/** * Assigns Services to a realm * * @param ocm Organization Configuration Manager * @param newServiceNames List of service names to be assigned/unassigned * @throws SMSException */ private void assignServices(OrganizationConfigManager ocm, List newServiceNames) throws SMSException { try { // include mandatory, otherwise pass in false Set assignedServices = ocm.getAssignedServices(); // combine new services names with current assigned services Set allServices = new HashSet(newServiceNames.size() + assignedServices.size()); // add all to make union of the two sets of service names allServices.addAll(assignedServices); allServices.addAll(newServiceNames); // update services associated with realm for (Object tmp : allServices) { String serviceName = (String) tmp; if (newServiceNames.contains(serviceName) && assignedServices.contains(serviceName)) { // do nothing, keep current service name as it is for now } else if (newServiceNames.contains(serviceName) && !assignedServices.contains(serviceName)) { // assign the service to realm ocm.assignService(serviceName, null); } else if (!newServiceNames.contains(serviceName) && assignedServices.contains(serviceName)) { // unassign the service from the realm if not mandatory ocm.unassignService(serviceName); } } } catch (SMSException smse) { debug.error("RealmResource.assignServices() : Unable to assign services"); throw smse; } }
/** * Returns a map of assigned service name to its localized name under a realm. * * @param realmName Name of Realm. * @return a map of assigned service name to its localized name under a realm. * @throws AMConsoleException if service names cannot be obtained. */ public Map getAssignedServiceNames(String realmName) throws AMConsoleException { String[] param = {realmName}; logEvent("ATTEMPT_GET_ASSIGNED_SERVICE_OF_REALM", param); try { OrganizationConfigManager orgCfgMgr = new OrganizationConfigManager(getUserSSOToken(), realmName); Set names = orgCfgMgr.getAssignedServices(); if ((names == null) || names.isEmpty()) { names = new HashSet(); } getIdentityServices(realmName, names); /* * Need to use adminSSOToken because policy admin does not * have the correct privileges. */ AMAuthenticationManager mgr = new AMAuthenticationManager(adminSSOToken, realmName); AMAdminUtils.removeAllCaseIgnore(names, mgr.getAuthenticationServiceNames()); removeNonDisplayableServices(names, SUPPORTED_SCHEMA_TYPE); // remove auth configuration service too names.remove(AMAdminConstants.AUTH_CONFIG_SERVICE); names.remove(AMAdminConstants.CORE_AUTH_SERVICE); /* Creation and edit of instances of the Rest/Soap STS services handled by the STS tab. */ names.remove(AMAdminConstants.REST_STS_SERVICE); names.remove(AMAdminConstants.SOAP_STS_SERVICE); logEvent("SUCCEED_GET_ASSIGNED_SERVICE_OF_REALM", param); return mapNameToDisplayName(names); } catch (AMConfigurationException e) { String strError = getErrorString(e); String[] paramsEx = {realmName, strError}; logEvent("CONFIGURATION_EXCEPTION_GET_ASSIGNED_SERVICE_OF_REALM", paramsEx); throw new AMConsoleException(strError); } catch (SMSException e) { String strError = getErrorString(e); String[] paramsEx = {realmName, strError}; logEvent("SMS_EXCEPTION_GET_ASSIGNED_SERVICE_OF_REALM", paramsEx); throw new AMConsoleException(strError); } }
/** * Returns a map of service name to its display name that can be assigned to a realm. * * @param realmName Name of Realm. * @return a map of service name to its display name that can be assigned to a realm. * @throws AMConsoleException if service names cannot be obtained. */ public Map getAssignableServiceNames(String realmName) throws AMConsoleException { String[] param = {realmName}; logEvent("ATTEMPT_GET_ASSIGNABLE_SERVICE_OF_REALM", param); try { OrganizationConfigManager orgCfgMgr = new OrganizationConfigManager(getUserSSOToken(), realmName); Set names = orgCfgMgr.getAssignableServices(); addIdentityUnassignedServices(realmName, names); names.removeAll(orgCfgMgr.getAssignedServices()); AMAuthenticationManager mgr = new AMAuthenticationManager(getUserSSOToken(), realmName); AMAdminUtils.removeAllCaseIgnore(names, mgr.getAuthenticationServiceNames()); removeNonDisplayableServices(names, SUPPORTED_SCHEMA_TYPE); names.remove(AMAdminConstants.CORE_AUTH_SERVICE); /* Creation and edit of instances of the Rest/Soap STS services handled by the STS tab. */ names.remove(AMAdminConstants.REST_STS_SERVICE); names.remove(AMAdminConstants.SOAP_STS_SERVICE); logEvent("SUCCEED_GET_ASSIGNABLE_SERVICE_OF_REALM", param); return mapNameToDisplayName(names); } catch (AMConfigurationException e) { String strError = getErrorString(e); String[] paramsEx = {realmName, strError}; logEvent("CONFIGURATION_EXCEPTION_GET_ASSIGNABLE_SERVICE_OF_REALM", paramsEx); if (debug.warningEnabled()) { debug.warning("ServicesModel.getAssignableServiceNames " + strError); } throw new AMConsoleException("no.properties"); } catch (SMSException e) { String strError = getErrorString(e); String[] paramsEx = {realmName, strError}; logEvent("SMS_EXCEPTION_GET_ASSIGNABLE_SERVICE_OF_REALM", paramsEx); throw new AMConsoleException(strError); } }
/** {@inheritDoc} */ @Override public void readInstance( final ServerContext context, final String resourceId, final ReadRequest request, final ResultHandler<Resource> handler) { RealmContext realmContext = context.asContext(RealmContext.class); String realmPath = realmContext.getResolvedRealm(); Resource resource; JsonValue jval; String holdResourceId = checkForTopLevelRealm(resourceId); try { hasPermission(context); if (holdResourceId != null && !holdResourceId.startsWith("/")) { holdResourceId = "/" + holdResourceId; } if (!realmPath.equalsIgnoreCase("/")) { holdResourceId = realmPath + holdResourceId; } OrganizationConfigManager ocm = new OrganizationConfigManager(getSSOToken(), holdResourceId); // get associated services for this realm , include mandatory service names. Set serviceNames = ocm.getAssignedServices(); jval = createJsonMessage(SERVICE_NAMES, serviceNames); String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context); resource = new Resource(resourceId, String.valueOf(System.currentTimeMillis()), jval); if (debug.messageEnabled()) { debug.message( "RealmResource.readInstance :: READ : Successfully read realm, " + resourceId + " performed by " + principalName); } handler.handleResult(resource); } catch (SSOException sso) { debug.error("RealmResource.updateInstance() : Cannot READ " + resourceId, sso); handler.handleError(new PermanentException(401, "Access Denied", null)); } catch (ForbiddenException fe) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId + ":" + fe); handler.handleError(fe); } catch (SMSException smse) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, smse); try { configureErrorMessage(smse); } catch (NotFoundException nf) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, nf); handler.handleError(nf); } catch (ForbiddenException fe) { // User does not have authorization debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, fe); handler.handleError(fe); } catch (PermanentException pe) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, pe); // Cannot recover from this exception handler.handleError(pe); } catch (ConflictException ce) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, ce); handler.handleError(ce); } catch (BadRequestException be) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, be); handler.handleError(be); } catch (Exception e) { debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, e); handler.handleError(new BadRequestException(e.getMessage(), e)); } } catch (Exception e) { handler.handleError(new BadRequestException(e.getMessage(), e)); } }