Search in sources :

Example 1 with SecurityPolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.

the class CredentialsProcessor method transformFocusExectionDelta.

/**
	 * Called from ChangeExecutor. Will modify the execution deltas to hash or remove credentials if needed.
	 */
public <O extends ObjectType> ObjectDelta<O> transformFocusExectionDelta(LensContext<O> context, ObjectDelta<O> focusDelta) throws SchemaException, EncryptionException {
    LensFocusContext<O> focusContext = context.getFocusContext();
    SecurityPolicyType securityPolicy = focusContext.getSecurityPolicy();
    if (securityPolicy == null) {
        return focusDelta;
    }
    CredentialsPolicyType credsType = securityPolicy.getCredentials();
    if (credsType == null) {
        return focusDelta;
    }
    ObjectDelta<O> transformedDelta = focusDelta.clone();
    transformFocusExectionDeltaCredential(context, credsType, credsType.getPassword(), SchemaConstants.PATH_PASSWORD_VALUE, transformedDelta);
    return transformedDelta;
}
Also used : SecurityPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType) CredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)

Example 2 with SecurityPolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.

the class CredentialsProcessor method processSecurityPolicy.

private <F extends FocusType> void processSecurityPolicy(LensContext<F> context, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException {
    LensFocusContext<F> focusContext = context.getFocusContext();
    SecurityPolicyType securityPolicy = focusContext.getSecurityPolicy();
    if (securityPolicy == null) {
        securityPolicy = securityHelper.locateSecurityPolicy(focusContext.getObjectAny(), context.getSystemConfiguration(), task, result);
        if (securityPolicy == null) {
            // store empty policy to avoid repeated lookups
            securityPolicy = new SecurityPolicyType();
        }
        focusContext.setSecurityPolicy(securityPolicy);
    }
    if (LOGGER.isTraceEnabled()) {
        LOGGER.trace("Security policy:\n{}", securityPolicy == null ? null : securityPolicy.asPrismObject().debugDump(1));
    } else {
        LOGGER.debug("Security policy: {}", securityPolicy);
    }
}
Also used : SecurityPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType)

Example 3 with SecurityPolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.

the class SecurityHelper method resolveGlobalSecurityPolicy.

private <F extends FocusType> SecurityPolicyType resolveGlobalSecurityPolicy(PrismObject<F> user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) {
    ObjectReferenceType globalSecurityPolicyRef = systemConfiguration.getGlobalSecurityPolicyRef();
    if (globalSecurityPolicyRef != null) {
        try {
            SecurityPolicyType globalSecurityPolicyType = objectResolver.resolve(globalSecurityPolicyRef, SecurityPolicyType.class, null, "global security policy reference in system configuration", task, result);
            LOGGER.trace("Using global security policy: {}", globalSecurityPolicyType);
            postProcessSecurityPolicy(globalSecurityPolicyType, task, result);
            traceSecurityPolicy(globalSecurityPolicyType, user);
            return globalSecurityPolicyType;
        } catch (ObjectNotFoundException | SchemaException e) {
            LOGGER.error(e.getMessage(), e);
            traceSecurityPolicy(null, user);
            return null;
        }
    }
    return null;
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) SecurityPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType)

Example 4 with SecurityPolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.

the class SecurityHelper method postProcessCredentialPolicy.

private ValuePolicyType postProcessCredentialPolicy(SecurityPolicyType securityPolicyType, CredentialPolicyType credPolicy, String credShortDesc, Task task, OperationResult result) {
    ObjectReferenceType valuePolicyRef = credPolicy.getValuePolicyRef();
    if (valuePolicyRef == null) {
        return null;
    }
    ValuePolicyType valuePolicyType;
    try {
        valuePolicyType = objectResolver.resolve(valuePolicyRef, ValuePolicyType.class, null, credShortDesc + " in " + securityPolicyType, task, result);
    } catch (ObjectNotFoundException | SchemaException e) {
        LOGGER.warn("{} {} referenced from {} was not found", credShortDesc, valuePolicyRef.getOid(), securityPolicyType);
        return null;
    }
    valuePolicyRef.asReferenceValue().setObject(valuePolicyType.asPrismObject());
    return valuePolicyType;
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType) ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)

Example 5 with SecurityPolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.

the class SecurityHelper method resolveGlobalPasswordPolicy.

private <F extends FocusType> SecurityPolicyType resolveGlobalPasswordPolicy(PrismObject<F> user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) {
    ObjectReferenceType globalPasswordPolicyRef = systemConfiguration.getGlobalPasswordPolicyRef();
    if (globalPasswordPolicyRef != null) {
        try {
            ValuePolicyType globalPasswordPolicyType = objectResolver.resolve(globalPasswordPolicyRef, ValuePolicyType.class, null, "global security policy reference in system configuration", task, result);
            LOGGER.trace("Using global password policy: {}", globalPasswordPolicyType);
            SecurityPolicyType policy = postProcessPasswordPolicy(globalPasswordPolicyType);
            traceSecurityPolicy(policy, user);
            return policy;
        } catch (ObjectNotFoundException | SchemaException e) {
            LOGGER.error(e.getMessage(), e);
            traceSecurityPolicy(null, user);
            return null;
        }
    }
    return null;
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType) ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) SecurityPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType)

Aggregations

SecurityPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType)13 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)6 ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)6 ValuePolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)5 CredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)4 RestartResponseException (org.apache.wicket.RestartResponseException)4 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)3 MailAuthenticationPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.MailAuthenticationPolicyType)3 NonceCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType)3 SecurityQuestionsCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)3 SmsAuthenticationPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SmsAuthenticationPolicyType)3 AbstractAuthenticationPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractAuthenticationPolicyType)2 PasswordCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordCredentialsPolicyType)2 ArrayList (java.util.ArrayList)2 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)1 Task (com.evolveum.midpoint.task.api.Task)1 ObjectPolicyConfigurationEditor (com.evolveum.midpoint.web.component.ObjectPolicyConfigurationEditor)1 AEPlevel (com.evolveum.midpoint.web.page.admin.configuration.dto.AEPlevel)1 ObjectViewDto (com.evolveum.midpoint.web.page.admin.dto.ObjectViewDto)1 MyPasswordQuestionsPanel (com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel)1