Package com.sun.identity.authentication.config

Class AMAuthConfigUtils

  • public class AMAuthConfigUtils
extends Object
    Authentication Configuration Utility.

    • Constructor Detail

      • AMAuthConfigUtils

        public AMAuthConfigUtils()

    • Method Detail

      • parseValues

        public static AppConfigurationEntry[] parseValues​(String xmlValue)
        Parses the string value for the authentication configuration based on the attribute DTD and return an array of AppConfigurationEntry which could be used to retrieve module name, flag and options. Empty array of AppConfigurationEntry will be returned if the XML value could not be parsed.
        Parameters:
        xmlValue - XML string value for the authentication configuration.
        Returns:
        Array of AppConfigurationEntry each contains module name, flag and options.

      • getAuthConfigName

        public static String getAuthConfigName​(AuthContext.IndexType indexType,
                                       String indexName,
                                       String organizationDN,
                                       String clientType)
                                throws AMConfigurationException
        Returns the authentication configuration name given the AuthContext.IndexType and indexName. The authentication configuration name will be used as the configName for getAppConfigurationEntry() function in AMConfiguration.
        Parameters:
        indexType - The AuthContext.IndexType, one of the following values: AuthContext.IndexType.MODULE_INSTANCE, AuthContext.IndexType.SERVICE, AuthContext.IndexType.ROLE or AuthContext.IndexType.USER .
        indexName - The corresponding index value for the IndexType, for ROLE and USER, DNs must be passed in.
        organizationDN - DN for the login organization.
        clientType - Client type, example genericHTML.
        Returns:
        Corresponding authentication configuration name.
        Throws:
        AMConfigurationException - if indexType is not supported.

      • getAuthConfigName

        public static String getAuthConfigName​(String organizationDN,
                                       String clientType)
        Returns the authentication configuration name for the organization based authentication. The authentication configuration name will be used as the configName for getAppConfigurationEntry(). function in AMConfiguration.
        Parameters:
        organizationDN - DN for the login organization.
        clientType -
        Returns:
        Corresponding authentication configuration name.

      • convertToXMLString

        public static String convertToXMLString​(List configs)
        Converts a List of authentication configuration to XML string representation according to following DTD. 
         <!-- AttributeValuePair defines the values used to specify 
     authentication configuration information. -->
 <!ELEMENT AttributeValuePair (Value*) >
  
 <!-- Value defines one authentication configuration  -->
     <!ELEMENT Value (#PCDATA) >
        Parameters:
        configs - List of configurations to be processed, each value consists of following parts separated by blank space: module_name flag option1, option2.
        Returns:
        XML representation of the configuration .

      • createNamedConfig

        public static void createNamedConfig​(String configName,
                                     int priority,
                                     Map attributeDataMap,
                                     String orgName,
                                     SSOToken token)
                              throws SMSException,
                                     SSOException,
                                     AMConfigurationException
        Creates an authentication configuration in iPlanetAMAuthConfiguration service. This method will be used by console to manage configurations for different services.
        Parameters:
        configName - Name of the authentication configuration.
        priority - Priority of this authentication configuration.
        attributeDataMap - Map of authentication service attributes.
        orgName - Organization DN.
        token - Single sign on token.
        Throws:
        SMSException - if failed to store the configuration because of SM Exception.
        SSOException - if single sign on token is not valid.
        AMConfigurationException - if the configName is null.

      • replaceNamedConfig

        public static void replaceNamedConfig​(String configName,
                                      int priority,
                                      Map attributeDataMap,
                                      String orgName,
                                      SSOToken token)
                               throws SMSException,
                                      SSOException,
                                      AMConfigurationException
        Replaces an existing authentication configuration defined in iPlanetAMAuthConfiguration service. This method will be used by console to manage configurations for different services.
        Parameters:
        configName - Name of the authentication configuration.
        priority - Priority of the configuration.
        attributeDataMap - Map of authentication service attributes.
        orgName - Organization DN.
        token - Single sign on token.
        Throws:
        SMSException - if failed to set the configuration because of SM Exception.
        SSOException - if single sign on token is not valid.
        AMConfigurationException - if configName is null or not defined.

      • removeNamedConfig

        public static void removeNamedConfig​(String configName,
                                     String orgName,
                                     SSOToken token)
                              throws SMSException,
                                     SSOException,
                                     AMConfigurationException
        Removes an authentication configuration defined in iPlanetAMAuthConfiguration service. This method will be used by console to manage configurations for different services.
        Parameters:
        configName - Name of the authentication configuration.
        orgName - Organization DN.
        token - Single Sign On token.
        Throws:
        SMSException - if failed to delete the configuration because of SM Exception.
        SSOException - if single sign on token is not valid.
        AMConfigurationException - if configName is null or not defined .

      • getAllNamedConfig

        public static Set getAllNamedConfig​(String orgName,
                                    SSOToken token)
                             throws SMSException,
                                    SSOException
        Returns all the authentication configurations defined in iPlanetAMAuthConfiguration service. This method will be used by console to manage configurations for different services.
        Parameters:
        orgName - Organization DN.
        token - Single Sign On token.
        Returns:
        Set which contains all the configuration names
        Throws:
        SMSException - if failed to get configurations because of SM Exception.
        SSOException - if single sign on token is not valid.

      • getNamedConfig

        public static Map<String,​Set<String>> getNamedConfig​(String configName,
                                                           String orgName,
                                                           SSOToken token)
                                                    throws SMSException,
                                                           SSOException,
                                                           AMConfigurationException
        Returns the authentication configuration defined in iPlanetAMAuthConfiguration service as XML string. This method will be used by console to manage configurations for different services.

        Here is a sample XML string for an authentication configuration 

         <AttributeValuePair> 
        
 <Value>com.sun.identity.authentication.modules.LDAP required 
    debug=true</Value>
        
 <Value>com.sun.identity.authentication.modules.RADIUS
    optional</Value> 
 </AttributeValuePair>
        This means user need to pass a required LDAP Login module, then an optional RADIUS Login module.
        Parameters:
        configName - Name of the authentication configuration.
        orgName - Organization DN.
        token - Single Sign On token.
        Returns:
        Map containing authentication service attributes.
        Throws:
        SMSException - if failed to get the configuration because of SM Exception.
        SSOException - if single sign on token is not valid.
        AMConfigurationException - if configName is null or not defined.

      • getModuleName

        public static String getModuleName​(String className)
        Returns module name from complete class name.
        Parameters:
        className - Class name, example com.sun.identity.authentication.modules.ldap.LDAP.
        Returns:
        module name, e.g. "LDAP"

      • getModuleServiceName

        public static String getModuleServiceName​(String module)
        Returns SM service name based on module name
        Parameters:
        module - Login module name, e.g. "LDAP"
        Returns:
        Service name for the login module, example iPlanetAMAuthLDAPService

      • getNewModuleServiceName

        public static String getNewModuleServiceName​(String module)

      • getAuthLevelAttribute

        public static String getAuthLevelAttribute​(Map attrs,
                                           String module)
        Returns authentication level attribute name for module name.
        Parameters:
        attrs - parameter map of the module service.
        module - Login module name, e.g. "LDAP".
        Returns:
        attribute name for authentication level example iplanet-am-auth-ldap-auth-level or sunIdentityServerLDAPAuthLevel.

      • getServiceSchema

        public static ServiceSchema getServiceSchema​(SSOToken token)
                                      throws AMConfigurationException
        Returns service schema object for the authentication configuration subschema.
        Parameters:
        token - Single Sign On token.
        Returns:
        Service Schema.
        Throws:
        AMConfigurationException - if there are errors accessing authentication configuration.

      • getAllAuthModules

        public static Map getAllAuthModules​(SSOToken token)
        Returns all supported authentication modules
        Parameters:
        token - Single Sign On token to be using for accessing configuration information.
        Returns:
        Map contains all modules, key is the module name (e.g. LDAP), value is the complete class name (example com.sun.identity.authentication.modules.ldap.LDAP)

      • getAllAuthModules

        public static Map getAllAuthModules​(String orgDN,
                                    SSOToken token)
        Returns all supported authentication modules in an Organization If there are not modules configured at the Organization level then the authentication modules set at Global level will be returned.
        Parameters:
        orgDN - organization DN.
        token - single sign on token.
        Returns:
        Map contains all modules, key is the module name (e.g. LDAP), value is the complete class name (e.g. com.sun.identity.authentication.modules.ldap.LDAP)

      • xmlToAuthConfigurationEntry

        public static List xmlToAuthConfigurationEntry​(String xmlValue)
        Parses the string value for the authentication configuration based on the attribute DTD and return a List of AuthConfigurationEntry which could be used to retrieve module name, flag and options. Empty List will be returned if the XML value could not be parsed.
        Parameters:
        xmlValue - XML value for the authentication configuration.
        Returns:
        List of AuthConfigurationEntry contains module name, flag and options.

      • authConfigurationEntryToXMLString

        public static String authConfigurationEntryToXMLString​(List entries)
        Converts a List of AuthConfigurationEntry to XML representation according to following DTD. 
         <!-- AttributeValuePair defines the values used to specify 
     authentication configuration information. -->
 <!ELEMENT AttributeValuePair (Value*) >

 <!-- Value defines one authentication configuration  -->
 <!ELEMENT Value (#PCDATA) >
        Parameters:
        entries - List of AuthConfigurationEntry to be processed.
        Returns:
        XML representation of the configuration.

      • getGlobalAuthenticators

        public static Set getGlobalAuthenticators​(SSOToken token)
        Returns the global authenticators.
        Parameters:
        token - Single sign on token to access configuration information.
        Returns:
        the global Authenticators.