Package org.jboss.identity.idm.impl.model.ldap

Examples of org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl

294
295
296
297
298
299
300
301
302
303
304
305
306
      if (log.isLoggable(Level.FINER))
      {
         log.finer(toString() + ".removeIdentityObject: " + identity);
      }

      LDAPIdentityObjectImpl ldapIdentity = getSafeLDAPIO(invocationCtx, identity);

      String dn = ldapIdentity.getDn();

      if (dn == null)
      {
         throw new IdentityException("Cannot obtain DN of identity");
      }
View Full Code Here
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
      //TODO: relationshipType is ignored - maybe check and allow only MEMBERSHIP?



      LDAPIdentityObjectImpl ldapFromIO = getSafeLDAPIO(ctx, identity);

      LDAPIdentityObjectTypeConfiguration typeConfig = getTypeConfiguration(ctx, identity.getIdentityType());

      LdapContext ldapContext = getLDAPContext(ctx);

      List<IdentityObject> objects = new LinkedList<IdentityObject>();

      try
      {

         // If parent simply look for all its members
         if (parent)
         {
            if (typeConfig.getMembershipAttributeName() == null)
            {
               throw new IdentityException("Membership attribute name not configured. Given IdentityObjectType cannot have" +
                  "members: " + identity.getIdentityType().getName());
            }

            Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn());
            Attribute member = attrs.get(typeConfig.getMembershipAttributeName());

            if (member != null)
            {
               NamingEnumeration memberValues = member.getAll();
               while (memberValues.hasMoreElements())
               {
                  String memberRef = memberValues.nextElement().toString();

                  if (typeConfig.isMembershipAttributeDN())
                  {
                     //TODO: use direct LDAP query instaed of other find method and add attributesFilter

                     if (constraints != null && constraints.getFilter() != null)
                     {
                        String name = Tools.stripDnToName(memberRef);
                        String regex = Tools.wildcardToRegex(constraints.getFilter());

                        if (Pattern.matches(regex, name))
                        {
                           objects.add(findIdentityObject(ctx, memberRef));
                        }
                     }
                     else
                     {
                        objects.add(findIdentityObject(ctx, memberRef));
                     }
                  }
                  else
                  {
                     //TODO: if relationships are not refered with DNs and only names its not possible to map
                     //TODO: them to proper IdentityType and keep name uniqnes per type. Workaround needed
                     throw new NotYetImplementedException("LDAP limitation. If relationship targets are not refered with FQDNs " +
                        "and only names, it's not possible to map them to proper IdentityType and keep name uniqnes per type. " +
                        "Workaround needed");
                  }
                  //break;
               }
            }
         }

         // if not parent then all parent entries need to be found
         else
         {
            // Search in all other type contexts
            for (IdentityObjectType parentType : configuration.getConfiguredTypes())
            {
               checkIOType(parentType);

               LDAPIdentityObjectTypeConfiguration parentTypeConfiguration = getTypeConfiguration(ctx, parentType);

               List<String> allowedTypes = Arrays.asList(parentTypeConfiguration.getAllowedMembershipTypes());

               // Check if given identity type can be parent
               if (!allowedTypes.contains(identity.getIdentityType().getName()))
               {
                  continue;
               }

               String nameFilter = "*";

               //Filter by name
               if (constraints != null && constraints.getFilter() != null)
               {
                  nameFilter = constraints.getFilter();
               }

               Control[] requestControls = null;

               StringBuilder af = new StringBuilder();

               // Filter by attribute values
               if (constraints != null && constraints.isFiltered())
               {
                  af.append("(&");

                  for (Map.Entry<String, String[]> stringEntry : constraints.getValues().entrySet())
                  {
                     for (String value : stringEntry.getValue())
                     {
                        af.append("(")
                           .append(stringEntry.getKey())
                           .append("=")
                           .append(value)
                           .append(")");
                     }
                  }

                  af.append(")");
               }

               // Add filter to search only parents of the given entry
               af.append("(")
                  .append(parentTypeConfiguration.getMembershipAttributeName())
                  .append("=");
               if (parentTypeConfiguration.isMembershipAttributeDN())
               {
                  af.append(ldapFromIO.getDn());
               }
               else
               {
                  //TODO: this doesn't make much sense unless parent/child are same identity types and resides in the same LDAP context
                  af.append(ldapFromIO.getName());
               }
               af.append(")");


               String filter = parentTypeConfiguration.getEntrySearchFilter();
View Full Code Here
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
   {
      //TODO: relationshipType is ignored - maybe check and allow only MEMBERSHIP?



      LDAPIdentityObjectImpl ldapIO = getSafeLDAPIO(ctx, identity);

      LDAPIdentityObjectTypeConfiguration typeConfig = getTypeConfiguration(ctx, identity.getIdentityType());

      LdapContext ldapContext = getLDAPContext(ctx);

      Set<IdentityObjectRelationship> relationships = new HashSet<IdentityObjectRelationship>();

      try
      {

         // If parent simply look for all its members
         if (parent)
         {
            Attributes attrs = ldapContext.getAttributes(ldapIO.getDn());
            Attribute member = attrs.get(typeConfig.getMembershipAttributeName());

            if (member != null)
            {
               NamingEnumeration memberValues = member.getAll();
               while (memberValues.hasMoreElements())
               {
                  String memberRef = memberValues.nextElement().toString();

                  if (typeConfig.isMembershipAttributeDN())
                  {
                     //TODO: use direct LDAP query instaed of other find method and add attributesFilter


                     relationships.add(new LDAPIdentityObjectRelationshipImpl(null, ldapIO, findIdentityObject(ctx, memberRef)));

                  }
                  else
                  {
                     //TODO: if relationships are not refered with DNs and only names its not possible to map
                     //TODO: them to proper IdentityType and keep name uniqnes per type. Workaround needed
                     throw new NotYetImplementedException("LDAP limitation. If relationship targets are not refered with FQDNs " +
                        "and only names, it's not possible to map them to proper IdentityType and keep name uniqnes per type. " +
                        "Workaround needed");
                  }
                  //break;
               }
            }
         }

         // if not parent then all parent entries need to be found
         else
         {
            // Search in all other type contexts
            for (IdentityObjectType parentType : configuration.getConfiguredTypes())
            {
               checkIOType(parentType);

               LDAPIdentityObjectTypeConfiguration parentTypeConfiguration = getTypeConfiguration(ctx, parentType);

               List<String> allowedTypes = Arrays.asList(parentTypeConfiguration.getAllowedMembershipTypes());

               // Check if given identity type can be parent
               if (!allowedTypes.contains(identity.getIdentityType().getName()))
               {
                  continue;
               }

               String nameFilter = "*";

               //Filter by name
               Control[] requestControls = null;

               StringBuilder af = new StringBuilder();


               // Add filter to search only parents of the given entry
               af.append("(")
                  .append(parentTypeConfiguration.getMembershipAttributeName())
                  .append("=");
               if (parentTypeConfiguration.isMembershipAttributeDN())
               {
                  af.append(ldapIO.getDn());
               }
               else
               {
                  //TODO: this doesn't make much sense unless parent/child are same identity types and resides in the same LDAP context
                  af.append(ldapIO.getName());
               }
               af.append(")");


               String filter = parentTypeConfiguration.getEntrySearchFilter();
View Full Code Here
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
         );
      }

      LDAPIdentityObjectRelationshipImpl relationship = null;

      LDAPIdentityObjectImpl ldapFromIO =  getSafeLDAPIO(ctx, fromIdentity);

      LDAPIdentityObjectImpl ldapToIO = getSafeLDAPIO(ctx, toIdentity);

      LDAPIdentityObjectTypeConfiguration fromTypeConfig = getTypeConfiguration(ctx, fromIdentity.getIdentityType());

      LdapContext ldapContext = getLDAPContext(ctx);

      // Check posibilities
      if (!getSupportedFeatures().isRelationshipTypeSupported(fromIdentity.getIdentityType(), toIdentity.getIdentityType(), relationshipType))
      {
         throw new IdentityException("Relationship not supported. RelationshipType[ " + relationshipType + " ] " +
            "beetween: [ " + fromIdentity.getIdentityType().getName() + " ] and [ " + toIdentity.getIdentityType().getName() + " ]");
      }

      try
      {
         // Construct new member attribute values
         Attributes attrs = new BasicAttributes(true);

         Attribute member = new BasicAttribute(fromTypeConfig.getMembershipAttributeName());

         if (fromTypeConfig.isMembershipAttributeDN())
         {
            member.add(ldapToIO.getDn());
         }
         else
         {
            member.add(toIdentity.getName());
         }
View Full Code Here
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
            + "; toIdentity: " + toIdentity
            + "; relationshipType: " + relationshipType
         );
      }

      LDAPIdentityObjectImpl ldapFromIO = getSafeLDAPIO(ctx, fromIdentity);
      LDAPIdentityObjectImpl ldapToIO = getSafeLDAPIO(ctx, toIdentity);

      LDAPIdentityObjectTypeConfiguration fromTypeConfig = getTypeConfiguration(ctx, fromIdentity.getIdentityType());

      // If relationship is not allowed simply return
      //TODO: use features description instead
      if (!Arrays.asList(fromTypeConfig.getAllowedMembershipTypes()).contains(ldapToIO.getIdentityType().getName()))
      {
         return;
      }

      LdapContext ldapContext = getLDAPContext(ctx);

      // Check posibilities

      //TODO: null RelationshipType passed from removeRelationships
      if (relationshipType != null &&
         !getSupportedFeatures().isRelationshipTypeSupported(fromIdentity.getIdentityType(), toIdentity.getIdentityType(), relationshipType))
      {
         throw new IdentityException("Relationship not supported");
      }

      try
      {
         //construct new member attribute values
         Attributes attrs = new BasicAttributes(true);

         Attribute member = new BasicAttribute(fromTypeConfig.getMembershipAttributeName());

         if (fromTypeConfig.isMembershipAttributeDN())
         {
            member.add(ldapToIO.getDn());
         }
         else
         {
            member.add(toIdentity.getName());
         }
View Full Code Here
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
         );
      }

      Set<IdentityObjectRelationship> relationships = new HashSet<IdentityObjectRelationship>();

      LDAPIdentityObjectImpl ldapFromIO = getSafeLDAPIO(ctx, fromIdentity);
      LDAPIdentityObjectImpl ldapToIO = getSafeLDAPIO(ctx, toIdentity);

      LDAPIdentityObjectTypeConfiguration fromTypeConfig = getTypeConfiguration(ctx, fromIdentity.getIdentityType());

      // If relationship is not allowed return empty set
      //TODO: use features description instead

      if (!Arrays.asList(fromTypeConfig.getAllowedMembershipTypes()).contains(ldapToIO.getIdentityType().getName()))
      {
         return relationships;
      }

      LdapContext ldapContext = getLDAPContext(ctx);

      try
      {
         Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn());
         Attribute member = attrs.get(fromTypeConfig.getMembershipAttributeName());

         if (member != null)
         {
            NamingEnumeration memberValues = member.getAll();
            while (memberValues.hasMoreElements())
            {
               String memberRef = memberValues.nextElement().toString();

               if ((fromTypeConfig.isMembershipAttributeDN() && memberRef.equals(ldapToIO.getDn())) ||
                  (!fromTypeConfig.isMembershipAttributeDN() && memberRef.equals(ldapToIO.getName())))
               {
                  //TODO: impl lacks support for rel type
                  relationships.add(new LDAPIdentityObjectRelationshipImpl(null, ldapFromIO, ldapToIO));
               }
            }
View Full Code Here
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
      if (credential == null)
      {
         throw new IllegalArgumentException();
      }

      LDAPIdentityObjectImpl ldapIO = getSafeLDAPIO(ctx, identityObject);

      if (supportedFeatures.isCredentialSupported(ldapIO.getIdentityType(),credential.getType()))
      {

         String passwordString = null;

         // Handle generic impl

         if (credential.getValue() != null)
         {
            //TODO: support for empty password should be configurable
            passwordString = credential.getValue().toString();
         }
         else
         {
            throw new IdentityException("Null password value");
         }

         LdapContext ldapContext = getLDAPContext(ctx);

         try
         {

            Hashtable env = ldapContext.getEnvironment();

            env.put(Context.SECURITY_PRINCIPAL, ldapIO.getDn());
            env.put(Context.SECURITY_CREDENTIALS, passwordString);

            InitialContext initialCtx = new InitialLdapContext(env, null);

            if (initialCtx != null)
View Full Code Here
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
      if (credential == null)
      {
         throw new IllegalArgumentException();
      }

      LDAPIdentityObjectImpl ldapIO = getSafeLDAPIO(ctx, identityObject);

      if (supportedFeatures.isCredentialSupported(ldapIO.getIdentityType(),credential.getType()))
      {

         String passwordString = null;

         // Handle generic impl

         if (credential.getValue() != null)
         {
            //TODO: support for empty password should be configurable
            passwordString = credential.getValue().toString();
         }
         else
         {
            throw new IdentityException("Null password value");
         }

         String attributeName = getTypeConfiguration(ctx, ldapIO.getIdentityType()).getPasswordAttributeName();

         if (attributeName == null)
         {
            throw new IdentityException("IdentityType doesn't have passwordAttributeName option set: "
               + ldapIO.getIdentityType().getName());
         }

         LdapContext ldapContext = getLDAPContext(ctx);

         try
         {
            //TODO: maybe perform a schema check if this attribute is allowed for such entry

            Attributes attrs = new BasicAttributes(true);
            Attribute attr = new BasicAttribute(attributeName);
            attr.add(passwordString);
            attrs.put(attr);

            ldapContext.modifyAttributes(ldapIO.getDn(), DirContext.REPLACE_ATTRIBUTE,attrs);
         }
         catch (NamingException e)
         {
            throw new IdentityException("Cannot set identity password value.", e);
         }
View Full Code Here
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
         );
      }

      Map<String, IdentityObjectAttribute> attrsMap = new HashMap<String, IdentityObjectAttribute>();

      LDAPIdentityObjectImpl ldapIdentity = getSafeLDAPIO(ctx, identity);


      LdapContext ldapContext = getLDAPContext(ctx);

      try
      {
         Set<String> mappedNames = getTypeConfiguration(ctx, identity.getIdentityType()).getMappedAttributesNames();

         // as this is valid LDAPIdentityObjectImpl DN is obtained from the Id

         String dn = ldapIdentity.getDn();

         Attributes attrs = ldapContext.getAttributes(dn);

         for (Iterator iterator = mappedNames.iterator(); iterator.hasNext();)
         {
View Full Code Here
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
      if (attributes == null)
      {
         throw new IllegalArgumentException("attributes is null");
      }

      LDAPIdentityObjectImpl ldapIdentity = getSafeLDAPIO(ctx, identity);


      // as this is valid LDAPIdentityObjectImpl DN is obtained from the Id

      String dn = ldapIdentity.getDn();

      LdapContext ldapContext = getLDAPContext(ctx);

      try
      {
View Full Code Here
TOP

Related Classes of org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl

  • org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.