/** * Initiates the SCIM2 operation. * * @param provisioningEntity * @return provisionedEntity * @throws IdentityProvisioningException */ @Override public ProvisionedIdentifier provision(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException { if (provisioningEntity != null) { if (provisioningEntity.isJitProvisioning() && !isJitProvisioningEnabled()) { log.debug("JIT provisioning disabled for SCIM 2.0 connector"); return null; } if (provisioningEntity.getEntityType() == ProvisioningEntityType.USER) { provisionUser(provisioningEntity); } else if (provisioningEntity.getEntityType() == ProvisioningEntityType.GROUP) { provisionGroup(provisioningEntity); } else { log.warn("Unsupported provisioning entity : " + provisioningEntity.getEntityName()); } } return null; }
/** * @param provisioningEntity * @param provisionByRoleList * @param tenantDomain * @return * @throws CarbonException * @throws UserStoreException */ protected boolean canUserBeProvisioned(ProvisioningEntity provisioningEntity, String[] provisionByRoleList, String tenantDomain) throws UserStoreException, CarbonException { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || provisionByRoleList == null || provisionByRoleList.length == 0) { // we apply restrictions only for users. // if service provider's out-bound provisioning configuration does not define any roles // to be provisioned then we apply no restrictions. return true; } String userName = getUserName(provisioningEntity.getAttributes()); List<String> roleListOfUser = getUserRoles(userName, tenantDomain); for (String provisionByRole : provisionByRoleList) { if (roleListOfUser.contains(provisionByRole)) { return true; } } return false; }
/** * @param provisioningEntity * @param idPRoleMapping */ private void updateProvisioningUserWithMappedRoles(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping) { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || idPRoleMapping == null || idPRoleMapping.length == 0) { return; } List<String> userGroups = getGroupNames(provisioningEntity.getAttributes()); if (CollectionUtils.isEmpty(userGroups)) { return; } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = userGroups.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } ProvisioningUtil.setClaimValue(IdentityProvisioningConstants.GROUP_CLAIM_URI, provisioningEntity.getAttributes(), mappedUserGroups); }
"identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName() + ". Hence remove from cache"); "identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName());
"identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName() + ". Hence remove from cache"); "identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName());
/** * @param provisioningEntity * @param provisionByRoleList * @param tenantDomain * @return * @throws CarbonException * @throws UserStoreException */ protected boolean canUserBeProvisioned(ProvisioningEntity provisioningEntity, String[] provisionByRoleList, String tenantDomain) throws UserStoreException, CarbonException { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || provisionByRoleList == null || provisionByRoleList.length == 0) { // we apply restrictions only for users. // if service provider's out-bound provisioning configuration does not define any roles // to be provisioned then we apply no restrictions. return true; } String userName = getUserName(provisioningEntity.getAttributes()); List<String> roleListOfUser = getUserRoles(userName, tenantDomain); for (String provisionByRole : provisionByRoleList) { if (roleListOfUser.contains(provisionByRole)) { return true; } } return false; }
"identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName() + ". Hence remove from cache"); "identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName());
/** * @param provisioningEntity * @param provisionByRoleList * @param tenantDomain * @return * @throws CarbonException * @throws UserStoreException */ protected boolean canUserBeProvisioned(ProvisioningEntity provisioningEntity, String[] provisionByRoleList, String tenantDomain) throws UserStoreException, CarbonException { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || provisionByRoleList == null || provisionByRoleList.length == 0) { // we apply restrictions only for users. // if service provider's out-bound provisioning configuration does not define any roles // to be provisioned then we apply no restrictions. return true; } String userName = getUserName(provisioningEntity.getAttributes()); List<String> roleListOfUser = getUserRoles(userName, tenantDomain); for (String provisionByRole : provisionByRoleList) { if (roleListOfUser.contains(provisionByRole)) { return true; } } return false; }
prepStmt.setString(2, provisioningEntity.getEntityType().toString()); prepStmt.setString(3, IdentityUtil.extractDomainFromName(provisioningEntity.getEntityName())); prepStmt.setString(4, UserCoreUtil.removeDomainFromName(provisioningEntity.getEntityName()));
prepStmt.setString(2, provisioningEntity.getEntityType().toString()); prepStmt.setString(3, IdentityUtil.extractDomainFromName(provisioningEntity.getEntityName())); prepStmt.setString(4, UserCoreUtil.removeDomainFromName(provisioningEntity.getEntityName()));
prepStmt.setString(2, provisioningEntity.getEntityType().toString()); prepStmt.setString(3, IdentityUtil.extractDomainFromName(provisioningEntity.getEntityName())); prepStmt.setString(4, UserCoreUtil.removeDomainFromName(provisioningEntity.getEntityName()));
prepStmt.setString(2, provisioningEntity.getEntityType().toString()); prepStmt.setString(3, IdentityUtil.extractDomainFromName(provisioningEntity.getEntityName())); prepStmt.setString(4, UserCoreUtil.removeDomainFromName(provisioningEntity.getEntityName()));
prepStmt.setString(2, provisioningEntity.getEntityType().toString()); prepStmt.setString(3, IdentityUtil.extractDomainFromName(provisioningEntity.getEntityName())); prepStmt.setString(4, UserCoreUtil.removeDomainFromName(provisioningEntity.getEntityName()));
/** * @param identityProviderName * @param connectorType * @param provisioningEntity * @param tenantId * @throws IdentityApplicationManagementException */ public void addProvisioningEntity(String identityProviderName, String connectorType, ProvisioningEntity provisioningEntity, int tenantId, String tenantDomain) throws IdentityApplicationManagementException { provisioningMgtDAO.addProvisioningEntity(identityProviderName, connectorType, provisioningEntity, tenantId); if (log.isDebugEnabled()) { log.debug("Caching newly added Provisioning Entity : " + "identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName() + "&& provisioningIdentifier=" + provisioningEntity.getIdentifier().getIdentifier()); } ProvisioningEntityCacheKey cacheKey = new ProvisioningEntityCacheKey(identityProviderName, connectorType, provisioningEntity, tenantDomain); ProvisioningEntityCacheEntry entry = new ProvisioningEntityCacheEntry(); ProvisioningEntity cachedProvisioningEntity = new ProvisioningEntity(provisioningEntity.getEntityType(), provisioningEntity.getOperation()); ProvisionedIdentifier provisionedIdentifier = provisioningEntity.getIdentifier(); cachedProvisioningEntity.setIdentifier(provisionedIdentifier); entry.setProvisioningEntity(cachedProvisioningEntity); provisioningEntityCache.addToCache(cacheKey, entry); }
/** * @param identityProviderName * @param connectorType * @param provisioningEntity * @param tenantId * @throws IdentityApplicationManagementException */ public void addProvisioningEntity(String identityProviderName, String connectorType, ProvisioningEntity provisioningEntity, int tenantId, String tenantDomain) throws IdentityApplicationManagementException { provisioningMgtDAO.addProvisioningEntity(identityProviderName, connectorType, provisioningEntity, tenantId); if (log.isDebugEnabled()) { log.debug("Caching newly added Provisioning Entity : " + "identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName() + "&& provisioningIdentifier=" + provisioningEntity.getIdentifier().getIdentifier()); } ProvisioningEntityCacheKey cacheKey = new ProvisioningEntityCacheKey(identityProviderName, connectorType, provisioningEntity, tenantDomain); ProvisioningEntityCacheEntry entry = new ProvisioningEntityCacheEntry(); ProvisioningEntity cachedProvisioningEntity = new ProvisioningEntity(provisioningEntity.getEntityType(), provisioningEntity.getOperation()); ProvisionedIdentifier provisionedIdentifier = provisioningEntity.getIdentifier(); cachedProvisioningEntity.setIdentifier(provisionedIdentifier); entry.setProvisioningEntity(cachedProvisioningEntity); provisioningEntityCache.addToCache(cacheKey, entry); }
/** * @param identityProviderName * @param connectorType * @param provisioningEntity * @param tenantId * @throws IdentityApplicationManagementException */ public void addProvisioningEntity(String identityProviderName, String connectorType, ProvisioningEntity provisioningEntity, int tenantId, String tenantDomain) throws IdentityApplicationManagementException { provisioningMgtDAO.addProvisioningEntity(identityProviderName, connectorType, provisioningEntity, tenantId); if (log.isDebugEnabled()) { log.debug("Caching newly added Provisioning Entity : " + "identityProviderName=" + identityProviderName + "&& connectorType=" + connectorType + "&& provisioningEntityType=" + provisioningEntity.getEntityType() + "&& provisioningEntityName=" + provisioningEntity.getEntityName() + "&& provisioningIdentifier=" + provisioningEntity.getIdentifier().getIdentifier()); } ProvisioningEntityCacheKey cacheKey = new ProvisioningEntityCacheKey(identityProviderName, connectorType, provisioningEntity, tenantDomain); ProvisioningEntityCacheEntry entry = new ProvisioningEntityCacheEntry(); ProvisioningEntity cachedProvisioningEntity = new ProvisioningEntity(provisioningEntity.getEntityType(), provisioningEntity.getOperation()); ProvisionedIdentifier provisionedIdentifier = provisioningEntity.getIdentifier(); cachedProvisioningEntity.setIdentifier(provisionedIdentifier); entry.setProvisioningEntity(cachedProvisioningEntity); provisioningEntityCache.addToCache(cacheKey, entry); }
@Override public ProvisionedIdentifier provision(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException { String provisionedId = null; if (provisioningEntity.isJitProvisioning() && !isJitProvisioningEnabled()) { log.debug("JIT provisioning disabled for SPML connector"); return null; } if (provisioningEntity != null) { if (provisioningEntity.getEntityType() == ProvisioningEntityType.USER) { if (provisioningEntity.getOperation() == ProvisioningOperation.DELETE) { deleteUser(provisioningEntity); } else if (provisioningEntity.getOperation() == ProvisioningOperation.PUT) { updateUser(provisioningEntity); } else if (provisioningEntity.getOperation() == ProvisioningOperation.POST) { provisionedId = createUser(provisioningEntity); } else { log.warn("Unsupported provisioning opertaion."); } } else { log.warn("Unsupported provisioning opertaion."); } } // creates a provisioned identifier for the provisioned user. ProvisionedIdentifier identifier = new ProvisionedIdentifier(); identifier.setIdentifier(provisionedId); return identifier; }
if (provisioningEntity.getEntityType() == ProvisioningEntityType.USER) { if (provisioningEntity.getOperation() == ProvisioningOperation.DELETE) { deleteUser(provisioningEntity);
if (provisioningEntity.getEntityType() == ProvisioningEntityType.USER) { if (provisioningEntity.getOperation() == ProvisioningOperation.DELETE) { deleteUser(provisioningEntity);
if (provisioningEntity.getEntityType() == ProvisioningEntityType.USER) { if (provisioningEntity.getOperation() == ProvisioningOperation.DELETE) { deleteUser(provisioningEntity);