Example #1
0
  /**
   * Returns names of all realms included in the subtree rooted by the realm indicated in the query
   * url.
   *
   * <p>Names are unsorted and given as full paths.
   *
   * <p>Filtering, sorting, and paging of results is not supported.
   *
   * <p>{@inheritDoc}
   */
  @Override
  public void queryCollection(
      final ServerContext context, final QueryRequest request, final QueryResultHandler handler) {

    final String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
    final RealmContext realmContext = context.asContext(RealmContext.class);
    final String realmPath = realmContext.getResolvedRealm();

    try {

      final SSOTokenManager mgr = SSOTokenManager.getInstance();
      final SSOToken ssoToken = mgr.createSSOToken(getCookieFromServerContext(context));

      final OrganizationConfigManager ocm = new OrganizationConfigManager(ssoToken, realmPath);
      final List<String> realmsInSubTree = new ArrayList<String>();
      realmsInSubTree.add(realmPath);
      for (final Object subRealmRelativePath : ocm.getSubOrganizationNames("*", true)) {
        if (realmPath.endsWith("/")) {
          realmsInSubTree.add(realmPath + subRealmRelativePath);
        } else {
          realmsInSubTree.add(realmPath + "/" + subRealmRelativePath);
        }
      }

      debug.message("RealmResource :: QUERY : performed by " + principalName);

      for (final Object realmName : realmsInSubTree) {
        JsonValue val = new JsonValue(realmName);
        Resource resource = new Resource((String) realmName, "0", val);
        handler.handleResource(resource);
      }
      handler.handleResult(new QueryResult());

    } catch (SSOException ex) {
      debug.error("RealmResource :: QUERY by " + principalName + " failed : " + ex);
      handler.handleError(ResourceException.getException(ResourceException.FORBIDDEN));

    } catch (SMSException ex) {
      debug.error("RealmResource :: QUERY by " + principalName + " failed :" + ex);
      switch (ex.getExceptionCode()) {
        case STATUS_NO_PERMISSION:
          // This exception will be thrown if permission to read realms from SMS has not been
          // delegated
          handler.handleError(ResourceException.getException(ResourceException.FORBIDDEN));
          break;
        default:
          handler.handleError(ResourceException.getException(ResourceException.INTERNAL_ERROR));
          break;
      }
    }
  }
Example #2
0
  /** {@inheritDoc} */
  @Override
  public void createInstance(
      final ServerContext context,
      final CreateRequest request,
      final ResultHandler<Resource> handler) {

    RealmContext realmContext = context.asContext(RealmContext.class);
    String realmPath = realmContext.getResolvedRealm();

    Resource resource;
    String parentRealm;
    String childRealm;
    String realm = null;

    try {
      hasPermission(context);
      final JsonValue jVal = request.getContent();
      // get the realm
      realm = jVal.get("realm").asString();
      realm = checkForTopLevelRealm(realm);
      if (realm == null || realm.isEmpty()) {
        throw new BadRequestException("No realm name provided.");
      } else if (!realm.startsWith("/")) {
        realm = "/" + realm;
      }
      if (!realmPath.equalsIgnoreCase("/")) {
        // build realm to comply with format if not top level
        realm = realmPath + realm;
      }

      parentRealm = RealmUtils.getParentRealm(realm);
      childRealm = RealmUtils.getChildRealm(realm);

      OrganizationConfigManager ocm = new OrganizationConfigManager(getSSOToken(), parentRealm);

      Map defaultValues = createServicesMap(jVal);
      ocm.createSubOrganization(childRealm, defaultValues);
      String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
      debug.message(
          "RealmResource.createInstance :: CREATE of realm "
              + childRealm
              + " in realm "
              + parentRealm
              + " performed by "
              + principalName);

      // create a resource for handler to return
      OrganizationConfigManager realmCreated = new OrganizationConfigManager(getSSOToken(), realm);
      resource =
          new Resource(
              childRealm,
              String.valueOf(System.currentTimeMillis()),
              createJsonMessage("realmCreated", realmCreated.getOrganizationName()));
      handler.handleResult(resource);

    } catch (SMSException smse) {

      debug.error("RealmResource.createInstance() : Cannot find " + realm, smse);

      try {
        configureErrorMessage(smse);
      } catch (NotFoundException nf) {
        debug.error("RealmResource.createInstance() : Cannot find " + realm, nf);
        handler.handleError(nf);
      } catch (ForbiddenException fe) {
        // User does not have authorization
        debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, fe);
        handler.handleError(fe);
      } catch (PermanentException pe) {
        debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, pe);
        // Cannot recover from this exception
        handler.handleError(pe);
      } catch (ConflictException ce) {
        debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, ce);
        handler.handleError(ce);
      } catch (BadRequestException be) {
        debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, be);
        handler.handleError(be);
      } catch (Exception e) {
        debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, e);
        handler.handleError(new BadRequestException(e.getMessage(), e));
      }
    } catch (SSOException sso) {
      debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, sso);
      handler.handleError(new PermanentException(401, "Access Denied", null));
    } catch (ForbiddenException fe) {
      debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, fe);
      handler.handleError(fe);
    } catch (BadRequestException be) {
      debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, be);
      handler.handleError(be);
    } catch (PermanentException pe) {
      debug.error("RealmResource.createInstance() : Cannot CREATE " + realm, pe);
      // Cannot recover from this exception
      handler.handleError(pe);
    } catch (Exception e) {
      debug.error("RealmResource.createInstance()" + realm + ":" + e);
      handler.handleError(new BadRequestException(e.getMessage(), e));
    }
  }
Example #3
0
  /** {@inheritDoc} */
  @Override
  public void updateInstance(
      final ServerContext context,
      final String resourceId,
      final UpdateRequest request,
      final ResultHandler<Resource> handler) {

    RealmContext realmContext = context.asContext(RealmContext.class);
    String realmPath = realmContext.getResolvedRealm();

    final JsonValue realmDetails = request.getContent();
    Resource resource;
    String realm = null;
    OrganizationConfigManager ocm;
    OrganizationConfigManager realmCreatedOcm;

    String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);

    try {

      hasPermission(context);
      realm = checkForTopLevelRealm(resourceId);
      if (realm != null && !realm.startsWith("/")) {
        realm = "/" + realm;
      }
      if (!realmPath.equalsIgnoreCase("/")) {
        realm = realmPath + realm;
      }
      // The initial attempt to UPDATE a realm,
      // if the realm does not exist it must be created
      ocm = new OrganizationConfigManager(getSSOToken(), realm);
      List newServiceNames;
      // update ID_REPO attributes
      updateConfiguredServices(ocm, createServicesMap(realmDetails));
      newServiceNames = realmDetails.get(SERVICE_NAMES).asList();
      if (newServiceNames == null || newServiceNames.isEmpty()) {
        debug.error("RealmResource.updateInstance() : No Services defined.");
      } else {
        assignServices(ocm, newServiceNames); // assign services to realm
      }
      // READ THE REALM
      realmCreatedOcm = new OrganizationConfigManager(getSSOToken(), realm);

      debug.message(
          "RealmResource.updateInstance :: UPDATE of realm "
              + realm
              + " performed by "
              + principalName);

      // create a resource for handler to return
      resource =
          new Resource(
              realm,
              String.valueOf(System.currentTimeMillis()),
              createJsonMessage("realmUpdated", realmCreatedOcm.getOrganizationName()));
      handler.handleResult(resource);
    } catch (SMSException e) {
      try {
        configureErrorMessage(e);
      } catch (NotFoundException nfe) {
        if (debug.errorEnabled()) {
          debug.error(
              "RealmResource.updateInstance()"
                  + "Cannot find "
                  + resourceId
                  + ":"
                  + e
                  + "\n"
                  + "CREATING "
                  + resourceId);
        }
        // Realm was NOT found, therefore create the realm
        try {
          String parentRealm = RealmUtils.getParentRealm(realm);
          String childRealm = RealmUtils.getChildRealm(realm);
          ocm = new OrganizationConfigManager(getSSOToken(), parentRealm);
          // create the realm
          createOrganization(ocm, realmDetails, childRealm, realmPath);

          // read the realm to make sure that it has been created...
          realmCreatedOcm = new OrganizationConfigManager(getSSOToken(), realm);

          if (debug.messageEnabled()) {
            debug.message(
                "RealmResource.updateInstance :: UPDATE of realm "
                    + realm
                    + " performed by "
                    + principalName);
          }

          resource =
              new Resource(
                  childRealm,
                  String.valueOf(System.currentTimeMillis()),
                  createJsonMessage("realmCreated", realmCreatedOcm.getOrganizationName()));
          if (debug.messageEnabled()) {
            debug.message("RealmResource :: UPDATE : Updated resource with ID, " + resourceId);
          }
          handler.handleResult(resource);
        } catch (SMSException smse) {

          debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, smse);

          try {
            configureErrorMessage(smse);
          } catch (NotFoundException nf) {
            debug.error("RealmResource.updateInstance() : Cannot find " + resourceId, nf);
            handler.handleError(nf);
          } catch (ForbiddenException fe) {
            // User does not have authorization
            debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, fe);
            handler.handleError(fe);
          } catch (PermanentException pe) {
            debug.error("RealmResource.updateInstance() Cannot UPDATE " + resourceId, pe);
            // Cannot recover from this exception
            handler.handleError(pe);
          } catch (ConflictException ce) {
            debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, ce);
            handler.handleError(ce);
          } catch (BadRequestException be) {
            debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, be);
            handler.handleError(be);
          }
        } catch (Exception ex) {
          debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, ex);
          handler.handleError(new NotFoundException("Cannot update realm.", ex));
        }

      } catch (ForbiddenException fe) {
        // User does not have authorization
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, fe);
        handler.handleError(fe);
      } catch (PermanentException pe) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, pe);
        // Cannot recover from this exception
        handler.handleError(pe);
      } catch (ConflictException ce) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, ce);
        handler.handleError(ce);
      } catch (BadRequestException be) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, be);
        handler.handleError(be);
      } catch (Exception ex) {
        debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, ex);
        handler.handleError(new NotFoundException("Cannot update realm.", ex));
      }
    } catch (SSOException sso) {
      debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, sso);
      handler.handleError(new PermanentException(401, "Access Denied", null));
    } catch (ForbiddenException fe) {
      debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, fe);
      handler.handleError(fe);
    } catch (PermanentException pe) {
      debug.error("RealmResource.Instance() : Cannot UPDATE " + resourceId, pe);
      // Cannot recover from this exception
      handler.handleError(pe);
    } catch (Exception ex) {
      debug.error("RealmResource.updateInstance() : Cannot UPDATE " + resourceId, ex);
      handler.handleError(new NotFoundException("Cannot update realm.", ex));
    }
  }
Example #4
0
  /** {@inheritDoc} */
  @Override
  public void readInstance(
      final ServerContext context,
      final String resourceId,
      final ReadRequest request,
      final ResultHandler<Resource> handler) {

    RealmContext realmContext = context.asContext(RealmContext.class);
    String realmPath = realmContext.getResolvedRealm();

    Resource resource;
    JsonValue jval;
    String holdResourceId = checkForTopLevelRealm(resourceId);

    try {
      hasPermission(context);
      if (holdResourceId != null && !holdResourceId.startsWith("/")) {
        holdResourceId = "/" + holdResourceId;
      }
      if (!realmPath.equalsIgnoreCase("/")) {
        holdResourceId = realmPath + holdResourceId;
      }
      OrganizationConfigManager ocm = new OrganizationConfigManager(getSSOToken(), holdResourceId);
      // get associated services for this realm , include mandatory service names.
      Set serviceNames = ocm.getAssignedServices();
      jval = createJsonMessage(SERVICE_NAMES, serviceNames);

      String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);

      resource = new Resource(resourceId, String.valueOf(System.currentTimeMillis()), jval);
      if (debug.messageEnabled()) {
        debug.message(
            "RealmResource.readInstance :: READ : Successfully read realm, "
                + resourceId
                + " performed by "
                + principalName);
      }
      handler.handleResult(resource);

    } catch (SSOException sso) {
      debug.error("RealmResource.updateInstance() : Cannot READ " + resourceId, sso);
      handler.handleError(new PermanentException(401, "Access Denied", null));
    } catch (ForbiddenException fe) {
      debug.error("RealmResource.readInstance() : Cannot READ " + resourceId + ":" + fe);
      handler.handleError(fe);
    } catch (SMSException smse) {

      debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, smse);

      try {
        configureErrorMessage(smse);
      } catch (NotFoundException nf) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, nf);
        handler.handleError(nf);
      } catch (ForbiddenException fe) {
        // User does not have authorization
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, fe);
        handler.handleError(fe);
      } catch (PermanentException pe) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, pe);
        // Cannot recover from this exception
        handler.handleError(pe);
      } catch (ConflictException ce) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, ce);
        handler.handleError(ce);
      } catch (BadRequestException be) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, be);
        handler.handleError(be);
      } catch (Exception e) {
        debug.error("RealmResource.readInstance() : Cannot READ " + resourceId, e);
        handler.handleError(new BadRequestException(e.getMessage(), e));
      }
    } catch (Exception e) {
      handler.handleError(new BadRequestException(e.getMessage(), e));
    }
  }
Example #5
0
  /** {@inheritDoc} */
  @Override
  public void deleteInstance(
      final ServerContext context,
      final String resourceId,
      final DeleteRequest request,
      final ResultHandler<Resource> handler) {

    RealmContext realmContext = context.asContext(RealmContext.class);
    String realmPath = realmContext.getResolvedRealm();

    boolean recursive = false;
    Resource resource;
    String holdResourceId = checkForTopLevelRealm(resourceId);

    try {
      hasPermission(context);

      if (holdResourceId != null && !holdResourceId.startsWith("/")) {
        holdResourceId = "/" + holdResourceId;
      }
      if (!realmPath.equalsIgnoreCase("/")) {
        holdResourceId = realmPath + holdResourceId;
      }
      OrganizationConfigManager ocm = new OrganizationConfigManager(getSSOToken(), holdResourceId);
      ocm.deleteSubOrganization(null, recursive);
      String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
      debug.message(
          "RealmResource.deleteInstance :: DELETE of realm "
              + holdResourceId
              + " performed by "
              + principalName);
      // handle resource
      resource = new Resource(resourceId, "0", createJsonMessage("success", "true"));
      handler.handleResult(resource);
    } catch (SMSException smse) {
      try {
        configureErrorMessage(smse);
      } catch (NotFoundException nf) {
        debug.error("RealmResource.deleteInstance() : Cannot find " + resourceId + ":" + smse);
        handler.handleError(nf);
      } catch (ForbiddenException fe) {
        // User does not have authorization
        debug.error("RealmResource.deleteInstance() : Cannot DELETE " + resourceId + ":" + smse);
        handler.handleError(fe);
      } catch (PermanentException pe) {
        debug.error("RealmResource.deleteInstance() : Cannot DELETE " + resourceId + ":" + smse);
        // Cannot recover from this exception
        handler.handleError(pe);
      } catch (ConflictException ce) {
        debug.error("RealmResource.deleteInstance() : Cannot DELETE " + resourceId + ":" + smse);
        handler.handleError(ce);
      } catch (BadRequestException be) {
        debug.error("RealmResource.deleteInstance() : Cannot DELETE " + resourceId + ":" + smse);
        handler.handleError(be);
      } catch (Exception e) {
        handler.handleError(new BadRequestException(e.getMessage(), e));
      }
    } catch (SSOException sso) {
      debug.error("RealmResource.updateInstance() : Cannot DELETE " + resourceId + ":" + sso);
      handler.handleError(new PermanentException(401, "Access Denied", null));
    } catch (ForbiddenException fe) {
      debug.error("RealmResource.updateInstance() : Cannot DELETE " + resourceId + ":" + fe);
      handler.handleError(fe);
    } catch (Exception e) {
      handler.handleError(new BadRequestException(e.getMessage(), e));
    }
  }