DataStore.java revision c49468bbfa37132e6989d263741ca8c3b436f8f4
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: DataStore.java,v 1.13 2010/01/20 17:01:35 veiming Exp $
*/
/**
* Portions Copyrighted 2012 ForgeRock Inc
*/
/**
* This class *talks* to SMS to get the configuration information.
*/
public class DataStore {
private static final String REALM_DN_TEMPLATE =
"ou={0},ou=default,ou=OrganizationConfig,ou=1.0,ou=" + SERVICE_NAME +
",ou=services,{1}";
private static final String SUBJECT_FILTER_TEMPLATE =
private static final String HOST_FILTER_TEMPLATE =
private static final String PATH_FILTER_TEMPLATE =
private static final String PATH_PARENT_FILTER_TEMPLATE =
private static final NetworkMonitor DB_MONITOR_PRIVILEGE =
private static final NetworkMonitor DB_MONITOR_REFERRAL =
private static final String HIDDEN_REALM_DN =
"o=sunamhiddenrealmdelegationservicepermissions,ou=services,";
// count of number of policies per realm
static {
// Initialize statistics collection
}
private DataStore() {
}
public static DataStore getInstance() {
return instance;
}
/**
* Returns distingished name of a privilege.
*
* @param name Privilege name.
* @param realm Realm name.
* @param indexName Index name.
* @return the distingished name of a privilege.
*/
public static String getPrivilegeDistinguishedName(
}
/**
* Returns the base search DN.
*
* @param realm Realm name.
* @param indexName Index name.
* @return the base search DN.
*/
}
}
private String createDefaultSubConfig(
throws SMSException, SSOException {
}
}
return defSubConfig.getDN();
}
throws SMSException, SSOException {
}
return orgConf;
}
try {
if (referral) {
} else {
}
} finally {
}
}
try {
} else {
}
if (referral) {
} else {
}
} catch (NumberFormatException ex) {
} catch (SMSException ex) {
} catch (SSOException ex) {
} finally {
}
}
int count = 0;
if (adminToken != null) {
try {
}
}
} catch (NumberFormatException ex) {
} catch (SMSException ex) {
} catch (SSOException ex) {
}
}
return count;
}
public static int getNumberOfPolicies() {
return getCountInMap(policiesPerRealm);
}
public static int getNumberOfReferrals() {
return getCountInMap(referralsPerRealm);
}
try {
int total = 0;
}
return total;
} finally {
}
}
try {
int totalPolicies = 0;
} else {
}
return (totalPolicies);
} finally {
}
}
try {
int referralCnt = 0;
} else {
}
return (referralCnt);
} finally {
}
}
/**
* Adds a privilege.
*
* @param adminSubject Admin Subject who has the rights to write to
* datastore.
* @param realm Realm name.
* @param p Privilege object.
* @return the DN of added privilege.
* @throws com.sun.identity.entitlement.EntitlementException if privilege
* cannot be added.
*/
throws EntitlementException {
try {
}
}
}
for (String i : subjectIndexes) {
}
if (privilegeName != null) {
}
if (privilegeDesc != null) {
}
}
if (lastModifiedBy != null) {
}
long creationDate = p.getCreationDate();
if (creationDate > 0) {
}
long lastModifiedDate = p.getLastModifiedDate();
if (lastModifiedDate > 0) {
}
for (String a : p.getApplicationIndexes()) {
}
s.setAttributes(map);
s.save();
params);
} catch (JSONException e) {
throw new EntitlementException(210, e);
} catch (SSOException e) {
throw new EntitlementException(210, e);
} catch (SMSException e) {
throw new EntitlementException(210, e);
}
return dn;
}
/**
* Adds a referral.
*
* @param adminSubject Admin Subject who has the rights to write to
* datastore.
* @param realm Realm name.
* @param referral Referral Privilege object.
* @return the DN of added privilege.
* @throws EntitlementException if privilege cannot be added.
*/
public String addReferral(
) throws EntitlementException {
try {
}
}
}
}
if (privilegeName != null) {
}
if (privilegeDesc != null) {
}
}
if (lastModifiedBy != null) {
}
if (creationDate > 0) {
}
if (lastModifiedDate > 0) {
}
}
realm)) {
}
}
s.setAttributes(map);
s.save();
params);
} catch (SSOException e) {
throw new EntitlementException(270, e);
} catch (SMSException e) {
throw new EntitlementException(270, e);
}
return dn;
}
/**
* Removes privilege.
*
* @param adminSubject Admin Subject who has the rights to write to
* datastore.
* @param realm Realm name.
* @param name Privilege name.
* @throws com.sun.identity.entitlement.EntitlementException if privilege
* cannot be removed.
*/
public void remove(
) throws EntitlementException {
}
try {
s.delete();
params);
}
} catch (SMSException e) {
} catch (SSOException e) {
}
}
/**
* Removes referral privilege.
*
* @param adminSubject Admin Subject who has the rights to write to
* datastore.
* @param realm Realm name.
* @param name Referral privilege name.
* @throws EntitlementException if privilege cannot be removed.
*/
public void removeReferral(
) throws EntitlementException {
}
try {
s.delete();
params);
}
} catch (SMSException e) {
} catch (SSOException e) {
}
}
/**
* Returns a set of privilege names that satifies a search filter.
*
* @param adminSubject Subject who has the rights to read datastore.
* @param realm Realm name
* @param filter Search filter.
* @param numOfEntries Number of max entries.
* @param sortResults <code>true</code> to have result sorted.
* @param ascendingOrder <code>true</code> to have result sorted in
* ascending order.
* @return a set of privilege names that satifies a search filter.
* @throws EntitlementException if search failed.
*/
int numOfEntries,
boolean sortResults,
boolean ascendingOrder
) throws EntitlementException {
try {
throw new EntitlementException(216);
}
}
}
}
} else {
return Collections.EMPTY_SET;
}
} catch (SMSException ex) {
}
return results;
}
/**
* Returns a set of referral privilege names that satifies a search filter.
*
* @param adminSubject Subject who has the rights to read datastore.
* @param realm Realm name
* @param filter Search filter.
* @param numOfEntries Number of max entries.
* @param sortResults <code>true</code> to have result sorted.
* @param ascendingOrder <code>true</code> to have result sorted in
* ascending order.
* @return a set of privilege names that satifies a search filter.
* @throws EntityExistsException if search failed.
*/
int numOfEntries,
boolean sortResults,
boolean ascendingOrder
) throws EntitlementException {
try {
throw new EntitlementException(216);
}
}
}
}
} else {
return Collections.EMPTY_SET;
}
} catch (SMSException ex) {
}
return results;
}
}
public boolean hasPrivilgesWithApplication(
) throws EntitlementException {
//Search privilege
applName + ")";
return true;
}
//Search referral privilege
return true;
}
//Search delegation privilege
return true;
}
return false;
}
private static String getHiddenRealmDN() {
}
throws EntitlementException {
try {
0, 0, false, false);
return true;
}
} catch (SMSException e) {
}
}
return false;
}
/**
* Returns a set of privilege that satifies the resource and subject
* indexes.
*
* @param adminSubject Subject who has the rights to read datastore.
* @param realm Realm name
* @param iterator Buffered iterator to have the result fed to it.
* @param indexes Resource search indexes.
* @param subjectIndexes Subject search indexes.
* @param bSubTree <code>true</code> to do sub tree search
* @param excludeDNs Set of DN to be excluded from the search results.
* @return a set of privilege that satifies the resource and subject
* indexes.
*/
boolean bSubTree,
) throws EntitlementException {
// Get referrals only if count is greater than 0
if (countInt > 0) {
}
return results;
}
boolean bSubTree,
) throws EntitlementException {
"[PolicyEval] DataStore.searchPrivileges", null);
}
try {
while (i.hasNext()) {
new JSONObject(e.getAttributeValue(
}
} catch (JSONException e) {
} catch (SMSException e) {
}
}
}
return results;
}
/**
* Returns a set of referral privilege that satifies the resource and
* subject indexes.
*
* @param adminToken Subject who has the rights to read datastore.
* @param realm Realm name
* @param iterator Buffered iterator to have the result fed to it.
* @param indexes Resource search indexes.
* @param bSubTree <code>true</code> to do sub tree search
* @param excludeDNs Set of DN to be excluded from the search results.
* @return a set of privilege that satifies the resource and subject
* indexes.
*/
boolean bSubTree,
) throws EntitlementException {
"[PolicyEval] DataStore.searchReferral", null);
}
try {
while (i.hasNext()) {
new JSONObject(e.getAttributeValue(
}
} catch (JSONException e) {
} catch (SMSException e) {
}
}
}
return results;
}
boolean bSubTree
) {
for (String i : subjectIndexes) {
Object[] o = {i};
}
}
}
Object[] o = {h};
HOST_FILTER_TEMPLATE, o));
}
}
}
for (String p : pathIndexes) {
Object[] o = {p};
PATH_FILTER_TEMPLATE, o));
}
}
if (bSubTree) {
for (String p : parentPathIndexes) {
Object[] o = {p};
}
}
}
}
}
) throws EntitlementException {
try {
while (i.hasNext()) {
new JSONObject(e.getAttributeValue(
}
} catch (JSONException e) {
} catch (SMSException e) {
}
}
return results;
}
return adminToken;
}
}
throws EntitlementException {
try {
0, 0, false, false);
}
}
}
}
return results;
} catch (SMSException ex) {
}
}
}