identity/sm/DNMapper.java

bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington/*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * opensso/legal/CDDLv1.0.txt
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * at opensso/legal/CDDLv1.0.txt.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: DNMapper.java,v 1.13 2009/11/20 23:52:56 ww203982 Exp $
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington * Portions Copyrighted 2011-2015 ForgeRock AS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpackage com.sun.identity.sm;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport static org.forgerock.openam.ldap.LDAPUtils.rdnValue;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.ArrayList;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashSet;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Set;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.StringTokenizer;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.shared.debug.Debug;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.openam.ldap.LDAPUtils;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.opendj.ldap.DN;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.opendj.ldap.RDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster/**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This class is used to convert a DN to iplanet UID and vice versa.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpublic class DNMapper {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static Debug debug = SMSEntry.debug;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static HashMap cache = new HashMap(2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // Look for realmEnabled and cache the value.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    protected static boolean realmEnabled = ServiceManager.isRealmEnabled();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington    protected static String serviceDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    // This set is used in reversing the realm names to sdk format.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static boolean migration = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington    static {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        DN dn = DN.valueOf(SMSEntry.baseDN).child(SMSEntry.SERVICES_RDN);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        serviceDN = dn.toString().toLowerCase();
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington    }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Converts orgname which is "/" seperated to DN, else if DN normalize the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * DN and return
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static String orgNameToDN(String orgName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if it is null or empty
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (orgName == null || orgName.trim().length() == 0
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                || orgName.equals(SMSEntry.SLASH_STR)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check in cache
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgdn = (String) cache.get(orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (orgdn != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (orgdn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        /*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * Check if orgName is a valid DN. If so, check if realmEnabled. if
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * realmEnabled, 1) Check if rest of the DN (before the baseDN) has "o"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * as the naming attribute. If not, replace it with 'o' and concat the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * value with the previous naming attribute. eg.,if orgName is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * dc=abc,l=xyz,o=coke,ou=services,dc=iplanet,dc=com then, the final
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * string should be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * o=dc_abc,o=l_xyz,o=coke,ou=services,dc=iplanet,dc=com 2) Check if
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * "ou=services" is present in the orgName. If not add it to the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * orgName.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         */
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        if (!orgName.startsWith("/")) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            DN orgdnObject = LDAPUtils.newDN(orgName);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            if (orgdnObject.size() > 0) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                // If orgName is either the baseDN or root service's DN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                // return the baseDN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                orgdn = orgdnObject.toString();
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                String orgdnlc = orgdn.toLowerCase();
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                // Check if orgdn is a hidden internal realm, if so return
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                if (orgdnlc.startsWith(SMSEntry.SUN_INTERNAL_REALM_PREFIX)) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    orgdn = orgdnObject.rdn().toString() + "," + serviceDN;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // Add to cache and return
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    updateCache(orgName, orgdn);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    return orgdn;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                // Check for root suffix and SMS base DN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                if (orgdnlc.equals(SMSEntry.baseDN) ||
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        orgdnlc.equals(serviceDN) ||
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        orgdnlc.equals(SMSEntry.amsdkbaseDN)) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // Add to cache and return
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    updateCache(orgName, SMSEntry.baseDN);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    return (SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                // If realm is enabled, normalize the DN and return
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                if (realmEnabled) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    int ndx = orgdn.indexOf(serviceDN);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    if (ndx == -1) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        // Check for baseDN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        ndx = orgdn.lastIndexOf(SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    if (ndx > 0) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        orgdn = orgdn.substring(0, ndx - 1);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    int indx = orgdn.lastIndexOf(SMSEntry.COMMA);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    if (indx >= 0) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        if (orgdn.substring(indx).equals(SMSEntry.COMMA)) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                            orgdn = orgdn.substring(0, indx);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    if (debug.messageEnabled()) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        debug.message("DNMapper.orgNameToDN():orgdn " + orgdn);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    String answer = normalizeDN(orgdn) + serviceDN;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    if (debug.messageEnabled()) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        debug.message("DNMapper.orgNameToDN(" + orgName + ")="
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                                + answer);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // Add to cache and return
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    updateCache(orgName, answer);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    return (answer);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                } else if (!migration) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // Check if "ou=services" is present, if present remove it
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    orgdn = replaceString(orgdn, ",ou=services,", ",");
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // Add to cache and return
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    updateCache(orgName, orgdn);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    return (orgdn);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                } else {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // When SMS Migration to 7.0 happens, the coexist mode is
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // 'true' and realm is 'false'. In coexist mode, the
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // 'ou=services' gets removed. But we need the new realm node
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // for data migration from old DIT to new realm tree.
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // So after creation of the realm during SMSMigration70,
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // we set the DNMapper.migration flag to true to avoid
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // removal of 'ou=services' from the newly formed realm DN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    // and return the orgdn as such to the serviceconfig* class.
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                    return (orgdn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // The org name is "/" separated, construct the DN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        StringBuffer buf = convertToDN(orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (realmEnabled
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                || buf.toString().toLowerCase().indexOf(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        SMSEntry.SUN_INTERNAL_REALM_NAME) != -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            buf.append(",").append(serviceDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } else if (SMSEntry.baseDN.length() > 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            buf.append(",").append(SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.orgNameToDN(" + orgName + ")="
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + buf.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String answer = buf.toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Add to cache
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        updateCache(orgName, answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return (answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    private static void updateCache(String orgName, String realmName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        HashMap ncache = new HashMap(cache);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // %%% TODO Need to check the size and remove least recently used
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ncache.put(orgName, realmName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        cache = ncache;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Converts realm name to AMSDK compliant organization name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static String realmNameToAMSDKName(String realmName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String dn = orgNameToDN(realmName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String dnlc = dn.toLowerCase();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.realmNameToAMSDKName realmName ="
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + realmName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.realmNameToAMSDKName orgDN =" + dn);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check for baseDN and internal hidden realm names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if ((dnlc.equals(SMSEntry.baseDN)) &&
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            (!dnlc.equals(SMSEntry.amsdkbaseDN))) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (SMSEntry.amsdkbaseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (dnlc.equals(SMSEntry.baseDN)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                || dnlc.startsWith(SMSEntry.SUN_INTERNAL_REALM_PREFIX)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // If realm is not enabled, remove "ou=services" node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        StringBuilder buf = new StringBuilder(dn.length());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgAttr = OrgConfigViaAMSDK.getNamingAttrForOrg();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // If orgAttr is null or is "o", return after removing "ou=services"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (orgAttr == null
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                || orgAttr.equalsIgnoreCase(SMSEntry.ORGANIZATION_RDN)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String answer = replaceString(dn, ",ou=services,", ",");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                debug.message("DNMapper.realmNameToAMSDKName sdkName ="
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        + answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return (answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Remove the baseDN and parse the DN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int index = dnlc.indexOf(serviceDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (index == -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Try the baseDN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            index = dnlc.indexOf(SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String answer = (index == -1) ? dn : dn.substring(0, index - 1);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        DN answerDN = DN.valueOf(answer);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        for (RDN rdn : answerDN) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            buf.append(orgAttr).append(SMSEntry.EQUALS).append(rdnValue(rdn));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            buf.append(',');
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Append baseDN and return
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        buf.append(SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.realmNameToAMSDKName sdkName ="
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + buf.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return (buf.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Returns realm name in "/" separated format for the provided
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * realm/organization name in DN format.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @param orgName Name of organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @return DN format "/" separated realm name of organization name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    public static String orgNameToRealmName(String orgName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if ((orgName == null) || (orgName.length() == 0)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return "/";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (orgName.equalsIgnoreCase(SMSEntry.baseDN) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            orgName.equalsIgnoreCase(serviceDN)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return "/";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        if (!orgName.contains("=")) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            return orgName;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        DN orgdnObject = DN.valueOf(orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        StringBuilder answer = new StringBuilder(100);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        answer.append("/");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Set resultSet = new HashSet(2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        resultSet.add(orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        // Check if orgName ends with baseDN or serviceDN
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        String orgdn = orgdnObject.toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgdnlc = orgdn.toLowerCase();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        Set returnSet = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (orgdnlc.endsWith(serviceDN)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            returnSet = SMSEntry.parseResult(resultSet, serviceDN, true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        } else if (orgdnlc.endsWith(SMSEntry.baseDN)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            returnSet = SMSEntry.parseResult(resultSet, serviceDN, true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (returnSet != null && !returnSet.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            answer.append(returnSet.iterator().next().toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return (answer.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Splits a string and returns the tokens.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @param str original String.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @return a String Array object of tokens after split.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static String[] splitString(String str) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String[] strArray = new String[2];
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int idx = str.indexOf('=');
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (idx != -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            strArray[0] = str.substring(0, idx).trim();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            strArray[1] = str.substring(idx + 1).trim();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return strArray;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Replaces a string with another string in a String object.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @param originalString original String.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @param token string to be replaced.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @param newString new string to replace token.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * @return a String object after replacement.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static String replaceString(String originalString, String token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String newString) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int lenToken = token.length();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int idx = originalString.indexOf(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (!originalString.startsWith(SMSEntry.SLASH_STR)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (idx >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                int slashndx =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    originalString.substring(idx).indexOf(SMSEntry.SLASH_STR);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                // This is to escape "/" embedded in realm names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                while (slashndx != -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    originalString = originalString.substring(0, slashndx) +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        "&#47;" + originalString.substring(slashndx+1);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    slashndx =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        originalString.indexOf(SMSEntry.SLASH_STR, slashndx+5);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (idx != -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            originalString = originalString.substring(0, idx) + newString
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    + originalString.substring(idx + lenToken);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            idx = originalString.indexOf(token, idx + lenToken);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.replaceString() " + originalString);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return originalString;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Normalized the DN as per the Realm requirements for organization name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static String normalizeDN(String orgName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String orgAttr = "";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        StringBuilder buf = new StringBuilder(orgName.length());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.normalizeDN():orgName "+ orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (!realmEnabled) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            orgAttr = OrgConfigViaAMSDK.getNamingAttrForOrg();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        String placeHold = (realmEnabled) ? SMSEntry.ORGANIZATION_RDN : orgAttr;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        DN dn = DN.valueOf(orgName);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        for (RDN rdn : dn) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check if orgName is a hidden internal realm,if so prepend with o
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (orgName.toLowerCase().
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                startsWith(SMSEntry.SUN_INTERNAL_REALM_PREFIX)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                buf.append(SMSEntry.ORGANIZATION_RDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                buf.append(placeHold);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            buf.append(SMSEntry.EQUALS).append(rdnValue(rdn)).append(SMSEntry.COMMA);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        debug.message("DNMapper.normalizeDN():finalorgdn {}", buf);
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        return buf.toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     * Converts "/" separted organization names to DN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster     */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static StringBuffer convertToDN(String orgName) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        StringBuffer buf = new StringBuffer();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        String placeHold = (realmEnabled) ? SMSEntry.ORGANIZATION_RDN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                : OrgConfigViaAMSDK.getNamingAttrForOrg();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ArrayList arr = new ArrayList();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        StringTokenizer strtok = new StringTokenizer(orgName, "/");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        while (strtok.hasMoreElements()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String token = strtok.nextToken().trim();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (token != null && token.length() != 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                arr.add(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int size = arr.size();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        for (int i = 0; i < size; i++) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String theOrg = (String) arr.get(size - i - 1);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            // Check if orgdn is a hidden internal realm, if so prepend with o
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (theOrg.toLowerCase().startsWith(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    SMSEntry.SUN_INTERNAL_REALM_NAME)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                placeHold = SMSEntry.ORGANIZATION_RDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            buf.append(placeHold);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            buf.append('=').append(theOrg);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (i != size - 1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                buf.append(',');
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            debug.message("DNMapper.convertToDN():finalorgdn "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                buf.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        if ((buf.toString()).indexOf("&#47;") >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            String realmName = SMSSchema.unescapeName(buf.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                debug.message("DNMapper.convertToDN():realmName "+realmName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            StringBuffer newBuf =  new StringBuffer();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            newBuf.append(realmName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            buf = newBuf;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            if (debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                debug.message("DNMapper.convertToDN():newRealmName "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    buf.toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        return (buf);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    static void clearCache() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        cache = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        realmEnabled = ServiceManager.isRealmEnabled();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster}