Examples of UserDatabase


Examples of com.adito.security.UserDatabase

    public ActionForward onExecute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {

        ChangePasswordForm f = (ChangePasswordForm) form;
        UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(getSessionInfo(request).getUser().getRealm());
        if (!udb.supportsPasswordChange()) {
            throw new Exception("Changing of passwords is not supported by the underlying user database.");
        }
        User user = LogonControllerFactory.getInstance().getUser(request);

        SessionInfo info = this.getSessionInfo(request);

        // Read in all of the confidential user attribute values
        Properties confidentialAttributes = new Properties();
        UserAttributes userAttributes = (UserAttributes) PropertyClassManager.getInstance().getPropertyClass(UserAttributes.NAME);
        for (PropertyDefinition def : userAttributes.getDefinitions()) {
            AttributeDefinition attrDef = (AttributeDefinition) def;
            if (attrDef.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
                confidentialAttributes.setProperty(def.getName(), attrDef.getPropertyClass()
                                .retrieveProperty(new UserAttributeKey(info.getUser(), def.getName())));
            }
        }

        try {

            // Change the password

            udb.changePassword(user.getPrincipalName(), f.getOldPassword(), f.getNewPassword(), false);
           
            PublicKeyStore publicKeyStore = PublicKeyStore.getInstance();
            if ("automatic".equals(Property.getProperty(new SystemConfigKey("security.privateKeyMode")))) { 
                if (publicKeyStore.isPassphraseValid(user.getPrincipalName(), f.getOldPassword())) {
                    publicKeyStore.changePrivateKeyPassphrase(user.getPrincipalName(), f.getOldPassword(), f.getNewPassword());
View Full Code Here

Examples of com.adito.security.UserDatabase

     * @throws Exception on any error
     */
    public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        SessionInfo sessionInfo = getSessionInfo(request);
        UserDatabase userDatabase = UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
        if (!userDatabase.supportsAccountCreation()) {
            throw new Exception("The underlying user database does not support role creation.");
        }
        PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
            PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN, request);
        RoleForm roleForm = (RoleForm) form;
View Full Code Here

Examples of com.adito.security.UserDatabase

            throw new Exception("No role configured for editing.");
        }
        PolicyUtil.checkPermission(PolicyConstants.ACCOUNTS_AND_GROUPS_RESOURCE_TYPE,
            PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN, request);
        SessionInfo sessionInfo = getSessionInfo(request);
        UserDatabase userDatabase = UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
        List<User> users = Arrays.asList(userDatabase.getUsersInRole(role));

        RoleForm roleForm = (RoleForm) form;
        roleForm.initialize(users);
        roleForm.setRolename(role.getPrincipalName());
        roleForm.setReferer(CoreUtil.getReferer(request));
View Full Code Here

Examples of com.adito.security.UserDatabase

        LogonControllerFactory.getInstance().applyMenuItemChanges(request);
        return cancel(mapping, form, request, response);
    }

    private void createRole(RoleForm roleForm, SessionInfo sessionInfo) throws Exception {
        UserDatabase userDatabase = UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
        try {
            Role role = userDatabase.createRole(roleForm.getRolename());
            List<String> selectedUsers = roleForm.getUserList();
            updateUserRoles(role, selectedUsers, userDatabase.getRealm());
            fireSuccessfulEvent(sessionInfo, CoreEventConstants.GROUP_CREATED, role, selectedUsers);
        } catch (Exception expt) {
            fireUnsuccessfulEvent(roleForm, sessionInfo, CoreEventConstants.GROUP_CREATED, expt);
            throw expt;
        }
View Full Code Here

Examples of com.adito.security.UserDatabase

            throw expt;
        }
    }
   
    private String[] updateRole(RoleForm roleForm, SessionInfo sessionInfo) throws Exception {
        UserDatabase userDatabase = UserDatabaseManager.getInstance().getUserDatabase(sessionInfo.getUser().getRealm());
        try {
            Role role = userDatabase.getRole(roleForm.getRolename());
            List<String> selectedUsers = roleForm.getUserList();
            String[] usersNotRemoved = updateUserRoles(role, selectedUsers, userDatabase.getRealm());
            fireSuccessfulEvent(sessionInfo, CoreEventConstants.GROUP_UPDATED, role, selectedUsers);
            return usersNotRemoved;
        } catch (Exception expt) {
            fireUnsuccessfulEvent(roleForm, sessionInfo, CoreEventConstants.GROUP_CREATED, expt);
            throw expt;
View Full Code Here

Examples of com.adito.security.UserDatabase

        coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, roleForm.getRolename());
        CoreServlet.getServlet().fireCoreEvent(coreEvent);
    }
   
    private String[] updateUserRoles(Role role, List<String> selectedUsers, Realm realm) throws Exception {
        UserDatabase userDatabase = UserDatabaseManager.getInstance().getUserDatabase(realm);
        User[] usersInRole = userDatabase.getUsersInRole(role);
       
        Collection<String> usersNotRemoved = new TreeSet<String>();
        for (User user : usersInRole) {
            String principalName = user.getPrincipalName();
            if (selectedUsers.contains(principalName)) {
                // role is already assigned so make sure this don't happen again
                selectedUsers.remove(principalName);
            } else {
                Role[] updatedRoles = removeRole(role, user.getRoles());
                try {
                    userDatabase.updateAccount(user, user.getEmail(), user.getFullname(), updatedRoles);
                } catch (GroupsRequiredForUserException e) {
                    usersNotRemoved.add(principalName);
                }
            }
        }
       
        for (String principalName : selectedUsers) {
            User user = userDatabase.getAccount(principalName);
            Role[] updatedRoles = addRole(role, user.getRoles());
            userDatabase.updateAccount(user, user.getEmail(), user.getFullname(), updatedRoles);
        }
        return usersNotRemoved.toArray(new String[usersNotRemoved.size()]);
    }
View Full Code Here

Examples of com.adito.security.UserDatabase

            log.error("Failed to close userdatabase.", e);
        }
    }
   
    public void close(String realmName) throws Exception {
        UserDatabase udbInstance = getUserDatabase(realmName);
        if(udbInstance != null) {
            udbInstance.close();
        }
        else {
            throw new Exception("No user database with name " + realmName + ".");
        }
    }
View Full Code Here

Examples of com.adito.security.UserDatabase

            throw new Exception("No user database of type " + type + " registered.");
        } else {
          Calendar now = Calendar.getInstance();
           
            Class clazz = udd.getUserDatabaseClass();
            UserDatabase udb = (UserDatabase) clazz.newInstance();
            Realm realm = new DefaultRealm(type, 1, DEFAULT_REALM_NAME, DEFAULT_REALM_DESCRIPTION, now, now);
            if(!udb.isOpen() && open)
              udb.open(CoreServlet.getServlet(), realm);
            return udb;
        }
    }
View Full Code Here

Examples of com.adito.security.UserDatabase

         * 1. This is the first connection from this browser session.
         * 2. The 'reset' parameter has been passed on the request
         * 3. The logon state machine is in {@link LogonStateAndCache#STATE_RETURN_TO_LOGON}
         *
         */
        UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(form.getRealmName());
        if (logonStateMachine == null || logonStateMachine.getState() == LogonStateAndCache.STATE_RETURN_TO_LOGON || reset) {
          /*
           * If the client is already logged on, then we got here because
           * a <i>Session Lock</i> has occured and so only require
           * the users password
           */
            if (LogonControllerFactory.getInstance().hasClientLoggedOn(request, response) == LogonController.LOGGED_ON) {
                logonStateMachine = new LogonStateAndCache(LogonStateAndCache.STATE_DISPLAY_USERNAME_ENTERED, request.getSession());
                logonStateMachine.setUser(LogonControllerFactory.getInstance().getUser(request));
                form.initUser();
                form.setHasMoreAuthenticationSchemes(false);
            } else {
              /*
               * This is a brand new session so we require the username
               */
                logonStateMachine = new LogonStateAndCache(LogonStateAndCache.STATE_STARTED, request.getSession());
                request.getSession().removeAttribute(Constants.AUTH_SESSION);
                if(!Util.isNullOrTrimmedBlank(form.getUsername())) {
                  try {
                    User user = udb.getAccount(form.getUsername());
                    logonStateMachine.removeFromSpoofCache(user.getPrincipalName());
                    form.initUser();
                    try {
                      logonStateMachine.setUser(user);
                    }
                    catch(AccountLockedException ale) {
                      // Continue anyway and get the exception later
                    }
                    logonStateMachine.setState(LogonStateAndCache.STATE_DISPLAY_USERNAME_ENTERED);
                  }
                  catch(UserNotFoundException unfe) {
                      form.initUser();
                      // Spoof some authentication schemes
                      form.setHasMoreAuthenticationSchemes(true);
                  }
                }
               
            }
        } else {
            /*
             * A username has been provided but it was unknown. The error message
             * indicating this will not be displayed until the next stage is
             * complete
             */
          if (logonStateMachine.getState() == LogonStateAndCache.STATE_UNKNOWN_USERNAME) {
              logonStateMachine.setState(LogonStateAndCache.STATE_UNKNOWN_USERNAME_PROMPT_FOR_PASSWORD);
          }
          else  if (logonStateMachine.getState() == LogonStateAndCache.STATE_KNOWN_USERNAME_MULTIPLE_SCHEMES_SELECT){           
            /*
             * The scheme to sign on with has changed, so we need to update the
                 * logon state machine.
                 */
                logonStateMachine.forceHighestPriorityScheme(request.getParameter("selectedAuthenticationScheme"),
                    request.getParameter("username"));
                logonStateMachine.setState(LogonStateAndCache.STATE_KNOWN_USERNAME_MULTIPLE_SCHEMES);               
            } else if (logonStateMachine.getState() == LogonStateAndCache.STATE_KNOWN_USERNAME_NO_SCHEME_SPOOF_PASSWORD_ENTRY){
              /*
                 * The scheme to sign on with has changed, so we need to update the
                 * logon state machine
                 */
                logonStateMachine.setSpoofedHighestPriorityScheme(request.getParameter("username"));
            }
            else if(logonStateMachine.getState() == LogonStateAndCache.STATE_DISPLAY_USERNAME_ENTRY){
              /*
               * The username has been collected, now process it.
               */
              if(Util.isNullOrTrimmedBlank(form.getUsername())) {
                /**
                 * Page refreshed, stay in same state
                 */
                  logonStateMachine.setState(LogonStateAndCache.STATE_STARTED);
              }
              else {
                  logonStateMachine.setState(LogonStateAndCache.STATE_DISPLAY_USERNAME_ENTERED);
                  try {
                    User user = udb.getAccount(form.getUsername());
                    logonStateMachine.removeFromSpoofCache(user.getPrincipalName());
                    try {
                      logonStateMachine.setUser(user);
                    }
                    catch(AccountLockedException ale) {
View Full Code Here

Examples of com.adito.security.UserDatabase

                        errs.add(Globals.ERROR_KEY, ce.getBundleActionMessage());
                    }
                }

                SessionInfo session = LogonControllerFactory.getInstance().getSessionInfo(request);
                UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(session.getRealm());
                for (String account : selectedAccounts) {
                    try {
                        udb.getAccount(account);
                    } catch (Exception e) {
                        errs.add(Globals.ERROR_KEY, new ActionMessage("editPolicy.error.invalidUser", account));
                    }
                }
                for (String role : selectedRoles) {
                    try {
                        if (udb.getRole(role) == null) {
                            throw new Exception();
                        }
                    } catch (Exception e) {
                        errs.add(Globals.ERROR_KEY, new ActionMessage("editPolicy.error.invalidRole", role));
                    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.