SpecialRepo.java revision 6340439720654d76109888406a64026599d7142f
1246N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 1246N/A * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved 1246N/A * The contents of this file are subject to the terms 1246N/A * of the Common Development and Distribution License 1246N/A * (the License). You may not use this file except in 1246N/A * compliance with the License. 1246N/A * You can obtain a copy of the License at 1246N/A * See the License for the specific language governing 1246N/A * permission and limitations under the License. 1246N/A * When distributing Covered Code, include this CDDL 1246N/A * Header Notice in each file and include the License file 1246N/A * If applicable, add the following below the CDDL Header, 1246N/A * with the fields enclosed by brackets [] replaced by 1246N/A * your own identifying information: 3232N/A * "Portions Copyrighted [year] [name of copyright owner]" 1246N/A * Portions Copyrighted 2012 ForgeRock Inc "com.sun.identity.idm.plugins.internal.SpecialRepo";
// Contains the names of the specials users * @see com.sun.identity.idm.IdRepo#addListener(com.iplanet.sso.SSOToken, * com.iplanet.am.sdk.IdRepoListener) debug.
error(
"SpecialRepo.addListener: Unable to add listener to" +
" SM Updates to special users will not reflect",
smse);
* @see com.sun.identity.idm.IdRepo#assignService(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.lang.String, * com.sun.identity.sm.SchemaType, java.util.Map) * @see com.sun.identity.idm.IdRepo#create(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Map) * @see com.sun.identity.idm.IdRepo#delete(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String) // Need to support delete for anonymous only // Obtain userconfig and delete anonymous user debug.
error(
"SpecialRepo: Unable to delete anonymous user ",
* @see com.sun.identity.idm.IdRepo#getAssignedServices( * com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Map) * @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Set) * @see com.sun.identity.idm.IdRepo#getAttributes(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String) // Get SubConfig of the user // Return without the userPassword attribute // The passwords for these would // be returned from AMSDK plugin // Add the AMSDK root suffix to the DN attribute // User not found, thrown exception debug.
error(
"SpecialRepo: Unable to read user attributes ",
* @see com.sun.identity.idm.IdRepo#getBinaryAttributes( * com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Set) * @see com.sun.identity.idm.IdRepo#setBinaryAttributes( * com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType, * java.lang.String, java.util.Map, boolean) * @see com.sun.identity.idm.IdRepo#getMembers(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, * com.sun.identity.idm.IdType) * @see com.sun.identity.idm.IdRepo#getMemberships(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, * com.sun.identity.idm.IdType) * @see com.sun.identity.idm.IdRepo#getServiceAttributes( * com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.lang.String, // Check if the name is present // Throw exception otherwise * @see com.sun.identity.idm.IdRepo#getBinaryServiceAttributes( * com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType, * java.lang.String, java.util.Set) * @see com.sun.identity.idm.IdRepo#isExists(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String) * @see com.sun.identity.idm.IdRepo#modifyMemberShip( * com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Set, * com.sun.identity.idm.IdType, int) * @see com.sun.identity.idm.IdRepo#modifyService(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.lang.String, * com.sun.identity.sm.SchemaType, java.util.Map) * @see com.sun.identity.idm.IdRepo#removeAttributes( * com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Set) * @see com.sun.identity.idm.IdRepo#removeListener() ssm =
null;
//make sure old reference get GCed asap //unfortunately, because reposervice is special this is required to //make sure any old lingering object would be cleaned. // listener should be removed in first try. ignoring any error // listener should be removed in first try. ignoring any error * @see com.sun.identity.idm.IdRepo#search(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, int, int, * java.util.Set, boolean, int, java.util.Map, boolean) // Support aliasing for "uid" at least.. // pattern is "*" and avPairs is not empty, so return // If wild card is used for pattern, do a search else a lookup // Return without the userPassword attribute // The passwords for these would // Add the AMSDK root suffix to the DN attribute debug.
error(
"SpecialRepo.search: Unable to retrieve entries: ",
* @see com.sun.identity.idm.IdRepo#search(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Map, * boolean, int, int, java.util.Set) * @see com.sun.identity.idm.IdRepo#setAttributes(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.util.Map, // For performance reason check if the user entry // is present before getting the subConfig // can only set "userpassword" and "inetUserStatus" "userpassword")) !=
null) {
// if user is URL Access Agent, // urlAccessAgentCryptPwd will be set; otherwise // urlAccessAgentCryptPwd will be null. // If password is changed for dsameuser, need to +
"changing password", e);
debug.
error(
"SpecialRepo: Unable to set user attributes ",
debug.
error(
"SpecialRepo.updateServiceConfiguration", e);
debug.
error(
"SpecialRepo.updateServiceConfiguration", e);
debug.
error(
"SpecialRepo.updateServiceConfiguration", e);
* @see com.sun.identity.idm.IdRepo#unassignService( * com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String, java.lang.String, "com.sun.identity.idm.plugins.specialusers.SpecialRepo",
* @see com.sun.identity.idm.IdRepo#getSupportedOperations( * com.sun.identity.idm.IdType) * @see com.sun.identity.idm.IdRepo#getSupportedTypes() * @see com.sun.identity.idm.IdRepo#initialize(java.util.Map) * @see com.sun.identity.idm.IdRepo#isActive(com.iplanet.sso.SSOToken, * com.sun.identity.idm.IdType, java.lang.String) * @see com.sun.identity.idm.IdRepo#setActiveStatus( com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType, java.lang.String, boolean) * @see com.sun.identity.idm.IdRepo#shutdown() // Check revision number to determine if root suffix needs debug.
error(
"SpecialRepo.replaceDN: Unable to get Schema" +
"to determine revision number",
smse);
// In the case of upgrade the DN will have the suffix // Hence check if it ends with SMS root suffix // Replace only if the they are different * @see com.sun.identity.sm.ServiceListener#globalConfigChanged( * java.lang.String, java.lang.String, java.lang.String, int) // Send notifcations for users in special users * @see com.sun.identity.sm.ServiceListener#organizationConfigChanged( * java.lang.String, java.lang.String, java.lang.String, // Since special users are in global configuration // Notifications need not be sent * @see com.sun.identity.sm.ServiceListener#schemaChanged(java.lang.String, // Since special users are in global configuration, not schema // Notifications need not be sent // Obtain user name and password from credentials and authenticate debug.
message(
"SpecialRepo:authenticate inst. SMSAuthModule");
debug.
message(
"SpecialRepo:authenticate SMSAuthModule:init");