001/*
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: AdminDNAction.java,v 1.5 2008/08/19 19:09:20 veiming Exp $
026 *
027 * Portions Copyrighted 2015-2017 ForgeRock AS.
028 */
029
030package com.sun.identity.security;
031
032import java.security.PrivilegedAction;
033
034import com.iplanet.am.util.AdminUtils;
035
036/**
037 * The class is used to perform privileged operations using
038 * <code>java.security.AccessController.doPrivileged()
039 * </code> when using
040 * <code> com.iplanet.am.util.AdminUtils</code> to obtain Administrator DN.
041 * This class implements the interface <code>
042 * java.security.PrivilegedAction </code>
043 * with a non-default constructor. This class should be used in order to perform
044 * the privileged operation of
045 * <code> com.iplanet.am.util.AdminUtils.getAdminDN()</code>.
046 * 
047 * <PRE>
048 * 
049 * This line of code: String adminDN =
050 * com.iplanet.am.util.AdminUtils.getAdminDN(); should be replaced with: String
051 * adminDN = (String) AccessController.doPrivileged( new AdminDNAction()); If
052 * this is not done and Java security permissions check is enabled, then the
053 * operation will fail and return a null everytime.
054 * 
055 * Note: Java security permissions check for OpenAM can be enabled
056 * by setting the property <code>com.sun.identity.security.checkcaller</code> to
057 * true in AMConfig properties file.
058 * 
059 * </PRE>
060 * 
061 * @supported.all.api
062 */
063public class AdminDNAction implements PrivilegedAction<String> {
064
065    /**
066     * Default constructor
067     */
068    public AdminDNAction() {
069        super();
070    }
071
072    /*
073     * (non-Javadoc)
074     * 
075     * @see java.security.PrivilegedAction#run()
076     */
077    public String run() {
078        return (AdminUtils.getAdminDN());
079    }
080
081}