/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: PolicyModelImpl.java,v 1.6 2009/09/18 00:08:22 veiming Exp $
*
*/
/*
* Portions Copyrighted [2011] [ForgeRock AS]
*/
/* - LOG COMPLETE - */
public class PolicyModelImpl
extends AMModelBase
implements PolicyModel
{
/**
* Creates a simple model using default resource bundle.
*
* @param req HTTP Servlet Request
* @param map of user information
*/
}
throws AMConsoleException {
realmName = getStartDN();
}
try {
} catch (SSOException e) {
throw new AMConsoleException(e);
} catch (PolicyException e) {
throw new AMConsoleException(e);
}
}
throws AMConsoleException {
if (svcTypeMgr == null) {
try {
} catch (SSOException ssoe) {
}
}
return svcTypeMgr;
}
/**
* Returns cached policy object.
*
* @param cacheID Cache ID.
* @return cached policy object.
* @throws AMConsoleException if policy object cannot be located.
*/
throws AMConsoleException
{
}
/**
* Caches a policy. Returns the cache ID of the policy object.
*
* @param policyName Name of policy.
* @param description Description of policy.
* @param isReferral <code>true</code> if policy is referral typed.
* @param isActive <code>true</code> if policy is active.
* @return cache ID of the policy object.
* @throws AMConsoleException if policy cannot be cached.
*/
boolean isReferral,
boolean isActive
) throws AMConsoleException {
try {
return cache.cachePolicy(
} catch (InvalidNameException e) {
throw new AMConsoleException(getErrorString(e));
}
}
/**
* Caches an existing policy. Returns the cache ID of the policy object.
*
* @param realmName Name of realm.
* @param policyName Name of policy.
* @return cache ID of the policy object.
* @throws AMConsoleException if policy cannot be cached.
*/
throws AMConsoleException {
try {
return cache.cachePolicy(
} catch (InvalidFormatException e) {
throw new AMConsoleException(getErrorString(e));
} catch (InvalidNameException e) {
throw new AMConsoleException(getErrorString(e));
} catch (NoPermissionException e) {
throw new AMConsoleException(getErrorString(e));
} catch (NameNotFoundException e) {
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
} catch (SSOException e) {
throw new AMConsoleException(getErrorString(e));
}
}
/**
* Returns policy names that are under a realm.
*
* @param realmName Name of realm.
* @param filter Filter string.
* @return policy names that are under a realm.
* @throws AMConsoleException if policy names cannot be returned.
*/
throws AMConsoleException {
try {
} catch (SSOException e) {
throw new AMConsoleException(strError);
} catch (PolicyException e) {
throw new AMConsoleException(strError);
}
}
/**
* Creates a policy.
*
* @param realmName Name of realm.
* @param policy Policy object.
* @throws AMConsoleException if policy cannot be created.
*/
throws AMConsoleException {
try {
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
} catch (SSOException e) {
throw new AMConsoleException(getErrorString(e));
}
}
/**
* Modifies a policy.
*
* @param realmName Name of realm.
* @param policy Policy object.
* @throws AMConsoleException if policy cannot be created.
*/
throws AMConsoleException {
try {
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
} catch (SSOException e) {
throw new AMConsoleException(getErrorString(e));
}
}
/**
* Deletes policies.
*
* @param realmName Name of realm that contains these policies.
* @param names Set of policy names to be deleted.
* @throws AMConsoleException if policies cannot be deleted.
*/
throws AMConsoleException {
try {
} catch (PolicyException e) {
} catch (SSOException e) {
}
}
if (!unableToDelete.isEmpty()) {
"policy.message.unableToDeletePolicies", p);
throw new AMConsoleException(msg);
}
}
/**
* Returns true if rule can be created in a policy.
*
* @param policy Policy object.
* @param realmName Realm Name.
* @return true if rule can be created in a policy.
*/
return !requiredResourceNameService.isEmpty() ||
}
/**
* Returns all registered service type names. Map of service name to its
* localized name.
*
* @return all registered service type names.
*/
try {
}
}
}
} catch (SSOException e) {
} catch (NoPermissionException e) {
} catch (AMConsoleException e) {
}
}
/**
* Returns action schemas of service type.
* name.
*
* @param policy Policy object.
* @param realmName Realm Name.
* @param name Name of Service Type.
* @param withResourceName <code>true</code> for action names for resource
* name.
* @return action schemas of service type.
*/
boolean withResourceName
) {
if (withResourceName) {
if (as.requiresResourceName()) {
}
} else if (!as.requiresResourceName()) {
}
}
}
}
/**
* Returns localized name of action schema.
*
* @param name Name of Service Type.
* @param actionSchema Action Schema.
* @return localized name of action schema.
*/
) {
name);
//i18nKey should not be null or empty because we have pre-scan them.
}
/**
* Returns a option list of possible choices.
*
* @param name Name of Service Type.
* @param actionSchema Action Schema.
* @return a option list of possible choices.
*/
name);
} else {
}
} else {
}
return optList;
}
/**
* Returns true if service type requires resource name.
*
* @param policy Policy object.
* @param realmName Realm Name.
* @param name Name of Service Type.
* @return true if service type requires resource name.
*/
public boolean requiredResourceName(
) {
}
/**
* Returns true if service type does not require resource name.
*
* @param policy Policy object.
* @param realmName Realm Name.
* @param name Name of Service Type.
* @return true if service typedoes not require resource name.
*/
public boolean notRequiredResourceName(
) {
}
) {
trueValue = "true";
}
if (falseValue == null) {
falseValue = "false";
}
if (trueI18nKey != null) {
} else {
}
} else {
}
if (falseI18nKey != null) {
} else {
}
} else {
}
return optionList;
}
) {
}
}
return optionList;
}
if (mapSvcTypeNameToActions == null) {
try {
if (serviceType != null) {
serviceType, getUserLocale());
serviceTypeName, as, true)
) {
}
serviceTypeName, as, false)
) {
}
}
}
}
}
} catch (AMConsoleException e) {
} catch (SSOException e) {
} catch (NameNotFoundException e) {
}
}
return mapSvcTypeNameToActions;
}
private boolean requiresResourceName(
boolean required
) {
realmName = getStartDN();
}
boolean yes = false;
}
if (required) {
if (yes) {
}
} else {
if (yes) {
/* cannot have more than one rule for service without resource
name */
if (ruleWithoutRes.isEmpty()) {
} else {
yes = false;
}
}
}
return yes;
}
}
}
}
return selected;
}
try {
} catch (NameNotFoundException e) {
}
}
}
}
/**
* Returns true of new resource can be created under a realm of a given
* service type.
*
* @param realmName Name of Realm.
* @param svcTypeName Name of Service Type.
* @return true of new resource can be created under a realm of a given
* service type.
*/
boolean can = false;
try {
} catch (AMConsoleException e) {
}
return can;
}
/**
* Returns a list of managed resource names.
*
* @param realmName Name of realm.
* @param serviceTypeName Name of service type.
* @return a list of managed resource names.
*/
if (managedResources == null) {
try {
resources, getUserLocale());
}
}
} catch (PolicyException e) {
} catch (AMConsoleException e) {
}
}
return managedResources;
}
}
}
}
}
}
}
}
}
return actionSchemas;
}
try {
} catch (InvalidNameException e) {
}
return schema;
}
}
/**
* Returns a map of active referral types for a realm to its display name.
*
* @param realmName Name of Realm.
* @return a map of active referral types for a realm to its display name.
*/
try {
if (referralTypeMgr != null) {
getUserSSOToken());
}
}
}
}
}
} catch (AMConsoleException e) {
} catch (SSOException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
}
/**
* Returns syntax for a referral.
*
* @param realmName Name of Realm.
* @param referralType Name of referral type.
* @return syntax for a referral.
*/
try {
}
} catch (SSOException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
} catch (AMConsoleException e) {
}
return syntax;
}
/**
* Returns a referral object.
*
* @param realmName Name of Realm.
* @param referralType Name of referral type.
* @param values Values of the referral.
* @return referral obejct.
* @throws AMConsoleException if referral cannot be created.
*/
) throws AMConsoleException {
try {
}
} catch (NameNotFoundException e) {
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
}
return referral;
}
/**
* Returns a set of possible values for a referral type.
*
* @param realmName Name of Realm.
* @param referralType Name of Referral Type.
* @param filter wildcards for filtering the results.
* @return a set of possible values for a referral type.
*/
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (SSOException e) {
} catch (PolicyException e) {
}
return values;
}
/**
* Returns properties view bean URL of a referral.
*
* @param realmName Name of realm.
* @param referralTypeName Name of Referral Type.
* @return properties view bean URL of a referral.
*/
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
return url;
}
/**
* Returns a map of values to localized label.
*
* @param realmName Name of realm.
* @param referralTypeName Name of referral Type.
* @param values Valid values.
* @return a map of values to localized label.
*/
) {
try {
}
}
} catch (AMConsoleException e) {
"PolicyModelImpl.getDisplayNameForReferralValues", e);
} catch (NameNotFoundException e) {
"PolicyModelImpl.getDisplayNameForReferralValues", e);
} catch (PolicyException e) {
"PolicyModelImpl.getDisplayNameForReferralValues", e);
}
}
}
/**
* Returns a map of active subject types for a realm to its display name.
*
* @param realmName Name of Realm.
* @return a map of active subject types for a realm to its display name.
*/
try {
if (subjectTypeMgr != null) {
try {
getUserSSOToken());
}
}
} catch (SSOException e) {
strError = getErrorString(e);
} catch (NameNotFoundException e) {
strError = getErrorString(e);
} catch (PolicyException e) {
strError = getErrorString(e);
}
}
}
}
} catch (AMConsoleException e) {
} catch (SSOException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
}
/**
* Returns syntax for a subject.
*
* @param realmName Name of Realm.
* @param subjectType Name of Subject type.
* @return syntax for a subject.
*/
try {
}
} catch (SSOException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
} catch (AMConsoleException e) {
}
return syntax;
}
/**
* Returns a subject object.
*
* @param realmName Name of Realm.
* @param subjectType Name of subject type.
* @param values Values of the subject.
* @return subject object.
* @throws AMConsoleException if subject cannot be created.
*/
) throws AMConsoleException {
try {
}
} catch (NameNotFoundException e) {
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
}
return subject;
}
/**
* Returns a set of possible values for a subject type.
*
* @param realmName Name of Realm.
* @param subjectType Name of Subject Type.
* @param filter wildcards for filtering the results.
* @return a set of possible values for a subject type.
* @throws AMConsoleException if values cannot be obtained.
*/
) throws AMConsoleException
{
filter = "*";
}
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
throw new AMConsoleException(getErrorString(e));
} catch (SSOException e) {
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
}
return values;
}
/**
* Returns subject type name of a subject.
*
* @param realmName Name of realm.
* @param subject Subject instance.
* @return subject type name of a subject.
*/
try {
}
} catch (AMConsoleException e) {
}
return typeName;
}
/**
* Returns properties view bean URL of a subject.
*
* @param realmName Name of realm.
* @param subjectTypeName Name of Subject Type.
* @return properties view bean URL of a subject.
*/
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
return url;
}
/**
* Returns properties view bean URL of a subject.
*
* @param realmName Name of realm.
* @param subject Subject instance.
* @return properties view bean URL of a subject.
*/
try {
}
} catch (AMConsoleException e) {
}
return url;
}
/**
* Returns a map of values to localized label.
*
* @param realmName Name of realm.
* @param subjectTypeName Name of Subject Type.
* @param values Valid values.
* @return a map of values to localized label.
*/
) {
try {
}
}
} catch (AMConsoleException e) {
"PolicyModelImpl.getDisplayNameForSubjectValues", e);
} catch (NameNotFoundException e) {
"PolicyModelImpl.getDisplayNameForSubjectValues", e);
} catch (PolicyException e) {
"PolicyModelImpl.getDisplayNameForSubjectValues", e);
}
}
}
/**
* Returns property sheet XML for response provider.
*
* @param realmName Name of Realm.
* @param providerType Name of response provider name.
* @param bCreate true for create view bean.
* @param readonly true if administrator can only read permission.
* @return property sheet XML for response provider.
*/
boolean bCreate,
boolean readonly
) {
if (bCreate) {
} else {
}
builder.setAllAttributeReadOnly(true);
}
}
/**
* Returns property names of a response provider.
*
* @param realmName Name of Realm.
* @param providerType Name of response provider name.
* @return property names of a response provider.
*/
) {
}
/**
* Returns a response provider object.
*
* @param realmName Name of Realm.
* @param providerType Name of response provider type.
* @param values Values of the response provider.
* @return response provider object.
* @throws AMConsoleException if response provider cannot be created.
*/
) throws AMConsoleException {
try {
}
} catch (NameNotFoundException e) {
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
}
return provider;
}
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
return provider;
}
/**
* Returns a map of active response provider types for a realm to its
* display name.
*
* @param realmName Name of Realm.
* @return a map of active response provider types for a realm to its
* display name.
*/
try {
if (providerTypeMgr != null) {
}
}
}
} catch (AMConsoleException e) {
} catch (SSOException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
}
/**
* Returns response provider type name of a response provider.
*
* @param realmName Name of realm.
* @param provider response provider instance.
* @return response provider type name of a response provider.
*/
) {
try {
}
} catch (AMConsoleException e) {
}
return typeName;
}
/**
* Returns properties view bean URL of a response provider.
*
* @param realmName Name of realm.
* @param provider response provider Object.
* @return properties view bean URL of a response provider.
*/
) {
try {
}
} catch (AMConsoleException e) {
}
return url;
}
/**
* Returns properties view bean URL of a response provider.
*
* @param realmName Name of realm.
* @param typeName Name of response provider Type.
* @return properties view bean URL of a response provider.
*/
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
return url;
}
/**
* Returns a map of active condition types for a realm to its display name.
*
* @param realmName Name of Realm.
* @return a map of active condition types for a realm to its display name.
*/
try {
if (condTypeMgr != null) {
}
}
}
} catch (AMConsoleException e) {
} catch (SSOException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
}
/**
* Returns properties view bean URL of a condition.
*
* @param realmName Name of realm.
* @param condition Condition Object.
* @return properties view bean URL of a condition.
*/
) {
try {
}
} catch (AMConsoleException e) {
}
return url;
}
/**
* Returns properties view bean URL of a condition.
*
* @param realmName Name of realm.
* @param conditionTypeName Name of Condition Type.
* @return properties view bean URL of a condition.
*/
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
return url;
}
) {
try {
}
} catch (AMConsoleException e) {
} catch (NameNotFoundException e) {
} catch (PolicyException e) {
}
return condition;
}
/**
* Returns a condition object.
*
* @param realmName Name of Realm.
* @param conditionType Name of condition type.
* @param values Values of the condition.
* @return condition object.
* @throws AMConsoleException if condition cannot be created.
*/
) throws AMConsoleException {
try {
}
} catch (NameNotFoundException e) {
throw new AMConsoleException(getErrorString(e));
} catch (PolicyException e) {
throw new AMConsoleException(getErrorString(e));
}
return condition;
}
/**
* Returns property sheet XML for condition.
*
* @param realmName Name of Realm.
* @param conditionType Name of condition name.
* @param readonly true if the administrator has only read only permission.
* @return property sheet XML for condition.
*/
boolean readonly
) {
}
/**
* Returns property names of a condition.
*
* @param realmName Name of Realm.
* @param conditionType Name of condition name.
* @return property names of a condition.
*/
) {
}
/**
* Returns condition type name of a condition.
*
* @param realmName Name of realm.
* @param condition Condition instance.
* @return Condition type name of a condition.
*/
try {
}
} catch (AMConsoleException e) {
}
return typeName;
}
/**
* Returns a descriptive message if policy cannot be created under a realm.
*
* @param realmName Name of Realm.
* @return a descriptive message if policy cannot be created under a realm.
*/
try {
message = "noReferralForOrg.message";
} else if (!hasPolicyConfigSvcRegistered(realmName)) {
message = "noPolicyConfigSvc.message";
}
}
} catch (EntitlementException e) {
message = e.getMessage();
} catch (AMConsoleException e) {
message = e.getMessage();
}
return message;
}
try {
} catch (SMSException e) {
return false;
}
}
/**
* Returns set of authentication instances.
*
* @param realmName Name of Realm.
* @return set of authentication instances.
* @throws AMConsoleException if authentication instances cannot be
* obtained.
*/
throws AMConsoleException {
try {
getUserSSOToken(), realmName);
}
}
} catch (AMConfigurationException e) {
throw new AMConsoleException(getErrorString(e));
}
return names;
}
throws AMConsoleException {
}
throws AMConsoleException {
try {
}
}
} catch(NameNotFoundException nnfe) {
if (debug.warningEnabled()) {
}
}
}
}
return resourceNames;
}
/**
* Returns authentication instances configured for the realm.
*
* @param realmName Name of realm.
* @return authentication instances configured for the realm.
*/
try {
}
}
} catch (AMConfigurationException e) {
}
}
/**
* Returns authentication level of an authentication instance.
*
* @param realmName Name of realm.
* @param name Authentication Instance name.
* @return authentication level of an authentication instance.
*/
try {
}
} catch (AMConfigurationException e) {
}
return level;
}
/**
* Returns realms that have names matching with a filter.
*
* @param base Base realm name for this search. null indicates root
* suffix.
* @param filter Filter string.
* @return realms that have names matching with a filter.
* @throws AMConsoleException if search fails.
*/
throws AMConsoleException
{
base = getStartDN();
}
try {
return appendBaseDN(base,
} catch (SMSException e) {
throw new AMConsoleException(strError);
}
}
/*
* the issue is that the search results are relative to the base.
*/
) {
} else {
}
}
} else {
}
} else {
} else {
}
}
}
}
return altered;
}
}