Examples with User - annis.security.User

Example 1 with User

use of annis.security.User in project ANNIS by korpling.

the class AdminServiceImpl method getUser.

@GET
@Path("users/{userName}")
@Produces("application/xml")
@Override
public User getUser(@PathParam("userName") String userName) {
    Subject requestingUser = SecurityUtils.getSubject();
    requestingUser.checkPermission("admin:read:user");
    ANNISUserConfigurationManager conf = getConfManager();
    if (conf != null) {
        User u = conf.getUser(userName);
        if (u == null) {
            throw new WebApplicationException(Response.Status.NOT_FOUND);
        }
        // remove the password hash from the result, we don't want someone with
        // lower adminstration rights to crack it
        u.setPasswordHash("");
        return u;
    }
    throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}

Also used : User(annis.security.User) WebApplicationException(javax.ws.rs.WebApplicationException) ANNISUserConfigurationManager(annis.security.ANNISUserConfigurationManager) Subject(org.apache.shiro.subject.Subject) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 2 with User

use of annis.security.User in project ANNIS by korpling.

the class UserManagement method updateUsedGroupNamesAndPermissions.

private void updateUsedGroupNamesAndPermissions() {
    usedGroupNames.clear();
    usedPermissions.clear();
    for (User u : users.values()) {
        usedGroupNames.addAll(u.getGroups());
        usedPermissions.addAll(u.getPermissions());
    }
}

Also used : User(annis.security.User)

Example 3 with User

use of annis.security.User in project ANNIS by korpling.

the class UserManagement method fetchFromService.

public boolean fetchFromService() {
    if (webResourceProvider != null) {
        WebResource res = webResourceProvider.getWebResource().path("admin/users");
        users.clear();
        usedGroupNames.clear();
        usedPermissions.clear();
        try {
            List<User> list = res.get(new GenericType<List<User>>() {
            });
            for (User u : list) {
                users.put(u.getName(), u);
                usedGroupNames.addAll(u.getGroups());
                usedPermissions.addAll(u.getPermissions());
            }
            return true;
        } catch (UniformInterfaceException ex) {
            log.error("Could not get the list of users", ex);
        }
    }
    return false;
}

Also used : User(annis.security.User) UniformInterfaceException(com.sun.jersey.api.client.UniformInterfaceException) WebResource(com.sun.jersey.api.client.WebResource) List(java.util.List)

Example 4 with User

use of annis.security.User in project ANNIS by korpling.

the class UserManagement method setPassword.

public User setPassword(String userName, String newPassword) {
    User newUser = null;
    if (webResourceProvider != null) {
        WebResource res = webResourceProvider.getWebResource().path("admin/users").path(userName).path("password");
        newUser = res.post(User.class, newPassword);
        if (newUser != null) {
            users.put(newUser.getName(), newUser);
        }
    }
    return newUser;
}

Also used : User(annis.security.User) WebResource(com.sun.jersey.api.client.WebResource)

Example 5 with User

use of annis.security.User in project ANNIS by korpling.

the class AdminServiceImpl method changePassword.

@POST
@Path("users/{userName}/password")
@Consumes("text/plain")
@Produces("application/xml")
public Response changePassword(String newPassword, @PathParam("userName") String userName) {
    Subject requestingUser = SecurityUtils.getSubject();
    requestingUser.checkPermission("admin:write:user");
    ANNISUserConfigurationManager confManager = getConfManager();
    ANNISUserRealm userRealm = getUserRealm();
    if (confManager != null && userRealm != null) {
        User user = confManager.getUser(userName);
        if (user == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        Shiro1CryptFormat format = new Shiro1CryptFormat();
        SecureRandomNumberGenerator generator = new SecureRandomNumberGenerator();
        // 128 bit
        ByteSource salt = generator.nextBytes(128 / 8);
        Sha256Hash hash = new Sha256Hash(newPassword, salt, 1);
        user.setPasswordHash(format.format(hash));
        if (userRealm.updateUser(user)) {
            return Response.ok().entity(user).build();
        }
    }
    return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not change password").build();
}

Also used : User(annis.security.User) SecureRandomNumberGenerator(org.apache.shiro.crypto.SecureRandomNumberGenerator) Sha256Hash(org.apache.shiro.crypto.hash.Sha256Hash) ANNISUserConfigurationManager(annis.security.ANNISUserConfigurationManager) ByteSource(org.apache.shiro.util.ByteSource) ANNISUserRealm(annis.security.ANNISUserRealm) Subject(org.apache.shiro.subject.Subject) Shiro1CryptFormat(org.apache.shiro.crypto.hash.format.Shiro1CryptFormat) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Aggregations

User (annis.security.User)5 ANNISUserConfigurationManager (annis.security.ANNISUserConfigurationManager)2 WebResource (com.sun.jersey.api.client.WebResource)2 Path (javax.ws.rs.Path)2 Produces (javax.ws.rs.Produces)2 Subject (org.apache.shiro.subject.Subject)2 ANNISUserRealm (annis.security.ANNISUserRealm)1 UniformInterfaceException (com.sun.jersey.api.client.UniformInterfaceException)1 List (java.util.List)1 Consumes (javax.ws.rs.Consumes)1 GET (javax.ws.rs.GET)1 POST (javax.ws.rs.POST)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 SecureRandomNumberGenerator (org.apache.shiro.crypto.SecureRandomNumberGenerator)1 Sha256Hash (org.apache.shiro.crypto.hash.Sha256Hash)1 Shiro1CryptFormat (org.apache.shiro.crypto.hash.format.Shiro1CryptFormat)1 ByteSource (org.apache.shiro.util.ByteSource)1