Example 1 with ANNISUserRealm
use of annis.security.ANNISUserRealm in project ANNIS by korpling.
the class AdminServiceImpl method changePassword.
@POST
@Path("users/{userName}/password")
@Consumes("text/plain")
@Produces("application/xml")
public Response changePassword(String newPassword, @PathParam("userName") String userName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:write:user");
ANNISUserConfigurationManager confManager = getConfManager();
ANNISUserRealm userRealm = getUserRealm();
if (confManager != null && userRealm != null) {
User user = confManager.getUser(userName);
if (user == null) {
return Response.status(Response.Status.NOT_FOUND).build();
}
Shiro1CryptFormat format = new Shiro1CryptFormat();
SecureRandomNumberGenerator generator = new SecureRandomNumberGenerator();
// 128 bit
ByteSource salt = generator.nextBytes(128 / 8);
Sha256Hash hash = new Sha256Hash(newPassword, salt, 1);
user.setPasswordHash(format.format(hash));
if (userRealm.updateUser(user)) {
return Response.ok().entity(user).build();
}
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not change password").build();
}
Also used :
User(annis.security.User)
SecureRandomNumberGenerator(org.apache.shiro.crypto.SecureRandomNumberGenerator)
Sha256Hash(org.apache.shiro.crypto.hash.Sha256Hash)
ANNISUserConfigurationManager(annis.security.ANNISUserConfigurationManager)
ByteSource(org.apache.shiro.util.ByteSource)
ANNISUserRealm(annis.security.ANNISUserRealm)
Subject(org.apache.shiro.subject.Subject)
Shiro1CryptFormat(org.apache.shiro.crypto.hash.format.Shiro1CryptFormat)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
Example 2 with ANNISUserRealm
use of annis.security.ANNISUserRealm in project ANNIS by korpling.
the class AdminServiceImpl method updateOrCreateUser.
@PUT
@Path("users/{userName}")
@Consumes("application/xml")
@Override
public Response updateOrCreateUser(User user, @PathParam("userName") String userName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:write:user");
if (!userName.equals(user.getName())) {
return Response.status(Response.Status.BAD_REQUEST).entity("Username in object is not the same as in path").build();
}
// requesting user needs more than just a "admin:write:user" permission"
for (String permission : user.getPermissions()) {
if (permission.startsWith("admin:")) {
requestingUser.checkPermission("admin:write:adminuser");
break;
}
}
ANNISUserRealm userRealm = getUserRealm();
if (userRealm != null) {
if (userRealm.updateUser(user)) {
return Response.ok().build();
}
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not update/create user").build();
}
Also used :
ANNISUserRealm(annis.security.ANNISUserRealm)
Subject(org.apache.shiro.subject.Subject)
Path(javax.ws.rs.Path)
Consumes(javax.ws.rs.Consumes)
PUT(javax.ws.rs.PUT)
Aggregations
ANNISUserRealm (annis.security.ANNISUserRealm)2
Consumes (javax.ws.rs.Consumes)2
Path (javax.ws.rs.Path)2
Subject (org.apache.shiro.subject.Subject)2
ANNISUserConfigurationManager (annis.security.ANNISUserConfigurationManager)1
User (annis.security.User)1
POST (javax.ws.rs.POST)1
PUT (javax.ws.rs.PUT)1
Produces (javax.ws.rs.Produces)1
SecureRandomNumberGenerator (org.apache.shiro.crypto.SecureRandomNumberGenerator)1
Sha256Hash (org.apache.shiro.crypto.hash.Sha256Hash)1
Shiro1CryptFormat (org.apache.shiro.crypto.hash.format.Shiro1CryptFormat)1
ByteSource (org.apache.shiro.util.ByteSource)1
