@Override public List<SecurityQuestionDefinitionType> run() { Task task = getTaskManager().createTaskInstance("Search user by name"); OperationResult result = task.getResult(); SecurityPolicyType securityPolicyType = null; try { SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("rest_sec_q_auth", "REST", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"))); securityPolicyType = modelInteractionService.getSecurityPolicy(user, task, result); } catch (ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { return null; } finally { SecurityContextHolder.getContext().setAuthentication(null); } if (securityPolicyType.getCredentials() != null && securityPolicyType.getCredentials().getSecurityQuestions() != null){ return securityPolicyType.getCredentials().getSecurityQuestions().getQuestion(); } return null; } });
public static SecurityQuestionsCredentialsPolicyType getEffectiveSecurityQuestionsCredentialsPolicy(SecurityPolicyType securityPolicy) { if (securityPolicy == null) { return null; } CredentialsPolicyType creds = securityPolicy.getCredentials(); if (creds == null) { return null; } if (creds.getDefault() == null) { return creds.getSecurityQuestions(); } SecurityQuestionsCredentialsPolicyType securityQuestionsPolicy = creds.getSecurityQuestions(); if (securityQuestionsPolicy == null) { securityQuestionsPolicy = new SecurityQuestionsCredentialsPolicyType(); } else { securityQuestionsPolicy = securityQuestionsPolicy.clone(); } copyDefaults(creds.getDefault(), securityQuestionsPolicy); return securityQuestionsPolicy; }
private void postProcessSecurityPolicy(SecurityPolicyType securityPolicyType, Task task, OperationResult result) { CredentialsPolicyType creds = securityPolicyType.getCredentials(); if (creds != null) { PasswordCredentialsPolicyType passwd = creds.getPassword(); if (passwd != null) { postProcessPasswordCredentialPolicy(securityPolicyType, passwd, task, result); } for (NonceCredentialsPolicyType nonce: creds.getNonce()) { postProcessCredentialPolicy(securityPolicyType, nonce, "nonce credential policy", task, result); } SecurityQuestionsCredentialsPolicyType securityQuestions = creds.getSecurityQuestions(); if (securityQuestions != null) { postProcessCredentialPolicy(securityPolicyType, securityQuestions, "security questions credential policy", task, result); } } }
private void assertCredentialsPolicy(PrismObject<UserType> user) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = new OperationResult("assertCredentialsPolicy"); CredentialsPolicyType credentialsPolicy = modelInteractionService.getCredentialsPolicy(user, null, result); result.computeStatus(); TestUtil.assertSuccess(result); assertNotNull("No credentials policy for "+user, credentialsPolicy); SecurityQuestionsCredentialsPolicyType securityQuestions = credentialsPolicy.getSecurityQuestions(); assertEquals("Unexepected number of security questions for "+user, 2, securityQuestions.getQuestion().size()); }