opendj.ldap.LdapException) CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet) HashSet(java.util.HashSet) LinkedHashSet(java.util.LinkedHashSet) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Example 33 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class ServiceBase method connectDSwithDN.

/**
     * Check if Directory Server has the suffix.
     *
     * @return <code>true</code> if specified suffix exists.
     */
protected static boolean connectDSwithDN(Connection ld, String suffix) {
    String filter = "cn=" + suffix;
    String[] attrs = { "" };
    try (ConnectionEntryReader reader = ld.search(LDAPRequests.newSearchRequest(suffix, SearchScope.BASE_OBJECT, filter, attrs))) {
        return reader.hasNext();
    } catch (LdapException e) {
        return false;
    }
}
Also used : ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) LdapException(org.forgerock.opendj.ldap.LdapException)

Example 34 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class UpgradeUtils method delete.

/**
     * Delete an entry, recursing if the entry has children
     *
     * @param dn DN of the entry to delete
     * @param ld active connection to server
     * @param doDelete true if the entries really
     * are to be deleted
     */
public static void delete(String dn, Connection ld, boolean doDelete) {
    String theDN = "";
    try {
        // Find all immediate child nodes; return no
        // attributes
        ConnectionEntryReader res = ld.search(LDAPRequests.newSearchRequest(dn, SearchScope.SINGLE_LEVEL, "objectclass=*"));
        while (res.hasNext()) {
            if (res.isReference()) {
                //ignore
                res.readReference();
            } else {
                // Next directory entry
                SearchResultEntry entry = res.readEntry();
                theDN = entry.getName().toString();
                // Recurse down
                delete(theDN, ld, doDelete);
            }
        }
        // so stop recursing and delete the node
        try {
            if (doDelete) {
                ld.delete(LDAPRequests.newDeleteRequest(dn));
                if (debug.messageEnabled()) {
                    debug.message(dn + " deleted");
                }
            }
        } catch (LdapException e) {
            if (debug.messageEnabled()) {
                debug.message(e.toString());
            }
        } catch (Exception e) {
            if (debug.messageEnabled()) {
                debug.message(e.toString());
            }
        }
    } catch (Exception me) {
    // do nothing
    }
}
Also used : ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) ByteString(org.forgerock.opendj.ldap.ByteString) LdapException(org.forgerock.opendj.ldap.LdapException) LoginException(javax.security.auth.login.LoginException) InvalidAuthContextException(com.sun.identity.authentication.internal.InvalidAuthContextException) UnknownPropertyNameException(com.sun.identity.common.configuration.UnknownPropertyNameException) PolicyException(com.sun.identity.policy.PolicyException) FileNotFoundException(java.io.FileNotFoundException) SSOException(com.iplanet.sso.SSOException) LdapException(org.forgerock.opendj.ldap.LdapException) SMSException(com.sun.identity.sm.SMSException) IOException(java.io.IOException) AMException(com.iplanet.am.sdk.AMException) ConfigurationException(com.sun.identity.common.configuration.ConfigurationException) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Example 35 with ConnectionEntryReader

use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.

the class UpgradeEntitlementsStep method upgradeEntitlementIndexes.

private void upgradeEntitlementIndexes() throws UpgradeException {
    Connection conn = null;
    Connection modConn = null;
    try {
        conn = getConnection();
        //obtaining a second connection to perform the modifications.
        modConn = getConnection();
        SearchRequest sr = LDAPRequests.newSearchRequest(SMSEntry.getRootSuffix(), SearchScope.WHOLE_SUBTREE, ENTITLEMENT_INDEX_FILTER, SUN_KEY_VALUE, SUN_XML_KEY_VALUE);
        ConnectionEntryReader reader = conn.search(sr);
        int counter = 0;
        long lastReport = System.currentTimeMillis();
        while (reader.hasNext()) {
            if (reader.isEntry()) {
                if (System.currentTimeMillis() - lastReport > 3000) {
                    UpgradeProgress.reportEnd("upgrade.entitlement.privilege", counter, policyRuleCount);
                    lastReport = System.currentTimeMillis();
                }
                SearchResultEntry entry = reader.readEntry();
                Set<String> newValues = processEntry(entry);
                ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(entry.getName());
                modifyRequest.addModification(ModificationType.REPLACE, SUN_XML_KEY_VALUE, newValues.toArray());
                if (DEBUG.messageEnabled()) {
                    DEBUG.message("Upgrading entitlements index for: " + entry.getName());
                }
                modConn.modify(modifyRequest);
                counter++;
            } else {
                reader.readReference();
            }
        }
        UpgradeProgress.reportEnd("upgrade.entitlement.privilege", policyRuleCount, policyRuleCount);
    } catch (Exception ex) {
        DEBUG.error("An error occurred while upgrading the entitlement indexes", ex);
        throw new UpgradeException(ex);
    } finally {
        IOUtils.closeIfNotNull(conn);
        IOUtils.closeIfNotNull(modConn);
    }
}
Also used : UpgradeException(org.forgerock.openam.upgrade.UpgradeException) SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest) ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) Connection(org.forgerock.opendj.ldap.Connection) ModifyRequest(org.forgerock.opendj.ldap.requests.ModifyRequest) UpgradeException(org.forgerock.openam.upgrade.UpgradeException) SMSException(com.sun.identity.sm.SMSException) SSOException(com.iplanet.sso.SSOException) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Aggregations

ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)48 LdapException (org.forgerock.opendj.ldap.LdapException)38 SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)38 Connection (org.forgerock.opendj.ldap.Connection)35 ByteString (org.forgerock.opendj.ldap.ByteString)26 SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)26 SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)19 ResultCode (org.forgerock.opendj.ldap.ResultCode)18 HashSet (java.util.HashSet)17 Attribute (org.forgerock.opendj.ldap.Attribute)16 PolicyException (com.sun.identity.policy.PolicyException)12 SSOException (com.iplanet.sso.SSOException)11 IOException (java.io.IOException)10 InvalidNameException (com.sun.identity.policy.InvalidNameException)9 NameNotFoundException (com.sun.identity.policy.NameNotFoundException)9 SMSException (com.sun.identity.sm.SMSException)7 ArrayList (java.util.ArrayList)7 LinkedHashSet (java.util.LinkedHashSet)7 DN (org.forgerock.opendj.ldap.DN)7 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)5