use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.
the class CredentialsProcessor method transformFocusExectionDelta.
/**
* Called from ChangeExecutor. Will modify the execution deltas to hash or remove credentials if needed.
*/
public <O extends ObjectType> ObjectDelta<O> transformFocusExectionDelta(LensContext<O> context, ObjectDelta<O> focusDelta) throws SchemaException, EncryptionException {
LensFocusContext<O> focusContext = context.getFocusContext();
SecurityPolicyType securityPolicy = focusContext.getSecurityPolicy();
if (securityPolicy == null) {
return focusDelta;
}
CredentialsPolicyType credsType = securityPolicy.getCredentials();
if (credsType == null) {
return focusDelta;
}
ObjectDelta<O> transformedDelta = focusDelta.clone();
transformFocusExectionDeltaCredential(context, credsType, credsType.getPassword(), SchemaConstants.PATH_PASSWORD_VALUE, transformedDelta);
return transformedDelta;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.
the class CredentialsProcessor method processSecurityPolicy.
private <F extends FocusType> void processSecurityPolicy(LensContext<F> context, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException {
LensFocusContext<F> focusContext = context.getFocusContext();
SecurityPolicyType securityPolicy = focusContext.getSecurityPolicy();
if (securityPolicy == null) {
securityPolicy = securityHelper.locateSecurityPolicy(focusContext.getObjectAny(), context.getSystemConfiguration(), task, result);
if (securityPolicy == null) {
// store empty policy to avoid repeated lookups
securityPolicy = new SecurityPolicyType();
}
focusContext.setSecurityPolicy(securityPolicy);
}
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("Security policy:\n{}", securityPolicy == null ? null : securityPolicy.asPrismObject().debugDump(1));
} else {
LOGGER.debug("Security policy: {}", securityPolicy);
}
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.
the class SecurityHelper method resolveGlobalSecurityPolicy.
private <F extends FocusType> SecurityPolicyType resolveGlobalSecurityPolicy(PrismObject<F> user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) {
ObjectReferenceType globalSecurityPolicyRef = systemConfiguration.getGlobalSecurityPolicyRef();
if (globalSecurityPolicyRef != null) {
try {
SecurityPolicyType globalSecurityPolicyType = objectResolver.resolve(globalSecurityPolicyRef, SecurityPolicyType.class, null, "global security policy reference in system configuration", task, result);
LOGGER.trace("Using global security policy: {}", globalSecurityPolicyType);
postProcessSecurityPolicy(globalSecurityPolicyType, task, result);
traceSecurityPolicy(globalSecurityPolicyType, user);
return globalSecurityPolicyType;
} catch (ObjectNotFoundException | SchemaException e) {
LOGGER.error(e.getMessage(), e);
traceSecurityPolicy(null, user);
return null;
}
}
return null;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.
the class SecurityHelper method postProcessCredentialPolicy.
private ValuePolicyType postProcessCredentialPolicy(SecurityPolicyType securityPolicyType, CredentialPolicyType credPolicy, String credShortDesc, Task task, OperationResult result) {
ObjectReferenceType valuePolicyRef = credPolicy.getValuePolicyRef();
if (valuePolicyRef == null) {
return null;
}
ValuePolicyType valuePolicyType;
try {
valuePolicyType = objectResolver.resolve(valuePolicyRef, ValuePolicyType.class, null, credShortDesc + " in " + securityPolicyType, task, result);
} catch (ObjectNotFoundException | SchemaException e) {
LOGGER.warn("{} {} referenced from {} was not found", credShortDesc, valuePolicyRef.getOid(), securityPolicyType);
return null;
}
valuePolicyRef.asReferenceValue().setObject(valuePolicyType.asPrismObject());
return valuePolicyType;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType in project midpoint by Evolveum.
the class SecurityHelper method resolveGlobalPasswordPolicy.
private <F extends FocusType> SecurityPolicyType resolveGlobalPasswordPolicy(PrismObject<F> user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) {
ObjectReferenceType globalPasswordPolicyRef = systemConfiguration.getGlobalPasswordPolicyRef();
if (globalPasswordPolicyRef != null) {
try {
ValuePolicyType globalPasswordPolicyType = objectResolver.resolve(globalPasswordPolicyRef, ValuePolicyType.class, null, "global security policy reference in system configuration", task, result);
LOGGER.trace("Using global password policy: {}", globalPasswordPolicyType);
SecurityPolicyType policy = postProcessPasswordPolicy(globalPasswordPolicyType);
traceSecurityPolicy(policy, user);
return policy;
} catch (ObjectNotFoundException | SchemaException e) {
LOGGER.error(e.getMessage(), e);
traceSecurityPolicy(null, user);
return null;
}
}
return null;
}
Aggregations