am/sdk/AMDCTree.java

8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster/**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * opensso/legal/CDDLv1.0.txt
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * at opensso/legal/CDDLv1.0.txt.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: AMDCTree.java,v 1.5 2008/06/25 05:41:19 qcheng Exp $
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpackage com.iplanet.am.sdk;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.am.sdk.common.IDCTreeServices;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.services.ldap.Attr;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.services.ldap.AttrSet;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.sso.SSOException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.sso.SSOToken;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.security.AdminTokenAction;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.shared.debug.Debug;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.sm.SMSException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.sm.ServiceSchema;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.sm.ServiceSchemaManager;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.security.AccessController;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Collections;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Iterator;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Map;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Set;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster/**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This class <code>AMDCTree</code> contains the functionality to support a DC
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Tree in the LDAP DIT. The methods of this class will be used by other classes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in com.iplanet.dpro.sdk package.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <p>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * In order to determine if DC Tree support is required or not, the parameter
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>com.iplanet.am.dctree</code> will be verified. A value of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>true</code> for this parameter, means DC Tree support is required
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <p>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * NOTE: An explicit check must be performed using AMDCTree.isRequired() method
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * before calling any other methods in this class.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @deprecated  As of Sun Java System Access Manager 7.1.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterclass AMDCTree implements AMConstants {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    protected static ServiceSchema gsc = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static final String IPLANET_DOMAIN_NAME_ATTR = "sunPreferredDomain";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static final String INET_CANONICAL_DOMAIN =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        "inetcanonicaldomainname";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static final String DOMAIN_BASE_DN = "inetDomainBaseDN";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static Map domainMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static Map canonicalDomainMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static Debug debug = AMCommonUtils.debug;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static IDCTreeServices dcTreeServices =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        AMDirectoryAccessFactory.getDCTreeServices();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        domainMap = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        canonicalDomainMap = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Method to determine if DC Tree support is required or not.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @return true if DC Tree support required, false otherwise
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    protected static boolean isRequired() throws AMException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (AMCompliance.gsc == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                ServiceSchemaManager scm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        ADMINISTRATION_SERVICE, (SSOToken) AccessController
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                .doPrivileged(AdminTokenAction.getInstance()));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                AMCompliance.gsc = scm.getGlobalSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Map attrMap = AMCompliance.gsc.getAttributeDefaults();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Set values = (Set) attrMap.get(DCT_ENABLED_ATTR);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            boolean required = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (values == null || values.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                required = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                String val = (String) values.iterator().next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                required = (val.equalsIgnoreCase("true"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return required;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } catch (SMSException ex) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.error(AMSDKBundle.getString("354"), ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throw new AMException(AMSDKBundle.getString("354"), "354");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } catch (SSOException ex) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.error(AMSDKBundle.getString("345"), ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throw new AMException(AMSDKBundle.getString("354"), "354");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    protected static String getOrganizationDN(SSOToken token, String domainName)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throws AMException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return dcTreeServices.getOrganizationDN(token, domainName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    protected static AttrSet[] splitAttrSet(String orgDN, AttrSet attrSet)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throws AMException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        AttrSet attrArray[] = new AttrSet[2];
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        attrArray[0] = new AttrSet();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        attrArray[1] = new AttrSet();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (attrSet == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (attrArray);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Set dcNodeAttrs = dcNodeAttributes();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator it = dcNodeAttrs.iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (it.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String aName = (String) it.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (aName.indexOf("objectclass=") > -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                Attr attr = attrSet.getAttribute("objectclass");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                String oc = aName.substring("objectclass=".length());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                Attr dcAttr = new Attr("objectclass");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (attr != null && attr.contains(oc)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    attr.removeValue(oc);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    dcAttr.addValue(oc);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    attrSet.replace(attr);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    attrArray[1].add(dcAttr);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                Attr attr = attrSet.getAttribute(aName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (attr != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    attrArray[1].add(attr);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    attrSet.remove(aName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        attrArray[0] = attrSet;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("AMCompliance.splitAttrSet: " + "domain attrset = "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + attrArray[1].toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("AMCompliance.splitAttrSet: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + "non-domain attrset = " + attrArray[0].toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return attrArray;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * This is a protected method used by the notification event listener thread
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * to clean the domain map, when organization entry is changed.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @param canonOrgDN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *            organization DN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    protected static void cleanDomainMap(String canonOrgDN) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        synchronized (canonicalDomainMap) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            canonicalDomainMap.remove(canonOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        synchronized (domainMap) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            domainMap.remove(canonOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static Set dcNodeAttributes() throws AMException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (gsc == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                ServiceSchemaManager scm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        ADMINISTRATION_SERVICE, (SSOToken) AccessController
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                .doPrivileged(AdminTokenAction.getInstance()));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                gsc = scm.getGlobalSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Map attrMap = gsc.getAttributeDefaults();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Set values = (Set) attrMap.get(DCT_ATTRIBUTE_LIST_ATTR);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (values == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    debug.message("DCTree.dcNodeAttributes = null");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                return Collections.EMPTY_SET;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    debug.message("DCTree.dcNodeAttributes = "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            + values.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                return values;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } catch (SMSException ex) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.error(AMSDKBundle.getString("908"), ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throw new AMException(AMSDKBundle.getString("908"), "908");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } catch (SSOException ex) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.error(AMSDKBundle.getString("902"), ex);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throw new AMException(AMSDKBundle.getString("902"), "902");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster}