8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: SMSMigration70.java,v 1.5 2008/07/11 01:46:20 arviranga Exp $
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Portions Copyrighted [2011] [ForgeRock AS]
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.delegation.DelegationException;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.delegation.DelegationManager;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.delegation.DelegationPermission;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterimport com.sun.identity.delegation.DelegationPrivilege;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void migrate63To70(SSOToken token, String entryDN) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "\n\n\nSMSMigration70::main() : Realms enabled. " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "\n\nService Management Migration to "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + "7.0 cannot be done. ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "\n\n\nSMSMigration70::main() : Realms enabled. " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "\n\nService Management Migration to " +
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster "7.0 cannot be done."));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Add AMSDK plugin to root realm before migration of sub-realms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // This is similar to SMSEntry.baseDN.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Add these organization attributes from root org to root realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String rootRealmDN = SMSEntry.SERVICES_RDN + SMSEntry.COMMA
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster new OrganizationConfigManager(token, rootRealmDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ocmAddAttr.setAttributes("sunidentityrepositoryservice", addMap);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Migrate sub-orgs to realms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // After migration of config data, Set the realmEnabled/realmMode
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // flag to true in the Global Schema of the identity repository
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceSchemaManager ssm = new ServiceSchemaManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrSet.put(ServiceManager.REALM_ATTR_NAME, realmValue);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster attrSet.put(ServiceManager.COEXISTENCE_ATTR_NAME, coExistValue);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // After migration of config data, Set the realmEnabled/realmMode
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // flag to true
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scm = new ServiceConfigManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster map.put(ServiceManager.REALM_ATTR_NAME, realmSet);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster map.put(ServiceManager.COEXISTENCE_ATTR_NAME, coExistSet);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("migrateToRealms.COEXISTENCE is "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void migrateToRealms(SSOToken token, String entryDN) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager ocm = new OrganizationConfigManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set subOrgNames = ocm.getSubOrganizationNames("*", false);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("Organization naming attr is " + orgNamingAttr);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("SIZE is " + subOrgNames.size());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + (String) subOrgs.next() + SMSEntry.COMMA + entryDN;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Add AMSDK plugin before migrating the config data
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Create corresponding realms and migrate the config data
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Migrate the delegation policies before migrating config data
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Look for suborgs too and copy/create subrealms.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Adds IdRepo AMSDK plugin to the given organization name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster protected static void addIdRepoAMSDKPlugin(SSOToken token, String orgName)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scm = new ServiceConfigManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig sc = scm.getOrganizationConfig(orgName, null);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sc.addSubConfig("amsdk1", "amSDK", 0, attributes);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Migrate delegation policies to have correct policy name, resource name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * and subjects
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster protected static void migrateDelegationPolicies(SSOToken token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("Migrating delegation policies for org: " + orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster DelegationManager dm = new DelegationManager(token, orgName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator items = privileges.iterator(); items.hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster DelegationPrivilege dp = (DelegationPrivilege) items.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // remove the privilege
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator perms = permissions.iterator(); perms.hasNext();)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // change the resource name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // change the subject name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator ss = subjects.iterator(); ss.hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Normalized orgname to realm name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Add the modified privileges
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster for (Iterator items = newPrivileges.iterator(); items.hasNext();) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster DelegationPrivilege dp = (DelegationPrivilege) items.next();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("Delegation Policies for org: " + orgName + "\n"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Adds these two organization attributes to realm.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "sunOrganizationStatus=inetDomainStatus"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * From AM point of view, all these 3 attributes in AMSDK Organization serve
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the purpose of identifying the realm give the alias names.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "sunOrganizationAliases=sunOrganizationAlias"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "sunOrganizationAliases=sunPreferredDomain"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "sunOrganizationAliases=associatedDomain"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster protected static Map getOrgAttributes(SSOToken token, String org) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrgConfigViaAMSDK amsdk = new OrgConfigViaAMSDK(token, org, org);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgStatus = amsdk.getSDKAttributeValue("inetDomainStatus");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgPrefDom = amsdk.getSDKAttributeValue("sunPreferredDomain");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgAssocDom = amsdk.getSDKAttributeValue("associatedDomain");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set orgAlias = amsdk.getSDKAttributeValue("sunOrganizationAlias");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("\n addIdRepoAMSDKPlugin.Org Status & ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("addIdRepoAMSDKPlugin.Org Alias. ");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void migrateOrganization(SSOToken token, String org) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("\n migrateOrganization.Org Name: " + org);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster realm = DNMapper.replaceString(tmp, orgNamingAttr
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster + SMSEntry.EQUALS, SMSEntry.ORG_PLACEHOLDER_RDN)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("\nmigrateOrganization.realm: " + realm);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String orgDN = SMSEntry.SERVICES_RDN + SMSEntry.COMMA + org;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .println("\nmigrateOrganization.orgDN Name: " + orgDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSubEntries cse = CachedSubEntries.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sdn = realm.toLowerCase().indexOf(SMSEntry.baseDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("\nmigrateOrganization.RealmDN Name: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CreateServiceConfig.createOrganization(token, realmDN);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // After creation of the realm, Set the DNMapper.migration
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // flag to true to avoid removal of 'ou=services' from the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // newly formed realm DN.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ocmAddAttrs.setAttributes("sunidentityrepositoryservice", map);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("\nmigrateOrganization.ServiceName: "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // Migrate service config data
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster migrateConfigData(token, realmDN, serviceName, org);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void migrateConfigData(SSOToken token, String realmDN,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("Initial value. migrateConfigData.REALM is "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("initial value. migrateConfigData.COEXISTENCE "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster OrganizationConfigManager ocmAdd = new OrganizationConfigManager(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfigManager scmGet = new ServiceConfigManager(serviceName,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("\nMigrating Organization Config data");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig orgServiceConfig = scmGet.getOrganizationConfig(org,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster migrateConfigs(token, orgServiceConfig, serviceName, ocmAdd);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void migrateConfigs(SSOToken token, ServiceConfig scGet,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceName, OrganizationConfigManager ocmAdd) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println(s + "=" + attrResults.get(s));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // create sub-config node
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig newServiceConfig = ocmAdd.addServiceConfig(
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set subConfigNames = scGet.getSubConfigNames();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig oldSubConfig = scGet.getSubConfig(subConfigName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("Sub Config Name " + subConfigName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map subConfigMap = oldSubConfig.getAttributes();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster newServiceConfig.addSubConfig(subConfigName, scID, scGet
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster migrateSubEntries(token, newServiceConfig, oldSubConfig,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public static void migrateSubEntries(SSOToken token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ServiceConfig newServiceConfig, ServiceConfig oldSubConfig,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Set subEntryNames = oldSubConfig.getSubConfigNames();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if (subEntryNames != null && !subEntryNames.isEmpty()) {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster System.out.println("Sub Config Name1 " + subEntryName);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Map subEntryConfigMap = subEntryConfig.getAttributes();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Iterator it1 = subEntryConfigMap.keySet().iterator();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster .println(s1 + "=" + subEntryConfigMap.get(s1));
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String serviceID = subEntryConfig.getSchemaID();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String subConfigDN = "ou=" + subEntryName + SMSEntry.COMMA
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSEntry newsubConfigSMSEntry = new SMSEntry(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster SMSUtils.setAttributeValuePairs(newsubConfigSMSEntry,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster newsubConfigSMSEntry.addAttribute(SMSEntry.ATTR_SERVICE_ID,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster newsubConfigSMSEntry.addAttribute(SMSEntry.ATTR_PRIORITY,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster sb.append(oldSubConfig.getPriority()).toString());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster CachedSMSEntry cachedE = CachedSMSEntry.getInstance(token,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster // oldSubConfig = subEntryConfig;