use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.
the class SMSLdapObject method searchSubOrganizationNames.
private Set<String> searchSubOrganizationNames(SSOToken token, String dn, String filter, int numOfEntries, boolean sortResults, boolean ascendingOrder, boolean recursive) throws SMSException, SSOException {
SearchRequest request = getSearchRequest(dn, filter, recursive ? SearchScope.WHOLE_SUBTREE : SearchScope.SINGLE_LEVEL, numOfEntries, 0, sortResults, ascendingOrder, getOrgNamingAttribute(), O_ATTR);
int retry = 0;
while (retry <= connNumRetry) {
if (debug.messageEnabled()) {
debug.message("SMSLdapObject.searchSubOrganizationNames() retry: " + retry);
}
try (Connection conn = getConnection(token.getPrincipal())) {
// Get the suborganization names
ConnectionEntryReader iterResults = conn.search(request);
iterResults.hasNext();
return toDNStrings(iterResults, dn, SUBORG_CANNOT_OBTAIN);
} catch (LdapException e) {
ResultCode errorCode = e.getResult().getResultCode();
if (!retryErrorCodes.contains(errorCode) || retry >= connNumRetry) {
if (errorCode.equals(ResultCode.NO_SUCH_OBJECT)) {
debug.message("SMSLdapObject.searchSubOrganizationNames(): suborg not present: {}", dn);
break;
} else {
debug.warning("SMSLdapObject.searchSubOrganizationName(): Unable to search: {}", dn, e);
throw new SMSException(e, "sms-suborg-cannot-search");
}
}
retry++;
try {
Thread.sleep(connRetryInterval);
} catch (InterruptedException ex) {
// ignored
}
}
}
return Collections.emptySet();
}
use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.
the class DJLDAPv3Repo method getGroupMembers.
/**
* Returns the DNs of the members of this group. If the MemberURL attribute has been configured, then this
* will also try to retrieve dynamic group members using the memberURL.
*
* @param dn The DN of the group to query.
* @return The DNs of the members.
* @throws IdRepoException If there is an error while trying to retrieve the members.
*/
private Set<String> getGroupMembers(String dn) throws IdRepoException {
Set<String> results = new HashSet<String>();
Connection conn = null;
String[] attrs;
if (memberURLAttr != null) {
attrs = new String[] { uniqueMemberAttr, memberURLAttr };
} else {
attrs = new String[] { uniqueMemberAttr };
}
try {
conn = connectionFactory.getConnection();
SearchResultEntry entry = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(dn, attrs));
Attribute attr = entry.getAttribute(uniqueMemberAttr);
if (attr != null) {
results.addAll(LDAPUtils.getAttributeValuesAsStringSet(attr));
} else if (memberURLAttr != null) {
attr = entry.getAttribute(memberURLAttr);
if (attr != null) {
for (ByteString byteString : attr) {
LDAPUrl url = LDAPUrl.valueOf(byteString.toString());
SearchRequest searchRequest = LDAPRequests.newSearchRequest(url.getName(), url.getScope(), url.getFilter(), DN_ATTR);
searchRequest.setTimeLimit(defaultTimeLimit);
searchRequest.setSizeLimit(defaultSizeLimit);
ConnectionEntryReader reader = conn.search(searchRequest);
while (reader.hasNext()) {
if (reader.isEntry()) {
results.add(reader.readEntry().getName().toString());
} else {
//ignore search result references
reader.readReference();
}
}
}
}
}
} catch (LdapException ere) {
DEBUG.error("An error occurred while retrieving group members for " + dn, ere);
handleErrorResult(ere);
} catch (SearchResultReferenceIOException srrioe) {
//should never ever happen...
DEBUG.error("Got reference instead of entry", srrioe);
throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
} finally {
IOUtils.closeIfNotNull(conn);
}
return results;
}
use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.
the class ServiceBase method connectDSwithDN.
/**
* Check if Directory Server has the suffix.
*
* @return <code>true</code> if specified suffix exists.
*/
protected static boolean connectDSwithDN(Connection ld, String suffix) {
String filter = "cn=" + suffix;
String[] attrs = { "" };
try (ConnectionEntryReader reader = ld.search(LDAPRequests.newSearchRequest(suffix, SearchScope.BASE_OBJECT, filter, attrs))) {
return reader.hasNext();
} catch (LdapException e) {
return false;
}
}
use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.
the class UpgradeUtils method delete.
/**
* Delete an entry, recursing if the entry has children
*
* @param dn DN of the entry to delete
* @param ld active connection to server
* @param doDelete true if the entries really
* are to be deleted
*/
public static void delete(String dn, Connection ld, boolean doDelete) {
String theDN = "";
try {
// Find all immediate child nodes; return no
// attributes
ConnectionEntryReader res = ld.search(LDAPRequests.newSearchRequest(dn, SearchScope.SINGLE_LEVEL, "objectclass=*"));
while (res.hasNext()) {
if (res.isReference()) {
//ignore
res.readReference();
} else {
// Next directory entry
SearchResultEntry entry = res.readEntry();
theDN = entry.getName().toString();
// Recurse down
delete(theDN, ld, doDelete);
}
}
// so stop recursing and delete the node
try {
if (doDelete) {
ld.delete(LDAPRequests.newDeleteRequest(dn));
if (debug.messageEnabled()) {
debug.message(dn + " deleted");
}
}
} catch (LdapException e) {
if (debug.messageEnabled()) {
debug.message(e.toString());
}
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.message(e.toString());
}
}
} catch (Exception me) {
// do nothing
}
}
use of org.forgerock.opendj.ldif.ConnectionEntryReader in project OpenAM by OpenRock.
the class UpgradeEntitlementsStep method upgradeEntitlementIndexes.
private void upgradeEntitlementIndexes() throws UpgradeException {
Connection conn = null;
Connection modConn = null;
try {
conn = getConnection();
//obtaining a second connection to perform the modifications.
modConn = getConnection();
SearchRequest sr = LDAPRequests.newSearchRequest(SMSEntry.getRootSuffix(), SearchScope.WHOLE_SUBTREE, ENTITLEMENT_INDEX_FILTER, SUN_KEY_VALUE, SUN_XML_KEY_VALUE);
ConnectionEntryReader reader = conn.search(sr);
int counter = 0;
long lastReport = System.currentTimeMillis();
while (reader.hasNext()) {
if (reader.isEntry()) {
if (System.currentTimeMillis() - lastReport > 3000) {
UpgradeProgress.reportEnd("upgrade.entitlement.privilege", counter, policyRuleCount);
lastReport = System.currentTimeMillis();
}
SearchResultEntry entry = reader.readEntry();
Set<String> newValues = processEntry(entry);
ModifyRequest modifyRequest = LDAPRequests.newModifyRequest(entry.getName());
modifyRequest.addModification(ModificationType.REPLACE, SUN_XML_KEY_VALUE, newValues.toArray());
if (DEBUG.messageEnabled()) {
DEBUG.message("Upgrading entitlements index for: " + entry.getName());
}
modConn.modify(modifyRequest);
counter++;
} else {
reader.readReference();
}
}
UpgradeProgress.reportEnd("upgrade.entitlement.privilege", policyRuleCount, policyRuleCount);
} catch (Exception ex) {
DEBUG.error("An error occurred while upgrading the entitlement indexes", ex);
throw new UpgradeException(ex);
} finally {
IOUtils.closeIfNotNull(conn);
IOUtils.closeIfNotNull(modConn);
}
}
Aggregations