Beispiel #1
0
  /**
   * Assigns Services to a realm
   *
   * @param ocm Organization Configuration Manager
   * @param newServiceNames List of service names to be assigned/unassigned
   * @throws SMSException
   */
  private void assignServices(OrganizationConfigManager ocm, List newServiceNames)
      throws SMSException {
    try {
      // include mandatory, otherwise pass in false
      Set assignedServices = ocm.getAssignedServices();
      // combine new services names with current assigned services
      Set allServices = new HashSet(newServiceNames.size() + assignedServices.size());

      // add all to make union of the two sets of service names
      allServices.addAll(assignedServices);
      allServices.addAll(newServiceNames);

      // update services associated with realm
      for (Object tmp : allServices) {
        String serviceName = (String) tmp;
        if (newServiceNames.contains(serviceName) && assignedServices.contains(serviceName)) {
          // do nothing, keep current service name as it is for now
        } else if (newServiceNames.contains(serviceName)
            && !assignedServices.contains(serviceName)) {
          // assign the service to realm
          ocm.assignService(serviceName, null);
        } else if (!newServiceNames.contains(serviceName)
            && assignedServices.contains(serviceName)) {
          // unassign the service from the realm  if not mandatory
          ocm.unassignService(serviceName);
        }
      }
    } catch (SMSException smse) {
      debug.error("RealmResource.assignServices() : Unable to assign services");
      throw smse;
    }
  }
  /**
   * Returns a map of assigned service name to its localized name under a realm.
   *
   * @param realmName Name of Realm.
   * @return a map of assigned service name to its localized name under a realm.
   * @throws AMConsoleException if service names cannot be obtained.
   */
  public Map getAssignedServiceNames(String realmName) throws AMConsoleException {
    String[] param = {realmName};
    logEvent("ATTEMPT_GET_ASSIGNED_SERVICE_OF_REALM", param);

    try {
      OrganizationConfigManager orgCfgMgr =
          new OrganizationConfigManager(getUserSSOToken(), realmName);
      Set names = orgCfgMgr.getAssignedServices();
      if ((names == null) || names.isEmpty()) {
        names = new HashSet();
      }
      getIdentityServices(realmName, names);

      /*
       * Need to use adminSSOToken because policy admin does not
       * have the correct privileges.
       */
      AMAuthenticationManager mgr = new AMAuthenticationManager(adminSSOToken, realmName);
      AMAdminUtils.removeAllCaseIgnore(names, mgr.getAuthenticationServiceNames());
      removeNonDisplayableServices(names, SUPPORTED_SCHEMA_TYPE);
      // remove auth configuration service too
      names.remove(AMAdminConstants.AUTH_CONFIG_SERVICE);
      names.remove(AMAdminConstants.CORE_AUTH_SERVICE);
      /*
      Creation and edit of instances of the Rest/Soap STS services handled by the STS tab.
       */
      names.remove(AMAdminConstants.REST_STS_SERVICE);
      names.remove(AMAdminConstants.SOAP_STS_SERVICE);

      logEvent("SUCCEED_GET_ASSIGNED_SERVICE_OF_REALM", param);
      return mapNameToDisplayName(names);
    } catch (AMConfigurationException e) {
      String strError = getErrorString(e);
      String[] paramsEx = {realmName, strError};
      logEvent("CONFIGURATION_EXCEPTION_GET_ASSIGNED_SERVICE_OF_REALM", paramsEx);
      throw new AMConsoleException(strError);
    } catch (SMSException e) {
      String strError = getErrorString(e);
      String[] paramsEx = {realmName, strError};
      logEvent("SMS_EXCEPTION_GET_ASSIGNED_SERVICE_OF_REALM", paramsEx);
      throw new AMConsoleException(strError);
    }
  }
  /**
   * Returns a map of service name to its display name that can be assigned to a realm.
   *
   * @param realmName Name of Realm.
   * @return a map of service name to its display name that can be assigned to a realm.
   * @throws AMConsoleException if service names cannot be obtained.
   */
  public Map getAssignableServiceNames(String realmName) throws AMConsoleException {
    String[] param = {realmName};
    logEvent("ATTEMPT_GET_ASSIGNABLE_SERVICE_OF_REALM", param);

    try {
      OrganizationConfigManager orgCfgMgr =
          new OrganizationConfigManager(getUserSSOToken(), realmName);
      Set names = orgCfgMgr.getAssignableServices();
      addIdentityUnassignedServices(realmName, names);
      names.removeAll(orgCfgMgr.getAssignedServices());

      AMAuthenticationManager mgr = new AMAuthenticationManager(getUserSSOToken(), realmName);
      AMAdminUtils.removeAllCaseIgnore(names, mgr.getAuthenticationServiceNames());
      removeNonDisplayableServices(names, SUPPORTED_SCHEMA_TYPE);
      names.remove(AMAdminConstants.CORE_AUTH_SERVICE);
      /*
      Creation and edit of instances of the Rest/Soap STS services handled by the STS tab.
       */
      names.remove(AMAdminConstants.REST_STS_SERVICE);
      names.remove(AMAdminConstants.SOAP_STS_SERVICE);
      logEvent("SUCCEED_GET_ASSIGNABLE_SERVICE_OF_REALM", param);
      return mapNameToDisplayName(names);
    } catch (AMConfigurationException e) {
      String strError = getErrorString(e);
      String[] paramsEx = {realmName, strError};
      logEvent("CONFIGURATION_EXCEPTION_GET_ASSIGNABLE_SERVICE_OF_REALM", paramsEx);
      if (debug.warningEnabled()) {
        debug.warning("ServicesModel.getAssignableServiceNames " + strError);
      }
      throw new AMConsoleException("no.properties");
    } catch (SMSException e) {
      String strError = getErrorString(e);
      String[] paramsEx = {realmName, strError};
      logEvent("SMS_EXCEPTION_GET_ASSIGNABLE_SERVICE_OF_REALM", paramsEx);
      throw new AMConsoleException(strError);
    }
  }
Beispiel #4
0
  /** {@inheritDoc} */
  @Override
  public void readInstance(
      final ServerContext context,
      final String resourceId,
      final ReadRequest request,
      final ResultHandler<Resource> handler) {

    RealmContext realmContext = context.asContext(RealmContext.class);
    String realmPath = realmContext.getResolvedRealm();

    Resource resource;
    JsonValue jval;
    String holdResourceId = checkForTopLevelRealm(resourceId);

    try {
      hasPermission(context);
      if (holdResourceId != null && !holdResourceId.startsWith("/")) {
        holdResourceId = "/" + holdResourceId;
      }
      if (!realmPath.equalsIgnoreCase("/")) {
        holdResourceId = realmPath + holdResourceId;
      }
      OrganizationConfigManager ocm = new OrganizationConfigManager(getSSOToken(), holdResourceId);
      // get associated services for this realm , include mandatory service names.
      Set serviceNames = ocm.getAssignedServices();
      jval = createJsonMessage(SERVICE_NAMES, serviceNames);

      String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);

      resource = new Resource(resourceId, String.valueOf(System.currentTimeMillis()), jval);
      if (debug.messageEnabled()) {
        debug.message(
            "RealmResource.readInstance :: READ : Successfully read realm, "
                + resourceId
                + " performed by "
                + principalName);
      }
      handler.handleResult(resource);

    } catch (SSOException sso) {
      debug.error("RealmResource.updateInstance() : Cannot READ " + resourceId, sso);
      handler.handleError(new PermanentException(401, "Access Denied", null));
    } catch (ForbiddenException fe) {
      debug.error("RealmResource.readInstance() : Cannot READ " + resourceId + ":" + fe);
      handler.handleError(fe);
    } catch (SMSException smse) {

      debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, smse);

      try {
        configureErrorMessage(smse);
      } catch (NotFoundException nf) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, nf);
        handler.handleError(nf);
      } catch (ForbiddenException fe) {
        // User does not have authorization
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, fe);
        handler.handleError(fe);
      } catch (PermanentException pe) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, pe);
        // Cannot recover from this exception
        handler.handleError(pe);
      } catch (ConflictException ce) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, ce);
        handler.handleError(ce);
      } catch (BadRequestException be) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, be);
        handler.handleError(be);
      } catch (Exception e) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, e);
        handler.handleError(new BadRequestException(e.getMessage(), e));
      }
    } catch (Exception e) {
      handler.handleError(new BadRequestException(e.getMessage(), e));
    }
  }