private TgwUser createUser(String dn, Attributes attrs) throws NamingException{ TgwUser user = new TgwUser(); user.setDn(dn); user.setName((String)uid.get()); user.setAdmin(user.getName().equals(adminUsername)); member = new BasicAttributes(roleUserAttribute,user.getName()); }else{ member = new BasicAttributes(roleUserAttribute,dn); user.setRoles((String[]) roleList.toArray(new String[roleList.size()])); user.setPassword((String)password.get()); }catch(ClassCastException cce){ // network-based access try{ String p = new String((byte[])password.get(),"UTF8"); user.setPassword(p); }catch(UnsupportedEncodingException uee){ uee.printStackTrace(); user.setDescription((String)description.get());
public boolean isUserInRole(String role) { String[] roles = user.getRoles(); for (int i = 0; i < roles.length; i++) { String aRole = roles[i]; if (aRole.equals(role)) { return true; } } return false; }
public void deleteUser(String userdn){ TgwUser user = getUser(userdn); if(user.isAdmin()){ // should throw Exception log.warn(user.getName() + "couldn't delete user who has admin priviledge."); return; } try{ ctx = new InitialDirContext(environment); updateRoles(user,user.getRoles(),DirContext.REMOVE_ATTRIBUTE); ctx.destroySubcontext(DirectoryUtils.getRDN(userdn,searchBase)); log.info("deleting " + userdn + " completed."); // ctx.close(); }catch(NamingException ne){ ne.printStackTrace(); }finally{ DirectoryUtils.closeQuietly(ctx); } }
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { TgwContext.setRequest(SecurityRequest.getPrincipalRequest(new TgwUser( "admin"))); chain.doFilter(request, response); }
private Attributes createUserAttributes(TgwUser user){ Attributes attrs = new BasicAttributes(); attrs.put(userObjectClass); attrs.put(new BasicAttribute(userPrefix,user.getName())); attrs.put(new BasicAttribute(passwordAttribute,user.getPassword())); attrs.put(new BasicAttribute("cn",user.getName())); attrs.put(new BasicAttribute("sn",user.getName())); attrs.put(new BasicAttribute(descriptionAttribute,user.getDescription())); return attrs; }
public void addUser(TgwUser user) { String dn = DirectoryUtils.getAbsoluteDN(user.getName(),userPrefix,userSuffix,searchBase); user.setDn(dn); try{ ctx = new InitialDirContext(environment); Attributes attrs = createUserAttributes(user); if(userRequiredAttributes != null){ NamingEnumeration reqattrs = userRequiredAttributes.getAll(); while(reqattrs.hasMore()){ attrs.put((Attribute)reqattrs.next()); } } updateRoles(user,user.getRoles(),DirContext.ADD_ATTRIBUTE); ctx.createSubcontext(DirectoryUtils.getRDN(dn,searchBase),attrs); log.info("adding " + dn + " completed."); // ctx.close(); }catch(NamingException ne){ // log.error(ne.getMessage()); ne.printStackTrace(); }finally{ DirectoryUtils.closeQuietly(ctx); } }
public void addRole(TgwRole role) { String dn = DirectoryUtils.getAbsoluteDN(role.getName(),rolePrefix,roleSuffix,searchBase); try{ ctx = new InitialDirContext(environment); Attributes attrs = createRoleAttributes(role); if(roleRequiredAttributes != null){ NamingEnumeration reqattrs = roleRequiredAttributes.getAll(); while(reqattrs.hasMore()){ attrs.put((Attribute)reqattrs.next()); } } ctx.createSubcontext(DirectoryUtils.getRDN(dn,searchBase),attrs); String adminUserDn = userPrefix + "=" + adminUsername + DirectoryUtils.buildSuffix(userSuffix,searchBase,true,true); TgwUser admin = new TgwUser(adminUsername); admin.setDn(adminUserDn); updateRoles(admin,new String[]{role.getName()},DirContext.ADD_ATTRIBUTE); log.info("adding " + dn + " completed."); // ctx.close(); }catch(NamingException ne){ ne.printStackTrace(); }finally{ DirectoryUtils.closeQuietly(ctx); } }
private void updateRoles(TgwUser user, String[] roles, int mod_op) throws NamingException{ if(roles != null){ Attributes member = null; if(prefixOnly){ member = new BasicAttributes(roleUserAttribute,user.getName()); }else{ member = new BasicAttributes(roleUserAttribute,user.getDn()); } for(int i=0;i<roles.length;i++){ if(roles[i] != null){ // in-case modifying admin user contains admin role, see modifyUser String roledn = DirectoryUtils.getAbsoluteDN(roles[i],rolePrefix,roleSuffix,searchBase); try{ ctx.modifyAttributes(DirectoryUtils.getRDN(roledn,searchBase),mod_op,member); }catch(NamingException ne){ log.error("update failed for " + roledn); continue; } } } } }
public boolean isUserExist(AuthUri systemUri, Object userObject) { String username = P.get(userObject, "username"); String password = P.get(userObject, "password"); SiteConfig siteConfig = TgwContext.getSiteConfig(); TgwUser user = retrieveUser(siteConfig, username); if (user == null) { return false; } if (password.equals(user.getPassword())) { return true; } return false; }
public void modifyUser(TgwUser user) { String userdn = DirectoryUtils.getAbsoluteDN(user.getName(),userPrefix,userSuffix,searchBase); String[] updateroles = user.getRoles(); oldroles = olduser.getRoles(); if(olduser.isAdmin() && deleteroles != null){ for(int i=0;i<deleteroles.length;i++){ if(deleteroles[i].equals(adminRolename)){
private void setupRequest() { TgwUser adminUser = new TgwUser(TgwResource .getProperty("ldap.admin.username")); TgwContext.setRequest(SecurityRequest.getPrincipalRequest(adminUser)); }
public int hashCode() { return getName().hashCode(); }
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (siteService == null) { S2Container container = SingletonS2ContainerFactory.getContainer(); siteService = (SiteService) container .getComponent(SiteService.class); } HttpServletRequest httpRequest = (HttpServletRequest) request; HttpSession session = httpRequest.getSession(); TgwUser user = (TgwUser) session .getAttribute(Constants.SATTR_LOGINOBJECT); if (isSiteAvailableUser(user, httpRequest)) { httpRequest = new SecurityRequest(httpRequest, user); } // else if (RoutingUtils.isTgwManager((HttpServletRequest) request) // && TgwResource.getProperty("tgw-manager.authentication") != null) { // TgwUser user = new TgwUser("admin"); // httpRequest = new SecurityRequest(httpRequest, new TgwUser("admin")); String userName = httpRequest.getRemoteUser(); if (userName != null) { TgwRequestUtils.getCurrent().setUser(new TgwUser(userName)); } chain.doFilter(httpRequest, response); }
public String getRemoteUser() { if (user != null) { return user.getName(); } return super.getRemoteUser(); }
public String[] getRoles(String username) { String userdn = directory.buildUserDN(username); TgwUser user = directory.getUser(userdn); return user.getRoles(); } }
throw new RevisionDescriptorNotFoundException(currentUri); NodeProperty ldapUid = new NodeProperty(userPrefix,user.getName(),LDAP_NAMESPACE); props.put(LDAP_NAMESPACE + userPrefix, ldapUid);