Package org.jboss.portal.identity

Examples of org.jboss.portal.identity.IdentityException

162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
      {
         log.debug("findUsers(): role = " + ldapRole.getDn());

         if (ldapRole.getName() == null)
         {
            throw new IdentityException("Role name canot be null");
         }

         //obtain Role entry attributes from directory
         Attributes attrs = ldapContext.getAttributes(ldapRole.getDn(), new String[] {getMemberAttributeID()});

         //log.debug("Role attributes: " + attrs);
         if (attrs == null)
         {
            throw new IdentityException("Cannot find Role with DN: " + ldapRole.getDn());
         }

         //iterate over user names belonging to this role
         Attribute memberAttr = attrs.get(getMemberAttributeID());

         if (memberAttr != null)
         {

            NamingEnumeration values = memberAttr.getAll();
        
            while (values.hasMoreElements())
            {
               String value = values.nextElement().toString();
               String name = value;

               if (userNameFilter != null && userNameFilter.length() != 0 && !name.matches(".*" + userNameFilter + ".*"))
               {
                  continue;
               }

               try
               {
                  //if user is pointed as DN get only it's name
                  if (isUidAttributeIsDN())
                  {
                     users.add(getUserModule().findUserByDN(name));
                  }
                  else
                  {
                     users.add(getUserModule().findUserByUserName(name));
                  }
               }
               catch(IdentityException ie)
               {
                  log.error("Failed to find user: " + name + "/" + value, ie);

               }
            }
         }
      }
      catch (NamingException e)
      {
         throw new IdentityException("Resolving Role Users failed.", e);
      }
      finally
      {
         try
         {
            ldapContext.close();
         }
         catch (NamingException e)
         {
            throw new IdentityException("Failed to close LDAP connection", e);
         }
      }

      return users;

View Full Code Here
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342


      if (users.size() == 0 && isMembershipAttributeRequired())
      {
         throw new IdentityException("Cannot assigne 0 users to a role using this membership strategy (because some LDAPs " +
            "require the member field to be set). ");
      }

      LdapContext ldapContext = getConnectionContext().createInitialContext();

      try
      {
         log.debug("findUsers(): role = " + ldapRole.getDn());

         if (ldapRole.getName() == null)
         {
            throw new IdentityException("Role name canot be null");
         }

         //construct new member attribute values
         Attributes attrs = new BasicAttributes(true);

         Attribute member = new BasicAttribute(getMemberAttributeID());
         for (Iterator iterator = users.iterator(); iterator.hasNext();)
         {
            try
            {

               User user = (User)iterator.next();

               if (user instanceof CachedUserImpl)
               {
                  try
                  {
                     user = getUserModule().findUserById(user.getId());
                  }
                  catch(NoSuchUserException e)
                  {
                     throw new IdentityException("Illegal state - cached user doesn't exist in identity store: ", e);
                  }
               }
              
               LDAPUserImpl ldapUser = (LDAPUserImpl)user;

               if (isUidAttributeIsDN())
               {
                  member.add(ldapUser.getDn());
               }
               else
               {
                  //member.add(user.getId().toString());
                  member.add(ldapUser.getUserName());
               }
            }
            catch (ClassCastException e)
            {
               throw new IdentityException("Can add only LDAPUserImpl objects", e);
            }
         }
         attrs.put(member);

         if (users.size() > 0)
         {
            ldapContext.modifyAttributes(ldapRole.getDn(), DirContext.REPLACE_ATTRIBUTE, attrs);
         }
         else
         {
            ldapContext.modifyAttributes(ldapRole.getDn(), DirContext.REMOVE_ATTRIBUTE, attrs);
         }
         fireMembershipChangedEvent(role, users);
      }
      catch (NamingException e)
      {
         throw new IdentityException("Failed to change Role members", e);
      }
      finally
      {
         try
         {
            ldapContext.close();
         }
         catch (NamingException e)
         {
            throw new IdentityException("Failed to close LDAP connection", e);
         }
      }

   }
View Full Code Here
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
         {
            user = getUserModule().findUserById(user.getId());
         }
         catch(NoSuchUserException e)
         {
            throw new IdentityException("Illegal state - cached user doesn't exist in identity store: ", e);
         }
      }

      LDAPUserImpl ldapUser = null;

      if (user instanceof LDAPUserImpl)
      {
         ldapUser = (LDAPUserImpl)user;
      }
      else
      {
         throw new IllegalArgumentException("UserMembershipModuleImpl supports only LDAPUserImpl objects");
      }

      //First build a list of roles DNs to add
      List roleDNsToAdd = new LinkedList();

      for (Iterator iterator = roles.iterator(); iterator.hasNext();)
      {
         try
         {
            LDAPRoleImpl role = (LDAPRoleImpl)iterator.next();
            roleDNsToAdd.add(role.getDn());
         }
         catch(ClassCastException e)
         {
            throw new IdentityException("Only can add LDAPRoleImpl objects", e);
         }
      }

      String memberName=null;

      //Find all the roles that currently contain user as member (need to remove user from some of them)
      if (isUidAttributeIsDN())
      {
         memberName = ldapUser.getDn();
      }
      else
      {
         //memberName = ldapUser.getId().toString();
         memberName = ldapUser.getUserName();
      }

      LdapContext ldapContext = getConnectionContext().createInitialContext();

      try
      {

         String filter = getMemberAttributeID().concat("=").concat(memberName);
         log.debug("Search filter: " + filter);

         List sr = getRoleModule().searchRoles(filter, null);
         //iterate over roles that contain a user
         for (Iterator iterator = sr.iterator(); iterator.hasNext();)
         {
            SearchResult res = (SearchResult)iterator.next();
            DirContext ctx = (DirContext)res.getObject();
            String roleDN = ctx.getNameInNamespace();
            ctx.close();
           
            //if role is one which we want to add
            if (roleDNsToAdd.contains(roleDN))
            {
               //we do nothing but mark this role as added
               roleDNsToAdd.remove(roleDN);
               continue;
            }
            //if it's not on the list we need to remove user from it
            else
            {
               //obtain Role entry attributes from directory
               Attributes attrs = ldapContext.getAttributes(roleDN, new String[] {getMemberAttributeID()});

               //log.debug("Role attributes: " + attrs);
               if (attrs == null)
               {
                  throw new IdentityException("Cannot find Role with DN: " + roleDN);
               }

               Attribute attr = attrs.get(getMemberAttributeID());

               //can't remove the last member (if the attribute is required by schema)
               //TODO: workaround this somehow.... (adding goofy user or admin instead?)
               if (!(attr.size() == 1 && isMembershipAttributeRequired()))
               {
                  //remove user name from the member list
                  attr.remove(memberName);

                  //and replace attributes
                  Attributes newAttrs = new BasicAttributes(true);
                  //newAttrs.put(getMemberAttributeID(), attr);
                  newAttrs.put(attr);
                  ldapContext.modifyAttributes(roleDN, DirContext.REPLACE_ATTRIBUTE, newAttrs);
               }
               else
               {
                  log.error("Couldn't remove user from role as it was the last member - possibly required field in ldap");
               }

               //and mark this role as done
               roleDNsToAdd.remove(roleDN);
            }
         }

         //now iterate over roles that left to process
         for (Iterator iterator = roleDNsToAdd.iterator(); iterator.hasNext();)
         {
            String roleDN = (String)iterator.next();

            //changes to make
            ModificationItem[] mods = new ModificationItem[1];
            mods[0] = new ModificationItem(DirContext.ADD_ATTRIBUTE,
               new BasicAttribute(getMemberAttributeID(), memberName));
            // Perform the requested modifications on the named object
            ldapContext.modifyAttributes(roleDN, mods);
         }

         fireMembershipChangedEvent(user, roles);

         //and that should be all...
      }
      catch (NamingException e)
      {
         e.printStackTrace()//To change body of catch statement use File | Settings | File Templates.
      }
      finally
      {
         try
         {
            ldapContext.close();
         }
         catch (NamingException e)
         {
            throw new IdentityException("Failed to close LDAP connection", e);
         }
      }


View Full Code Here
531
532
533
534
535
536
537
538
         return Tools.toSet(Tools.toList(users.iterator()).subList(offset, size).iterator());

      }
      else
      {
         throw new IdentityException("Role not found with roleName: " + roleName );
      }
   }
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
   public void start() throws Exception
   {
      if (getConnectionJNDIName() == null)
      {
         throw new IdentityException("Cannot obtain ldap connection context JNDI name");
      }

      try
      {
         connectionContext = (LDAPConnectionContext)new InitialContext().lookup(getConnectionJNDIName());
View Full Code Here
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
         ldapContext.modifyAttributes(ldapu.getDn(), DirContext.REPLACE_ATTRIBUTE,attrs);
      }
      catch (NamingException e)
      {
         throw new IdentityException("Cannot set user password value.", e);
      }
      finally
      {
         try
         {
            ldapContext.close();
         }
         catch (NamingException e)
         {
            throw new IdentityException("Failed to close LDAP connection", e);
         }
      }

   }
View Full Code Here
172
173
174
175
176
177
178
179
180
181
         {
            ldapContext.close();
         }
         catch (NamingException e)
         {
            throw new IdentityException("Failed to close LDAP connection", e);
         }
      }
      return false;
   }
View Full Code Here
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223

         Attribute uida = attrs.get(getUidAttributeID());
         if (uida == null)
         {
            throw new IdentityException("LDAP entry doesn't contain proper attribute:" + getUidAttributeID());
         }

         //ldapu = new LDAPUserImpl(dn,getIdentityContext(), uida.get().toString());

         //make DN as user ID
         ldapu = new LDAPUserImpl(dn,getIdentityContext(), dn);

         if (isUserNameToLowerCase())
         {
            ldapu.setUserName(uida.get().toString().toLowerCase());
         }
         else
         {
            ldapu.setUserName(uida.get().toString());
         }

         log.debug("user uid: " + ldapu.getId());
         log.debug("user dn: " + ldapu.getDn());


      }
      catch (Exception e)
      {
         throw new IdentityException("Couldn't create LDAPUserImpl object from ldap entry (SearchResult)", e);
      }

      return ldapu;
   }
View Full Code Here
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
      {
         log.debug("findUserByDN(): DN = " + dn);

         if (dn == null)
         {
            throw new IdentityException("User dn canot be null");
         }

         Attributes attrs = ldapContext.getAttributes(dn);

         if (attrs == null)
         {
            throw new IdentityException("Can't find user entry with DN: " + dn);
         }

         return createUserInstance(attrs, dn);

      }
      catch (NoSuchElementException e)
      {
         log.debug("No user found with dn: " + dn, e);
      }
      catch (NamingException e)
      {
         throw new IdentityException("User search failed.", e);
      }
      finally
      {
         try
         {
            ldapContext.close();
         }
         catch (NamingException e)
         {
            throw new IdentityException("Failed to close LDAP connection", e);
         }
      }
      return null;

   }
View Full Code Here
309
310
311
312
313
314
315
316
317
   protected LDAPConnectionContext getConnectionContext() throws IdentityException
   {
      if (connectionContext == null)
      {
         //this.connectionContext = (LDAPConnectionContext)getIdentityContext().getObject(IdentityContext.TYPE_CONNECTION_CONTEXT);
         throw new IdentityException("No LDAPConnectionContext available");
      }
      return connectionContext;
   }
View Full Code Here
TOP

Related Classes of org.jboss.portal.identity.IdentityException

  • org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule
  • org.jboss.portal.identity.auth.SynchronizingLDAPLoginModule
  • org.jboss.portal.identity.auth.SynchronizingLoginModule
  • org.jboss.portal.identity.db.HibernateMembershipModuleImpl
  • org.jboss.portal.identity.db.HibernateRoleModuleImpl
  • org.jboss.portal.identity.db.HibernateUserModuleImpl
  • org.jboss.portal.identity.db.HibernateUserProfileModuleImpl
  • org.jboss.portal.identity.DelegatingUserProfileModuleImpl
  • org.jboss.portal.identity.ldap.LDAPConnectionContext
  • org.jboss.portal.identity.ldap.LDAPExtRoleModuleImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.