本文整理汇总了Java中org.identityconnectors.framework.common.objects.OperationalAttributes类的典型用法代码示例。如果您正苦于以下问题:Java OperationalAttributes类的具体用法?Java OperationalAttributes怎么用?Java OperationalAttributes使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
OperationalAttributes类属于org.identityconnectors.framework.common.objects包,在下文中一共展示了OperationalAttributes类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSchema
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
/**
* Return resource schema names.
*
* @param showall return __NAME__ and __PASSWORD__ attribute if true.
* @return a list of schema names.
*/
public Set<String> getSchema(final boolean showall) {
final Set<String> resourceSchemaNames = new HashSet<String>();
final Schema schema = connector.schema();
try {
for (ObjectClassInfo info : schema.getObjectClassInfo()) {
for (AttributeInfo attrInfo : info.getAttributeInfo()) {
if (showall || (!Name.NAME.equals(attrInfo.getName())
&& !OperationalAttributes.PASSWORD_NAME.equals(
attrInfo.getName())
&& !OperationalAttributes.ENABLE_NAME.equals(
attrInfo.getName()))) {
resourceSchemaNames.add(attrInfo.getName());
}
}
}
} catch (Throwable t) {
// catch throwable in order to manage unpredictable behaviors
LOG.debug("Unsupported operation {}", t);
}
return resourceSchemaNames;
}
示例2: addAttributeModification
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
protected void addAttributeModification(Dn dn, List<Modification> modifications,
org.apache.directory.api.ldap.model.schema.ObjectClass ldapStructuralObjectClass,
ObjectClass icfObjectClass, Attribute icfAttr, ModificationOperation modOp) {
if (icfAttr.is(OperationalAttributes.LOCK_OUT_NAME)
&& LdapConfiguration.LOCKOUT_STRATEGY_OPENLDAP.equals(getConfiguration().getLockoutStrategy())) {
List<Object> values = icfAttr.getValue();
if (values.size() != 1) {
throw new InvalidAttributeValueException("Unexpected number of values in attribute "+icfAttr);
}
Boolean value = (Boolean)values.get(0);
if (value) {
throw new UnsupportedOperationException("Locking object is not supported (only unlocking is)");
}
modifications.add(
new DefaultModification(modOp, SchemaConstants.PWD_ACCOUNT_LOCKED_TIME_AT)); // no value
} else {
super.addAttributeModification(dn, modifications, ldapStructuralObjectClass, icfObjectClass, icfAttr, modOp);
}
}
示例3: extendObjectClassDefinition
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
protected void extendObjectClassDefinition(ObjectClassInfoBuilder ocib,
org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass) {
super.extendObjectClassDefinition(ocib, ldapObjectClass);
if (getConfiguration().isTweakSchema()) {
// Account and groups need samAccountName attribute. But it is not in the declared schema.
if (isUserObjectClass(ldapObjectClass.getName()) || isGroupObjectClass(ldapObjectClass.getName())) {
AttributeInfoBuilder samAccountNameAttr = new AttributeInfoBuilder(AdConstants.ATTRIBUTE_SAM_ACCOUNT_NAME_NAME);
samAccountNameAttr.setType(String.class);
ocib.addAttributeInfo(samAccountNameAttr.build());
}
}
if (!getConfiguration().isRawUserAccountControlAttribute()) {
AttributeInfoBuilder enableAb = new AttributeInfoBuilder(OperationalAttributes.ENABLE_NAME);
enableAb.setType(boolean.class);
ocib.addAttributeInfo(enableAb.build());
}
}
示例4: extendConnectorObject
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
protected void extendConnectorObject(ConnectorObjectBuilder cob, Entry entry, String objectClassName) {
super.extendConnectorObject(cob, entry, objectClassName);
if (!getConfiguration().isRawUserAccountControlAttribute()) {
Integer userAccountControl = LdapUtil.getIntegerAttribute(entry, AdConstants.ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, null);
if (userAccountControl == null) {
if (isUserObjectClass(objectClassName)) {
cob.addAttribute(OperationalAttributes.ENABLE_NAME, Boolean.FALSE);
}
} else {
if ((userAccountControl & AdConstants.USER_ACCOUNT_CONTROL_DISABLED) == 0) {
cob.addAttribute(OperationalAttributes.ENABLE_NAME, Boolean.TRUE);
} else {
cob.addAttribute(OperationalAttributes.ENABLE_NAME, Boolean.FALSE);
}
}
}
}
示例5: toLdapAttribute
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
public AttributeType toLdapAttribute(org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass,
String icfAttributeName) {
if (OperationalAttributes.LOCK_OUT_NAME.equals(icfAttributeName)) {
if (getConfiguration().getLockoutStrategy() == null || LdapConfiguration.LOCKOUT_STRATEGY_NONE.equals(getConfiguration().getLockoutStrategy())) {
return null;
} else if (LdapConfiguration.LOCKOUT_STRATEGY_OPENLDAP.equals(getConfiguration().getLockoutStrategy())) {
return super.toLdapAttribute(ldapObjectClass, SchemaConstants.PWD_ACCOUNT_LOCKED_TIME_AT);
} else {
throw new IllegalStateException("Unknown lockout strategy "+ getConfiguration().getLockoutStrategy());
}
}
return super.toLdapAttribute(ldapObjectClass, icfAttributeName);
}
示例6: buildOperationOptions
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
/**
* Build options for requesting all mapped connector attributes.
*
* @param iterator items
* @return options for requesting all mapped connector attributes
* @see OperationOptions
*/
public static OperationOptions buildOperationOptions(final Iterator<? extends Item> iterator) {
OperationOptionsBuilder builder = new OperationOptionsBuilder();
Set<String> attrsToGet = new HashSet<>();
attrsToGet.add(Name.NAME);
attrsToGet.add(Uid.NAME);
attrsToGet.add(OperationalAttributes.ENABLE_NAME);
while (iterator.hasNext()) {
Item item = iterator.next();
if (item.getPurpose() != MappingPurpose.NONE) {
attrsToGet.add(item.getExtAttrName());
}
}
builder.setAttributesToGet(attrsToGet);
// -------------------------------------
return builder.build();
}
示例7: createTest
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Test
public void createTest() {
logger.info("Running Create Test");
final String principal = "[email protected]" + realm;
final long modifyDate = System.currentTimeMillis();
final long princExpire = modifyDate + 1000 * 7 * 24 * 3600;
final long maxLife = 1000 * 4 * 3600;
final long maxRenew = 1000 * 24 * 3600;
final ConnectorFacade facade = getFacade(KerberosConnector.class, null);
ConnectorObject co;
Set<Attribute> createAttributes = new HashSet<Attribute>();
createAttributes.add(new Name(principal));
createAttributes.add(AttributeBuilder.buildPassword("Password".toCharArray()));
createAttributes.add(AttributeBuilder.buildEnabled(true));
createAttributes.add(AttributeBuilder.buildDisableDate(princExpire));
createAttributes.add(AttributeBuilder.build("requiresPreauth", true));
createAttributes.add(AttributeBuilder.build("maxTicketLife", maxLife));
createAttributes.add(AttributeBuilder.build("maxRenewableLife", maxRenew));
Uid uid = facade.create(ObjectClass.ACCOUNT, createAttributes, null);
Assert.assertEquals(uid.getUidValue(), principal);
co = facade.getObject(ObjectClass.ACCOUNT, new Uid(principal), null);
Assert.assertNotNull(co);
long validTo = AttributeUtil.getLongValue(co.getAttributeByName(OperationalAttributes.DISABLE_DATE_NAME));
long maxLife2 = AttributeUtil.getLongValue(co.getAttributeByName("maxTicketLife"));
long maxRenew2 = AttributeUtil.getLongValue(co.getAttributeByName("maxRenewableLife"));
Assert.assertEquals(precRound(validTo, 2 * 1000), precRound(princExpire, 2 * 1000));
Assert.assertEquals(precRound(maxLife2, 2 * 1000), precRound(maxLife, 2 * 1000));
Assert.assertEquals(precRound(maxRenew2, 2 * 1000), precRound(maxRenew, 2 * 1000));
Assert.assertTrue(AttributeUtil.getBooleanValue(co.getAttributeByName("requiresPreauth")));
Assert.assertEquals((int)AttributeUtil.getIntegerValue(co.getAttributeByName("attributes")), 128);
}
示例8: updateDatesTest
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Test
void updateDatesTest() {
logger.info("Running Update Dates Test");
final String principal = "[email protected]" + realm;
final Uid testUid = new Uid(principal);
final long modifyDate = System.currentTimeMillis();
final long expPrincDate = modifyDate + 3600000;
final long expPwDate = modifyDate + 1800000;
Uid uid;
final ConnectorFacade facade = getFacade(KerberosConnector.class, null);
Set<Attribute> updateAttributes;
ConnectorObject co;
updateAttributes = new HashSet<Attribute>();
updateAttributes.add(AttributeBuilder.build(OperationalAttributes.DISABLE_DATE_NAME, expPrincDate));
updateAttributes.add(AttributeBuilder.build(OperationalAttributes.PASSWORD_EXPIRATION_DATE_NAME, expPwDate));
uid = facade.update(ObjectClass.ACCOUNT, testUid, updateAttributes, null);
Assert.assertEquals(uid.getUidValue(), principal);
co = facade.getObject(ObjectClass.ACCOUNT, testUid, null);
Assert.assertNotNull(co);
Long expPrincDate2 = (Long)co.getAttributeByName(OperationalAttributes.DISABLE_DATE_NAME).getValue().get(0);
Long expPwDate2 = (Long)co.getAttributeByName(OperationalAttributes.PASSWORD_EXPIRATION_DATE_NAME).getValue().get(0);
Long modifyDate2 = (Long)co.getAttributeByName("modifyDate").getValue().get(0);
// permit less precision (1 second)
Assert.assertEquals(precRound(expPrincDate, 1000 * 2), precRound(expPrincDate2, 1000 * 2));
Assert.assertEquals(precRound(expPwDate, 1000 * 2), precRound (expPwDate2, 1000 * 2));
// modifyDate is set independently - permit even less precision
Assert.assertEquals(precRound(modifyDate, 1000 * 10), precRound(modifyDate2, 1000 * 10));
}
示例9: enableTest
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Test
public void enableTest() {
logger.info("Running Enable Test");
final String principal = "[email protected]" + realm;
final Uid testUid = new Uid(principal);
Uid uid;
ConnectorObject co;
final ConnectorFacade facade = getFacade(KerberosConnector.class, null);
Set<Attribute> updateAttributes;
// disable
updateAttributes = new HashSet<Attribute>();
updateAttributes.add(AttributeBuilder.build(OperationalAttributes.ENABLE_NAME, false));
uid = facade.update(ObjectClass.ACCOUNT, testUid, updateAttributes, null);
Assert.assertEquals(uid.getUidValue(), principal);
co = facade.getObject(ObjectClass.ACCOUNT, testUid, null);
Assert.assertNotNull(co);
Assert.assertEquals(co.getAttributeByName("attributes").getValue().get(0), 192);
Assert.assertEquals(co.getAttributeByName("allowTix").getValue().get(0), false);
// enable
updateAttributes= new HashSet<Attribute>();
updateAttributes.add(AttributeBuilder.build(OperationalAttributes.ENABLE_NAME, true));
uid = facade.update(ObjectClass.ACCOUNT, testUid, updateAttributes, null);
Assert.assertEquals(uid.getUidValue(), principal);
co = facade.getObject(ObjectClass.ACCOUNT, testUid, null);
Assert.assertNotNull(co);
Assert.assertEquals(co.getAttributeByName("attributes").getValue().get(0), 128);
Assert.assertEquals(co.getAttributeByName("allowTix").getValue().get(0), true);
}
示例10: convertFromPassword
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
private void convertFromPassword(Set<Attribute> attributes, PropertyDelta<ProtectedStringType> passwordDelta) throws SchemaException {
if (passwordDelta == null) {
throw new IllegalArgumentException("No password was provided");
}
QName elementName = passwordDelta.getElementName();
if (StringUtils.isBlank(elementName.getNamespaceURI())) {
if (!QNameUtil.match(elementName, PasswordType.F_VALUE)) {
return;
}
} else if (!passwordDelta.getElementName().equals(PasswordType.F_VALUE)) {
return;
}
PrismProperty<ProtectedStringType> newPassword = passwordDelta.getPropertyNewMatchingPath();
if (newPassword == null || newPassword.isEmpty()) {
// This is the case of setting no password. E.g. removing existing password
LOGGER.debug("Setting null password.");
attributes.add(AttributeBuilder.build(OperationalAttributes.PASSWORD_NAME, Collections.EMPTY_LIST));
} else if (newPassword.getRealValue().canGetCleartext()) {
// We have password and we can get a cleartext value of the passowrd. This is normal case
GuardedString guardedPassword = ConnIdUtil.toGuardedString(newPassword.getRealValue(), "new password", protector);
attributes.add(AttributeBuilder.build(OperationalAttributes.PASSWORD_NAME, guardedPassword));
} else {
// We have password, but we cannot get a cleartext value. Just to nothing.
LOGGER.debug("We would like to set password, but we do not have cleartext value. Skipping the opearation.");
}
}
示例11: extendObjectClassDefinition
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
protected void extendObjectClassDefinition(ObjectClassInfoBuilder ocib,
org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass) {
super.extendObjectClassDefinition(ocib, ldapObjectClass);
if (isUserObjectClass(ldapObjectClass.getName())) {
AttributeInfoBuilder lockoutAb = new AttributeInfoBuilder(OperationalAttributes.LOCK_OUT_NAME);
lockoutAb.setType(boolean.class);
// lockoutAb.setReturnedByDefault(false);
ocib.addAttributeInfo(lockoutAb.build());
AttributeInfoBuilder enableAb = new AttributeInfoBuilder(OperationalAttributes.ENABLE_NAME);
enableAb.setType(boolean.class);
ocib.addAttributeInfo(enableAb.build());
}
}
示例12: toLdapAttribute
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
public AttributeType toLdapAttribute(
org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass, String icfAttributeName) {
if (icfAttributeName.equals(OperationalAttributes.ENABLE_NAME)) {
return super.toLdapAttribute(ldapObjectClass, EDirectoryConstants.ATTRIBUTE_LOGIN_DISABLED_NAME);
} else if (icfAttributeName.equals(OperationalAttributes.LOCK_OUT_NAME)) {
return super.toLdapAttribute(ldapObjectClass, EDirectoryConstants.ATTRIBUTE_LOCKOUT_LOCKED_NAME);
} else {
return super.toLdapAttribute(ldapObjectClass, icfAttributeName);
}
}
示例13: extendConnectorObject
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
protected void extendConnectorObject(ConnectorObjectBuilder cob, Entry entry, String objectClassName) {
super.extendConnectorObject(cob, entry, objectClassName);
Boolean ldapDisabled = LdapUtil.getBooleanAttribute(entry, EDirectoryConstants.ATTRIBUTE_LOGIN_DISABLED_NAME, null);
if (ldapDisabled == null) {
if (isUserObjectClass(objectClassName)) {
cob.addAttribute(OperationalAttributes.ENABLE_NAME, Boolean.TRUE);
}
} else {
if (ldapDisabled) {
cob.addAttribute(OperationalAttributes.ENABLE_NAME, Boolean.FALSE);
} else {
cob.addAttribute(OperationalAttributes.ENABLE_NAME, Boolean.TRUE);
}
}
boolean ldapLocked = LdapUtil.getBooleanAttribute(entry, EDirectoryConstants.ATTRIBUTE_LOCKOUT_LOCKED_NAME, Boolean.FALSE);
if (ldapLocked) {
Long resetTime = LdapUtil.getTimestampAttribute(entry, EDirectoryConstants.ATTRIBUTE_LOCKOUT_RESET_TIME_NAME);
long now = System.currentTimeMillis();
LOG.ok("LOCK reset={0}, now={1}", resetTime, now);
if (resetTime > now) {
cob.addAttribute(OperationalAttributes.LOCK_OUT_NAME, Boolean.TRUE);
} else {
cob.addAttribute(OperationalAttributes.LOCK_OUT_NAME, Boolean.FALSE);
}
} else {
cob.addAttribute(OperationalAttributes.LOCK_OUT_NAME, Boolean.FALSE);
}
}
示例14: toLdapAttribute
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
public AttributeType toLdapAttribute(
org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass, String icfAttributeName) {
if (!getConfiguration().isRawUserAccountControlAttribute() && icfAttributeName.equals(OperationalAttributes.ENABLE_NAME)) {
return super.toLdapAttribute(ldapObjectClass, AdConstants.ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME);
} else {
return super.toLdapAttribute(ldapObjectClass, icfAttributeName);
}
}
示例15: extendObjectClassDefinition
import org.identityconnectors.framework.common.objects.OperationalAttributes; //导入依赖的package包/类
@Override
protected void extendObjectClassDefinition(ObjectClassInfoBuilder ocib,
org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass) {
super.extendObjectClassDefinition(ocib, ldapObjectClass);
if (!LdapConfiguration.LOCKOUT_STRATEGY_NONE.equals(getConfiguration().getLockoutStrategy())) {
AttributeInfoBuilder lockoutAb = new AttributeInfoBuilder(OperationalAttributes.LOCK_OUT_NAME);
lockoutAb.setType(boolean.class);
// lockoutAb.setReturnedByDefault(false);
ocib.addAttributeInfo(lockoutAb.build());
}
}