Examples of com.sun.enterprise.config.serverbeans.AuthRealm

• com.sun.enterprise.config.serverbeans.AuthRealm

    public void validate(ValidationContext valCtx) {
        super.validate(valCtx); // Before doing custom validation do basic validation

        if(valCtx.isDELETE()) {
            AuthRealm ar = (AuthRealm)valCtx.getTargetBean();
            SecurityService sec = (SecurityService) ar.parent();
            String realmName = ar.getName();
            String defaultRealmName = null;
            try {
                defaultRealmName = sec.getDefaultRealm();
            } catch (Exception ee) {
            }
            if(defaultRealmName != null && defaultRealmName.equals(realmName)) {
                valCtx.result.failed(smh.getLocalString(getClass().getName()+".defaultRealmDelete",
                        "Default auth-realm can not be deleted"));
            }

            // atleast one element of auth-realm is required
            AuthRealm[] authRealm = sec.getAuthRealm();
            if(authRealm.length < 2)
                valCtx.result.failed(smh.getLocalString(getClass().getName()+".authRealmOneCantDelete",
                        "At least one auth-realm required, auth-realm can not be deleted"));


        } else if(valCtx.isADD()) {
            AuthRealm ar = (AuthRealm)valCtx.getTargetBean();
            String className = ar.getClassname();
            if(className.endsWith(".FileRealm")) {
                ElementProperty fileProp = ar.getElementPropertyByName("file");
                if(fileProp==null) {
                    valCtx.result.failed(smh.getLocalString(getClass().getName()+".propNotFounfInFileRealm",
                            "Auth realm can not be added. \"{0}\" property should be provided for FileRealm type.",
                            new Object[]{"file"}));
                }
                ElementProperty jaasContextProp = ar.getElementPropertyByName("jaas-context");
                if(jaasContextProp==null) {
                    valCtx.result.failed(smh.getLocalString(getClass().getName()+".propNotFounfInFileRealm",
                            "Auth realm can not be added. \"{0}\" property should be provided for FileRealm type.", new Object[]{"jaas-context"}));
                }
            }

        //first, create standalone auth-realm
        Config config = getConfigBeanForTarget(target);
        SecurityService secService = config.getSecurityService();
        ManagedConfigBean mcbSecService = getManagedConfigBean(secService);
        AuthRealm authRealm = (AuthRealm)mcbSecService.createChildByType(
                ServerTags.AUTH_REALM, attrs, props);

        // Second, check keyfile
        // we need to create empty keyfile if it's not exist
        //   file should exist already - synchronization problems???

    This operation creates AuthRealm according to attributes and adds(links) it to current SecurityService;
    If attribute is 'null' then default value will be set.
     */
    public void createAuthRealm(String name, String classname) throws ConfigException
    {
        AuthRealm authRealm = new AuthRealm();
        if(name!=null)
            authRealm.setName(name);
        if(classname!=null)
            authRealm.setClassname(classname);
        SecurityService securityService = (SecurityService)getConfigBeanByXPath( ServerXPathHelper.getSecurityServiceXpath() );
        securityService.addAuthRealm(authRealm);

        getConfigContext().flush();
    }

    @throws ConfigException in case of failure.
     */
    public void deleteAuthRealm(String id) throws ConfigException, MBeanException, AttributeNotFoundException
    {
        SecurityService securityService = (SecurityService)getConfigBeanByXPath( ServerXPathHelper.getSecurityServiceXpath() );
        AuthRealm authRealm = securityService.getAuthRealmByName(id);
    if(((String) getAttribute(kDefaultRealm)).equals(id)){
      String msg = localStrings.getString( "admin.server.core.mbean.config.default_realm_cannot_delete", id );
      throw new ConfigException( msg );
    }

    private void createRealm(AuthRealmEvent event) throws Exception {
        ConfigContext configContext = event.getConfigContext();
        String realmName = event.getAuthRealmName();
        SecurityService security =
            ServerBeansFactory.getSecurityServiceBean(configContext);
        AuthRealm authRealm = security.getAuthRealmByName(realmName);
        //authRealm cannot be null here
        String className = authRealm.getClassname();
        ElementProperty[] elementProps = authRealm.getElementProperty();
        int size = (elementProps != null) ? elementProps.length : 0;
        Properties props = new Properties();
        for (int i = 0; i < size; i++) {
            props.setProperty(elementProps[i].getName(),
                    elementProps[i].getValue());

            connector.setAuthRealmName("admin-realm");
            controller.setJmxConnector(connector);

            // TODO: need to reconcile authrealms ???
            AuthRealm[] authRealms = new AuthRealm[1];
            authRealms[0]=new AuthRealm();
            authRealms[0].setName("admin-realm");
            authRealms[0].setClassname("com.sun.enterprise.security.auth.realm.file.FileRealm");
            ElementProperty fileProperty = new ElementProperty();
            fileProperty.setName("file");
            fileProperty.setValue("${com.sun.aas.instanceRoot}/config/admin-keyfile");

        if (properties != null && properties.size() > 0) {
            for (Property p: properties) {
                if (p != null && "authRealm".equals(p.getName())) {
                    authRealmName = p.getValue();
                    if (authRealmName != null) {
                        AuthRealm realm = null;
                        List<AuthRealm> rs = securityService.getAuthRealm();
                        if (rs != null && rs.size() > 0) {
                            for (AuthRealm r : rs) {
                                if (r != null &&
                                        r.getName().equals(authRealmName)) {

        secureAdmin = domain.getSecureAdmin();

        // Ensure that the admin password is set as required
        if (as.usesFileRealm()) {
            try {
                AuthRealm ar = as.getAssociatedAuthRealm();
                if (FileRealm.class.getName().equals(ar.getClassname())) {
                    String adminKeyFilePath = ar.getPropertyValue("file");
                    FileRealm fr = new FileRealm(adminKeyFilePath);
                    if (!fr.hasAuthenticatableUser()) {
                        ADMSEC_LOGGER.log(Level.SEVERE, AdminLoggerInfo.mSecureAdminEmptyPassword);
                        throw new IllegalStateException(ADMSEC_LOGGER.getResourceBundle()
                                .getString(AdminLoggerInfo.mSecureAdminEmptyPassword));

     * exists if the admin realm is a file realm and the admin file
     * realm contains exactly one user in the admin group.  If so, that's the default
     * admin user.
     */
    private String getDefaultAdminUser() {
        AuthRealm realm = as.getAssociatedAuthRealm();
        if (realm == null) {
            /*
             * If for some reason there is no admin realm available return null
             * (instead of throwing an exception).
             */
            return null;
        }
        if (! FileRealm.class.getName().equals(realm.getClassname())) {
            ADMSEC_LOGGER.fine("CAN'T FIND DEFAULT ADMIN USER: IT'S NOT A FILE REALM");
            return null;  // can only find default admin user in file realm
        }
        String pv = realm.getPropertyValue("file");  //the property named "file"
        File   rf = null;
        if (pv == null || !(rf=new File(pv)).exists()) {
            //an incompletely formed file property or the file property points to a non-existent file, can't allow access
            ADMSEC_LOGGER.fine("CAN'T FIND DEFAULT ADMIN USER: THE KEYFILE DOES NOT EXIST");
            return null;

        secureAdmin = domain.getSecureAdmin();

        // Ensure that the admin password is set as required
        if (as.usesFileRealm()) {
            try {
                AuthRealm ar = as.getAssociatedAuthRealm();
                if (FileRealm.class.getName().equals(ar.getClassname())) {
                    String adminKeyFilePath = ar.getPropertyValue("file");
                    FileRealm fr = new FileRealm(adminKeyFilePath);
                    if (!fr.hasAuthenticatableUser()) {
                        String emsg = lsm.getLocalString("secure.admin.empty.password",
                            "The server requires a valid admin password to be set before it can start. Please set a password using the change-admin-password command.");
                        logger.log(Level.SEVERE, emsg);