private boolean containsValuePolicyDefinition(CredentialsPolicyType policy) { if (policy == null) { return false; } if (policy.getPassword() == null) { return false; } if (policy.getPassword().getValuePolicyRef() != null) { return true; } if (policy.getPassword().getPasswordPolicyRef() != null) { return true; } return false; }
public static PasswordCredentialsPolicyType getEffectivePasswordCredentialsPolicy(SecurityPolicyType securityPolicy) { if (securityPolicy == null) { return null; } CredentialsPolicyType creds = securityPolicy.getCredentials(); if (creds == null) { return null; } if (creds.getDefault() == null) { return creds.getPassword(); } PasswordCredentialsPolicyType passPolicy = creds.getPassword(); if (passPolicy == null) { passPolicy = new PasswordCredentialsPolicyType(); } else { passPolicy = passPolicy.clone(); } copyDefaults(creds.getDefault(), passPolicy); return passPolicy; }
/** * Called from ChangeExecutor. Will modify the execution deltas to hash or remove credentials if needed. */ public <O extends ObjectType> ObjectDelta<O> transformFocusExecutionDelta(LensContext<O> context, ObjectDelta<O> focusDelta) throws SchemaException, EncryptionException { LensFocusContext<O> focusContext = context.getFocusContext(); SecurityPolicyType securityPolicy = focusContext.getSecurityPolicy(); if (securityPolicy == null) { return focusDelta; } CredentialsPolicyType credsType = securityPolicy.getCredentials(); if (credsType == null) { return focusDelta; } ObjectDelta<O> transformedDelta = focusDelta.clone(); transformFocusExecutionDeltaForPasswords(context, credsType, credsType.getPassword(), SchemaConstants.PATH_PASSWORD_VALUE, transformedDelta, "password"); // TODO: nonce and others return transformedDelta; }
if (policy.getPassword().getValuePolicyRef() != null) { return objectResolver.resolve(policy.getPassword().getValuePolicyRef(), ValuePolicyType.class, null, "valuePolicyRef in password credential policy", task, parentResult); } else if (policy.getPassword().getPasswordPolicyRef() != null) { return objectResolver.resolve(policy.getPassword().getPasswordPolicyRef(), ValuePolicyType.class, null, "valuePolicyRef in password credential policy", task, parentResult);
private void postProcessSecurityPolicy(SecurityPolicyType securityPolicyType, Task task, OperationResult result) { CredentialsPolicyType creds = securityPolicyType.getCredentials(); if (creds != null) { PasswordCredentialsPolicyType passwd = creds.getPassword(); if (passwd != null) { postProcessPasswordCredentialPolicy(securityPolicyType, passwd, task, result); } for (NonceCredentialsPolicyType nonce: creds.getNonce()) { postProcessCredentialPolicy(securityPolicyType, nonce, "nonce credential policy", task, result); } SecurityQuestionsCredentialsPolicyType securityQuestions = creds.getSecurityQuestions(); if (securityQuestions != null) { postProcessCredentialPolicy(securityPolicyType, securityQuestions, "security questions credential policy", task, result); } } }
/** * Not very systematic. Used mostly in hacks. */ public static ValuePolicyType getPasswordPolicy(SecurityPolicyType securityPolicy) { if (securityPolicy == null) { return null; } CredentialsPolicyType creds = securityPolicy.getCredentials(); if (creds == null) { return null; } PasswordCredentialsPolicyType passd = creds.getPassword(); if (passd == null) { return null; } ObjectReferenceType valuePolicyRef = passd.getValuePolicyRef(); if (valuePolicyRef == null) { return null; } PrismObject<ValuePolicyType> policyObj = valuePolicyRef.asReferenceValue().getObject(); if (policyObj == null) { return null; } return policyObj.asObjectable(); }