bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington/*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * opensso/legal/CDDLv1.0.txt
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * at opensso/legal/CDDLv1.0.txt.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: OrganizationConfigManager.java,v 1.31 2010/01/20 17:01:36 veiming Exp $
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste * Portions Copyrighted 2011-2016 ForgeRock AS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpackage com.sun.identity.sm;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Collections;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.HashSet;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Iterator;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Map;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.Set;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport java.util.StringTokenizer;
a093731116a8c24d49b903df7602cf586e499b45Phill Cunningtonimport java.util.regex.Pattern;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.openam.ldap.LDAPUtils;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.opendj.ldap.DN;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington
a093731116a8c24d49b903df7602cf586e499b45Phill Cunningtonimport com.iplanet.am.util.SystemProperties;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.sso.SSOException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.sso.SSOToken;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.iplanet.ums.IUMSConstants;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.authentication.util.ISAuthConstants;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.common.CaseInsensitiveHashSet;
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallaceimport com.sun.identity.delegation.DelegationException;
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallaceimport com.sun.identity.delegation.DelegationUtils;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.idm.IdConstants;
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallaceimport com.sun.identity.idm.IdRepoException;
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallaceimport com.sun.identity.idm.plugins.internal.AgentsRepo;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.shared.Constants;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster/**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The class <code>OrganizationConfigManager</code> provides interfaces to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * manage an organization's configuration data. It provides interfaces to create
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and delete organizations, service attributes for organizations and service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * configuration parameters.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <p>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The organization configuration can be managed in a hierarchical manner, and a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * forward slash "/" will be used to separate the name hierarchy. Hence the root
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the organization hierarchy will be represented by a single forward slash
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "/", and sub-organizations will be separated by "/". For example "/a/b/c"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * would represent a "c" sub-organization within "b" which would be a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sub-organization of "a".
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @supported.all.api
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpublic class OrganizationConfigManager {
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Instance variables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private SSOToken token;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String orgName;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String orgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private OrgConfigViaAMSDK amsdk;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private OrganizationConfigManagerImpl orgConfigImpl;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static String orgNamingAttrInLegacyMode;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static Pattern baseDNpattern = Pattern.compile(SMSEntry.getRootSuffix());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster protected static final String SERVICES_NODE = SMSEntry.SERVICES_RDN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + SMSEntry.COMMA + SMSEntry.getRootSuffix();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // set the special characters which are not in realm names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static String specialCharsString = "*|(|)|!|/|=";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static String SEPERATOR = "|";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String CONF_ENABLED =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sun-idrepo-amSDK-config-copyconfig-enabled";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private boolean copyOrgInitialized;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private boolean copyOrgEnabled;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String amSDKOrgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // sunOrganizationAlias in org DIT.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static final String SUNORG_ALIAS = "sunOrganizationAliases";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // associatedDomain in org DIT.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String SUNDNS_ALIAS = "sunDNSAliases";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // sunPreferredDomain in org DIT.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String SUNPREF_DOMAIN = "sunPreferredDomain";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // inetDomainStatus in org DIT.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private String SUNORG_STATUS = "sunOrganizationStatus";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste private static final String SMS_INVALID_SSO_TOKEN = "sms-INVALID_SSO_TOKEN";
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster initializeFlags();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Constructor to obtain an instance of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>OrganizationConfigManager
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * </code> for an organization by providing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * an authenticated identity of the user. The organization name would be "/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * seperated to represent organization hierarchy.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param token
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * single sign on token of authenticated user identity.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param orgName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the organization. The value of <code>null
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * </code> or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "/" would represent the root organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if an error has occurred while getting the instance of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>OrganizationConfigManager
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * </code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public OrganizationConfigManager(SSOToken token, String orgName)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Copy instance variables
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster this.token = token;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster this.orgName = orgName;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Instantiate and validate
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN = orgConfigImpl.getOrgDN();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (migratedTo70 && !registeredForConfigNotifications) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scmr = new ServiceConfigManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.REALM_SERVICE, token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster scmr.addListener(new OrganizationConfigManagerListener());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster registeredForConfigNotifications = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException s) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String installTime = SystemProperties.get(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Constants.SYS_PROPERTY_INSTALL_TIME, "false");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!installTime.equals("true")) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.warning("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "constructor. Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "construct ServiceConfigManager for idRepoService ", s);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw s;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager:Constructor", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (coexistMode) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk = new OrgConfigViaAMSDK(token, DNMapper
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .realmNameToAMSDKName(orgDN), orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (orgNamingAttrInLegacyMode == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgNamingAttrInLegacyMode = getNamingAttrForOrg();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the fully qualified name of the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization from the root
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return the name of the organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getOrganizationName() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the services configured for the organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return service names configured for the organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * configured services.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @deprecated This method has been deprecated, use <code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * getAssignedServices()</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * instead.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Set getConfiguredServices() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (getAssignedServices());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns a set of service schemas to be used for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * creation of an organization. The service schemas contain a list of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attributes and their schema, and will be provided as
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>ServiceSchema</code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return Set of <code>ServiceSchema</code> to be used for creation of an
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service schemas.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Set getServiceSchemas() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Loop through the services and determine the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // organization creation schemas
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set serviceSchemaSet = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set serviceNames = getServiceNames(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceSchemaSet = new HashSet(serviceNames.size() * 2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator names = serviceNames.iterator(); names.hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchemaManager ssm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (String) names.next(), token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchema ss = ssm.getOrganizationCreationSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ss != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceSchemaSet.add(ss);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager:getServiceSchemas"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + " unable to get service schema", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN), ssoe,
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (serviceSchemaSet);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Creates a sub-organization under the current
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization and sets the specified attributes. The sub-organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * created can be only one level below the current organization. For
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * multiple levels this method must be called recursively with the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * corresponding <code>OrganizationConfigManager
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * </code>. The organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name must not have forward slash ("/"). For eg., the actual organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name 'iplanet' cannot be 'iplan/et' because we are using '/' as the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * seperator here. The attributes for the organization can be <code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * null</code>;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * else would contain service name as the key and another <code>Map</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * as the value that would contain the key-values pair for the services.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param subOrgName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the name of the sub-organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Map of attributes for the organization per service. The
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * parameter Map attributes contains another Map as its value,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * which then has attribute names and values. The way it is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * arranged is: Map::attributes --> Key: String::ServiceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Value: Map::svcAttributes Map::svcAttributes --> Key:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * String::AttributeName Value: Set::AttributeValues
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return organization config manager of the newly created
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sub-organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if creation of sub-organization failed, or if creation of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sub-organization is attempted when configuration is not
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * migrated to realms.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public OrganizationConfigManager createSubOrganization(String subOrgName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map attributes) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Since the "Map attributes" can contain more than one service name,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * creation of the sub organization is be achieved in 2 steps. i) create
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the sub-organization without the attributes ii) for the service names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in the Map call setAttributes(...)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean orgExists = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String subOrgDN = normalizeDN(subOrgName, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Check if realm exists, this throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // if realm does not exist
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // This is to avoid duplicate creation of realms.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new OrganizationConfigManager(token, subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager::"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "createSubOrganization() " + "Realm Already Exists.. "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgExists = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException smse) {
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley try {
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley orgExists = !getRealmByAlias(subOrgName).isEmpty();
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley } catch (SSOException e) {
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley SMSEntry.debug.error("OrganizationConfigManager::" +
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley "createSubOrganization:", e);
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley }
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley if (!orgExists) {
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley SMSEntry.debug.message("OrganizationConfigManager::createSubOrganization() New Realm, creating realm: {} - {}", subOrgName, smse);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Object args[] = { subOrgName };
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (orgExists) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sms-organization_already_exists1",
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster args));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringTokenizer st =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new StringTokenizer(specialCharsString, SEPERATOR);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (st.hasMoreTokens()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String obj = (String) st.nextToken();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subOrgName.indexOf(obj) > -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager::"+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "createSubOrganization() : Invalid realm name: "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager::"+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "createSubOrganization() : Detected invalid chars: "+obj);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Object args1[] = {subOrgName};
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.bundle.getString("sms-invalid-org-name"),args1));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden validateOrgName(subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in legacy mode or (realm mode and copy org enabled)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create the AMSDK organization first
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((coexistMode) || (realmEnabled && isCopyOrgEnabled())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.createSubOrganization(subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((realmEnabled || subOrgDN.toLowerCase().startsWith(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.SUN_INTERNAL_REALM_PREFIX))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && getSubOrganizationNames(subOrgName, false).isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CreateServiceConfig.createOrganization(token, subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Update the attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in coexistMode and serviceName is idRepoService
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // the following call sets the attributes to AMSDK organization also.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager ocm = getSubOrgConfigManager(subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((attributes != null) && (!attributes.isEmpty())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator svcNames = attributes.keySet().iterator(); svcNames
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceName = (String) svcNames.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map svcAttributes = (Map) attributes.get(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((svcAttributes != null) && (!svcAttributes.isEmpty())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ocm.setAttributes(serviceName, svcAttributes);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace if (realmEnabled) {
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace AgentsRepo agentsRepo = new AgentsRepo();
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace HashMap config = new HashMap(1);
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace HashSet realmName = new HashSet(1);
3948db5776c85a8126ff4bc5976ab2cd609011a0Mark de Reeper realmName.add(subOrgDN);
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace config.put("agentsRepoRealmName", realmName);
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace try {
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace agentsRepo.initialize(config);
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace agentsRepo.createAgentGroupConfig(token);
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace } catch (IdRepoException ide) {
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace SMSEntry.debug.error("OrganizationConfigManager::"+
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace "createSubOrganization:", ide);
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace }
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace }
0f2e21dd49c993332ef85835d529f39fdb3caa92Sachiko Wallace
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in realm mode and not in legacy mode, default services needs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // to be added.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (realmEnabled && !coexistMode) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster loadDefaultServices(token, ocm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in realm mode and copy org enabled, default services needs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // to be registered for the newly created org/suborg and the
8d3140b524c0e28c0a49dc7c7d481123ef3cfe11Chris Lee // amSDKOrgName/OpenAM Organization is updated with the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // new suborg dn.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (realmEnabled && isCopyOrgEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster registerSvcsForOrg(subOrgName, subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager subOrg =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getSubOrgConfigManager(subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig s =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrg.getServiceConfig(ServiceManager.REALM_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (s != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator items = s.getSubConfigNames().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (items.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig subConfig =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster s.getSubConfig((String) items.next());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subConfig.getSchemaID().equalsIgnoreCase(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster IdConstants.AMSDK_PLUGIN_NAME)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map amsdkConfig = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set vals = new HashSet();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster vals.add(orgNamingAttrInLegacyMode +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.EQUALS +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgName + SMSEntry.COMMA + amSDKOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdkConfig.put("amSDKOrgName", vals);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subConfig.setAttributes(amsdkConfig);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster break;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager::"+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "createSubOrganization:", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle.getString(
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN), SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace if (realmEnabled) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace try {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace if (coexistMode) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace DelegationUtils.createRealmPrivileges(token, orgName);
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace } else {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace OrganizationConfigManager parentOrg =
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace getParentOrgConfigManager();
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace DelegationUtils.copyRealmPrivilegesFromParent(
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace token, parentOrg, ocm);
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace }
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace } catch (SSOException ssoe) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace if (SMSEntry.debug.messageEnabled()) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace SMSEntry.debug.message("Creating delegation permissions for: " +
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace orgName + " failed", ssoe);
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace }
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace } catch (SMSException smse) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace if (SMSEntry.debug.messageEnabled()) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace SMSEntry.debug.message("Creating delegation permissions for: " +
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace orgName + " failed", smse);
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace }
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace } catch (DelegationException de) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace if (SMSEntry.debug.messageEnabled()) {
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace SMSEntry.debug.message("Creating delegation permissions for: " +
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace orgName + " failed", de);
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace }
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace }
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace }
7716b7b7928e4ad575cb03176c2961a5160c7c9eSachiko Wallace
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Return the newly created organization config manager
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (ocm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley private Set getRealmByAlias(String subOrgName) throws SSOException, SMSException {
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley ServiceManager serviceManager = new ServiceManager(token);
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley return serviceManager.searchOrganizationNames(
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley IdConstants.REPO_SERVICE,
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley IdConstants.ORGANIZATION_ALIAS_ATTR, Collections.singleton(subOrgName));
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley }
3dd7ca6258a7bc09310f7523f1568e6c316db460Rich Riley
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden private void validateOrgName(final String subOrgName) throws SMSException {
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden String realm = DNMapper.orgNameToRealmName(subOrgName);
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden int idx = realm.lastIndexOf('/');
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden if (idx > -1 && idx < realm.length() - 1) {
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden realm = realm.substring(idx+1);
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden }
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden
a093731116a8c24d49b903df7602cf586e499b45Phill Cunnington if (InvalidRealmNameManager.getInvalidRealmNames().contains(realm)) {
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden SMSEntry.debug.error("OrganizationConfigManager::createSubOrganization() : Invalid realm name: " +
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden subOrgName + " - clashes with REST endpoint");
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden throw new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden SMSEntry.bundle.getString("sms-invalid-org-name"), new Object[]{ subOrgName });
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden }
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden }
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden
da3717708a8396fc1c8e5bcca7c79205d52d9871Neil Madden
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the names of all sub-organizations.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return set of names of all sub-organizations.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sub-organization names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Set getSubOrganizationNames() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (getSubOrganizationNames("*", false));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException s) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "getSubOrganizationNames() Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "get sub organization names ", s);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw s;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the names of all peer-organizations.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return set of names of all peer-organizations.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * peer-organization names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Set getPeerOrganizationNames() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set getPeerSet = Collections.EMPTY_SET;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (realmEnabled) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager ocmParent =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getParentOrgConfigManager();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getPeerSet = ocmParent.getSubOrganizationNames();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException s) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.warningEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.warning("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "getPeerOrganizationNames() Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "get Peer organization names ", s);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw s;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (getPeerSet);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns names of sub-organizations matching the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given pattern. If the parameter <code>recursive</code> is set to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>true</code>, search will be performed for the entire sub-tree.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The pattern can contain "*" as the wildcard to represent zero or more
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * characters.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param pattern
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * pattern that will be used for searching, where "*" will be the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * wildcard.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param recursive
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if set to <code>true</code> the entire sub-tree will be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * searched for the organization names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return names of sub-organizations matching the pattern.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sub-organization names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Set getSubOrganizationNames(String pattern, boolean recursive)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (realmEnabled) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (orgConfigImpl.getSubOrganizationNames(token, pattern,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster recursive));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Must be in coexistence mode
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (amsdk.getSubOrganizationNames(pattern, recursive));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException s) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "getSubOrganizationNames(String pattern, "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "boolean recursive) Unable to get sub organization "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "names for filter: " + pattern, s);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw s;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Deletes the given sub-organization. If the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * parameter <code>recursive</code> is set to <code>true</code>, then
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the suborganization and the sub-tree will be deleted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If the parameter <code>recursive</code> is set to <code>false</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * then the sub-organization shall be deleted provided it is the leaf node.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If there are entries beneath the sub-organization and if the parameter
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>recursive</code> is set to <code>false</code>, then an
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * exception is thrown that this sub-organization cannot be deleted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param subOrgName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * sub-organization name to be deleted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param recursive
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if set to <code>true</code> the entire sub-tree will be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * deleted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the sub-organization name cannot be found, or if there are
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * entries beneath the sub-organization and if the parameter
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>recursive</code> is set to <code>false</code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void deleteSubOrganization(String subOrgName, boolean recursive)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Should not delete the root realm, should throw exception if
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // attempted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String subOrgDN = normalizeDN(subOrgName, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subOrgDN.equals(SMSEntry.SLASH_STR) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN.equalsIgnoreCase(SMSEntry.getRootSuffix()) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN.equalsIgnoreCase(SERVICES_NODE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Object parms[] = { orgName };
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "OrganizationConfigManager: deleteSubOrganization(" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "Root realm "+orgName + " cannot be deleted. ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sms-cannot_delete_rootsuffix",parms));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Delete the sub-organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager subRlmConfigMgr =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getSubOrgConfigManager(subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster //set the filter "*" to be passed for the search.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set subRlmSet =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subRlmConfigMgr.getSubOrganizationNames("*", true);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (realmEnabled) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry entry = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!recursive) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Check if there are sub organization entries
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // and if exist
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // throw exception that this sub organization cannot be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // deleted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((subRlmSet !=null) && (!subRlmSet.isEmpty())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getString("sms-entries-exists"),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sms-entries-exists"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Obtain the SMSEntry for the suborg and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // sub tree and delete it.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster entry.delete(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh(entry);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "OrganizationConfigManager: deleteSubOrganization(" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "String subOrgName, boolean recursive) Unable to " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "delete sub organization ", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in legacy mode or (realm mode and copy org enabled)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // delete the corresponding organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((coexistMode) || (realmEnabled && isCopyOrgEnabled())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String amsdkName = DNMapper.realmNameToAMSDKName(subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!SMSEntry.getRootSuffix().equalsIgnoreCase(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.getAMSdkBaseDN())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String convOrg = subOrgName;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subOrgName.startsWith("/")) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster convOrg = DNMapper.convertToDN(subOrgName).toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdkName = convOrg + SMSEntry.COMMA + amSDKOrgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.deleteSubOrganization(amsdkName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the <code>OrganizationConfigManager</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * for the given organization name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param subOrgName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the name of the organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return the configuration manager for the given organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the organization name cannot be found or user doesn't have
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * access to that organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public OrganizationConfigManager getSubOrgConfigManager(String subOrgName)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Normalize sub organization name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (new OrganizationConfigManager(token, normalizeDN(subOrgName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN)));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the organization creation attributes for
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return map of organization creation attribute values for service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attributes of the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Map getAttributes(String serviceName) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (Collections.EMPTY_MAP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map attrValues = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Attributes can be obtained only if DIT is migrated to AM 7.0
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (migratedTo70) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Lowercase the service name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = serviceName.toLowerCase();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (cEntry.isDirty() || (coexistMode) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (realmEnabled && isCopyOrgEnabled())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Since AMSDK org notifications will not be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // obtained, the entry must be read again
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry entry = cEntry.getSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map map = SMSUtils.getAttrsFromEntry(entry);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((map != null) && (!map.isEmpty())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator itr = map.keySet().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (itr.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String name = (String) itr.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((name.toLowerCase()).startsWith(serviceName)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set values = (Set) map.get(name);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Remove the serviceName and '-' and return only
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // the attribute name,value.
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley String key;
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley if (!serviceName.isEmpty()) {
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley key = name.substring(serviceName.length() + 1);
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley } else {
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley key = name;
f0f459fc0fdf340eb0324764d31129d6082dff34Rich Riley }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (attrValues == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrValues = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrValues.put(key, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "getAttributes(String serviceName) Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "get Attributes", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in coexistMode and serviceName is idRepoService
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // get attributes from AMSDK organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((coexistMode || (realmEnabled && isCopyOrgEnabled()))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .equalsIgnoreCase(OrgConfigViaAMSDK.IDREPO_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map amsdkMap = amsdk.getAttributes();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map mergesdkMap = new HashMap(2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (amsdkMap != null && !amsdkMap.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set mergeValues = new HashSet(2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator itr = amsdkMap.keySet().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (itr.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String key = (String) itr.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (key.equalsIgnoreCase(SUNDNS_ALIAS) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster key.equalsIgnoreCase(SUNPREF_DOMAIN) ||
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster key.equalsIgnoreCase(SUNORG_ALIAS)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster buildSet(key, amsdkMap, mergeValues);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster mergesdkMap.put(SUNORG_ALIAS, mergeValues);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster mergesdkMap.put(SUNORG_STATUS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (Set) amsdkMap.get(SUNORG_STATUS));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (attrValues == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrValues = mergesdkMap;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrValues.putAll(mergesdkMap);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return ((attrValues == null) ? Collections.EMPTY_MAP : attrValues);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Builds and returns the appropriate Set for the attributes to be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * merged from org and realm if the system is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in intrusive mode (Both org DIT and realm DIT are present).
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This happens when the Copy Config flag is enabled.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private Set buildSet(String attrName, Map attributes, Set resultSet) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set vals = (Set) attributes.get(attrName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((vals != null) && !vals.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster resultSet.addAll(vals);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (resultSet);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Adds organization attributes for the service. If
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the attribute already exists, the values will be appended to it, provided
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * it is a multi-valued attribute. It will throw exception if we try to add
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a value to an attribute which has the same value already.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attrName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the attribute.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param values
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * values for the attribute.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if we try to add a value to an attribute which has the same
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * value already.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void addAttributeValues(String serviceName, String attrName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set values) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName == null || attrName == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (migratedTo70) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Lowercase the servicename
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = serviceName.toLowerCase();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry e = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchemaManager ssm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName, token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchema ss = ssm.getOrganizationCreationSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ss == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getString("sms-SMSSchema_service_notfound"),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sms-SMSSchema_service_notfound"));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map map = new HashMap(2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set newValues = new HashSet(values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map allAttributes = ss.getAttributeDefaults();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set existingValues = (Set)allAttributes.get(attrName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((existingValues != null) && !existingValues.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster newValues.addAll(existingValues);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster map.put(attrName, newValues);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ss.validateAttributes(map);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSUtils.addAttribute(e, serviceName + "-" + attrName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster values, ss.getSearchableAttributeNames());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster e.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh(e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "to add Attribute Values", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in coexistMode and serviceName is idRepoService
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // add the attributes to AMSDK organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (coexistMode
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .equalsIgnoreCase(OrgConfigViaAMSDK.IDREPO_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.addAttributeValues(attrName, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Sets/Creates organization attributes for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service. If the attributes already exists, the given attribute values
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * will replace them.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attribute-values pairs.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the serviceName cannot be found.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void setAttributes(String serviceName, Map attributes)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (migratedTo70) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Lowercase the serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = serviceName.toLowerCase();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry e = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((attributes != null) && (!attributes.isEmpty())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Validate the attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchemaManager ssm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName, token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchema ss = ssm.getOrganizationCreationSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ss.validateAttributes(attributes);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Normalize the attributes with service name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map attrsMap = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator itr = attributes.keySet().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (itr.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String name = (String) itr.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set values = (Set) attributes.get(name);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /*
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * To make the attributes qualified by service name we
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * prefix the attribute names with the service name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsMap.put(serviceName + "-" + name, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Look for old attrs. in the storage and add them too.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map oldAttrs = getAttributes(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator it = oldAttrs.keySet().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (it.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String skey = (String) it.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!attributes.containsKey(skey))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrsMap.put(serviceName + "-" + skey, oldAttrs
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .get(skey));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Set the attributes in SMSEntry
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSUtils.setAttributeValuePairs(e, attrsMap, ss
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getSearchableAttributeNames());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String dataStore = SMSEntry.getDataStore(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Add these OCs only for SunOne DS. Do not add the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // OCs for Active Directory.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Will get WILL_NOT_PERFORM in AD.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((dataStore != null) && !dataStore.equals(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.DATASTORE_ACTIVE_DIR)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // This is for storing organization attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // in top/default realm node. eg.,ou=services,o=isp
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (e.getDN().equalsIgnoreCase(SERVICES_NODE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String[] ocVals = e
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getAttributeValues(SMSEntry.ATTR_OBJECTCLASS);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean exists = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (int ic = 0; ocVals != null
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && ic < ocVals.length; ic++)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ocVals[ic].startsWith(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.OC_SERVICE_COMP)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // OC needs to be added outside the for loop
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // else will throw concurrent mod exception
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster exists = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster break;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!exists) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster e.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.OC_SERVICE_COMP);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (e.getDN().startsWith(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.ORGANIZATION_RDN + SMSEntry.EQUALS)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // This is for storing organization attributes in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // organizations created via sdk through realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // console.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String[] vals = e
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getAttributeValues(SMSEntry.ATTR_OBJECTCLASS);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean rsvcExists = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (int n = 0; vals != null && n < vals.length;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster n++) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (vals[n].equalsIgnoreCase(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.OC_REALM_SERVICE))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // OC needs to be added outside the for loop
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // else will throw concurrent mod exception
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster rsvcExists = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster break;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!rsvcExists) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster e.addAttribute(SMSEntry.ATTR_OBJECTCLASS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.OC_REALM_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Save in backend data store and refresh the cache
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster e.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh(e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "to set Attributes", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in coexistMode and serviceName is idRepoService
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // set the attributes to AMSDK organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((coexistMode || (realmEnabled && isCopyOrgEnabled()))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .equalsIgnoreCase(OrgConfigViaAMSDK.IDREPO_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.setAttributes(attributes);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Removes the given organization creation attribute
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * for the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attrName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of attribute.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the organization attribute for the service to be removed
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * cannot be found, or if the service name cannot be found.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void removeAttribute(String serviceName, String attrName)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName == null || attrName == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (migratedTo70) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry e = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSUtils.removeAttribute(e, serviceName.toLowerCase() + "-"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + attrName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster e.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh(e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "to remove Attribute", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in coexistMode and serviceName is idRepoService
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // remove the attributes to AMSDK organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (coexistMode
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .equalsIgnoreCase(OrgConfigViaAMSDK.IDREPO_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.removeAttribute(attrName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Removes the given organization creation attribute
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * values for the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attrName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of attribute.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param values
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attribute values to be removed.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the organization attribute for the service to be removed
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * cannot be found, or if the service name cannot be found, or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the value cannot be removed.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void removeAttributeValues(String serviceName, String attrName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set values) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName == null || attrName == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (migratedTo70) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cEntry = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (cEntry.isDirty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry e = cEntry.getClonedSMSEntry();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchemaManager ssm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName, token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchema ss = ssm.getOrganizationCreationSchema();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map map = new HashMap(2);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster map.put(attrName, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ss.validateAttributes(map);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSUtils.removeAttributeValues(e, serviceName.toLowerCase()
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "-" + attrName, values, ss
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getSearchableAttributeNames());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster e.save(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster cEntry.refresh(e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "to remove Attribute Values", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If in coexistMode and serviceName is idRepoService
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // remove the attributes to AMSDK organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (coexistMode
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster && serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .equalsIgnoreCase(OrgConfigViaAMSDK.IDREPO_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.removeAttributeValues(attrName, values);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the service configuration object for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given service name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of a service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return service configuration object for the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration, or if the service name cannot be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * found.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public ServiceConfig getServiceConfig(String serviceName)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scmgr = new ServiceConfigManager(serviceName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig scg = scmgr.getOrganizationConfig(orgName, null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (scg);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "get Service Config", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste }
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste }
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste ServiceSchema getServiceSchema(String serviceName) throws SMSException {
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste try {
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste return new ServiceSchemaManager(serviceName, token).getOrganizationSchema();
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste } catch (SSOException ssoe) {
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMSEntry.debug.error("OrganizationConfigManager: Unable to get Service Schema", ssoe);
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste throw new SMSException(SMSEntry.bundle.getString(SMS_INVALID_SSO_TOKEN), SMS_INVALID_SSO_TOKEN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Adds a service configuration object for the given
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service name for this organization. If the service has been already added
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a <code>SMSException</code> will be thrown.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration attributes.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return service configuration object.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the service configuration has been added already.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public ServiceConfig addServiceConfig(String serviceName, Map attributes)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManagerImpl scmi = ServiceConfigManagerImpl
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getInstance(token, serviceName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.getVersion(serviceName));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigImpl sci = scmi.getOrganizationConfig(token, orgName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (sci == null || sci.isNewEntry()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scm = new ServiceConfigManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName, token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (scm.createOrganizationConfig(orgName, attributes));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "ServiceConfig already exists: " + sci.getDN());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getString("sms-service_already_exists1")));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "add Service Config", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Removes the service configuration object for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given service name for this organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the service name cannot be found, or not added to the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void removeServiceConfig(String serviceName) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scm = new ServiceConfigManager(serviceName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster scm.deleteOrganizationConfig(orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: Unable to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "delete Service Config", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Registers for changes to organization's
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * configuration. The object will be called when configuration for this
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization is changed.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param listener
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * callback object that will be invoked when organization
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * configuration has changed
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return an ID of the registered listener.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String addListener(ServiceListener listener) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (orgConfigImpl.addListener(listener));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Removes the listener from the organization for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * given listener ID. The ID was issued when the listener was registered.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param listenerID
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the listener ID issued when the listener was registered
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void removeListener(String listenerID) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgConfigImpl.removeListener(listenerID);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns normalized DN for realm model
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static String normalizeDN(String subOrgName, String orgDN) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Return orgDN if subOrgName is either null or empty
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subOrgName == null || subOrgName.length() == 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager."
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "normalizeDN()-subOrgName " + subOrgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String subOrgDN = null;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington if (LDAPUtils.isDN(subOrgName) && (!subOrgName.startsWith("///"))) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster int ndx = subOrgName.lastIndexOf(DNMapper.serviceDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ndx == -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Check for baseDN
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ndx = subOrgName.lastIndexOf(SMSEntry.getRootSuffix());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ndx > 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgName = subOrgName.substring(0, ndx - 1);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = DNMapper.normalizeDN(subOrgName) + orgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (subOrgName.indexOf('/') != -1) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String tmp = DNMapper.convertToDN(subOrgName).toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager."
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "normalizeDN()-slashConvertedString: " + tmp);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (tmp != null && tmp.length() > 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (tmp.charAt(tmp.length() - 1) == ',') {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = tmp + DNMapper.serviceDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster int dx = tmp.indexOf(SMSEntry.COMMA);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (dx >= 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = tmp + SMSEntry.COMMA + DNMapper.serviceDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = tmp + SMSEntry.COMMA + orgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = orgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (subOrgName.startsWith(SMSEntry.SUN_INTERNAL_REALM_NAME)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = SMSEntry.ORG_PLACEHOLDER_RDN + subOrgName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + SMSEntry.COMMA + DNMapper.serviceDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (coexistMode) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = orgNamingAttrInLegacyMode + SMSEntry.EQUALS
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + subOrgName + SMSEntry.COMMA
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + DNMapper.realmNameToAMSDKName(orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgDN = SMSEntry.ORG_PLACEHOLDER_RDN + subOrgName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + SMSEntry.COMMA + orgDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager::"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "normalizeDN() suborgdn " + subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns all service names configured for AM
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static Set getServiceNames(SSOToken token) throws SMSException,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Get the service names from ServiceManager
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSubEntries cse = CachedSubEntries.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster DNMapper.serviceDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (cse.getSubEntries(token));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns a set of service names that can be assigned
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to a realm. This set excludes name of services that are already assigned
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * to the realm and services that are required for the existence of a realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return a set of service names that can be assigned to a realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Set getAssignableServices() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Get all service names, and remove the assigned services
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Set containing service names that has organization schema
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgSchemaServiceNames = new HashSet();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator names = getServiceNames(token).iterator(); names
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceName = (String) names.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchemaManagerImpl ssmi = ServiceSchemaManagerImpl
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .getInstance(token, serviceName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.getVersion(serviceName));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (ssmi.getSchema(SchemaType.ORGANIZATION) != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Need to check if the user has permission
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // to add/assign the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster StringBuilder d = new StringBuilder(100);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Need to construct
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // "ou=default,ou=organizationconfig,ou=1.0,ou="
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster d.append(SMSEntry.PLACEHOLDER_RDN).append(SMSEntry.EQUALS)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .append(SMSUtils.DEFAULT).append(SMSEntry.COMMA)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .append(CreateServiceConfig.ORG_CONFIG_NODE)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .append(SMSEntry.PLACEHOLDER_RDN).append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.EQUALS).append("1.0").append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.COMMA).append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.PLACEHOLDER_RDN).append(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.EQUALS);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Append service name, and org name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster d.append(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!orgDN.equalsIgnoreCase(DNMapper.serviceDN)) {
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington d.append(SMSEntry.COMMA).append(SMSEntry.SERVICES_RDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster d.append(SMSEntry.COMMA).append(orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // The function will throw exception if
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // user does not have permissions
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.getDelegationPermission(token, d.toString(),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.modifyActionSet);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgSchemaServiceNames.add(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException smse) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (smse.getExceptionCode() !=
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSException.STATUS_NO_PERMISSION)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (smse);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Need to remove mandatory services
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // %%% TODO. Need to have SMS Service with this information
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // orgSchemaServiceNames.removeAll(getMandatoryServices());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager."
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "getAssignableServices(): SSOException", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Remove assigned services
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster HashSet answer = new HashSet(orgSchemaServiceNames);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster answer.removeAll(getAssignedServices());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (answer);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns a set of service names that are assigned to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return a set of service names that are assigned to a realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public Set<String> getAssignedServices() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (getAssignedServices(true));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns a set of service names that are assigned to a realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param includeMandatory
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * <code>true</code> to include mandatory service names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return a set of service names that are assigned to a realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell public Set<String> getAssignedServices(boolean includeMandatory)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster validateConfigImpl();
3fc1b5e9b2ff286cd528a06154cc998198de1e70Craig McDonnell Set<String> assignedServices = Collections.EMPTY_SET;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (coexistMode) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Get assigned services from OrgConfigViaAMSDK
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster assignedServices = amsdk.getAssignedServices();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Get assigned service names from OrganizationConfigManagerImpl
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster assignedServices = orgConfigImpl.getAssignedServices(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!includeMandatory) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Get services assigned by default
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set ds = ServiceManager.requiredServices();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster assignedServices.removeAll(ds);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (assignedServices);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Assigns the given service to the orgnization with
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the respective attributes. If the service has been already added a <code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * SMSException</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * will be thrown.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the service configuration has been added already.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void assignService(String serviceName, Map attributes)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster addServiceConfig(serviceName, attributes);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns attributes configured for the service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return a map of attributes for the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if there is an error accessing the data store to read the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service configuration, or if the service name cannot be
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * found.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Map getServiceAttributes(String serviceName) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig scg = getServiceConfig(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (scg == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Object args[] = { serviceName };
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "OrganizationConfigManager.getServiceAttributes() Unable " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "to get service attributes. ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(IUMSConstants.UMS_BUNDLE_NAME,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "sms-no-organization-schema",
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster args));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (scg.getAttributes());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Unassigns the service from the organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the service name cannot be found or assigned, or if the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service is a mandatory service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void unassignService(String serviceName) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // if (coexistMode) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // amsdk.unassignService(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster removeServiceConfig(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Sets the attributes related to provided service.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The assumption is that the service is already assigned to the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization. The attributes for the service are validated against the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * service schema.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param serviceName
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * name of the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attributes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * attributes of the service
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if the service name cannot be found or not assigned to the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void modifyService(String serviceName, Map attributes)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getServiceConfig(serviceName).setAttributes(attributes);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager.modifyService "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "SSOException in modify service ", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public String getNamingAttrForOrg() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return OrgConfigViaAMSDK.getNamingAttrForOrg();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Returns the <code>OrganizationConfigManager</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the parent for the given organization name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return the configuration manager of the parent for the given
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @throws SMSException
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * if user doesn't have access to that organization.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public OrganizationConfigManager getParentOrgConfigManager()
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager ocm = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String parentDN = null;
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington if (LDAPUtils.isDN(orgDN)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (orgDN.equalsIgnoreCase(DNMapper.serviceDN)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (this);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington parentDN = DN.valueOf(orgDN).parent().toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager."
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "getParentOrgConfigManager() parentDN : " + parentDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (parentDN != null && parentDN.length() > 0) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ocm = new OrganizationConfigManager(token, parentDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return ocm;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Loads default services to a newly created realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void loadDefaultServices(SSOToken token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager ocm) throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Check if DIT has been migrated to 7.0
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (!migratedTo70) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set defaultServices = ServiceManager.servicesAssignedByDefault();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Load the default services automatically
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager parentOrg = ocm.getParentOrgConfigManager();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (defaultServices == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // There are no services to be loaded
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set assignedServices = new CaseInsensitiveHashSet(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster parentOrg.getAssignedServices());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "::loadDefaultServices " + "assignedServices : "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + assignedServices);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean doAuthServiceLater = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster boolean doAuthHttpBasicLater = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceName = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Copy service configuration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator items = defaultServices.iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (items.hasNext() || doAuthHttpBasicLater || doAuthServiceLater) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (items.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = (String) items.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName.equals(ISAuthConstants.AUTH_SERVICE_NAME)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster doAuthServiceLater = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster continue;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (serviceName.equals(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ISAuthConstants.AUTH_HTTP_BASIC_SERVICE_NAME)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster doAuthHttpBasicLater = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster continue;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (doAuthHttpBasicLater) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = ISAuthConstants.AUTH_HTTP_BASIC_SERVICE_NAME;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster doAuthHttpBasicLater = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else if (doAuthServiceLater) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = ISAuthConstants.AUTH_SERVICE_NAME;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster doAuthServiceLater = false;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "::loadDefaultServices:ServiceName " + serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig sc = parentOrg.getServiceConfig(serviceName);
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste ServiceSchema ss = parentOrg.getServiceSchema(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map attrs = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (sc != null && assignedServices.contains(serviceName)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrs = sc.getAttributesWithoutDefaults();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .message("OrganizationConfigManager"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "::loadDefaultServices "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "Copying service from parent: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig scn = ocm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .addServiceConfig(serviceName, attrs);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Copy sub-configurations, if any
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste copySubConfig(sc, scn, ss);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "OrganizationConfigManager.loadDefaultServices " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SSOException in loading default services ",
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throw (new SMSException(SMSEntry.bundle
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste .getString(SMS_INVALID_SSO_TOKEN),
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Registers default services to newly created suborganizations.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private void registerSvcsForOrg(String subOrgName, String subOrgDN)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set defaultServices =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.servicesAssignedByDefault();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager::"+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "registerSvcsForOrg. "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "defaultServices : " + defaultServices);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Register the default services to the newly created orgs,so
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // they will be marked with the OC sunRegisteredServiceName.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (defaultServices != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set assignedServices = amsdk.getAssignedServices();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager::" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "registerSvcsForOrg:assignedServices: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster assignedServices);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator items = defaultServices.iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceName = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.getRootSuffix().equalsIgnoreCase(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.getAMSdkBaseDN())) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk = new OrgConfigViaAMSDK(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgNamingAttrInLegacyMode + SMSEntry.EQUALS +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgName + SMSEntry.COMMA +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster DNMapper.realmNameToAMSDKName(orgDN), subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } else {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk = new OrgConfigViaAMSDK(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgNamingAttrInLegacyMode + SMSEntry.EQUALS +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster subOrgName + SMSEntry.COMMA + amSDKOrgDN, subOrgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (items.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName = (String) items.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (assignedServices.contains(serviceName)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "OrganizationConfigManager::"+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "registerSvcsForOrg:ServiceName : " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk.assignService(serviceName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException smse) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Unable to load default services
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.warningEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.warning("OrganizationConfigManager::" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "registerSvcsForOrg. " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SMSException in registering services: ", smse);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copies service configurations recursively from source to destination
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste static void copySubConfig(ServiceConfig from, ServiceConfig to, ServiceSchema serviceSchema)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster throws SMSException, SSOException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set subConfigNames = from.getSubConfigNames();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator items = subConfigNames.iterator(); items.hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String subConfigName = (String) items.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig scf = from.getSubConfig(subConfigName);
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste ServiceSchema subSchema = serviceSchema.getSubSchema(scf.getSchemaID());
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste if (subSchema.isRealmCloneable()) {
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste to.addSubConfig(subConfigName, scf.getSchemaID(), scf.getPriority(), scf.getAttributesWithoutDefaults());
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste ServiceConfig sct = to.getSubConfig(subConfigName);
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste copySubConfig(scf, sct, subSchema);
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster /**
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Determines whether an organization ought to be created for each
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * realm in realm only mode of installation based on the boolean flag
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * in amSDK plugin.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * This requirement is for portal customers.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster protected boolean isCopyOrgEnabled() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (copyOrgInitialized) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (copyOrgEnabled);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager: "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "in isCopyOrgEnabled() ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Check if AMSDK is configured for the realm
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig s = getServiceConfig(ServiceManager.REALM_SERVICE);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (s != null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator items = s.getSubConfigNames().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster while (items.hasNext()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String name = items.next().toString();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig subConfig = s.getSubConfig(name);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subConfig == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager.is" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "CopyOrgEnabled. SubConfig is NULL: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "SC Name: " + name + " For org: " + orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (false);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subConfig.getSchemaID().equalsIgnoreCase(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster IdConstants.AMSDK_PLUGIN_NAME)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map configMap = subConfig.getAttributes();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((configMap != null) && !configMap.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Get the amsdkOrgName from the amSDKRepo to build
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // OrgConfigViaSDK instance.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgs = (Set) configMap.get("amSDKOrgName");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (orgs != null && !orgs.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amSDKOrgDN = (String) orgs.iterator().next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set cfgs = (Set) configMap.get(CONF_ENABLED);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ( (cfgs != null) && (!cfgs.isEmpty()) &&
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (cfgs.contains("true")) &&
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (amSDKOrgDN !=null) ) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amsdk = new OrgConfigViaAMSDK(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster amSDKOrgDN, orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (orgNamingAttrInLegacyMode == null) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgNamingAttrInLegacyMode =
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster getNamingAttrForOrg();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster copyOrgEnabled = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster break;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException sse) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Use default values i.e., false
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager:" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "isCopyOrgEnabled() Unable to get service: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.REALM_SERVICE, sse);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException e) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Use default values i.e., false
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager:" +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "isCopyOrgEnabled() Unable to get service: " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.REALM_SERVICE, e);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster copyOrgInitialized = true;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (SMSEntry.debug.messageEnabled()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.message("OrganizationConfigManager: "+
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "copyOrgEnabled == " + copyOrgEnabled);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster return (copyOrgEnabled);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static void initializeFlags() {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster realmEnabled = ServiceManager.isRealmEnabled();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster coexistMode = ServiceManager.isCoexistenceMode();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster migratedTo70 = ServiceManager.isConfigMigratedTo70();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster void validateConfigImpl() throws SMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Instantiate the OrgConfigImpl and cache it
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if ((orgConfigImpl == null) || !orgConfigImpl.isValid()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster orgConfigImpl = OrganizationConfigManagerImpl.getInstance(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster token, orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
590e03a0114f53c994d970cfb356dadaaa57e39dJaco Jooste throw (new SMSException(ssoe, SMS_INVALID_SSO_TOKEN));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster class OrganizationConfigManagerListener implements ServiceListener {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void schemaChanged(String serviceName, String version) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Call ServiceManager to notify
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.schemaChanged();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // If naming service has changed, reload the AM Servers
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName.equalsIgnoreCase(ServiceManager.PLATFORM_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.accessManagerServers = null;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void globalConfigChanged(String serviceName, String version,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String groupName, String serviceComponent, int type) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName.equalsIgnoreCase(ServiceManager.REALM_SERVICE)) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster try {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceManager.checkFlags(token);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SSOException ssoe) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "globalConfigChanged ", ssoe);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster } catch (SMSException smse) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry.debug.error("OrganizationConfigManager: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "globalConfigChanged ", smse);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster realmEnabled = ServiceManager.isRealmEnabled();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster coexistMode = ServiceManager.isCoexistenceMode();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster migratedTo70 = ServiceManager.isConfigMigratedTo70();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public void organizationConfigChanged(String serviceName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String version, String orgName, String groupName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceComponent, int type) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Reset the cached configuration in OrgConfigViaAMSDK
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (serviceName.equalsIgnoreCase(OrgConfigViaAMSDK.IDREPO_SERVICE))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrgConfigViaAMSDK.attributeMappings = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrgConfigViaAMSDK.reverseAttributeMappings = new HashMap();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster }
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // ******* Static Variables ************
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // To determine if notification object has been registered for config
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // changes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static boolean registeredForConfigNotifications;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Realm & Co-existence modes
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static boolean realmEnabled;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static boolean coexistMode;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static boolean migratedTo70;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster}