8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: ConfigMonitoring.java,v 1.6 2009/12/23 23:50:21 bigfatrat Exp $
a4544a5a0e622ef69e38641f87ab1b5685e05911Phill Cunnington * Portions Copyrighted 2011-2015 ForgeRock AS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.dpro.session.service.SessionService;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.config.AMAuthenticationInstance;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.config.AMAuthenticationManager;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.config.AMConfigurationException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.common.configuration.AgentConfiguration;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.common.configuration.SiteConfiguration;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.idm.AMIdentityRepository;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.monitoring.SSOServerRealmInfo;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.monitoring.SSOServerMonConfig;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.security.AdminTokenAction;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.shared.datastruct.CollectionHelper;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.sm.OrganizationConfigManager;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.sm.ServiceSchemaManager;
35ab1c5bca11317474fe12bdd8d22c17cdaf2697Robert Wapshottimport org.forgerock.guice.core.InjectorHolder;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This class gathers the configuration information for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * monitoring service, which is initially started in WebtopNaming.java
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Configuration information can be gathered after Session services
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * have started up.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in AMLoginModule.java, the requested realm/org (i.e., in the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "?realm=xxx" parameter) is not available, so realm-specific
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * auth module statistics can't be updated. leave the code
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to gather the realms' auth module instances in, but don't
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * call it for now.
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * This method is called by AMSetupServlet, when it's done
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * configuring the OpenAM server after deployment. It is also
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * called by the MonitoringConfiguration load-on-startup servlet
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * when the OpenAM server is restarted any time after being
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * configured. It completes the configuring of the monitoring
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agent with the config information that requires an SSOToken
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee * to retrieve. There is another part of the configuration supplied
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to the agent by WebtopNaming.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.configureMonitoring: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "Could not get proper SSOToken", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean isSessFOEnabled = false;
35ab1c5bca11317474fe12bdd8d22c17cdaf2697Robert Wapshott SessionService ssvc = InjectorHolder.getInstance(SessionService.class);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster isSessFOEnabled = ssvc.isSessionFailoverEnabled();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "unable to get session service");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "exception getting session service; " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if monitoring disabled, go no further. any error
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * from getMonServiceAttrs() or Agent.startAgent()
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * will result in monitoring getting disabled.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (i != 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getMonServiceAttrs returns " + i +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ", monitoring disabled");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster HashMap<String, String> puMap = new HashMap<String, String>(); // sitename -> primary URL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster HashMap<String, String> siteMap = new HashMap<String, String>(); // primary URL -> sitename
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set<String> siteNames = SiteConfiguration.getSites(ssoToken);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // get primary url for each site
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator<String> it = siteNames.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SiteConfiguration.getSitePrimaryURL(ssoToken, site);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "SMS exception: " + smex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "SSO exception: " + ssoex.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "no realm mbeans; monitoring disabled.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * probably could combine getAllRealms() and getAllRealmsSpecific()
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to do auth modules, and agents and groups, when auth modules'
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * statistics can be handled per realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster doSubRealms("/"); // start with the root realm ("/")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private SSOToken getSSOToken() throws SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (SSOToken) AccessController.doPrivileged(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private void getRealmsList(String startRealm) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getRealmsList: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new OrganizationConfigManager(ssoToken, startRealm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgs = orgMgr.getSubOrganizationNames("*", true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = orgs.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SMSException getting OrgConfigMgr: " + e.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAllRealms: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("orgnames starting from ").append(startRealm).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster append(":\n").append(" ").append(startRealm).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new OrganizationConfigManager(ssoToken, startRealm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgs = orgMgr.getSubOrganizationNames("*", true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the orgs Set of realms seems to have some sort of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * ordering to it, going through each of "/"'s realms.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * don't know that we need to count on it, but it's
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // do the top-level realm first
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * get agent information... just for info, not processing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new SSOServerRealmInfo.SSOServerRealmInfoBuilder("/").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster int i = Agent.realmConfigMonitoringAgent(srInfo);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if realmConfigMonitoringAgent() had a problem with
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * this realm, there's not much point in processing its
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * subrealms...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (i != 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "error processing root realm; " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "skip subrealms.");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // then all the subrealms; they have leading "/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = orgs.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /* get this realm's auth modules */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AMIdentity thisRealmAMId = idRepo.getRealmIdentity();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String currentRealmAMIdName = thisRealmAMId.getRealm();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for(Iterator it2=s1.iterator(); it2.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * all get an "Application" instance/type by default
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * get agent information
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * don't need with the *Specific versions... just
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * needed to see what attributes there were (and values)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new SSOServerRealmInfo.SSOServerRealmInfoBuilder(ss).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * problem with this subrealm, but at least the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * root realm was added. just output error and do next
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (i != 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "IdRepoException getting AMIdentityRepository" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster " object for realm: " + ss + ": " + ire.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SMSException getting OrgConfigMgr: " + e.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * this is like getAllRealms("/"), but refined to get the specific
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attributes needed. probably the eventual version... for agents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and agent groups, anyway.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private void getAllRealmsSpecific(String startRealm) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAllRealmsSpecific: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("orgnames starting from ").append(startRealm).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster append(":\n").append(" ").append(startRealm).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new OrganizationConfigManager(ssoToken, startRealm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgs = orgMgr.getSubOrganizationNames("*", true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the orgs Set of realms seems to have some sort of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * ordering to it, going through each of "/"'s realms.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * don't know that we need to count on it, but it's
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * get agent and agent group information
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster idRepo = new AMIdentityRepository(ssoToken, "/");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster currentRealmAMIdName = thisRealmAMId.getRealm();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * get agents and agent groups information
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getAgentsAndGroupsInfo("/", idRepo, thisRealmAMId);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "IdRepoException getting AMIdentityRepository" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if we can't get the AMIdentityRepository, there's
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * not much we can do
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SSOException getting info for realm /: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * likewise, if there's an issue with our SSOToken...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * there's not much we can do
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // then all the subrealms; they have leading "/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = orgs.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster idRepo = new AMIdentityRepository(ssoToken, ss);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster currentRealmAMIdName = thisRealmAMId.getRealm();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * get agents and agent groups information
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getAgentsAndGroupsInfo(ss, idRepo, thisRealmAMId);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "IdRepoException getting AMIdentityRepository" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster " object for realm: " + ss + ": " + ire.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SMSException getting OrgConfigMgr: " + e.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getRealmAuthMods: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new AMAuthenticationManager (ssoToken, realmName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = insts.iterator(); it.hasNext(); ){
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * all get an "Application" instance/type by default
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting auth instances; " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * recursively process subrealms.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * gather per-realm configuration items:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * authentication modules
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * 2.2 agents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * J2EE agents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * J2EE agent groups
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Web agents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Web agent groups
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * each COT's members
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.doSubRealms: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // get this realm's identity
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AMIdentity thisRealmAMId = idRepo.getRealmIdentity();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String currentRealmAMIdName = thisRealmAMId.getRealm();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String currentAMIdName = thisRealmAMId.getName();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // currentRealmAMIdName is fql; currentAMIdName is just realmname
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + "this realm name = '" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // get this realm's subrealms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set subRealms = (idRepo.searchIdentities(IdType.REALM,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "*", new IdSearchControl())).getSearchResults();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster " has no subrealms");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message(classMethod + currentAMIdName + " has " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = subRealms.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // get assigned services
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it3 = svcs.iterator(); it3.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb2.append(" ").append(it3.next()).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // get auth modules
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set insts = getAuthModules(currentRealmAMIdName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it4 = insts.iterator(); it4.hasNext(); ){
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster insts = getSupportedEntityTypes(currentRealmAMIdName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new StringBuffer("Supported Entity types for ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it4 = insts.iterator(); it4.hasNext(); ){
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "IdRepoException getting AMIdentityRepository" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster " object for root realm: " + ire.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SSOException getting subrealms for root realm: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * gather the auth modules for this (sub)"realm". "realm" is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "currentRealmAMIdName" from:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * AMIdentityRepository idRepo =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * new AMIdentityRepository(ssoToken, realm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * AMIdentity thisRealmAMId = idRepo.getRealmIdentity();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * String currentRealmAMIdName = thisRealmAMId.getRealm();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAuthModules: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "getting auth instances; " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private Set getSupportedEntityTypes(String realm) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getSupportedEntityTypes: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AMIdentityRepository repo = new AMIdentityRepository(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "idrepo exception getting supported entity types; " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sso exception getting supported entity types; " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAgentTypes: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agent types are:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * AgentConfiguration.AGENT_TYPE_J2EE = "J2EEAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * AgentConfiguration.AGENT_TYPE_WEB = "WebAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * AgentConfiguration.AGENT_TYPE_2_DOT_2_AGENT = "2.2_Agent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * AgentConfiguration.AGENT_TYPE_AGENT_AUTHENTICATOR =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "SharedAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sms exception: " + sme.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso exception: " + sse.getMessage());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder sb = new StringBuilder(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("number of AgentTypes = ").append(agents.size()).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = agents.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAgents: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuffer sb = new StringBuffer(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given a realm, can search the AMIdentityRepository for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * IdType.AGENTONLY and IdType.AGENTGROUP. or IdType.AGENT
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to get both. this is similar
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to AgentsModelImpl.java:getAgentNames(...)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster isc.setTimeOut(3000); // should use set value, but for now...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set results = isr.getSearchResults(); // set of AMIdentitys
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(realm).append("; size = ").append(results.size()).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = results.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting agents: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting agents: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAgentGroups: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given a realm, search the AMIdentityRepository for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * IdType.AGENTGROUP.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * this is similar to AgentsModelImpl.java:getAgentGroupNames(...)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuffer sb = new StringBuffer(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster isc.setTimeOut(3000); // should use set value, but for now...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set results = isr.getSearchResults(); // set of AMIdentitys
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb = new StringBuffer("AgentGroups for realm ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(realm).append("; size = ").append(results.size()).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = results.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting agents: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting agents: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getAgentsAndGroupsInfo: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuffer sb = new StringBuffer(classMethod);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given a realm, can search the AMIdentityRepository for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * IdType.AGENTONLY and IdType.AGENTGROUP. or IdType.AGENT
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to get both. this is similar
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to AgentsModelImpl.java:getAgentNames(...)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster isc.setTimeOut(3000); // should use set value, but for now...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set results = isr.getSearchResults(); // set of AMIdentitys
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // results has all the agents (only, not agent groups)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = results.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map m = processAgentIdentitySpecific(realm, aid, sb, true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * now the agent groups
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster isc.setTimeOut(3000); // should use set value, but for now...
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster isr = airepo.searchIdentities(IdType.AGENTGROUP, "*", isc);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster results = isr.getSearchResults(); // set of AMIdentitys
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = results.iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map m = processAgentIdentitySpecific(realm, aid, sb, false);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting agents: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting agents: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private void processAgentIdentity(AMIdentity aid, StringBuffer sb) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.processAgentIdentity: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getName() => name of the agent/agentgroup
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getType().toString() => "agent"/"agentgroup"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getAttributes([CLIConstants.ATTR_NAME_AGENT_TYPE]) =>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * for "agent":
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "SharedAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "2.2_Agent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "WSCAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "SharedAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "J2EEAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * for "agentgroup":
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "WebAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "J2EEAgent"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getMemberships(IdType.AGENTGROUP) for agents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * gives the agent group name(s) it's a member of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getAttribute(com.sun.identity.agents.config.login.url) =>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agent's server URL (plus trailing "/UI/Login")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getAttribute(com.sun.identity.agents.config.agenturi.prefix) =>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agent's URL (plus trailing "/amagent")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster append(", type = ").append(aid.getType().toString());
80ca0b9f5ad61b2335af25d4dcf25a04ebfcbc91Peter Major attrs = (Set)attrv.get(Constants.ATTR_NAME_AGENT_TYPE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster mships = aid.getMemberships(IdType.AGENTGROUP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting agentgroups");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting agentgroups");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator i2 = mships.iterator(); i2.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator it = amap.keySet().iterator(); it.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AgentConfiguration.getInheritedAttributeNames(aid);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sms error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.processAgentIdentitySpecific: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getName() => name of the agent/agentgroup
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getType().toString() => "agent"/"agentgroup"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getAttributes([CLIConstants.ATTR_NAME_AGENT_TYPE]) =>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * for "agent":
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "SharedAgent" -> skip these (Agent Authenticator)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "2.2_Agent" -> only have name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "J2EEAgent" get com.sun.identity.client.notification.url (minus
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "/notification) and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * com.sun.identity.agents.config.login.url (already)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * for "agentgroup":
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "WebAgent" -> get com.sun.identity.agents.config.login.url (ok)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "J2EEAgent" -> get com.sun.identity.agents.config.login.url (ok)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and com.sun.identity.client.notification.url
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * minus the "/notification"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getMemberships(IdType.AGENTGROUP) for agents
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * gives the agent group name(s) it's a member of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getAttribute(com.sun.identity.agents.config.login.url) =>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agent's server URL (plus trailing "/UI/Login")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aid.getAttribute(com.sun.identity.agents.config.agenturi.prefix) =>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agent's URL (plus trailing "/amagent")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * these are same for both agents and agent groups
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * agents can be in only one agent group
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String agentOrGroup = aid.getType().toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(", type = ").append(agentOrGroup).append(", ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * have to get the agenttype before knowing which
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attributes we really want, so try to get them all
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.agents.config.agenturi.prefix");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.agents.config.login.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.client.notification.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting attrs");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * depending on if agent or agent group, and what type
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * see if the corresponding attribute(s) have values.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the attribute's value comes as a Set... should only
80ca0b9f5ad61b2335af25d4dcf25a04ebfcbc91Peter Major getValFromSet (attrv, Constants.ATTR_NAME_AGENT_TYPE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * now to get just the ones we want for the given agent/agent group
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (atype.equalsIgnoreCase("2.2_Agent")) { // agentonly
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // only agent's name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (atype.equalsIgnoreCase("J2EEAgent")) { // both
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * com.sun.identity.client.notification.url (minus "/notification")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and com.sun.identity.agents.config.login.url for both
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.agents.config.login.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.client.notification.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (atype.equalsIgnoreCase("WebAgent")) { // both
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.agents.config.agenturi.prefix");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsToGet.add("com.sun.identity.agents.config.login.url");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } // don't process "SharedAgent" or "NONE" type
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map attrMap = new HashMap(); // attributes for this agent
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map agtMap = new HashMap(); // realm -> agents/attrMap
80ca0b9f5ad61b2335af25d4dcf25a04ebfcbc91Peter Major attrMap.put(Constants.ATTR_NAME_AGENT_TYPE, atype);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append("agent type = ").append(atype).append("\n");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "com.sun.identity.client.notification.url"))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(" attr = ").append(key).append("\n ").
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster mships = aid.getMemberships(IdType.AGENTGROUP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "idrepo error getting agentgroups");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.error(classMethod + "sso error getting agentgroups");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator i2 = mships.iterator(); i2.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String getValFromSet (Map values, String valAttr) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning("ConfigMonitoring.getValFromSet: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return "NONE";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return "NONE";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String classMethod = "ConfigMonitoring.getMonServiceAttrs: ";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchema smsMonSchema = schemaManager.getGlobalSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map monAttrs = smsMonSchema.getAttributeDefaults();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Boolean.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-enabled")).booleanValue();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.warning(classMethod + "monitoring is disabled");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Boolean.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-http-enabled")).booleanValue();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Integer.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-http-port"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String authFilePath = CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-authfile-path");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Integer.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-rmi-port"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Boolean.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-rmi-enabled")).booleanValue();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Integer.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-snmp-port"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Boolean.valueOf(CollectionHelper.getMapAttr(monAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "iplanet-am-monitoring-snmp-enabled")).booleanValue();
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna Integer.valueOf(CollectionHelper.getMapAttr(monAttrs,
fb3b3a01405c222ae1fdbbe6f5c1d4aa696195bbDavid Luna "iplanet-am-monitoring-policy-window"));
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna Integer.valueOf(CollectionHelper.getMapAttr(monAttrs,
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna "iplanet-am-monitoring-session-window"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster " monitoring auth filepath = " + authFilePath + "\n" +
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna " policy eval window size = " + policyWindow + "\n" +
0f7c5b88fd04e25bea6113dfc783a05e4e2045f8David Luna " session eval window size = " + sessionWindow + "\n"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new SSOServerMonConfig.SSOServerMonInfoBuilder(monEna).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (i != 0) {