@Override public void write(ObjectDataOutput out, User xUser) throws IOException { super.writeEntity(out, xUser); out.writeUTF(xUser.getLogin()); out.writeUTF(xUser.getPassword()); out.writeBoolean(xUser.isActive()); // write grants and roles List<Permission> perms = new ArrayList<Permission>(xUser.getPermissions().values()); out.writeObject(perms); out.writeObject(xUser.getIncludedRoles()); }
/** * {@inheritDoc} */ @Override public String toString() { return "User [login=" + login + ", version=" + getVersion() + ", active=" + active + ", created at=" + getCreatedAt() + ", by=" + getCreatedBy() + "]"; }
@Override public Object process(Entry<String, User> entry) { logger.debug("process.enter; entry: {}", entry); if (entry.getValue() != null) { User user = entry.getValue(); if (user.getVersion() == getVersion()) { String pwd = Encryptor.encrypt(oldPassword); if (pwd.equals(user.getPassword())) { pwd = Encryptor.encrypt(newPassword); user.setPassword(pwd); user.updateVersion(getAdmin()); entry.setValue(user); auditEntity(AuditType.update, user); return user; } else { logger.warn("process; existing password does not match for user: {}", entry.getKey()); } } // else .. } return null; }
@Override public Object process(Entry<String, User> entry) { logger.debug("process.enter; entry: {}", entry); if (entry.getValue() != null) { User user = entry.getValue(); if (user.getVersion() == getVersion()) { entry.setValue(null); auditEntity(AuditType.delete, user); return user; } else { // throw ex ? logger.warn("process; outdated user version: {}; entry version: {}; process terminated", getVersion(), entry.getValue().getVersion()); } } return null; }
public String getUserPassword(String login) { User user = entityCache.get(login); if (user != null) { return user.getPassword(); } return null; }
@SuppressWarnings("unchecked") @Override protected Map<String, User> loadEntities() { Map<String, User> users = new HashMap<String, User>(); Collection<User> cUsers = (Collection<User>) cfg.getEntities(User.class); for (User user: cUsers) { users.put(user.getLogin(), user); } return users; }
@Override public Object process(Entry<String, User> entry) { logger.debug("process.enter; entry: {}", entry); if (entry.getValue() == null) { String login = entry.getKey(); String pwd = Encryptor.encrypt(password); User user = new User(getVersion(), new Date(), getAdmin(), null, null, login, pwd, true); entry.setValue(user); auditEntity(AuditType.create, user); return user; } return null; }
@ManagedAttribute(description="Returns User state") public boolean isActive() { return getEntity().isActive(); }
@ManagedOperation(description="Delete User") @ManagedOperationParameters({ @ManagedOperationParameter(name = "login", description = "User login")}) public boolean deleteUser(String login) { User user = entityCache.get(login); if (user != null) { Object result = entityCache.executeOnKey(login, new UserRemover(user.getVersion(), getCurrentUser())); logger.debug("deleteUser; execution result: {}", result); return result != null; } return false; }
public boolean authenticate(String login, String password) { User user = entityCache.get(login); if (user != null) { String pwd = Encryptor.encrypt(password); if (pwd.equals(user.getPassword())) { return true; } // is password already encrypted? if (password.equals(user.getPassword())) { return true; } // fallback to double-encrypted pwd? pwd = Encryptor.encrypt(user.getPassword()); return password.equals(pwd); } // throw NotFound exception? return false; }
@SuppressWarnings("unchecked") private void setupCaches() { boolean lite = !hasStorageMembers(hzInstance); if (lite) { String confName = System.getProperty(pn_access_filename); if (confName != null) { // TODO: get it from Spring context? AccessConfig cfg = new AccessConfig(confName); Collection<Role> rCache = (Collection<Role>) cfg.getEntities(Role.class); for (Role role: rCache) { roles.put(role.getName(), role); } Collection<User> uCache = (Collection<User>) cfg.getEntities(User.class); for (User user: uCache) { users.put(user.getLogin(), user); } } } else { copyCache(hzInstance.getMap(CN_SYS_ROLES), roles); copyCache(hzInstance.getMap(CN_SYS_USERS), users); } logger.trace("setupCaches.exit; lite: {}; initiated roles: {}; users {}", lite, roles.size(), users.size()); }
@Override @SuppressWarnings("unchecked") public User read(ObjectDataInput in) throws IOException { Object[] entity = super.readEntity(in); String login = in.readUTF(); String password = in.readUTF(); boolean active = in.readBoolean(); List<Permission> perms = (List<Permission>) in.readObject(); Set<String> roles = (Set<String>) in.readObject(); Map<String, Permission> mPerms = new HashMap<String, Permission>(perms.size()); for (Permission xpm: perms) { mPerms.put(xpm.getResource(), xpm); } User xUser = new User( (int) entity[0], (Date) entity[1], (String) entity[2], mPerms, roles, login, password, active); return xUser; }
@ManagedOperation(description="Changes User password") @ManagedOperationParameters({ @ManagedOperationParameter(name = "oldPassword", description = "old User's password"), @ManagedOperationParameter(name = "newPassword", description = "new User's password")}) public boolean changePassword(String oldPassword, String newPassword) { User user = getEntity(); if (user != null) { Object result = entityCache.executeOnKey(entityName, new UserUpdater(user.getVersion(), getCurrentUser(), oldPassword, newPassword)); logger.trace("changePassword; execution result: {}", result); return result != null; } return false; }
public Boolean authenticate(String schemaname, String username, String password) { logger.trace("authenticate.enter; user: {}, password: {}", username, password); Boolean result = null; // check username/password against access DB User user = users.get(username); if (user != null) { boolean auth = password.equals(user.getPassword()); if (!auth) { // try double-encrypted pwd String pwd = Encryptor.encrypt(user.getPassword()); auth = password.equals(pwd); } result = auth && checkSchemaPermission(user, schemaname, Permission.Value.read); } // throw NotFound exception? logger.trace("authenticate.exit; returning: {}", result); return result; }