identity/sm/CreateServiceConfig.java

bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington/*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * opensso/legal/CDDLv1.0.txt
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * at opensso/legal/CDDLv1.0.txt.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: CreateServiceConfig.java,v 1.14 2009/01/28 05:35:03 ww203982 Exp $
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington * Portions Copyrighted 2011-2015 ForgeRock AS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpackage com.sun.identity.sm;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport javax.naming.ldap.Rdn;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.security.AccessController;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport java.util.ArrayList;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Collections;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashSet;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Iterator;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport java.util.List;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Map;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Set;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport com.iplanet.services.util.AMEncryption;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport com.iplanet.sso.SSOException;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport com.iplanet.sso.SSOToken;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport com.iplanet.ums.IUMSConstants;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport com.sun.identity.security.DecodeAction;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport com.sun.identity.shared.xml.XMLUtils;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.openam.ldap.LDAPUtils;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.opendj.ldap.DN;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.opendj.ldap.RDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport org.w3c.dom.Node;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpublic class CreateServiceConfig {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static final String GLOBAL_CONFIG_NODE = "ou=GlobalConfig,";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static final String ORG_CONFIG_NODE = "ou=OrganizationConfig,";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static final String PLUGIN_CONFIG_NODE = "ou=PluginConfig,";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static final String INSTANCES_NODE = "ou=Instances,";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // ----------------------------------------------------------
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // Protected methods
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // ----------------------------------------------------------
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void createService(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ServiceManager sm,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String sName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String version,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Node configNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        AMEncryption decryptObj
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    ) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        createService(sm, sName, version, configNode, false, decryptObj);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void createService(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ServiceManager sm,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String sName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String version,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Node configNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        boolean createRealms,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        AMEncryption decryptObj
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    ) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Make sure schema exists for the given service & version
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SSOToken token = sm.getSSOToken();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ServiceSchemaManagerImpl ssm = ServiceSchemaManagerImpl.getInstance(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                token, sName, version);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Construct the base DN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String baseDN = ServiceManager.getServiceNameDN(sName, version);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkBaseNodes(token, baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check for instance nodes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator insNodes = XMLUtils.getChildNodes(configNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.INSTANCE).iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (insNodes.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node insNode = (Node) insNodes.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String insName = XMLUtils.getNodeAttributeValue(insNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (insName == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insName = SMSUtils.DEFAULT;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String insGroup = XMLUtils.getNodeAttributeValue(insNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.GROUP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (insGroup == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insGroup = SMSUtils.DEFAULT;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String insUri = XMLUtils.getNodeAttributeValue(insNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.URI);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Get Attribute Value Pairs, if any
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Map insAttrs = getAttributeValuePairs(insNode);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            StringBuilder sb = new StringBuilder(100);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            sb.append("ou=").append(insName).append(",").append(INSTANCES_NODE)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    .append(baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token, sb
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    .toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SMSEntry insEntry = cEntry.getSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (insEntry.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                // create the entry
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insEntry = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insEntry.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insEntry.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.OC_SERVICE_COMP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insEntry.addAttribute(SMSEntry.ATTR_SERVICE_ID, insGroup);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (insUri != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    insEntry.addAttribute(SMSEntry.ATTR_LABELED_URI, insUri);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (insAttrs != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.setAttributeValuePairs(insEntry, insAttrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        Collections.EMPTY_SET);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                insEntry.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                cEntry.refresh(insEntry);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                updateSubEntriesNode(token, insEntry.getDN());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                // throw instance already exists exception
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                Object[] args = { sName, version };
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        IUMSConstants.SMS_service_already_exists, args));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Process global configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator globalNodes = XMLUtils.getChildNodes(configNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.GLOBAL_CONFIG).iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (globalNodes.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node globalNode = (Node) globalNodes.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            ServiceSchemaImpl ss = ssm.getSchema(SchemaType.GLOBAL);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String globalGroup = XMLUtils.getNodeAttributeValue(globalNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.GROUP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (globalGroup == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                globalGroup = SMSUtils.DEFAULT;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            StringBuilder sb = new StringBuilder(100);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            sb.append("ou=").append(globalGroup).append(",").append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    GLOBAL_CONFIG_NODE).append(baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            createSubConfig(token, sb.toString(), globalNode, ss, baseDN,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                decryptObj);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Process organization configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator orgNodes = XMLUtils.getChildNodes(configNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.ORG_CONFIG).iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (orgNodes.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node orgNode = (Node) orgNodes.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            ServiceSchemaImpl ss = ssm.getSchema(SchemaType.ORGANIZATION);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String orgGroup = XMLUtils.getNodeAttributeValue(orgNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.GROUP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (orgGroup == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                orgGroup = SMSUtils.DEFAULT;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Construct the org name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String orgDN = SMSEntry.baseDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String orgName = XMLUtils.getNodeAttributeValue(orgNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (orgName != null) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                if (LDAPUtils.isDN(orgName)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    orgDN = orgName;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                } else if (orgName.indexOf('/') != -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    orgDN = DNMapper.orgNameToDN(orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster             }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check if config nodes exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            checkBaseNodesForOrg(token, orgDN, sName, version, createRealms);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // create sub-config node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            StringBuilder sb = new StringBuilder(100);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            sb.append("ou=").append(orgGroup).append(",").append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    ORG_CONFIG_NODE).append("ou=").append(version).append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    ",ou=").append(sName).append(",ou=services,").append(orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            createSubConfig(token, sb.toString(), orgNode, ss, orgDN,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                decryptObj);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Process OrganizationAttributeValuePairs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node orgAttrValuePairNode = XMLUtils.getChildNode(orgNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.ORG_ATTRIBUTE_VALUE_PAIR);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (orgAttrValuePairNode != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                // Get the attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                Map attrs = getAttributeValuePairs(orgAttrValuePairNode);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                OrganizationConfigManager ocm = new
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    OrganizationConfigManager(token, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                ocm.setAttributes(sName, attrs);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Process Plugin configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator pNodes = XMLUtils.getChildNodes(configNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.PLUGIN_CONFIG).iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (pNodes.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node pNode = (Node) pNodes.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String pName = XMLUtils.getNodeAttributeValue(pNode, SMSUtils.NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String schemaName = XMLUtils.getNodeAttributeValue(pNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.PLUGIN_CONFIG_SCHEMA_NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String intName = XMLUtils.getNodeAttributeValue(pNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.PLUGIN_CONFIG_INT_NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String orgName = DNMapper.orgNameToDN(XMLUtils
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    .getNodeAttributeValue(pNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            SMSUtils.PLUGIN_CONFIG_ORG_NAME));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Get the PluginSchema
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            PluginSchemaImpl psi = PluginSchemaImpl.getInstance(token, sName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    version, schemaName, intName, orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check if config nodes exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            checkBaseNodesForOrg(token, orgName, sName, version);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check and create interfaces node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            StringBuilder sb = new StringBuilder(100);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            sb.append("ou=").append(intName).append(",").append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    PLUGIN_CONFIG_NODE).append("ou=").append(version).append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    ",ou=").append(sName).append(",ou=services,").append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            checkAndCreateServiceNode(token, sb.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check and create schema node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            sb.insert(0, ",").insert(0, schemaName).insert(0, "ou=");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            checkAndCreateServiceNode(token, sb.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Create plugin config node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            sb.insert(0, ",").insert(0, pName).insert(0, "ou=");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            createSubConfig(token, sb.toString(), pNode, psi, orgName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                decryptObj);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void createSubConfig(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SSOToken token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String dn,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Node node,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ServiceSchemaImpl ss,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgdn,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        AMEncryption decryptObj
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    ) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Get service id and priority
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String id = XMLUtils.getNodeAttributeValue(node, SMSUtils.SERVICE_ID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String priority = XMLUtils.getNodeAttributeValue(node,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.PRIORITY);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Get the attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Map attrs = getAttributeValuePairs(node);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if ((decryptObj != null) && (attrs != null) && !attrs.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            for (Iterator i = attrs.keySet().iterator(); i.hasNext(); ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                String attrName = (String)i.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                AttributeSchemaImpl as = ss.getAttributeSchema(attrName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                AttributeSchema.Syntax syntax = as.getSyntax();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (syntax.equals(AttributeSchema.Syntax.ENCRYPTED_PASSWORD) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    syntax.equals(AttributeSchema.Syntax.PASSWORD)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    Set values = (Set) attrs.get(attrName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    if ((values != null) && !values.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        Set decoded = new HashSet(values.size() * 2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        for (Iterator j = values.iterator(); j.hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            decoded.add(AccessController.doPrivileged(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                new DecodeAction((String) j.next(),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                decryptObj)));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        attrs.put(attrName, decoded);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Create the LDAP entry
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        createSubConfigEntry(token, dn, ss, id, priority, attrs, orgdn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check for further sub-configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator subConfigs = XMLUtils.getChildNodes(node, SMSUtils.SUB_CONFIG)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                .iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (subConfigs.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node subConfigNode = (Node) subConfigs.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String subConfigName = XMLUtils.getNodeAttributeValue(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    subConfigNode, SMSUtils.NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String subConfigID = XMLUtils.getNodeAttributeValue(subConfigNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.SERVICE_ID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (subConfigID == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                subConfigID = subConfigName;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            createSubConfig(token, ("ou=" + subConfigName + "," + dn),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                subConfigNode, ss.getSubSchema(subConfigID), orgdn, decryptObj);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void createSubConfigEntry(SSOToken token, String dn,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            ServiceSchemaImpl ss, String id, String priority, Map attrs,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String orgDN) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Construct the SMSEntry for the node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SMSEntry entry = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if ((ss == null) || !entry.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SMSEntry.debug.error(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            "CreateServiceConfig.createSubConfigEntry: Entry already exists: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throw (new ServiceAlreadyExistsException(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    IUMSConstants.SMS_service_already_exists_no_args, null));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Add LDAP objectclasses
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        entry.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        entry.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_SERVICE_COMP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (attrs != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Validate the attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            ss.validateAttributes(token, attrs, true, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SMSUtils.setAttributeValuePairs(entry, attrs, ss
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    .getSearchableAttributeNames());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (id != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            entry.addAttribute(SMSEntry.ATTR_SERVICE_ID, id);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (priority != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            entry.addAttribute(SMSEntry.ATTR_PRIORITY, priority);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Save the entry, and add to cache
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        entry.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        cEntry.refresh(entry);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        updateSubEntriesNode(token, entry.getDN());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void checkBaseNodesForOrg(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SSOToken token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgDN,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String sName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String version
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    ) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkBaseNodesForOrg(token, orgDN, sName, version, false);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void checkBaseNodesForOrg(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SSOToken token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgDN,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String sName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String version,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        boolean createRealms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    ) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if org exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SMSEntry entry = new SMSEntry(token, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (entry.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Organization does not exists, create if needed
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (createRealms) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                createOrganization(token, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                Object[] args = { orgDN };
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    "sms-org-doesnot-exist", args));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if services node exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String dn = "ou=services," + orgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateOrgUnitNode(token, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if service node exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        dn = "ou=" + sName + "," + dn;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateServiceNode(token, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if verion node exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        dn = "ou=" + version + "," + dn;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateServiceVersionNode(token, dn, sName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check orgUnit node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (orgDN.equalsIgnoreCase(SMSEntry.getRootSuffix())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Create all based nodes for root realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            checkBaseNodes(token, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // create only organization config
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            checkAndCreateOrgUnitNode(token, ORG_CONFIG_NODE + dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void checkBaseNodes(SSOToken t, String baseDN) throws SMSException,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check global config node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateOrgUnitNode(t, GLOBAL_CONFIG_NODE + baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateOrgUnitNode(t, ORG_CONFIG_NODE + baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateServiceNode(t, PLUGIN_CONFIG_NODE + baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        checkAndCreateOrgUnitNode(t, INSTANCES_NODE + baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void checkAndCreateOrgUnitNode(SSOToken token, String dn)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SMSEntry e = new SMSEntry(token, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SMSEntry.debug.message("CreateServiceConfig." +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    "checkAndCreateOrgUnitNode() creating entry: " + dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (e.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Add needed object classes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_ORG_UNIT);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            e.save();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void checkAndCreateServiceNode(SSOToken token, String dn)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SMSEntry e = new SMSEntry(token, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (e.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            int ndx = dn.indexOf(SMSEntry.SERVICES_RDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (ndx >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (dn.indexOf(SMSEntry.SERVICES_RDN, ndx+11) >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // Add needed object classes for the 'ou=services' node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // under the subrealms created.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.OC_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // Add needed object classes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.OC_SERVICE_COMP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        e.save();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void checkAndCreateServiceVersionNode(SSOToken t, String dn,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String serviceName) throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        SMSEntry e = new SMSEntry(t, dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (e.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            int ndx = dn.indexOf(SMSEntry.SERVICES_RDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (ndx >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                String firstSvc = dn.substring(ndx);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (firstSvc.indexOf(SMSEntry.SERVICES_RDN) >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // Add needed object classes for the 'ou=services' node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // under the subrealms created.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.OC_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // Add needed object classes and service name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.OC_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.PLACEHOLDER_RDN, serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        e.save();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void updateSubEntriesNode(SSOToken token, String sdn)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Get the name
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        DN dn = DN.valueOf(sdn);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        String name = LDAPUtils.rdnValueFromDn(dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Get the parent DN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        DN parent = dn.parent();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        CachedSubEntries subEntries = CachedSubEntries.getInstanceIfCached(
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            token, parent.toString(), true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (subEntries != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            subEntries.add(name);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // Returns a map that contains attribute value pairs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // %%% This must be moved to XMLUtils
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static Map getAttributeValuePairs(Node n) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (n == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Map answer = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator attrNodes = XMLUtils.getChildNodes(n,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.ATTRIBUTE_VALUE_PAIR).iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (attrNodes.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node attrValuePair = (Node) attrNodes.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node attrNode = XMLUtils.getChildNode(attrValuePair,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.ATTRIBUTE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (attrNode == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                continue;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String attrName = XMLUtils.getNodeAttributeValue(attrNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Set values = XMLUtils.getAttributeValuePair(attrValuePair);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (answer == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                answer = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            answer.put(attrName, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return (answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // Returns a map that contains attribute value pairs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // If 'unescape' is set to false, xml escaped chars will not
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // be unescaped.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static Map getAttributeValuePairs(Node n, boolean unescape) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (n == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Map answer = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Iterator attrNodes = XMLUtils.getChildNodes(n,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSUtils.ATTRIBUTE_VALUE_PAIR).iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (attrNodes.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node attrValuePair = (Node) attrNodes.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Node attrNode = XMLUtils.getChildNode(attrValuePair,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.ATTRIBUTE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (attrNode == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                continue;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String attrName = XMLUtils.getNodeAttributeValue(attrNode,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSUtils.NAME);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Set values =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                XMLUtils.getAttributeValuePair(attrValuePair, unescape);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (answer == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                answer = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            answer.put(attrName, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return (answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * create the sub-organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void createOrganization(SSOToken token, String orgDN)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if the organization already exists
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Normalize DN, so it can be parsed and compared
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            Object args1[] = {orgDN};
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            DN ldapName = DN.valueOf(orgDN);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            orgDN = ldapName.toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (orgDN.length() == 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSEntry.debug.error("CreateServiceConfig."+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    "createOrganization() : Detected invalid characters. "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    "Invalid realm name: "+ args1[0]);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    "sms-invalid-org-name", args1));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SMSEntry e = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (!e.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                SMSEntry.debug.error("Organization already exists: " + orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                throw (new OrganizationAlreadyExistsException(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        IUMSConstants.SMS_organization_already_exists_no_args,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        null));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            // Reverse RDN order
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            List<RDN> rdns = new ArrayList<>();
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            for (RDN rdn : ldapName) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                rdns.add(0, rdn);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Need to start from baseDN, to create intermediate nodes
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            String partdn = rdns.get(0).toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Obtain the baseDN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            int index = 0;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            while (index < rdns.size() - 1 && !partdn.equalsIgnoreCase(DNMapper.serviceDN)) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                partdn = rdns.get(++index).toString() + "," + partdn;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check the intermediate nodes
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            while (index < rdns.size() - 1) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                partdn = rdns.get(++index).toString() + "," + partdn;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                cEntry = CachedSMSEntry.getInstance(token, partdn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                e = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                if (e.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // Create the realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    // Add needed object classes
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_REALM_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.addAttribute(SMSEntry.ATTR_OBJECTCLASS, SMSEntry.OC_TOP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    e.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    cEntry.refresh(e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            SMSEntry.debug.error("CreateServiceConfig: Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + "create organization ", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            throw (new SMSException(SMSEntry.bundle
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    .getString("sms-INVALID_SSO_TOKEN"),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    "sms-INVALID_SSO_TOKEN"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster}