protected void checkServiceName(Class<?> extensionPoint, String name) throws SecurityConfigException { if (name == null || name.isEmpty()) throw createSecurityException(NAME_REQUIRED); }
protected void checkExtensionPont(Class<?> extensionPoint, String className) throws SecurityConfigException { if (isNotEmpty(className) == false) { throw createSecurityException(CLASSNAME_REQUIRED); } Class<?> aClass = null; try { aClass = Class.forName(className); } catch (ClassNotFoundException e) { throw createSecurityException(CLASS_NOT_FOUND_$1, className); } if (extensionPoint.isAssignableFrom(aClass) == false) { throw createSecurityException(CLASS_WRONG_TYPE_$2, extensionPoint, className); } }
public void validate(PasswordPolicyConfig config) throws SecurityConfigException { if (config.getMinLength() < 0) throw createSecurityException(INVALID_MIN_LENGTH); if (config.getMaxLength() != -1) { if (config.getMinLength() > config.getMaxLength()) throw createSecurityException(INVALID_MAX_LENGTH); } }
public void validate(SecurityRoleServiceConfig config) throws SecurityConfigException { for (GeoServerRole systemRole : GeoServerRole.SystemRoles) { if (systemRole.getAuthority().equals(config.getAdminRoleName())) throw createSecurityException(RESERVED_ROLE_NAME, systemRole.getAuthority()); if (systemRole.getAuthority().equals(config.getGroupAdminRoleName())) throw createSecurityException(RESERVED_ROLE_NAME, systemRole.getAuthority()); } }
public void validate(SecurityUserGroupServiceConfig config) throws SecurityConfigException { String encoderName = config.getPasswordEncoderName(); GeoServerPasswordEncoder encoder = null; if (isNotEmpty(encoderName)) { try { encoder = manager.loadPasswordEncoder(encoderName); } catch (NoSuchBeanDefinitionException ex) { throw createSecurityException(INVALID_CONFIG_PASSWORD_ENCODER_$1, encoderName); } if (encoder == null) { throw createSecurityException(INVALID_CONFIG_PASSWORD_ENCODER_$1, encoderName); } } else { throw createSecurityException(PASSWD_ENCODER_REQUIRED_$1, config.getName()); } if (!manager.isStrongEncryptionAvailable()) { if (encoder != null && encoder.isAvailableWithoutStrongCryptogaphy() == false) { throw createSecurityException(INVALID_STRONG_PASSWORD_ENCODER); } } String policyName = config.getPasswordPolicyName(); if (isNotEmpty(policyName) == false) { throw createSecurityException(PASSWD_POLICY_REQUIRED_$1, config.getName()); } if (getNamesFor(PasswordValidator.class).contains(policyName) == false) { throw createSecurityException(PASSWD_POLICY_NOT_FOUND_$1, policyName); } }
public void validateRemovePasswordPolicy(PasswordPolicyConfig config) throws SecurityConfigException { validateRemoveNamedService(PasswordValidator.class, config); if (PasswordValidator.MASTERPASSWORD_NAME.equals(config.getName())) throw createSecurityException(PASSWD_POLICY_MASTER_DELETE); try { for (String name : manager.listUserGroupServices()) { SecurityUserGroupServiceConfig ugConfig = manager.loadUserGroupServiceConfig(name); if (ugConfig.getPasswordPolicyName().equals(config.getName())) throw createSecurityException( PASSWD_POLICY_ACTIVE_$2, config.getName(), ugConfig.getName()); } } catch (IOException ex) { throw new RuntimeException(ex); } }
public void validate(SecurityAuthProviderConfig config) throws SecurityConfigException { if (isNotEmpty(config.getUserGroupServiceName())) { if (getNamesFor(GeoServerUserGroupService.class) .contains(config.getUserGroupServiceName()) == false) throw createSecurityException( USERGROUP_SERVICE_NOT_FOUND_$1, config.getUserGroupServiceName()); } }
public void validateRemoveRoleService(SecurityRoleServiceConfig config) throws SecurityConfigException { validateRemoveNamedService(GeoServerRoleService.class, config); if (manager.getActiveRoleService().getName().equals(config.getName())) { throw createSecurityException(ROLE_SERVICE_ACTIVE_$1, config.getName()); } }
public void validateRemoveAuthProvider(SecurityAuthProviderConfig config) throws SecurityConfigException { validateRemoveNamedService(GeoServerAuthenticationProvider.class, config); for (GeoServerAuthenticationProvider prov : manager.getAuthenticationProviders()) { if (prov.getName().equals(config.getName())) throw createSecurityException(AUTH_PROVIDER_ACTIVE_$1, config.getName()); } }
public void validateRemoveFilter(SecurityNamedServiceConfig config) throws SecurityConfigException { validateRemoveNamedService(GeoServerSecurityFilter.class, config); List<String> patterns = manager.getSecurityConfig() .getFilterChain() .patternsForFilter(config.getClassName(), false); if (patterns.isEmpty() == false) { throw createSecurityException( SecurityConfigException.FILTER_STILL_USED, config.getName(), StringUtils.arrayToCommaDelimitedString(patterns.toArray())); } }
public void validateRequestFilterChain(RequestFilterChain requestChain) throws SecurityConfigException { if (isNotEmpty(requestChain.getName()) == false) { throw createSecurityException(SecurityConfigException.FILTER_CHAIN_NAME_MANDATORY); throw createSecurityException( SecurityConfigException.PATTERN_LIST_EMPTY_$1, requestChain.getName()); try { if (proxy.lookupFilter(roleFilterName) == null) { throw createSecurityException( SecurityConfigException.UNKNOWN_ROLE_FILTER_$2, requestChain.getName(), throw createSecurityException( SecurityConfigException.FILTER_CHAIN_EMPTY_$1, requestChain.getName()); try { if (proxy.lookupFilter(interceptorFilterName) == null) { throw createSecurityException( SecurityConfigException.UNKNOWN_INTERCEPTOR_FILTER_$2, requestChain.getName(), throw createSecurityException( SecurityConfigException.INTERCEPTOR_FILTER_MANDATORY_$1, requestChain.getName()); try { if (proxy.lookupFilter(exceptionTranslationName) == null) { throw createSecurityException(
throw createSecurityException(PASSWORD_ENCODER_REQUIRED); encoder = manager.loadPasswordEncoder(config.getConfigPasswordEncrypterName()); } catch (NoSuchBeanDefinitionException ex) { throw createSecurityException(INVALID_PASSWORD_ENCODER_$1, encrypterName); throw createSecurityException(INVALID_PASSWORD_ENCODER_$1, encrypterName); throw createSecurityException(INVALID_PASSWORD_ENCODER_$1, encrypterName); throw createSecurityException(INVALID_STRONG_CONFIG_PASSWORD_ENCODER); throw createSecurityException(ROLE_SERVICE_NOT_FOUND_$1, roleServiceName); } catch (IOException e) { throw new RuntimeException(e); throw createSecurityException(AUTH_PROVIDER_NOT_FOUND_$1, authProvName); GeoServerSecurityFilterChain oldChain = oldConfig.getFilterChain(); if (chain == null) { throw createSecurityException(SecurityConfigException.FILTER_CHAIN_NULL_ERROR); if (chain.getRequestChainByName(oldRequestChain.getName()) == null) { if (oldRequestChain.canBeRemoved() == false) { throw createSecurityException( SecurityConfigException.FILTER_CHAIN_NOT_REMOVEABLE_$1, oldRequestChain.getName()); throw createSecurityException(SecurityConfigException.FILTER_CHAIN_NAME_MANDATORY);
public void validateAddNamedService(Class<?> extensionPoint, SecurityNamedServiceConfig config) throws SecurityConfigException { checkExtensionPont(extensionPoint, config.getClassName()); checkServiceName(extensionPoint, config.getName()); SortedSet<String> names = getNamesFor(extensionPoint); if (names.contains(config.getName())) throw createSecurityException(alreadyExistsErrorCode(extensionPoint), config.getName()); }
public void validateModifiedNamedService( Class<?> extensionPoint, SecurityNamedServiceConfig config) throws SecurityConfigException { checkExtensionPont(extensionPoint, config.getClassName()); checkServiceName(extensionPoint, config.getName()); SortedSet<String> names = getNamesFor(extensionPoint); if (names.contains(config.getName()) == false) throw createSecurityException(notFoundErrorCode(extensionPoint), config.getName()); }
public void validateRemoveUserGroupService(SecurityUserGroupServiceConfig config) throws SecurityConfigException { validateRemoveNamedService(GeoServerUserGroupService.class, config); try { for (String name : manager.listAuthenticationProviders()) { SecurityAuthProviderConfig authConfig = manager.loadAuthenticationProviderConfig(name); String userGroupService = authConfig.getUserGroupServiceName(); if (isNotEmpty(userGroupService)) { if (authConfig.getUserGroupServiceName().equals(config.getName())) throw createSecurityException( USERGROUP_SERVICE_ACTIVE_$2, config.getName(), authConfig.getName()); } } } catch (IOException ex) { throw new RuntimeException(ex); } }