@Override public void addRole(String roleName, String[] userList, Permission[] permissions) throws org.wso2.carbon.user.api.UserStoreException { for (Iterator<Entry<String, WSUserStoreManager>> iterator = remoteServers.entrySet() .iterator(); iterator.hasNext(); ) { Entry<String, WSUserStoreManager> remoteStore = iterator.next(); try { remoteStore.getValue().addRole(roleName, userList, permissions); } catch (org.wso2.carbon.user.api.UserStoreException e) { if (!CONNECTION_REFUSED.equalsIgnoreCase(e.getMessage())) { throw e; } log.error("Failed to update the remote server : " + remoteStore.getKey()); } } }
/** * Should not allow to have domain prefixed with 'FEDERATED', to avoid conflicting with federated user domain. * @param domain : domain name * @return */ private void validateForFederatedDomain(String domain) throws UserStoreException { if (IdentityUtil.isNotBlank(domain) && domain.toUpperCase().startsWith("FEDERATED")) { throw new UserStoreException("'FEDERATED' is a reserved user domain prefix. " + "Please start the domain name in a different manner."); } }
private void checkPasswordValidity(UserStoreException e) throws IdentityRecoveryClientException { Throwable cause = e.getCause(); while (cause != null) { if (cause instanceof IdentityEventException) { String errorCode = ((IdentityEventException) cause).getErrorCode(); if (StringUtils.equals(errorCode, "22001")) { throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages .ERROR_CODE_HISTORY_VIOLATE, null, e); } } if (cause instanceof PolicyViolationException) { throw IdentityException.error(IdentityRecoveryClientException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_POLICY_VIOLATION.getCode(), cause.getMessage(), e); } cause = cause.getCause(); } }
private boolean validateUserCredentials(OAuth2AccessTokenReqDTO tokenReq) throws IdentityOAuth2Exception { boolean authenticated; try { UserStoreManager userStoreManager = getUserStoreManager(tokenReq); String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(tokenReq.getResourceOwnerUsername()); authenticated = userStoreManager.authenticate(tenantAwareUserName, tokenReq.getResourceOwnerPassword()); if (log.isDebugEnabled()) { log.debug("user " + tokenReq.getResourceOwnerUsername() + " authenticated: " + authenticated); } if (!authenticated) { if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equalsIgnoreCase(MultitenantUtils.getTenantDomain (tokenReq.getResourceOwnerUsername()))) { throw new IdentityOAuth2Exception("Authentication failed for " + tenantAwareUserName); } throw new IdentityOAuth2Exception("Authentication failed for " + tokenReq.getResourceOwnerUsername()); } } catch (UserStoreException e) { String message = e.getMessage(); if (!(e.getCause() instanceof IdentityException)) { throw new IdentityOAuth2Exception(message, e); } IdentityException identityException = (IdentityException) (e.getCause()); // Set error code to message if available. if (StringUtils.isNotBlank(identityException.getErrorCode())) { message = identityException.getErrorCode() + " " + e.getMessage(); } throw new IdentityOAuth2Exception(message, e); } return true; }
public boolean isReadOnlyUserStore() throws UserProfileException { try { UserRealm realm = getUserRealm(); if ("true".equals(realm.getRealmConfiguration().getUserStoreProperty( UserCoreConstants.RealmConfig.PROPERTY_READ_ONLY))) { return true; } return false; } catch (UserStoreException e) { log.error(e.getMessage(), e); throw new UserProfileException(e.getMessage(), e); } }
private Connection getDBConnection() throws SQLException, UserStoreException { Connection dbConnection = IdentityDatabaseUtil.getUserDBConnection(); if (dbConnection == null) { throw new UserStoreException("Could not create a database connection to User database"); } dbConnection.setAutoCommit(false); dbConnection.setTransactionIsolation(Connection.TRANSACTION_READ_COMMITTED); return dbConnection; } }
public boolean isReadOnlyUserStore() throws UserProfileException { try { UserRealm realm = getUserRealm(); if ("true".equals(realm.getRealmConfiguration().getUserStoreProperty( UserCoreConstants.RealmConfig.PROPERTY_READ_ONLY))) { return true; } return false; } catch (UserStoreException e) { log.error(e.getMessage(), e); throw new UserProfileException(e.getMessage(), e); } }
private Claim[] getClaimsToEnterData(UserRealm realm) throws UserStoreException { try { return getAllSupportedClaims(realm, UserCoreConstants.DEFAULT_CARBON_DIALECT); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new UserStoreException(e); } }
properties = remoteUserStore.getProperties(tenant); } catch (org.wso2.carbon.user.api.UserStoreException e) { if (!CONNECTION_REFUSED.equalsIgnoreCase(e.getMessage())) { throw e; break; } catch (UserStoreException ex) { if (!CONNECTION_REFUSED.equalsIgnoreCase(e.getMessage())) {
/** * Should not allow to have domain prefixed with 'FEDERATED', to avoid conflicting with federated user domain. * @param domain : domain name * @return */ private void validateForFederatedDomain(String domain) throws UserStoreException { if (IdentityUtil.isNotBlank(domain) && domain.toUpperCase().startsWith("FEDERATED")) { throw new UserStoreException("'FEDERATED' is a reserved user domain prefix. " + "Please start the domain name in a different manner."); } }
/** * Get the tenant id of the given tenant domain. * * @param tenantDomain Tenant Domain * @return Tenant Id of domain user belongs to. * @throws IdentityApplicationManagementException Error when getting tenant id from tenant * domain */ private static int getTenantIdOfDomain(String tenantDomain) throws IdentityApplicationManagementException { try { return IdPManagementUtil.getTenantIdOfDomain(tenantDomain); } catch (UserStoreException e) { log.error(e.getMessage(), e); String msg = "Error occurred while getting Tenant Id from Tenant domain " + tenantDomain; throw new IdentityApplicationManagementException(msg); } }
private Claim[] getClaimsToEnterData(UserRealm realm) throws UserStoreException { try { return getAllSupportedClaims(realm, UserCoreConstants.DEFAULT_CARBON_DIALECT); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new UserStoreException(e); } }
/** * Get the tenant id of the given tenant domain. * * @param tenantDomain Tenant Domain * @return Tenant Id of domain user belongs to. * @throws IdentityApplicationManagementException Error when getting tenant id from tenant * domain */ private static int getTenantIdOfDomain(String tenantDomain) throws IdentityApplicationManagementException { try { return IdPManagementUtil.getTenantIdOfDomain(tenantDomain); } catch (UserStoreException e) { log.error(e.getMessage(), e); String msg = "Error occurred while getting Tenant Id from Tenant domain " + tenantDomain; throw new IdentityApplicationManagementException(msg); } }
/** * @param value * @return * @throws UserStoreException */ public static String doHash(String value) throws UserStoreException { try { String digsestFunction = "SHA-256"; MessageDigest dgst = MessageDigest.getInstance(digsestFunction); byte[] byteValue = dgst.digest(value.getBytes()); return Base64.encode(byteValue); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage(), e); throw new UserStoreException(e.getMessage(), e); } }
private boolean isUserNameWithAllowedDomainName(String userName, UserRealm realm) throws IdentityException { int index; index = userName.indexOf("/"); // Check whether we have a secondary UserStoreManager setup. if (index > 0) { // Using the short-circuit. User name comes with the domain name. try { return !realm.getRealmConfiguration().isRestrictedDomainForSlefSignUp( userName.substring(0, index)); } catch (UserStoreException e) { throw IdentityException.error(e.getMessage(), e); } } return true; }
/** * @param value * @return * @throws UserStoreException */ public static String doHash(String value) throws UserStoreException { try { String digsestFunction = "SHA-256"; MessageDigest dgst = MessageDigest.getInstance(digsestFunction); byte[] byteValue = dgst.digest(value.getBytes()); return Base64.encode(byteValue); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage(), e); throw new UserStoreException(e.getMessage(), e); } }
/** * Get the tenant id of the given tenant domain. * * @param tenantDomain Tenant Domain * @return Tenant Id of domain user belongs to. * @throws IdentityApplicationManagementException Error when getting tenant id from tenant * domain */ private static int getTenantIdOfDomain(String tenantDomain) throws IdentityApplicationManagementException { try { return IdPManagementUtil.getTenantIdOfDomain(tenantDomain); } catch (UserStoreException e) { log.error(e.getMessage(), e); String msg = "Error occurred while getting Tenant Id from Tenant domain " + tenantDomain; throw new IdentityApplicationManagementException(msg); } }
/** * @param value * @return * @throws UserStoreException */ public static String doHash(String value) throws UserStoreException { try { String digsestFunction = "SHA-256"; MessageDigest dgst = MessageDigest.getInstance(digsestFunction); byte[] byteValue = dgst.digest(value.getBytes()); return Base64.encode(byteValue); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage(), e); throw new UserStoreException(e.getMessage(), e); } }
private boolean isUserNameWithAllowedDomainName(String userName, UserRealm realm) throws IdentityException { int index; index = userName.indexOf("/"); // Check whether we have a secondary UserStoreManager setup. if (index > 0) { // Using the short-circuit. User name comes with the domain name. try { return !realm.getRealmConfiguration().isRestrictedDomainForSlefSignUp( userName.substring(0, index)); } catch (UserStoreException e) { throw IdentityException.error(e.getMessage(), e); } } return true; }
@Override public void onUserStoreNamePreUpdate(int tenantId, String currentUserStoreName, String newUserStoreName) throws UserStoreException { try { UserProfileMgtDAO.getInstance().updateDomainNameOfAssociations(tenantId, currentUserStoreName, newUserStoreName); } catch (UserProfileException e) { throw new UserStoreException(String.format("Error occurred while updating user domain of associated " + "ids with domain '%s'", currentUserStoreName), e); } }