IdRepoUtils.java revision a82d04bc19fee9d5e34b41ccd7641da1f62ab634
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved.
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: IdRepoUtils.java,v 1.3 2010/01/06 22:31:55 veiming Exp $
*
* Portions Copyrighted 2011-2015 ForgeRock AS.
*/
/**
* This class provides common utility functions for IdRepo.
*/
public class IdRepoUtils {
static {
}
/**
* Returns an attribute map with all the password attributes being masked.
*
* @param attrMap an attribute map
* @param pwdAttrs a set of password attribute names
*
* @return an attribute map with all the password attributes being masked.
*/
public static Map<String, ?> getAttrMapWithoutPasswordAttrs(Map<String, ?> attrMap, Set<String> pwdAttrs) {
return attrMap;
}
//the attrmap needs to be case-insensitive in order to detect password attributes correctly
}
if (returnAttrMap == null) {
returnAttrMap = new AMHashMap();
}
}
}
}
}
return schemaFiles;
}
/**
* Return true if specified IdRepo type has schemas.
*
* @param idRepoType IdRepo type
* @return true if specified IdRepo type has schemas
*/
if (idRepoType == null) {
return false;
}
}
/**
* Loads schema to specified IdRepo.
*
* @param ssoToken single sign on token of authenticated user identity
* @param idRepoName IdRepo name
* @param realm the realm
* @param servletCtx the servlet context
*
* @throws IdRepoException If schema can't be loaded or there are
* repository related error conditions.
*/
if (servletCtx == null) {
return;
}
try {
if (DEBUG.messageEnabled()) {
}
args);
}
if (DEBUG.messageEnabled()) {
"schema files.");
}
return;
}
while (st.hasMoreTokens()) {
}
} catch (SMSException smsex) {
if (DEBUG.messageEnabled()) {
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_READ_PLUGIN_FOR_REALM, args);
} catch (SSOException ssoex) {
if (DEBUG.messageEnabled()) {
}
if (DEBUG.messageEnabled()) {
}
}
}
throws Exception {
char[] cbuf = new char[1024];
int len;
}
"sun-idrepo-ldapv3-config-organization_name");
"@userStoreRootSuffix@", suffix);
dbName);
}
if (adamInstanceGUID != null) {
"@INSTANCE_GUID@", adamInstanceGUID);
}
}
} finally {
try {
//No handling requried
}
}
}
}
"(objectclass=*)"));
if (index != -1) {
}
}
}
}
return null;
}
throws Exception {
if (CollectionHelper.getBooleanMapAttr(attrValues, "sun-idrepo-ldapv3-config-ssl-enabled", false)) {
}
if (DEBUG.warningEnabled()) {
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
if (DEBUG.warningEnabled()) {
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
// All connections will use authentication
if (DEBUG.warningEnabled()) {
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
if (DEBUG.warningEnabled()) {
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
options = options.set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(bindDn, bindPwd.toCharArray()));
}
/**
* Parses the incoming types and operations in string format to their domain object equivalent. For example:
* <code>user=read,edit,service,delete</code>
* will be turned into USER identity type with READ, EDIT, SERVICE, DELETE operations.
*
* @param typesAndOperations The parsable type and operation lines (each line represents an identity type.
* @return The parsed identity types and operation mappings.
*/
public static Map<IdType, Set<IdOperation>> parseSupportedTypesAndOperations(Set<String> typesAndOperations) {
Map<IdType, Set<IdOperation>> supportedTypesAndOperations = new HashMap<IdType, Set<IdOperation>>(6);
if (DEBUG.messageEnabled()) {
}
if (idx == -1) {
continue;
}
boolean supportsService = false;
supportsService = true;
supportsService = true;
}
}
//we need to make sure that realm=service is always present
}
if (DEBUG.messageEnabled()) {
}
return supportedTypesAndOperations;
}
private static Set<IdOperation> parseSupportedOperations(String operations, boolean supportsService) {
if (supportsService) {
}
}
}
return idOperations;
}
/**
* Parses attribute mapping settings in the format of "from=to". If there is no mapping provided, then this will be
* a mapping to itself.
*
* @param mappings A set of mappings that needs to be parsed
* @return The processed mappings returned as a map.
*/
return map;
}
if (idx == -1) {
} else {
}
}
return map;
}
// Get the prioritised set of ldap servers
if (null != ldapServers) {
try {
} catch (ServerEntryNotFoundException senfe) {
if (DEBUG.warningEnabled()) {
+ hostSiteId);
}
}
ldapUrls = org.forgerock.openam.ldap.LDAPUtils.prioritizeServers(ldapServers, hostServerId, hostSiteId);
}
return ldapUrls;
}
}