Package com.google.gsa.valve.configuration

Examples of com.google.gsa.valve.configuration.ValveRepositoryConfiguration

208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
        if (internal.match(url)) {

            //Authentication vars
            String repositoryID = null;
            AuthenticationProcessImpl authProcess = null;
            ValveRepositoryConfiguration repositoryConfig = null;

            int order = 1;
            int size = authenticationImplementationsOrder.size();
            if (authenticationImplementationsOrder == null) {
                order = 0;
                logger.error("No Authentication module has been defined. Please check and add those needed at config file");
            }

            while ((1 <= order) && (order <= size)) {

                //Get the repository ID
                logger.debug("###Processing repository # " + order + " ###");
                Integer orderInt = new Integer(order);
                if (authenticationImplementationsOrder.containsKey(orderInt)) {
                    repositoryID =
                            authenticationImplementationsOrder.get(orderInt);
                } else {
                    logger.error("Error during processing authentication methods. Order is not valid");
                    break;
                }

                //Get the Repository config and authentication class                                                   
                authProcess = authenticationImplementations.get(repositoryID);
                repositoryConfig = valveConf.getRepository(repositoryID);

                logger.debug("Authenticating ID: " + repositoryConfig.getId());
                if (repositoryConfig.getId().equals("root")) {
                    //Root should be used for main authentication against an identity repository (LDAP, DB, ..)
                    //and should not be used as a content repository that contains documents
                    try {
                        //add support to cookie array
                        rootAuthCookies.clear();
                        rootStatusCode =
                                authProcess.authenticate(request, response,
                                                         rootAuthCookies, url,
                                                         creds, "root");
                        logger.info("Repository authentication - " +
                                    repositoryConfig.getId() +
                                    " completed. Response was " +
                                    rootStatusCode);
                        if (rootStatusCode ==
                            HttpServletResponse.SC_UNAUTHORIZED) {
                            logger.error("Root AuthN failed");
                        } else {
                            //Support to cookie array
                            if (rootStatusCode == HttpServletResponse.SC_OK) {
                                logger.debug("Root AuthN is SC_OK (200)");
                                if (!rootAuthCookies.isEmpty()) {
                                    logger.debug("Root AuthN returns cookies");
                                    for (int j = 0; j < rootAuthCookies.size();
                                         j++) {
                                        logger.debug("Root Cookie found: " +
                                                     rootAuthCookies.elementAt(j).getName() +
                                                     ":" +
                                                     rootAuthCookies.elementAt(j).getValue());
                                        authCookies.add(rootAuthCookies.elementAt(j));
                                    }
                                } else {
                                    logger.debug("Root AuthN does NOT return cookies");
                                }
                            }
                        }

                        //If no repository is defined called root then rootStatusCode must be set to OK
                        // This flag is used to indicate that a root repository has been defined.
                        rootAuthNDefined = true;
                        //
                    } catch (Exception e) {
                        logger.debug("Exception with authentication for ID: " +
                                     repositoryConfig.getId() + " - " +
                                     e.getMessage());
                        rootAuthNDefined = true;
                    }
                } else {
                    try {

                        //add support to cookie array
                        repositoryAuthCookies.clear();

                        logger.debug("Let's do the authentication");

                        repositoryAuthStatusCode =
                                authProcess.authenticate(request, response,
                                                         repositoryAuthCookies,
                                                         url, creds,
                                                         repositoryConfig.getId());

                        //add support to cookie array
                        if (repositoryAuthStatusCode ==
                            HttpServletResponse.SC_OK) {
                            logger.debug("Repository AuthN [" +
                                         repositoryConfig.getId() +
                                         "] is SC_OK (200)");
                            //check if multiple repository is set to valid
                            if (repositoryOKAuthN == false) {
                                repositoryOKAuthN = true;
                            }
                            //check if cookie array is not empty and consume it
                            if (!repositoryAuthCookies.isEmpty()) {
                                logger.debug("Repository AuthN [" +
                                             repositoryConfig.getId() +
                                             "] returns " +
                                             repositoryAuthCookies.size() +
                                             " cookies");
                                for (int j = 0;
                                     j < repositoryAuthCookies.size(); j++) {
                                    logger.debug("Repository Cookie found: " +
                                                 repositoryAuthCookies.elementAt(j).getName() +
                                                 ":" +
                                                 repositoryAuthCookies.elementAt(j).getValue());
                                    authCookies.add(repositoryAuthCookies.elementAt(j));
                                }
                            } else {
                                logger.debug("Repository AuthN [" +
                                             repositoryConfig.getId() +
                                             "] does NOT return cookies");
                            }
                        }

                        //end Krb support
                        logger.info("Repository authentication - " +
                                    repositoryConfig.getId() +
                                    " completed. Response was " +
                                    repositoryAuthStatusCode);
                    } catch (Exception e) {
                        logger.debug("Exception with authentication for ID: " +
                                     repositoryConfig.getId() + " - " +
                                     e.getMessage());
                    }
                }

                //increase order
View Full Code Here
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
        //Authentication process instance
        AuthenticationProcessImpl authenticationProcess = null;

        String repositoryIds[] = valveConf.getRepositoryIds();

        ValveRepositoryConfiguration repository = null;

        int order = 1;

        for (int i = 0; i < repositoryIds.length; i++) {
            try {

                repository = valveConf.getRepository(repositoryIds[i]);

                //Check if repository has to be included in the authentication process. By default set it to true
                boolean checkAuthN = true;
                try {
                    if ((repository.getCheckAuthN() != null) &&
                        (!repository.getCheckAuthN().equals(""))) {
                        checkAuthN =
                                new Boolean(repository.getCheckAuthN()).booleanValue();
                    }
                } catch (Exception e) {
                    logger.error("Error when reading checkAuthN param: " +
                                 e.getMessage(), e);
                    //protection
                    checkAuthN = true;
                }

                if (checkAuthN) {
                    logger.info("Initialising authentication process for " +
                                repository.getId() + " [#" + order + "]");
                    authenticationProcess =
                            (AuthenticationProcessImpl)Class.forName(repository.getAuthN()).newInstance();
                    authenticationProcess.setValveConfiguration(valveConf);
                    //add this authentication process to the Map
                    synchronized (authenticationImplementations) {
                        synchronized (authenticationImplementations) {
                            authenticationImplementations.put(repository.getId(),
                                                              authenticationProcess);
                            authenticationImplementationsOrder.put(new Integer(order),
                                                                   repository.getId());
                            order++;
                        }
                    }

                } else {
                    logger.debug("Authentication process for repository [" +
                                 repository.getId() +
                                 "] is not going to be launched");
                }

            } catch (LinkageError le) {
                logger.error(repository.getId() +
                             " - Can't instantiate class [AuthenticationProcess-LinkageError]: " +
                             le.getMessage(), le);
            } catch (InstantiationException ie) {
                logger.error(repository.getId() +
                             " - Can't instantiate class [AuthenticationProcess-InstantiationException]: " +
                             ie.getMessage(), ie);
            } catch (IllegalAccessException iae) {
                logger.error(repository.getId() +
                             " - Can't instantiate class [AuthenticationProcess-IllegalAccessException]: " +
                             iae.getMessage(), iae);
            } catch (ClassNotFoundException cnfe) {
                logger.error(repository.getId() +
                             " - Can't instantiate class [AuthenticationProcess-ClassNotFoundException]: " +
                             cnfe.getMessage(), cnfe);
            } catch (Exception e) {
                logger.error(repository.getId() +
                             " - Can't instantiate class [AuthenticationProcess-Exception]: " +
                             e.getMessage(), e);
            }
        }
        logger.debug(RootAuthenticationProcess.class.getName() +
View Full Code Here
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
        } catch (RESyntaxException reSynTaxExp) {
            logger.error("Failed to created queryHost RE: " +
                         reSynTaxExp.getMessage());
        }

        ValveRepositoryConfiguration repository = null;

        logger.debug("Repository length: " + repositoryConfigurations.size());

        for (int i = 0; i < repositoryConfigurations.size(); i++) {

            repository = repositoryConfigurations.elementAt(i);

            logger.debug("Repository ID: " + repository.getId());

            //Pattern for this repository that needs to be macthed
            try {
                authZHost =
                        new RE(repository.getPattern(), RE.MATCH_CASEINDEPENDENT);
            } catch (RESyntaxException reSynTaxExp) {
                logger.error("Failed to created authZHost RE: " +
                             reSynTaxExp.getMessage());
                logger.error("Pattern trying to use: " +
                             repository.getPattern());
            }


            if (queryHostRE.match(url)) {
                logger.debug("Query AuthZ");
                statusCode = HttpServletResponse.SC_OK;
                patternMatch = true;
            } else {
                if (authZHost.match(url)) {

                    //Need the correct authZProcess implementation for this repository ID
                    AuthorizationProcessImpl authZProcess =
                        getAuthorizationProcess(repository);

                    if (authZProcess != null) {
                        //URL matches a pattern
                        if (repository.getId().equals("root")) {
                            //If this is a match for the root id then it's the internal host used to test valve/test.html, so should just return valid
                            logger.debug("Internal AuthZ");
                            statusCode = HttpServletResponse.SC_OK;
                            patternMatch = true;
                            rootIDExists = true;
                        } else {
                            logger.info("Authorizing with " +
                                        repository.getId());
                            patternMatch = true;

                            //Add credentials
                            try {
                                addCredentials(authZProcess, userSession);
                            } catch (Exception e) {
                                logger.error("Error during Kerberos authZ treatment : " +
                                             e.getMessage(), e);
                            }

                            try {
                                String repoID = repository.getId();
                                statusCode =
                                        authZProcess.authorize(request, response,
                                                               authCookies,
                                                               url, repoID);
                                //If statusCode is UNAUTHORIZED, then the process has to stop here
                                if (statusCode ==
                                    HttpServletResponse.SC_UNAUTHORIZED) {
                                    break;
                                }
                            } catch (Exception e) {
                                logger.error("Error during authorization: " +
                                             e.getMessage(), e);
                            }
                        }
                    } else {
                        logger.debug("The URL matches with the pattern defined for repository " +
                                     "[" + repository.getId() +
                                     "] but could not instantiate the class");
                    }
                }

            }
View Full Code Here
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
        repositoryConfigurations = new Vector<ValveRepositoryConfiguration>();

        String repositoryIds[] = valveConf.getRepositoryIds();

        ValveRepositoryConfiguration repository = null;

        logger.debug("Reading repositories");

        for (int i = 0; i < repositoryIds.length; i++) {
            try {
                repository = valveConf.getRepository(repositoryIds[i]);
                if (repository.getAuthZ() == null ||
                    repository.getAuthZ().equals("")) {
                    logger.info("No authZ defined for " + repository.getId());
                } else {
                    logger.debug("Authorisation process for [" +
                                 repository.getId() + "] found");
                    repositoryConfigurations.add(repository);
                }

            } catch (Exception e) {
                logger.error("Error during Authorization Vector creation: " +
View Full Code Here
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
     */
    public void getLDAPAttributes(String id) {

        logger.debug("Getting LDAP Attributes");

        ValveRepositoryConfiguration repositoryConfig =
            valveConf.getRepository(id);

        if (repositoryConfig != null) {

            //Reading LDAP vars from configfile    

            logger.debug("Reading LDAP Attributes from config file");

            ldapBaseuser = repositoryConfig.getParameterValue("ldapBaseuser");
            if ((ldapBaseuser != null) && (ldapBaseuser == "")) {
                ldapBaseuser = null;
            }
            ldapHost = repositoryConfig.getParameterValue("ldapHost");
            if ((ldapHost != null) && (ldapHost == "")) {
                ldapHost = null;
            }
            ldapDomain = repositoryConfig.getParameterValue("ldapDomain");
            if ((ldapDomain != null) && (ldapDomain == "")) {
                ldapDomain = null;
            }
            rdnAttr = repositoryConfig.getParameterValue("rdnAttr");
            if ((rdnAttr != null) && (rdnAttr == "")) {
                rdnAttr = null;
            }

            //Getting attributes username and password for all the credentials
            logger.debug("Getting LDAP username and password attributes per each repository");
            boolean attributeExist = true;
            int index = 1;
            while (attributeExist) {
                String idAttr = "id" + index;
                logger.debug("ID is : " + idAttr);
                if (repositoryConfig.getParameterValue(idAttr) != null) {
                    String userNameAttr = "username" + index;
                    String passwordAttr = "password" + index;
                    if ((repositoryConfig.getParameterValue(userNameAttr) !=
                         null) &&
                        (repositoryConfig.getParameterValue(passwordAttr) !=
                         null)) {
                        logger.debug("Adding LDAP attributes for: " +
                                     repositoryConfig.getParameterValue(idAttr));
                        LDAPAttrRepository attrRepository =
                            new LDAPAttrRepository(repositoryConfig.getParameterValue(userNameAttr),
                                                   repositoryConfig.getParameterValue(passwordAttr));
                        ldapAttributes.put(repositoryConfig.getParameterValue(idAttr),
                                           attrRepository);
                        repositories.add(repositoryConfig.getParameterValue(idAttr));
                    } else {
                        logger.error("LDAP attribute username or password for repository number " +
                                     index + " [" +
                                     repositoryConfig.getParameterValue(idAttr) +
                                     "] does NOT exist in the config file. Review configuration");
                    }
                } else {
                    attributeExist = false;
                }
View Full Code Here
TOP

Related Classes of com.google.gsa.valve.configuration.ValveRepositoryConfiguration

  • com.google.gsa.valve.modules.ldap.LDAPSSO
  • com.google.gsa.valve.rootAuth.RootAuthenticationProcess
  • com.google.gsa.valve.rootAuth.RootAuthorizationProcess
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.