/** * Create an instance of {@link CredentialsPolicyType } * */ public CredentialsPolicyType createCredentialsPolicyType() { return new CredentialsPolicyType(); }
public List<NonceCredentialsPolicyType> createNonceList() { PrismForJAXBUtil.createContainer(asPrismContainerValue(), F_NONCE); return getNonce(); }
private boolean containsValuePolicyDefinition(CredentialsPolicyType policy) { if (policy == null) { return false; } if (policy.getPassword() == null) { return false; } if (policy.getPassword().getValuePolicyRef() != null) { return true; } if (policy.getPassword().getPasswordPolicyRef() != null) { return true; } return false; }
public CredentialsPolicyType clone() { CredentialsPolicyType object = new CredentialsPolicyType(); PrismContainerValue value = asPrismContainerValue().clone(); object.setupContainerValue(value); return object; }
private void postProcessSecurityPolicy(SecurityPolicyType securityPolicyType, Task task, OperationResult result) { CredentialsPolicyType creds = securityPolicyType.getCredentials(); if (creds != null) { PasswordCredentialsPolicyType passwd = creds.getPassword(); if (passwd != null) { postProcessPasswordCredentialPolicy(securityPolicyType, passwd, task, result); } for (NonceCredentialsPolicyType nonce: creds.getNonce()) { postProcessCredentialPolicy(securityPolicyType, nonce, "nonce credential policy", task, result); } SecurityQuestionsCredentialsPolicyType securityQuestions = creds.getSecurityQuestions(); if (securityQuestions != null) { postProcessCredentialPolicy(securityPolicyType, securityQuestions, "security questions credential policy", task, result); } } }
private SecurityPolicyType postProcessPasswordPolicy(ValuePolicyType passwordPolicyType) { SecurityPolicyType securityPolicyType = new SecurityPolicyType(); CredentialsPolicyType creds = new CredentialsPolicyType(); PasswordCredentialsPolicyType passwd = new PasswordCredentialsPolicyType(); ObjectReferenceType passwordPolicyRef = new ObjectReferenceType(); passwordPolicyRef.asReferenceValue().setObject(passwordPolicyType.asPrismObject()); passwd.setValuePolicyRef(passwordPolicyRef); creds.setPassword(passwd); securityPolicyType.setCredentials(creds); setDeprecatedPasswordPolicyProperties(passwordPolicyType, passwd); return securityPolicyType; }
public static List<NonceCredentialsPolicyType> getEffectiveNonceCredentialsPolicies(SecurityPolicyType securityPolicy) { if (securityPolicy == null) { return null; } CredentialsPolicyType creds = securityPolicy.getCredentials(); if (creds == null) { return null; } if (creds.getDefault() == null) { return creds.getNonce(); } List<NonceCredentialsPolicyType> existingNoncePolicies = creds.getNonce(); List<NonceCredentialsPolicyType> newNoncePolicies = new ArrayList<>(existingNoncePolicies.size()); for(NonceCredentialsPolicyType noncePolicy: existingNoncePolicies) { NonceCredentialsPolicyType newNoncePolicy = noncePolicy.clone(); copyDefaults(creds.getDefault(), newNoncePolicy); newNoncePolicies.add(newNoncePolicy); } return newNoncePolicies; }
public static SecurityQuestionsCredentialsPolicyType getEffectiveSecurityQuestionsCredentialsPolicy(SecurityPolicyType securityPolicy) { if (securityPolicy == null) { return null; } CredentialsPolicyType creds = securityPolicy.getCredentials(); if (creds == null) { return null; } if (creds.getDefault() == null) { return creds.getSecurityQuestions(); } SecurityQuestionsCredentialsPolicyType securityQuestionsPolicy = creds.getSecurityQuestions(); if (securityQuestionsPolicy == null) { securityQuestionsPolicy = new SecurityQuestionsCredentialsPolicyType(); } else { securityQuestionsPolicy = securityQuestionsPolicy.clone(); } copyDefaults(creds.getDefault(), securityQuestionsPolicy); return securityQuestionsPolicy; }
public static PasswordCredentialsPolicyType getEffectivePasswordCredentialsPolicy(SecurityPolicyType securityPolicy) { if (securityPolicy == null) { return null; } CredentialsPolicyType creds = securityPolicy.getCredentials(); if (creds == null) { return null; } if (creds.getDefault() == null) { return creds.getPassword(); } PasswordCredentialsPolicyType passPolicy = creds.getPassword(); if (passPolicy == null) { passPolicy = new PasswordCredentialsPolicyType(); } else { passPolicy = passPolicy.clone(); } copyDefaults(creds.getDefault(), passPolicy); return passPolicy; }
@Override public List<SecurityQuestionDefinitionType> run() { Task task = getTaskManager().createTaskInstance("Search user by name"); OperationResult result = task.getResult(); SecurityPolicyType securityPolicyType = null; try { SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("rest_sec_q_auth", "REST", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"))); securityPolicyType = modelInteractionService.getSecurityPolicy(user, task, result); } catch (ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { return null; } finally { SecurityContextHolder.getContext().setAuthentication(null); } if (securityPolicyType.getCredentials() != null && securityPolicyType.getCredentials().getSecurityQuestions() != null){ return securityPolicyType.getCredentials().getSecurityQuestions().getQuestion(); } return null; } });
public CredentialsPolicyType nonce(NonceCredentialsPolicyType value) { getNonce().add(value); return this; }
public CredentialsPolicyType password(PasswordCredentialsPolicyType value) { setPassword(value); return this; }
return; CredentialPolicyType defaltCredPolicyType = credsType.getDefault(); CredentialsStorageMethodType storageMethod = SecurityUtil.getCredPolicyItem(defaltCredPolicyType, credPolicyType, pol -> pol.getStorageMethod());
public CredentialPolicyType beginDefault() { CredentialPolicyType value = new CredentialPolicyType(); _default(value); return value; }
private void assertCredentialsPolicy(PrismObject<UserType> user) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = new OperationResult("assertCredentialsPolicy"); CredentialsPolicyType credentialsPolicy = modelInteractionService.getCredentialsPolicy(user, null, result); result.computeStatus(); TestUtil.assertSuccess(result); assertNotNull("No credentials policy for "+user, credentialsPolicy); SecurityQuestionsCredentialsPolicyType securityQuestions = credentialsPolicy.getSecurityQuestions(); assertEquals("Unexepected number of security questions for "+user, 2, securityQuestions.getQuestion().size()); }
List<NonceCredentialsPolicyType> noncePolicies = credentialsPolicy.getNonce();
/** * Create an instance of {@link CredentialsPolicyType } * */ public CredentialsPolicyType createCredentialsPolicyType() { return new CredentialsPolicyType(); }
if (policy.getPassword().getValuePolicyRef() != null) { return objectResolver.resolve(policy.getPassword().getValuePolicyRef(), ValuePolicyType.class, null, "valuePolicyRef in password credential policy", task, parentResult); } else if (policy.getPassword().getPasswordPolicyRef() != null) { return objectResolver.resolve(policy.getPassword().getPasswordPolicyRef(), ValuePolicyType.class, null, "valuePolicyRef in password credential policy", task, parentResult);
/** * Create an instance of {@link CredentialsPolicyType } * */ public CredentialsPolicyType createCredentialsPolicyType() { return new CredentialsPolicyType(); }
/** * Called from ChangeExecutor. Will modify the execution deltas to hash or remove credentials if needed. */ public <O extends ObjectType> ObjectDelta<O> transformFocusExecutionDelta(LensContext<O> context, ObjectDelta<O> focusDelta) throws SchemaException, EncryptionException { LensFocusContext<O> focusContext = context.getFocusContext(); SecurityPolicyType securityPolicy = focusContext.getSecurityPolicy(); if (securityPolicy == null) { return focusDelta; } CredentialsPolicyType credsType = securityPolicy.getCredentials(); if (credsType == null) { return focusDelta; } ObjectDelta<O> transformedDelta = focusDelta.clone(); transformFocusExecutionDeltaForPasswords(context, credsType, credsType.getPassword(), SchemaConstants.PATH_PASSWORD_VALUE, transformedDelta, "password"); // TODO: nonce and others return transformedDelta; }