SpecialRepo.java revision 60e9e896a1a7a9e62db162e1e9fb6b3c2df50c33
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SpecialRepo.java,v 1.19 2010/01/06 17:41:00 veiming Exp $
*
* Portions Copyrighted 2012-2015 ForgeRock AS.
*/
"com.sun.identity.idm.plugins.internal.SpecialRepo";
// Status attribute
// Contains the names of the specials users
public SpecialRepo() {
if (debug.messageEnabled()) {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#addListener(com.iplanet.sso.SSOToken,
* com.iplanet.am.sdk.IdRepoListener)
*/
throws IdRepoException, SSOException {
if (debug.messageEnabled()) {
}
try {
}
}
} catch (SMSException smse) {
" SM Updates to special users will not reflect", smse);
}
return 0;
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#assignService(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.lang.String,
* com.sun.identity.sm.SchemaType, java.util.Map)
*/
throws IdRepoException, SSOException {
};
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#create(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Map)
*/
throws IdRepoException, SSOException {
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED,
args);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#delete(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
throws IdRepoException, SSOException {
// Need to support delete for anonymous only
try {
// Obtain userconfig and delete anonymous user
} catch (SMSException smse) {
smse);
args);
}
}
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getAssignedServices(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Map)
*/
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set)
*/
}
}
return resultMap;
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
throws IdRepoException, SSOException {
try {
// Get SubConfig of the user
// Return without the userPassword attribute
// BugID: 6309830
// The passwords for these would
// be returned from AMSDK plugin
}
// Add the AMSDK root suffix to the DN attribute
return (answer);
}
// User not found, thrown exception
args);
} catch (SMSException smse) {
smse);
args);
}
}
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED,
args);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getBinaryAttributes(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set)
*/
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#setBinaryAttributes(
* com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType,
* java.lang.String, java.util.Map, boolean)
*/
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getMembers(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String,
* com.sun.identity.idm.IdType)
*/
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED,
args);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getMemberships(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String,
* com.sun.identity.idm.IdType)
*/
return (Collections.EMPTY_SET);
}
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED,
args);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getServiceAttributes(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.lang.String,
* java.util.Set)
*/
// Check if the name is present
return (Collections.EMPTY_MAP);
}
// Throw exception otherwise
throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.PLUGIN_OPERATION_NOT_SUPPORTED,
args);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getBinaryServiceAttributes(
* com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType,
* java.lang.String, java.util.Set)
*/
throws IdRepoException, SSOException {
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#isExists(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
throws IdRepoException, SSOException {
return true;
}
return (false);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#modifyMemberShip(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set,
* com.sun.identity.idm.IdType, int)
*/
throws IdRepoException, SSOException {
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#modifyService(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.lang.String,
* com.sun.identity.sm.SchemaType, java.util.Map)
*/
throws IdRepoException, SSOException {
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#removeAttributes(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Set)
*/
};
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#removeListener()
*/
public void removeListener() {
}
//unfortunately, because reposervice is special this is required to
//make sure any old lingering object would be cleaned.
try {
} catch (SSOException ssoe) {
// listener should be removed in first try. ignoring any error
} catch (SMSException smse) {
// listener should be removed in first try. ignoring any error
}
}
repoListener = null;
}
throws IdRepoException, SSOException {
if (crestQuery.hasQueryFilter()) {
throw new IdRepoException("SpecialRepo search does not support query filters");
}
try {
// Support aliasing for "uid" at least..
} else {
// pattern is "*" and avPairs is not empty, so return
// empty results
}
}
// If wild card is used for pattern, do a search else a lookup
} else {
break;
}
}
}
// Return without the userPassword attribute
// BugID: 6309830
// The passwords for these would
// be returned from LDAP
}
// Add the AMSDK root suffix to the DN attribute
}
}
type);
} else {
}
} catch (SMSException smse) {
smse);
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#setAttributes(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.util.Map,
* boolean)
*/
if (!isAmAdminUser(token)) {
}
try {
// For performance reason check if the user entry
// is present before getting the subConfig
// can only set "userpassword" and "inetUserStatus"
"userpassword")) != null) {
newPassword = val;
// if user is URL Access Agent,
// urlAccessAgentCryptPwd will be set; otherwise
// urlAccessAgentCryptPwd will be null.
if (isUrlAccessAgent) {
}
}
}
statusAttribute)) != null) {
}
cnAttribute)) != null) {
}
snAttribute)) != null) {
}
gnAttribute)) != null) {
}
empNumAttribute)) != null) {
}
aliasAttribute)) != null) {
}
successAttribute)) != null) {
}
failureAttribute)) != null) {
}
mailAttribute)) != null) {
}
addrAttribute)) != null) {
}
msisdnAttribute)) != null) {
}
phoneAttribute)) != null) {
}
// If password is changed for dsameuser, need to
// update serverconfig.xml and directory
.doPrivileged(new AdminPasswordAction());
try {
} catch (Exception e) {
+ "changing password", e);
}
}
} else {
args);
}
} catch (SMSException smse) {
smse);
args);
}
} else {
}
}
throws IdRepoException, SSOException {
if (urlAccessAgentCryptPwd != null) {
try {
map);
} catch (SMSException e) {
} catch (IOException e) {
} catch (ConfigurationException e) {
} catch (UnknownPropertyNameException e) {
// never happen
}
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#unassignService(
* com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String, java.lang.String,
* java.util.Map)
*/
};
} else {
"com.sun.identity.idm.plugins.specialusers.SpecialRepo",
};
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getSupportedOperations(
* com.sun.identity.idm.IdType)
*/
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#getSupportedTypes()
*/
public Set getSupportedTypes() {
return supportedOps.keySet();
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#initialize(java.util.Map)
*/
super.initialize(configParams);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#isActive(com.iplanet.sso.SSOToken,
* com.sun.identity.idm.IdType, java.lang.String)
*/
throws IdRepoException, SSOException {
if (attributes == null) {
}
return true;
} else {
}
}
/* (non-Javadoc)
* @see com.sun.identity.idm.IdRepo#setActiveStatus(
com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType,
java.lang.String, boolean)
*/
throws IdRepoException, SSOException {
if (active) {
} else {
}
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.idm.IdRepo#shutdown()
*/
public void shutdown() {
}
}
}
}
String adminUserDN = DNUtils.normalizeDN(SystemProperties.get(Constants.AUTHENTICATION_SUPER_USER));
try {
return true;
}
}
return false;
}
throws SSOException {
boolean isSpecUser = false;
try {
} catch (SMSException smse) {
isSpecUser = false;
}
}
isSpecUser = true;
}
}
return isSpecUser;
}
private void loadSupportedOps() {
if (debug.messageEnabled()) {
"supportedOps Map = " + supportedOps);
}
}
// Check revision number to determine if root suffix needs
// to be added
try {
} catch (SMSException smse) {
"to determine revision number", smse);
return;
} catch (SSOException ssoe) {
// should not happen
return;
}
}
// In the case of upgrade the DN will have the suffix
// Hence check if it ends with SMS root suffix
// Replace only if the they are different
SMSEntry.getAMSdkBaseDN())) {
}
} else {
}
break;
}
}
}
}
private ServiceConfig getUserConfig()
throws SMSException, SSOException {
}
}
return (userConfigCache);
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.sm.ServiceListener#globalConfigChanged(
* java.lang.String,
* java.lang.String, java.lang.String, java.lang.String, int)
*/
// Send notifcations for users in special users
(repoListener != null)) {
}
}
// Reset special users
specialUsers = null;
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.sm.ServiceListener#organizationConfigChanged(
* java.lang.String,
* java.lang.String, java.lang.String, java.lang.String,
* java.lang.String, int)
*/
// Since special users are in global configuration
// Notifications need not be sent
}
/*
* (non-Javadoc)
*
* @see com.sun.identity.sm.ServiceListener#schemaChanged(java.lang.String,
* java.lang.String)
*/
// Since special users are in global configuration, not schema
// Notifications need not be sent
}
}
return (null);
}
public boolean supportsAuthentication() {
return (true);
}
// Obtain user name and password from credentials and authenticate
if (credentials[i] instanceof NameCallback) {
if (debug.messageEnabled()) {
}
} else if (credentials[i] instanceof PasswordCallback) {
}
}
}
return (false);
}
boolean answer = false;
try {
if (debug.messageEnabled()) {
}
} catch (LoginException le) {
if (debug.warningEnabled()) {
}
if (le instanceof AuthLoginException) {
throw ((AuthLoginException) le);
}
}
return (answer);
}
}