use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method changePassword.
@POST
@Path("users/{userName}/password")
@Consumes("text/plain")
@Produces("application/xml")
public Response changePassword(String newPassword, @PathParam("userName") String userName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:write:user");
ANNISUserConfigurationManager confManager = getConfManager();
ANNISUserRealm userRealm = getUserRealm();
if (confManager != null && userRealm != null) {
User user = confManager.getUser(userName);
if (user == null) {
return Response.status(Response.Status.NOT_FOUND).build();
}
Shiro1CryptFormat format = new Shiro1CryptFormat();
SecureRandomNumberGenerator generator = new SecureRandomNumberGenerator();
// 128 bit
ByteSource salt = generator.nextBytes(128 / 8);
Sha256Hash hash = new Sha256Hash(newPassword, salt, 1);
user.setPasswordHash(format.format(hash));
if (userRealm.updateUser(user)) {
return Response.ok().entity(user).build();
}
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not change password").build();
}
use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method listGroups.
@GET
@Path("groups")
@Produces("application/xml")
public List<Group> listGroups() {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:read:group");
if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) {
ANNISUserConfigurationManager confManager = getConfManager();
if (confManager != null) {
return new LinkedList<>(confManager.getGroups().values());
}
}
return new LinkedList<>();
}
Aggregations