Examples of InternalCredential

org.apache.jetspeed.security.om.InternalCredential
Interface representing a security credential.

The credential value represents the value of the credential such as a password.

For now, we do not have custom credentials classes and credentials support only 1 credential (i.e. 1 password).

The credential type represents whether a credential is private or public:
- Private credential: type == 0
- Public credential: type == 1
The credential classname represent the class of credential.
TODO Add multiple credentials support. @author David Le Strat @version $Id: InternalCredential.java 516448 2007-03-09 16:25:47Z ate $

Examples of org.apache.jetspeed.security.om.InternalCredential

        {
            InternalUserPrincipal remotePrincipal = (InternalUserPrincipal)principals.next();
            Iterator creds = remotePrincipal.getCredentials().iterator();
            while (creds.hasNext())
            {
                InternalCredential cred = (InternalCredential) creds.next();
                SSOContext context = new SSOContextImpl(remotePrincipal.getPrincipalId(), 
                                                stripPrincipalName(remotePrincipal.getFullPath()), 
                                                cred.getValue(), 
                                                stripPortalPrincipalName(remotePrincipal.getFullPath()));
                list.add(context);
            }
        }
        return list;

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

            while (itRemotePrincipals.hasNext() )
            {
              InternalUserPrincipal remotePrincipal = (InternalUserPrincipal)itRemotePrincipals.next();
                  if (remotePrincipal != null)
                  {
                    InternalCredential credential = null;
                    if ( remotePrincipal.getCredentials() != null)
                      credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
                    
                    if (credential != null)
                    {
                      if (log.isInfoEnabled())
                        log.info("SSOComponent -- Remote Principal ["+stripPrincipalName(remotePrincipal.getFullPath())+"] has credential ["+this.unscramble(credential.getValue())+ "]");
                      
                      client.getState().setCredentials(
                            site.getRealm(),
                                  urlObj.getHost(),
                                  new UsernamePasswordCredentials(stripPrincipalName(remotePrincipal.getFullPath()),  this.unscramble(credential.getValue()))
                              );
                      
                      // Build URL if it's Form authentication
                      StringBuffer siteURL = new StringBuffer(site.getSiteURL());
                     
                    // Check if it's form based or ChallengeResponse
                    if (site.isFormAuthentication())
                    {
                      siteURL.append("?").append(site.getFormUserField()).append("=").append(stripPrincipalName(remotePrincipal.getFullPath())).append("&").append(site.getFormPwdField()).append("=").append(this.unscramble(credential.getValue()));
                    }
                      
                      get = new GetMethod(siteURL.toString());
  
                            // Tell the GET method to automatically handle authentication. The

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential


        Iterator rupIter = s.getRemotePrincipals().iterator();
        while (rupIter.hasNext())
        {
            InternalUserPrincipal rup = (InternalUserPrincipal)rupIter.next();
            InternalCredential rupCredential = null;
            Collection rupCredentials = rup.getCredentials();
            if (rupCredentials != null)
            {
                rupCredential = (InternalCredential)rupCredentials.iterator().next();
            }
            if (rupCredential != null)
            {
                String rupPath = rup.getFullPath();
                String rupPrincipalType = null;
                String rupPrincipalName = null;
                String rupName = null;
                String [] names = null;
                if (rupPath.startsWith("/sso/") && (rupPath.indexOf("/user/") != -1))
                {
                    rupPrincipalType = "user";
                    names = rupPath.replaceAll("^/sso/[0-9]+/user/", "").split("/");
                }
                else if (rupPath.startsWith("/sso/") && (rupPath.indexOf("/group/") != -1))
                {
                    rupPrincipalType = "group";
                    names = rupPath.replaceAll("^/sso/[0-9]+/group/", "").split("/");
                }
                if ((names != null) && (names.length == 2))
                {
                    rupPrincipalName = names[0];
                    rupName = names[1];
                }
                if ((rupPrincipalType != null) && (rupPrincipalName != null) && (rupPrincipalName.length() > 0) && (rupName != null) && (rupName.length() > 0))
                {
                    JSSSOSiteRemoteUser siteRemoteUser = new JSSSOSiteRemoteUser();
                    siteRemoteUser.setPrincipalName(rupPrincipalName);
                    siteRemoteUser.setPrincipalType(rupPrincipalType);
                    siteRemoteUser.setUserCredential(rupName, rupCredential.getValue().toCharArray());
                    site.addRemoteUser(siteRemoteUser);
                }
            }
        }

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

      }
            
      // Update principal information
      //remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/"+ principalName + "/" + remoteUser);
      
      InternalCredential credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
          
      // New credential object
       if ( credential != null) 
        // Remove credential and principal from mapping
         credential.setValue(this.scramble(pwd));
      
      // Update database and reset cache
       try
       {
           getPersistenceBrokerTemplate().store(credential);

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

   * getCredential
   * returns the credentials for a given user
   */
  private SSOContext  getCredential(SSOSite ssoSite, String fullPath)
  {
    InternalCredential credential = null;
    InternalUserPrincipal remotePrincipal = null;
    //  Get remotePrincipals for Site and match them with the Remote Principal for the Principal attached to site
    Collection principalsForSite = ssoSite.getPrincipals();
    Collection remoteForSite = ssoSite.getRemotePrincipals();
    
    // If any of them don't exist just return
    if ( principalsForSite == null  || remoteForSite== null )
        return null;  // no entry
    
    Collection remoteForPrincipals = getRemotePrincipalsForPrincipal(principalsForSite, fullPath);
        
    if ( remoteForPrincipals == null)
        return null;  // no entry
    
    // Get remote Principal that matches the site and the principal
    if ((remotePrincipal = findRemoteMatch(remoteForPrincipals, remoteForSite)) == null )
    {
        return null;  // No entry
    }
    else
    {
        // Has an entry
      if ( remotePrincipal.getCredentials() != null)
        credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
      
      // Error checking  -- should have a credential at this point
      if ( credential == null)
      {
//        System.out.println("Warning: Remote User " + remotePrincipal.getFullPath() + " doesn't have a credential");
        return null; 
      }
    }
    
    //  Create new context
    String name = stripPrincipalName(remotePrincipal.getFullPath());
    
    SSOContext context = new SSOContextImpl(credential.getPrincipalId(), name, this.unscramble(credential.getValue()));
    
    return context;
  }

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

        {
            InternalUserPrincipal remotePrincipal = (InternalUserPrincipal)principals.next();
            Iterator creds = remotePrincipal.getCredentials().iterator();
            while (creds.hasNext())
            {
                InternalCredential cred = (InternalCredential) creds.next();
                SSOContext context = new SSOContextImpl(remotePrincipal.getPrincipalId(), 
                                                stripPrincipalName(remotePrincipal.getFullPath()), 
                                                cred.getValue(), 
                                                stripPortalPrincipalName(remotePrincipal.getFullPath()));
                list.add(context);
            }
        }
        return list;

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

            while (itRemotePrincipals.hasNext() )
            {
              InternalUserPrincipal remotePrincipal = (InternalUserPrincipal)itRemotePrincipals.next();
                  if (remotePrincipal != null)
                  {
                    InternalCredential credential = null;
                    if ( remotePrincipal.getCredentials() != null)
                      credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
                    
                    if (credential != null)
                    {
                      if (log.isInfoEnabled())
                        log.info("SSOComponent -- Remote Principal ["+stripPrincipalName(remotePrincipal.getFullPath())+"] has credential ["+this.unscramble(credential.getValue())+ "]");
                      
                      client.getState().setCredentials(
                            site.getRealm(),
                                  urlObj.getHost(),
                                  new UsernamePasswordCredentials(stripPrincipalName(remotePrincipal.getFullPath()),  this.unscramble(credential.getValue()))
                              );
                      
                      // Build URL if it's Form authentication
                      StringBuffer siteURL = new StringBuffer(site.getSiteURL());
                     
                    // Check if it's form based or ChallengeResponse
                    if (site.isFormAuthentication())
                    {
                      siteURL.append("?").append(site.getFormUserField()).append("=").append(stripPrincipalName(remotePrincipal.getFullPath())).append("&").append(site.getFormPwdField()).append("=").append(this.unscramble(credential.getValue()));
                    }
                      
                      get = new GetMethod(siteURL.toString());
  
                            // Tell the GET method to automatically handle authentication. The

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

    public boolean equals(Object object)
    {  
        if (!(object instanceof InternalCredential))
            return false;


        InternalCredential c = (InternalCredential) object;
        boolean isEqual = (((null == c.getClassname()) || (c.getClassname().equals(this.getClassname()))) &&
                            (c.getValue().equals(this.getValue())) && 
                            (c.getType() == this.getType()));
        return isEqual;
    }

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

    public void setPasswordEnabled(String userName, boolean enabled) throws SecurityException
    {
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && !credential.isExpired() && credential.isEnabled() != enabled )
            {
                long time = new Date().getTime();
                credential.setEnabled(enabled);
                credential.setAuthenticationFailures(0);
                credential.setModifiedDate(new Timestamp(time));
                internalUser.setModifiedDate(new Timestamp(time));
                securityAccess.setInternalUserPrincipal(internalUser, false);
            }
        }
        else

View Full Code Here

Examples of org.apache.jetspeed.security.om.InternalCredential

    public void setPasswordUpdateRequired(String userName, boolean updateRequired) throws SecurityException
    {
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && !credential.isExpired() && credential.isUpdateRequired() != updateRequired )
            {
                // only allow setting updateRequired off if (non-Encoded) password is valid
                if ( !updateRequired && !credential.isEncoded() && pcProvider.getValidator() != null )
                {
                    pcProvider.getValidator().validate(credential.getValue());
                }
                credential.setUpdateRequired(updateRequired);
                long time = new Date().getTime();
                credential.setModifiedDate(new Timestamp(time));
                // temporary hack for now to support setting passwordUpdateRequired = false
                // for users never authenticated yet.
                // The current InternalPasswordCredentialStateHandlingInterceptor.afterLoad()
                // logic will only set it (back) to true if both prev and last auth. date is null
                credential.setPreviousAuthenticationDate(new Timestamp(time));
                credential.setModifiedDate(new Timestamp(time));
                internalUser.setModifiedDate(new Timestamp(time));
                securityAccess.setInternalUserPrincipal(internalUser, false);
            }
        }
        else

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.