SubjectTypeManager.java revision a14393818a78c503f7715c393044b33c86e90195
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SubjectTypeManager.java,v 1.5 2009/01/28 05:35:01 ww203982 Exp $
*
* Portions Copyrighted 2014-2015 ForgeRock AS.
*/
/**
* The class <code>SubjectTypeManager</code> provides
* methods to get a list of configured <code>Subject
* </code> objects, and to obtain a factory object for it.
*
* @supported.all.api
* @deprecated since 12.0.0
*/
public class SubjectTypeManager {
private PolicyManager pm;
private ResourceBundle rb;
private static AMResourceBundleCache amCache =
private String pmRealmName;
/**
* Constructs a <code>SubjectTypeManager</code> object
*/
protected SubjectTypeManager() throws SSOException {
lstr);
}
/**
* Constructs a <code>SubjectTypeManager</code> object
* @param pm <code>PolicyManager</code> to initialize
* <code>SubjectTypeManager</code> with
*/
try {
} catch (SSOException ex) {
"SubjectTypeManager:Unable to retreive locale from SSOToken",
ex);
}
if (debug.messageEnabled()) {
}
}
/**
* Returns a set of all valid subject type names defined by the policy
* service.
* Examples are <code>LDAPRole</code>, <code>LDAPGroup</code>, etc.
*
* @return a set of all valid subject type names defined by the policy
* service.
* @throws SSOException if the <code>SSOToken</code> used to create
* the <code>PolicyManager</code> has become invalid
* @throws PolicyException for any other abnormal condition
*/
}
/**
* Returns a set of valid subject type names configured for the
* organization.
* Examples are <code>LDAPRole</code>, <code>LDAPGroup</code>, etc.
*
* @return a set of valid subject type names configured for the
* organization.
* @throws SSOException if the <code>SSOToken</code> used to create
* the <code>PolicyManager</code> has become invalid
* @throws PolicyException for any other abnormal condition
*/
if (policyConfig != null) {
}
if ( selectedSubjects == null) {
}
return selectedSubjects;
}
/**
* Returns the type of the <code>Subject</code> implementation.
* For example <code>LDAPRoles</code>, <code>LDAPGroups</code> etc.
*
* @param subject <code>Subject</code> for which this method will
* return its associated type
*
* @return type of the <code>Subject</code>, e.g., <code>LDAPRoles</code>,
* <code>LDAPGroups</code>, etc. Returns <code>null</code> if
* not present.
*/
return (subjectTypeName(subject));
}
/**
* Returns the I18N properties file name that should be
* used to localize display names for the given
* subject type.
*
* @param subjectType subject type name
*
* @return i18n properties file name
*/
// %%% Need to get the file name from plugin schema
return (null);
}
/**
* Returns the I18N key to be used to localize the
* display name for the subject type name.
*
* @param subjectType subject type name
*
* @return i18n key to obtain the display name
*/
return (ps.getI18NKey());
}
return (null);
}
/**
* Returns the display name for the subject type
* @param subjectType subject type
* @return display name for the subject type
*/
} else {
}
return displayName;
}
/**
* Returns an instance of the <code>Subject</code> given the subject type
* name.
*
* @param subjectType subject type.
* @return an instance of the <code>Subject</code> given the subject type
* name.
* @throws NameNotFoundException if the <code>Subject</code> for the
* <code>subjectType</code> name is not found
* @throws PolicyException for any other abnormal condition
*/
throws NameNotFoundException, PolicyException {
"invalid_subject", null,
}
// Construct the object
try {
} catch (Exception e) {
throw (new PolicyException(e));
}
//initialize with policy config
return (answer);
}
/**
* Adds a policy subject at realm.
*
* @param subjectName name of the Subject instance
* @param subject Subject object to be added
*
* @throws NameAlreadyExistsException if a Subject with the given name
* already exists at the realm
* @throws InvalidNameException if the subject name is invalid
*
* @throws PolicyException if can not add the Subject
*/
//we really do not use the exclusive flag at realm level
}
/**
* Adds a policy subject at realm.
*
* @param subjectName name of the Subject instance
* @param subject Subject object to be added
*
* @param exclusive boolean flag indicating whether the subject
* is to be exclusive subject. If subject is exclusive,
* policy applies to users who are not members of the
* subject. Otherwise, policy applies to members of the subject.
*
* @throws NameAlreadyExistsException if a Subject with the given name
* already exists at the realm
* @throws InvalidNameException if the subject name is invalid
*
* @throws PolicyException if can not add the Subject
*
*
*/
boolean exclusive)
if (debug.messageEnabled()) {
+ ", in realm:" + pmRealmName);
}
if (realmSubjects == null) {
}
saveSubjects();
if (debug.messageEnabled()) {
+ ", in realm:" + pmRealmName);
}
}
/**
* Removes the subject with the given name from the realm.
* This method would throw PolicyException if the subject
* is being used by any policy.
*
* @param subjectName name of the Subject
*
* @return returns the Subject object being removed,
* returns <code>null</code> if Subject with
* the given subjectName is not present
*
* @throws PolicyException if can not remove the Subject
*/
return removeSubject(subjectName, false);
}
/**
* Removes the subject with the given name from the realm.
* This method would throw PolicyException if the subject
* is being used by any policy unless <code>forcedRemove</code>
* argument is set to <code>true</code>.
* If the <code>forcedRemove</code> argument is set to
* <code>true</code> policies that are using the subject would
* be modified to remove the references to the subject
*
* @param subjectName name of the Subject
* @param forcedRemove if set to <code>true</code>, policies that
* use the subject would be modifed to remove the references
* to the subject. Otherwise, <code>ObjectInUseException</code>
* would be thrown if there is any policy using the subject
*
* @return returns the Subject object being removed,
* returns <code>null</code> if Subject with
* the given subjectName is not present
*
* @throws PolicyException if can not remove the Subject
*/
if (debug.messageEnabled()) {
+ ", in realm:" + pmRealmName);
}
if (realmSubjects == null) {
}
if (forcedRemove) {
policyIter.hasNext();) {
}
} else {
if ( p != null) {
//ObjectInUseException(String rbName, String errCode,
//Object[] args, String name, Object user)
}
}
saveSubjects();
if (debug.messageEnabled()) {
+ ", in realm:" + pmRealmName);
}
return subject;
}
/**
* Replaces an existing subject with the same name by the
* current one at the realm. If a subject with the same name does
* not exist, it will be added.
*
* @param subjectName name of the Subject instance
* @param subject Subject that will replace an existing Subject
* with the same name
*
* @throws NameNotFoundException if a Subject instance
* with the given name is not present
*
* @throws PolicyException if can not replace the Subject
*/
//we really do not use the exclusive flag at realm level
}
/**
* Replaces an existing subject with the same name by the
* current one at the realm. If a subject with the same name does
* not exist, it will be added.
*
* @param subjectName name of the Subject instance
* @param subject Subject that will replace an existing Subject
* with the same name
*
* @param exclusive boolean flag indicating whether the subject
* is to be exclusive subject. If subject is exclusive,
* policy applies to users who are not members of the
* subject. Otherwise, policy applies to members of the subject.
*
* @throws NameNotFoundException if a Subject instance
* with the given name is not present
*
* @throws PolicyException if can not replace the Subject
*
*
*/
boolean exclusive)
if (debug.messageEnabled()) {
+ ", in realm:" + pmRealmName);
}
if (realmSubjects == null) {
}
saveSubjects();
if (debug.messageEnabled()) {
+ ", in realm:" + pmRealmName);
}
}
/**
* Get the set of names of Subject(s) defined at the realm
*
* @return set of subject names
*/
if (debug.messageEnabled()) {
+ pmRealmName);
}
if (realmSubjects == null) {
}
if (debug.messageEnabled()) {
}
return subjectNames;
}
/**
* Returns the Subject object identified by subjectName defined at
* the realm
*
* @param subjectName name of subject.
*
* @return Subject object
*
* @throws NameNotFoundException if a Subject with the given name
* does not exist
*
* @throws PolicyException if can not get the Subject
*/
throws NameNotFoundException, PolicyException {
if (debug.messageEnabled()) {
}
if (realmSubjects == null) {
}
if (debug.messageEnabled()) {
}
}
throws PolicyException {
if (debug.messageEnabled()) {
}
if (realmSubjects == null) {
}
if (debug.messageEnabled()) {
}
}
/**
* Returns a handle to the Subject object identified by subjectName
* defined at the realm, to add to a policy.
* Returned Subject is backed by
* the Subject at the realm. However, you can not change the values
* using the returned Subject.
*
* @param subjectName name of subject.
*
* @return Subject object
*
* @throws NameNotFoundException if a Subject with the given name
* does not exist
*
* @throws PolicyException if can not get the Subject
*
*/
throws PolicyException {
if (debug.messageEnabled()) {
}
}
if (debug.messageEnabled()) {
}
return subject;
}
/**
* Returns subject type name for the given <code>subject</code>
* @return subject type name for the given <code>subject</code>
*/
return (null);
}
answer = pluginName;
break;
}
}
return (answer);
}
/**
* Returns the view bean URL given the Subject
*
* @param subject subject for which to get the view bean URL
*
* @return view bean URL defined for the subject plugin in the policy
* service <code>PluginSchema</code>.
*/
}
/**
* Returns <code>PolicyManager</code> used by this object
*/
return pm;
}
/**
* Saves the realm scoped <code>Subject</code> objects to persistent store
*/
if (realmSubjects != null) {
}
}
/**
* Initializes the realm scoped <code>Subject</code> objects reading from
* persistent store
*/
private void initRealmSubjects() throws PolicyException {
if (debug.messageEnabled()) {
+ pmRealmName);
}
try {
} catch (SSOException ssoe){
}
if (debug.messageEnabled()) {
+ pmRealmName);
}
}
/**
* Resets the cached realm scoped <code>Subject</code> objects.
* Would read from persistent store on next access to realm scoped
* <code>Subject</code> object
*/
void resetRealmSubjects() {
if (debug.messageEnabled()) {
+ pmRealmName);
}
synchronized(this) {
}
if (debug.messageEnabled()) {
+ pmRealmName);
}
}
}