001: /**
002: * Copyright 2003 Sun Microsystems, Inc. All
003: * rights reserved. Use of this product is subject
004: * to license terms. Federal Acquisitions:
005: * Commercial Software -- Government Users
006: * Subject to Standard License Terms and
007: * Conditions.
008: *
009: * Sun, Sun Microsystems, the Sun logo, and Sun ONE
010: * are trademarks or registered trademarks of Sun Microsystems,
011: * Inc. in the United States and other countries.
012: */package com.sun.portal.wsrp.producer;
013:
014: import java.util.Map;
015: import java.util.HashMap;
016: import java.util.Set;
017: import java.util.HashSet;
018: import java.util.Iterator;
019: import java.util.Collections;
020:
021: import javax.servlet.http.HttpServletRequest;
022:
023: import com.iplanet.sso.SSOToken;
024: import com.iplanet.sso.SSOTokenManager;
025: import com.iplanet.sso.SSOException;
026:
027: import com.iplanet.am.sdk.AMConstants;
028: import com.iplanet.am.sdk.AMStoreConnection;
029: import com.iplanet.am.sdk.AMObject;
030: import com.iplanet.am.sdk.AMUser;
031: import com.iplanet.am.sdk.AMRole;
032: import com.iplanet.am.sdk.AMOrganization;
033: import com.iplanet.am.sdk.AMTemplate;
034: import com.iplanet.am.sdk.AMException;
035: import com.iplanet.am.sdk.AMOrganizationalUnit;
036: import com.iplanet.am.sdk.AMPeopleContainer;
037: import com.sun.identity.sm.SMSException;
038: import com.sun.identity.sm.ServiceListener;
039: import com.sun.identity.sm.ServiceSchema;
040: import com.sun.identity.sm.ServiceSchemaManager;
041: import com.sun.identity.sm.ServiceConfigManager;
042:
043: import com.sun.portal.desktop.context.DSAMEMultiPortalConstants;
044: import com.sun.portal.util.SSOUtil;
045:
046: public class ISConnection implements ISConstants {
047: private static ISConnection adminISConnection = null;
048: private static SSOToken adminToken = null;
049: private static SSOTokenManager tokenManager = null;
050:
051: private AMStoreConnection connection = null;
052: private ServiceSchema schema = null;
053: private ServiceSchemaManager schemaManager = null;
054: private ServiceConfigManager configManager = null;
055: private String portalId = null;
056:
057: private ISConnection() throws ProducerException {
058: // nothing, cannot be called
059: }
060:
061: public ISConnection(SSOToken token) throws ProducerException {
062: getConnection(token);
063: getSchema(token);
064: }
065:
066: public ISConnection(SSOToken token, String portalId)
067: throws ProducerException {
068: this .portalId = portalId;
069: getConnection(token);
070: getSchema(token);
071: }
072:
073: public ISConnection(HttpServletRequest req)
074: throws ProducerException {
075: SSOToken token = null;
076:
077: try {
078: token = getSSOTokenManager().createSSOToken(req);
079: } catch (SSOException ssoe) {
080: throw new ProducerException(ssoe);
081: }
082:
083: getConnection(token);
084: getSchema(token);
085: }
086:
087: private void getConnection(SSOToken token) throws ProducerException {
088: try {
089: connection = new AMStoreConnection(token);
090: } catch (SSOException ssoe) {
091: throw new ProducerException(ssoe);
092: }
093: }
094:
095: private void getSchema(SSOToken token) throws ProducerException {
096: try {
097: ISMultiPortalConstants ismpc = null;
098: if (portalId == null) {
099: ismpc = ISMultiPortalConstants.getInstance();
100: } else {
101: ismpc = ISMultiPortalConstants.getInstance(portalId);
102: }
103: schemaManager = new ServiceSchemaManager(
104: ismpc.MP_SUN_WSRP_PRODUCER_SERVICE, token);
105: configManager = new ServiceConfigManager(
106: ismpc.MP_SUN_WSRP_PRODUCER_SERVICE, token);
107: schema = schemaManager.getGlobalSchema();
108: } catch (SSOException ssoe) {
109: throw new ProducerException(ssoe);
110: } catch (SMSException smse) {
111: throw new ProducerException(smse);
112: }
113: }
114:
115: public static synchronized SSOToken getAdminToken()
116: throws ProducerException {
117: if (adminToken == null) {
118: adminToken = SSOUtil.getAdminSSOToken();
119: }
120:
121: return adminToken;
122: }
123:
124: private static synchronized SSOTokenManager getSSOTokenManager()
125: throws ProducerException {
126: if (tokenManager == null) {
127: try {
128: tokenManager = SSOTokenManager.getInstance();
129: if (tokenManager == null) {
130: throw new ProducerException(
131: "failed to get sso token manager, was null");
132: }
133: } catch (SSOException se) {
134: throw new ProducerException(
135: "failed to get sso token manager", se);
136: }
137: }
138:
139: return tokenManager;
140: }
141:
142: public String getGlobalStringAttribute(String attributeName)
143: throws ProducerException {
144: Set vals = getGlobalAttribute(attributeName);
145: if (vals == null || vals.size() < 1) {
146: return null;
147: }
148:
149: Iterator iter = vals.iterator();
150: String val = (String) iter.next();
151:
152: return val;
153: }
154:
155: public Set getGlobalAttribute(String attributeName)
156: throws ProducerException {
157: Map attrs = getGlobalAttributes();
158: Set vals = (Set) attrs.get(attributeName);
159: return vals;
160: }
161:
162: public Map getGlobalAttributes() throws ProducerException {
163: Map attrs = null;
164: attrs = schema.getAttributeDefaults();
165:
166: return attrs;
167: }
168:
169: public void addConfigListener(ServiceListener listener)
170: throws ProducerException {
171: configManager.addListener(listener);
172: }
173:
174: public void setGlobalStringAttribute(String attributeName,
175: String val) throws ProducerException {
176: Set vals = new HashSet();
177: vals.add(val);
178: setGlobalAttribute(attributeName, vals);
179: }
180:
181: public void setGlobalAttribute(String attributeName, Set vals)
182: throws ProducerException {
183: try {
184: schema.setAttributeDefaults(attributeName, vals);
185: } catch (SMSException smse) {
186: throw new ProducerException(
187: "could not set global attribute attributeName="
188: + attributeName + ", vals=" + vals, smse);
189: } catch (SSOException ssoe) {
190: throw new ProducerException(
191: "could not set global attribute attributeName="
192: + attributeName + ", vals=" + vals, ssoe);
193: }
194:
195: }
196:
197: private AMObject getAMObject(String dn) throws ProducerException {
198: AMObject amo = null;
199:
200: try {
201: if (!connection.isValidEntry(dn)) {
202: throw new ProducerException("not valid entry dn=" + dn);
203: }
204:
205: int objType = connection.getAMObjectType(dn);
206: switch (objType) {
207: case AMObject.ORGANIZATION:
208: amo = connection.getOrganization(dn);
209: break;
210:
211: case AMObject.ORGANIZATIONAL_UNIT:
212: amo = connection.getOrganizationalUnit(dn);
213: break;
214:
215: case AMObject.ROLE:
216: amo = connection.getRole(dn);
217: break;
218:
219: case AMObject.FILTERED_ROLE:
220: amo = connection.getFilteredRole(dn);
221: break;
222:
223: case AMObject.USER:
224: amo = connection.getUser(dn);
225: break;
226:
227: default:
228: throw new ProducerException(
229: "unknown AM object type, dn=" + dn
230: + ", objType=" + objType);
231: }
232: } catch (SSOException ssoe) {
233: throw new ProducerException(ssoe);
234: } catch (AMException ame) {
235: throw new ProducerException(ame);
236: }
237:
238: return amo;
239:
240: }
241:
242: public Map getAttributes(String dn) throws ProducerException {
243: Map attrs = null;
244:
245: try {
246: AMObject amo = getAMObject(dn);
247: attrs = amo.getAttributes();
248: } catch (SSOException ssoe) {
249: throw new ProducerException(ssoe);
250: } catch (AMException ame) {
251: throw new ProducerException(ame);
252: }
253:
254: return attrs;
255: }
256:
257: public Set getAttribute(String dn, String attributeName)
258: throws ProducerException {
259: Set vals = null;
260:
261: try {
262: AMObject amo = getAMObject(dn);
263: vals = amo.getAttribute(attributeName);
264: } catch (SSOException ssoe) {
265: throw new ProducerException(ssoe);
266: } catch (AMException ame) {
267: throw new ProducerException(ame);
268: }
269:
270: return vals;
271: }
272:
273: public String getStringAttribute(String dn, String attributeName)
274: throws ProducerException {
275: Set vals = getAttribute(dn, attributeName);
276: if (vals == null || vals.size() < 1) {
277: return null;
278: }
279:
280: Iterator iter = vals.iterator();
281: String val = (String) iter.next();
282:
283: return val;
284: }
285:
286: public void setStringAttribute(String dn, String attributeName,
287: String val) throws ProducerException {
288: try {
289: AMObject amo = getAMObject(dn);
290: amo.setStringAttribute(attributeName, val);
291: amo.store();
292: } catch (SSOException ssoe) {
293: throw new ProducerException(ssoe);
294: } catch (AMException ame) {
295: throw new ProducerException(ame);
296: }
297: }
298:
299: public void setAttribute(String dn, String attributeName, Set vals)
300: throws ProducerException {
301: Map attrs = Collections.singletonMap(attributeName, vals);
302: setAttributes(dn, attrs);
303: }
304:
305: public void setAttributes(String dn, Map attributes)
306: throws ProducerException {
307: try {
308: AMObject amo = getAMObject(dn);
309: amo.setAttributes(attributes);
310: amo.store();
311: } catch (SSOException ssoe) {
312: throw new ProducerException(ssoe);
313: } catch (AMException ame) {
314: throw new ProducerException(ame);
315: }
316: }
317:
318: public boolean isValidEntry(String dn) throws ProducerException {
319: try {
320: if (!connection.isValidEntry(dn)) {
321: return false;
322: }
323:
324: return true;
325: } catch (SSOException ssoe) {
326: throw new ProducerException(ssoe);
327: }
328: }
329:
330: public void delete(String dn) throws ProducerException {
331: try {
332: AMObject amo = getAMObject(dn);
333: if (amo.isExists()) {
334: amo.delete(true);
335: }
336: } catch (AMException ame) {
337: throw new ProducerException(ame);
338: } catch (SSOException ssoe) {
339: throw new ProducerException(ssoe);
340: }
341: }
342:
343: public Set getSubOUNames(String parentOUDN)
344: throws ProducerException {
345: try {
346: AMOrganizationalUnit parentOU = connection
347: .getOrganizationalUnit(parentOUDN);
348: Set subOUNames = parentOU
349: .getSubOrganizationalUnits(AMConstants.SCOPE_ONE);
350:
351: return subOUNames;
352: } catch (AMException ame) {
353: throw new ProducerException(ame);
354: } catch (SSOException ssoe) {
355: throw new ProducerException(ssoe);
356: }
357: }
358:
359: public void createOUUnderOU(String parentOUDN, String ouName,
360: Set newObjectClasses, Set services, Map attrs)
361: throws ProducerException {
362: String ouDN = null;
363:
364: try {
365: if (!isValidEntry(parentOUDN)) {
366: throw new ProducerException(
367: "could not validate parent ou, parentOUDN="
368: + parentOUDN);
369: }
370:
371: ouDN = "ou=" + ouName + "," + parentOUDN;
372:
373: if (isValidEntry(ouDN)) {
374: throw new ProducerException("OU already existed, ouDN="
375: + ouDN);
376: }
377:
378: Set ouNames = Collections.singleton(ouName);
379:
380: AMOrganizationalUnit parentOU = connection
381: .getOrganizationalUnit(parentOUDN);
382: parentOU.createSubOrganizationalUnits(ouNames);
383: parentOU.store();
384:
385: if (!isValidEntry(ouDN)) {
386: throw new ProducerException(
387: "could not create OU, ouDN=" + ouDN);
388: }
389:
390: AMOrganizationalUnit ou = connection
391: .getOrganizationalUnit(ouDN);
392:
393: if (newObjectClasses != null) {
394: Set objectClasses = ou.getAttribute(ATTR_OBJECT_CLASS);
395: objectClasses.addAll(newObjectClasses);
396:
397: //debug.error("ISConnection.createOUUnderOU(): objectClasses=" + objectClasses);
398:
399: ou.setAttributes(Collections.singletonMap(
400: ATTR_OBJECT_CLASS, objectClasses));
401: ou.store();
402: }
403:
404: if (services != null) {
405: for (Iterator i = services.iterator(); i.hasNext();) {
406: String serviceName = (String) i.next();
407: ou.registerService(serviceName, true, true);
408: ou.createTemplate(AMTemplate.ORGANIZATION_TEMPLATE,
409: serviceName, null);
410:
411: //debug.error("ISConnection.createOUUnderOU(): registered / assigned serivceName=" + serviceName);
412: }
413: ou.store();
414: }
415:
416: //Map setAttrs = parentOU.getAttributes();
417: //debug.error("ISConnection.createOUUnderOU(): setAttrs=" + setAttrs);
418:
419: if (attrs != null) {
420: //debug.error("ISConnection.createOUUnderOU(): attrs=" + attrs);
421: ou.setAttributes(attrs);
422: ou.store();
423: }
424: } catch (AMException ame) {
425: throw new ProducerException(ame);
426: } catch (SSOException ssoe) {
427: throw new ProducerException(ssoe);
428: }
429:
430: }
431:
432: public void createUser(String peopleContainerDN, String userName,
433: Set newObjectClasses, Map attrs, String instance)
434: throws ProducerException {
435: String userDN = null;
436:
437: try {
438: if (!isValidEntry(peopleContainerDN)) {
439: throw new ProducerException(
440: "could not validate people container, peopleContainerDN="
441: + peopleContainerDN);
442: }
443:
444: AMPeopleContainer peopleContainer = connection
445: .getPeopleContainer(peopleContainerDN);
446:
447: userDN = "uid=" + userName + "," + peopleContainerDN;
448:
449: if (isValidEntry(userDN)) {
450: throw new ProducerException(
451: "user already exists, userDN=" + userDN);
452: }
453:
454: Set users = Collections.singleton(userName);
455: peopleContainer.createUsers(users);
456:
457: if (!isValidEntry(userDN)) {
458: throw new ProducerException(
459: "could not create user, userDN=" + userDN);
460: }
461:
462: AMUser user = connection.getUser(userDN);
463:
464: if (newObjectClasses != null) {
465: Set objectClasses = user
466: .getAttribute(ATTR_OBJECT_CLASS);
467: objectClasses.addAll(newObjectClasses);
468: user.setAttributes(Collections.singletonMap(
469: ATTR_OBJECT_CLASS, objectClasses));
470: user.store();
471: }
472:
473: if (attrs != null) {
474: user.setAttributes(attrs);
475: user.store();
476: }
477: String registrationHandle = getRegistrationHandle(peopleContainerDN);
478: addUserToWSRPRole(
479: getWSRPServiceAssignedOrg(peopleContainerDN), user,
480: instance, registrationHandle);
481:
482: } catch (AMException ame) {
483: throw new ProducerException(ame);
484: } catch (SSOException ssoe) {
485: throw new ProducerException(ssoe);
486: }
487: }
488:
489: public void createRole(String orgDN, String regHandle,
490: String instance, Set newObjectClasses, Map attrs)
491: throws ProducerException {
492: String roleDN = null;
493: try {
494: if (!isValidEntry(orgDN)) {
495: throw new ProducerException(
496: "could not validate organization, orgDN="
497: + orgDN);
498: }
499:
500: AMOrganization organization = connection
501: .getOrganization(orgDN);
502:
503: roleDN = ProducerDN.getProducersRoleDN(orgDN, instance,
504: regHandle, portalId);
505: String roleName = ProducerDN.getProducersRoleName(instance,
506: regHandle, portalId);
507:
508: if (isValidEntry(roleDN)) {
509: throw new ProducerException(
510: "role already exists, roleDN=" + roleDN);
511: }
512:
513: Set roles = Collections.singleton(roleName);
514: organization.createRoles(roles);
515:
516: if (!isValidEntry(roleDN)) {
517: throw new ProducerException(
518: "could not create role, roleDN=" + roleDN);
519: }
520:
521: AMRole role = connection.getRole(roleDN);
522:
523: if (newObjectClasses != null) {
524: Set objectClasses = role
525: .getAttribute(ATTR_OBJECT_CLASS);
526: objectClasses.addAll(newObjectClasses);
527: role.setAttributes(Collections.singletonMap(
528: ATTR_OBJECT_CLASS, objectClasses));
529: role.store();
530: }
531:
532: if (attrs != null) {
533: role.setAttributes(attrs);
534: role.store();
535: }
536:
537: DSAMEMultiPortalConstants dmc = null;
538:
539: if (portalId == null) {
540: dmc = DSAMEMultiPortalConstants.getInstance();
541: } else {
542: DSAMEMultiPortalConstants.createInstance(portalId);
543: dmc = DSAMEMultiPortalConstants.getInstance(portalId);
544: }
545:
546: Map parentAttributes = getParentAttributes(organization,
547: dmc);
548: role.createTemplate(AMTemplate.DYNAMIC_TEMPLATE,
549: dmc.MP_SUN_DESKTOP_SERVICE, parentAttributes);
550: } catch (AMException ame) {
551: throw new ProducerException(ame);
552: } catch (SSOException ssoe) {
553: throw new ProducerException(ssoe);
554: } catch (UnsupportedOperationException oe) {
555: throw new ProducerException(oe);
556: }
557: }
558:
559: private void addUserToWSRPRole(String orgDN, AMUser user,
560: String instance, String registrationHandle)
561: throws ProducerException {
562: try {
563: AMOrganization org = connection.getOrganization(orgDN);
564: String producerRoleDN = ProducerDN.getProducersRoleDN(
565: orgDN, instance, registrationHandle, portalId);
566:
567: AMRole wsrpRole = null;
568:
569: wsrpRole = connection.getRole(producerRoleDN);
570:
571: if (!wsrpRole.isExists()) {
572: throw new ProducerException("WSRP Role does not exist="
573: + producerRoleDN);
574: }
575:
576: Set users = Collections.singleton(user.getDN());
577: wsrpRole.addUsers(users);
578:
579: } catch (AMException ame) {
580: throw new ProducerException(ame);
581: } catch (SSOException e) {
582: throw new ProducerException(e.getMessage(), e);
583: }
584:
585: }
586:
587: private String getWSRPServiceAssignedOrg(String rDN) {
588: String lowercaseDN = rDN.toLowerCase();
589: ISMultiPortalConstants ismpc = null;
590: if (portalId == null) {
591: ismpc = ISMultiPortalConstants.getInstance();
592: } else {
593: ismpc = ISMultiPortalConstants.getInstance(portalId);
594: }
595: int index = lowercaseDN.indexOf("ou="
596: + ismpc.MP_RDN_PRODUCER.toLowerCase());
597: if (index != -1) {
598: return rDN.substring(index + ismpc.MP_RDN_PRODUCER.length()
599: + 4);
600: }
601: return rDN;
602: }
603:
604: private String getRegistrationHandle(String peopleDN) {
605: String lowercaseDN = peopleDN.toLowerCase();
606: int index = lowercaseDN.indexOf("ou=people,");
607: if (index != -1) {
608: String parseDN = peopleDN.substring(index + 10, lowercaseDN
609: .length());
610: index = parseDN.indexOf(",");
611: if (index != -1)
612: return parseDN.substring(3, index);
613: }
614: return peopleDN;
615: }
616:
617: public static synchronized void addUserToWSRPRole(SSOToken token,
618: String userDN, String roleDN) throws ProducerException {
619: try {
620: AMStoreConnection connection = new AMStoreConnection(token);
621:
622: //Check for user existence in the role
623: //We are assuming that user is existing as we are getting user token
624: Set roles = connection.getUser(userDN).getRoleDNs();
625: if (roles.contains(roleDN)) {
626: return;
627: }
628:
629: //Add user in the role
630: AMRole wsrpRole = connection.getRole(roleDN);
631: wsrpRole.addUsers(Collections.singleton(userDN));
632: } catch (AMException ame) {
633: throw new ProducerException(ame);
634: } catch (SSOException e) {
635: throw new ProducerException(e.getMessage(), e);
636: }
637: }
638:
639: public boolean checkUserInRole(String userDN, String roleDN)
640: throws ProducerException {
641: try {
642: AMUser user = null;
643: if (connection.isValidEntry(userDN)) {
644: user = connection.getUser(userDN);
645: }
646: Set roles = user.getRoleDNs();
647: if (roles.contains(roleDN)) {
648: return true;
649: }
650: return false;
651: } catch (AMException ame) {
652: throw new ProducerException(ame);
653: } catch (SSOException e) {
654: throw new ProducerException(e.getMessage(), e);
655: }
656: }
657:
658: private Map getParentAttributes(AMOrganization org,
659: DSAMEMultiPortalConstants dmc) throws ProducerException {
660: Map result = new HashMap();
661: try {
662: Set value = null;
663: String parentValue = null;
664: Set attribute = null;
665:
666: AMTemplate desktopTemplate = org.getTemplate(
667: dmc.MP_SUN_DESKTOP_SERVICE,
668: AMTemplate.DYNAMIC_TEMPLATE);
669: value = desktopTemplate
670: .getAttribute(dmc.MP_ATTR_DESKTOP_TYPE);
671:
672: Iterator it = value.iterator();
673: if (it.hasNext()) {
674: parentValue = it.next().toString();
675: attribute = new HashSet();
676: attribute.add(parentValue);
677: result.put(dmc.MP_ATTR_DESKTOP_TYPE, attribute);
678: }
679:
680: value = desktopTemplate
681: .getAttribute(dmc.MP_ATTR_DEFAULTCHANNELNAME);
682: it = value.iterator();
683:
684: if (it.hasNext()) {
685: parentValue = it.next().toString();
686: attribute = new HashSet();
687: attribute.add(parentValue);
688: result.put(dmc.MP_ATTR_DEFAULTCHANNELNAME, attribute);
689: }
690:
691: value = desktopTemplate
692: .getAttribute(dmc.MP_ATTR_EDITPROVIDERCONTAINERNAME);
693: it = value.iterator();
694:
695: if (it.hasNext()) {
696: parentValue = it.next().toString();
697: attribute = new HashSet();
698: attribute.add(parentValue);
699: result.put(dmc.MP_ATTR_EDITPROVIDERCONTAINERNAME,
700: attribute);
701: }
702:
703: } catch (AMException ame) {
704: throw new ProducerException(ame);
705: } catch (SSOException e) {
706: throw new ProducerException(e.getMessage(), e);
707: }
708: return result;
709: }
710:
711: public void reinitializeSSOToken(SSOToken token)
712: throws ProducerException {
713: getConnection(token);
714: getSchema(token);
715: }
716:
717: }
|