a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: FSAccountManager.java,v 1.5 2008/06/25 05:46:39 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.federation.accountmgmt;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.services.util.FSServiceUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.FSUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.common.LogUtil;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.datastore.DataStoreProvider;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.datastore.DataStoreProviderException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.plugin.datastore.DataStoreProviderManager;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.NameIdentifier;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * This class is used for storing & retrieving user account's federation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * specific information.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * static variable to store AccountManager .
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster private static Map instanceMap = new HashMap();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * additional SP filter to check, this is for the case when two SP
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * are federated with same IDP
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Default Constructor.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param metaAlias hosted provider's meta alias
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if error occurred.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster provider = DataStoreProviderManager.getInstance().
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String role = metaManager.getProviderRoleByMetaAlias(metaAlias);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String realm = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (role != null && role.equalsIgnoreCase(IFSConstants.IDP)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster metaManager.getIDPDescriptorConfig(realm, hostedEntityID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster metaManager.getSPDescriptorConfig(realm, hostedEntityID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String userPClass = IDFFMetaUtils.getFirstAttributeValueFromConfig(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster hostedConfig, IFSConstants.FS_USER_PROVIDER_CLASS);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (userPClass == null || userPClass.length() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster userPClass = IFSConstants.FS_USER_PROVIDER_DEFAULT;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.getInstance() : Exception: ", de);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(de.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Gets an Object for FSAccountManager Class.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Used to instantiate the Class.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param metaAlias meta alias of hosted provider
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return FSAccountManager Object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if error occurred.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public static FSAccountManager getInstance(String metaAlias)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((metaAlias == null) || (metaAlias.length() == 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.getInstance: meta aliasis null.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster synchronized(instanceMap) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster manager = (FSAccountManager) instanceMap.get(metaAlias);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Stores Account's federation Info in data store.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfo Account federation info as FSAccountFedInfo object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * and opaque handle sent/received.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if illegal argument passed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.writeAccountFedInfo() : called");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.writeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.writeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : FedInfo key is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.writeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : FedInfo is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrNames.add(FSAccountUtils.USER_FED_INFO_KEY_ATTR);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrNames.add(FSAccountUtils.USER_FED_INFO_ATTR);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Map attrsMap = provider.getAttributes(userID, attrNames);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(fedInfoKey);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.writeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "AccountFedInfo Key Already Exists, " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "will overwrite.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String fedInfoKeyStr = FSAccountUtils.objectToKeyString(fedInfoKey);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrMap.put(FSAccountUtils.USER_FED_INFO_KEY_ATTR,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(fedInfoKey);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.writeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster " AccountFedInfo Already Exists, will " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "overwrite");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String fedInfoStr = FSAccountUtils.objectToInfoString(fedInfo);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrMap.put(FSAccountUtils.USER_FED_INFO_ATTR, existFedInfoSet);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.writeAccountFedInfo(): Key : " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String[] args = {userID, fedInfoStr, fedInfoKeyStr };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster LogUtil.access(Level.INFO,LogUtil.WRITE_ACCOUNT_FED_INFO, args);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.writeAccountFedInfo(): Exception: ", de);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(de.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Removes Account's federation Info in data store.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfo Account federation info as FSAccountFedInfo object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if illegal argument passed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * TODO, this may remove the wrong info key, as two
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * SP could federation with same IDP
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * use the one with providerID parameter
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public void removeAccountFedInfo(String userID, FSAccountFedInfo fedInfo)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : FedInfo is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountMgmtException(IFSConstants.NULL_FED_INFO_OBJECT, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String fedInfoStr = FSAccountUtils.objectToInfoString(fedInfo);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("Account Info to be removed:"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (fedInfoStr != null && existFedInfoSet.contains(fedInfoStr))
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrMap.put(FSAccountUtils.USER_FED_INFO_ATTR, existFedInfoSet);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfo(): Exception: ", se);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(se.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Stores Account's federation Info in data store.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfo Account federation info as FSAccountFedInfo object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * & opaque handle sent/received.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param oldFedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * & opaque handle sent/received, which will be removed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if illegal argument passed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster writeAccountFedInfo(userID, fedInfoKey, fedInfo);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Removes Account's federation Info Key in data store.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * & opaque handle sent/received, which will be removed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if illegal argument passed.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfoKey():called");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfoKey():"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfoKey():"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Invalid Argument : FedInfo key is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Set existFedInfoKeySet = provider.getAttribute(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster userID, FSAccountUtils.USER_FED_INFO_KEY_ATTR);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoKeySet != null && !existFedInfoKeySet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(fedInfoKey);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfoKey():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Account Fed Info Key Exists, will remove it");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrMap.put(FSAccountUtils.USER_FED_INFO_KEY_ATTR,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfoKey():Exception:", ame);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(ame.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Removes Account's federation Info in data store for given providerID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in fedInfo object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * & opaque handle sent/received.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID Remote ProviderID value.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException - If Account fed info is not found for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * given user & given ProviderID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfo(): userID=" + userID +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ", infoKey=" + FSAccountUtils.createFilter(fedInfoKey) +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : FedInfo key is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((providerID == null) || (providerID.length() <= 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : providerID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountMgmtException(IFSConstants.NULL_PROVIDER_ID, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfo():"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster boolean found = false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Set existFedInfoKeySet = provider.getAttribute(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster userID, FSAccountUtils.USER_FED_INFO_KEY_ATTR);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoKeySet != null && !existFedInfoKeySet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(fedInfoKey);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Account Fed Info Key Exists, will remove it");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster attrMap.put(FSAccountUtils.USER_FED_INFO_KEY_ATTR,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(providerID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Account Fed Info Exists, will remove it");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String[] args = {userID, providerID, existFedInfoKeyStr };
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster Level.INFO, LogUtil.REMOVE_ACCOUNT_FED_INFO, args);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.removeAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Account Federation Info not Found");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.removeAccountFedInfo():Exception:", ame);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(ame.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Reads Account's federation Info from data store for given
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * providerID and returns value as fedInfo object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns null if value not found for given providerID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID Remote ProviderID value.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Account's federation Info.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Null if no Account Federation info value for given providerID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if an error occurred.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return readAccountFedInfo(userID, providerID, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Reads Account's federation Info from data store for given
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * providerID and returns value as fedInfo object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns null if value not found for given providerID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user ID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID Remote ProviderID value.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param nameIDValue fedinfo with this name ID value is to be found.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Account's federation Info.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Null if no Account Federation info value for given providerID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if an error occurred.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.readAccountFedInfo() : user=" + userID +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ", providerID=" + providerID + ", nameIDValue=" + nameIDValue);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.readAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((providerID == null) || (providerID.length() <= 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.readAccountFedInfo():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : providerID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountMgmtException(IFSConstants.NULL_PROVIDER_ID, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.readAccountFedInfo():Exception:", ame);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(ame.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(providerID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // accountFedInfo exists for given providerID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.readAccountFedInfo(): " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountUtils.stringToObject(existFedInfoStr);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.readAccountFedInfo(): value with user: " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster userID + " and providerID : " + providerID + " not found");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Reads All Account's federation Info from data store for given
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * user identity and returns a Set of ProviderIDs with which user
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is federated (FedStatus is Active).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Set of ProviderIDs with which user is federated (FedStatus
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is Active).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if an error occurred.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Set readAllFederatedProviderID (String userID)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (SP_PROVIDER_ID != null && SP_PROVIDER_ID.length() != 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return readAllFederatedProviderID(SP_PROVIDER_ID, userID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return readAllFederatedProviderID(null, userID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Reads All Account's federation Info from data store for given
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * user identity and providerID. Returns a Set of ProviderIDs
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with which user is federated (FedStatus is Active).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID local provider ID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return Set of ProviderIDs with which user is federated (FedStatus
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is Active).
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException if error occurred.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public Set readAllFederatedProviderID(String providerID, String userID)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.readAllFedProviderID() : userID=" + userID +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.readAllFederatedProviderID()"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + ":Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.readAllFederatedProviderID():Exception:",
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(ame.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountUtils.stringToObject(existFedInfoStr);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster existFedInfoStr.indexOf("|" + providerID + "|") != -1)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns true/false if Account's federation Status is Active / Inactive
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * for given providerID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user identity
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param providerID Remote ProviderID value.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true/false if Account's federation Status is Active / Inactive
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * for given providerID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException - If Account fed info is not found for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * given user & given ProviderID.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("FSAccountManager.isFederationActive() : called");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.isFederationActive():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if ((providerID == null) || (providerID.length() <= 0)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.isFederationActive() : " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : ProviderID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.isFederationActive() :Exception: ", ame);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(ame.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster String filter = FSAccountUtils.createFilter(providerID);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // accountFedInfo exists for given providerID
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.isFederationActive(): " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountUtils.stringToObject(existFedInfoStr);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.isFederationActive() : " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Account Federation Info not Found");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Returns true If Any Active federation is found where idpRole is true
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * means local deployment worked as SP in that federation and federation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * is still Active.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param userID user id
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true If Any Active federation is found where idpRole is true
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * means local deployment worked as SP in that federation and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * federation is still Active.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException - If Account fed info is not found for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * given user.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.hasAnyActiveFederation():called");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.hasAnyActiveFederation():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : user ID is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(IFSConstants.NULL_USER_DN, null);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "FSAccountManager.hasAnyActiveFederation():Exception: ", ame);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new FSAccountMgmtException(ame.getMessage());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (existFedInfoSet != null && !existFedInfoSet.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSAccountUtils.stringToObject(existFedInfoStr);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // If Any Active federation is found where idpRole is true,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // return true.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // Means local deployment worked as SP in that federation.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (afi.isFedStatusActive() && afi.isRoleIDP()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // return false in case user account federation info not found
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // since all federtation info will be cleaned up once terminated
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Searches user with given combination of ProviderID & Opaque handle
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in Default Organization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * & opaque handle sent/received.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param env - Extra parameters that can be used for user mapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException - If Unable to get Organization
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return User DN if user found with given combination else returns null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If Some error occurs returns null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Searches user with given combination of ProviderID & Opaque handle
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * in given Organization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param fedInfoKey Account Fed Info Key which contains NameSpace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * & opaque handle sent/received.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param orgDN organization DN.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param env Extra parameters that can be used for user mapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws FSAccountMgmtException - If Unable to get Organization.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return User DN if user found with given combination else returns null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If Some error occurs returns null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.message("FSAccountManager.getUserID() : called");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster FSUtils.debug.error("FSAccountManager.getUserID():" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "Invalid Argument : fedInfoKey is NULL");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster valueSet.add(FSAccountUtils.objectToKeyString(fedInfoKey));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster avPairs.put(FSAccountUtils.USER_FED_INFO_KEY_ATTR, valueSet);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster return userProvider.getUserID(orgDN, avPairs, env);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Gets the user by using a given search filter.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param avPair Attribute Value Pair to be used in finding the user.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param orgDN Organization DN.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param env Extra parameters that can be used for user mapping.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @exception FSAccountMgmtException if an error occurred.