Examples with StorageOSUserDAO com.emc.storageos.db.client.model.StorageOSUserDAO used on opensource projects

Search in sources :

Example 16 with StorageOSUserDAO

use of com.emc.storageos.db.client.model.StorageOSUserDAO in project coprhd-controller by CoprHD.

the class InterVDCTokenCacheHelper method cacheForeignTokenAndKeys.

/**
 * saves token artifacts to the cache. The artifacts can be the token & user record, and token key ids.
 * Token key ids (TokenKeyBundle) goes to zk. Token and user record goes to cassandra.
 *
 * @param artifacts
 * @param vdcID
 */
public void cacheForeignTokenAndKeys(TokenResponseArtifacts artifacts, String vdcID) {
    Token token = artifacts.getToken();
    StorageOSUserDAO user = artifacts.getUser();
    TokenKeysBundle bundle = artifacts.getTokenKeysBundle();
    if (token != null && user != null) {
        cacheForeignTokenArtifacts(token, user);
    }
    if (bundle != null) {
        saveTokenKeysBundle(vdcID, bundle);
    }
}
Also used : StorageOSUserDAO(com.emc.storageos.db.client.model.StorageOSUserDAO) TokenKeysBundle(com.emc.storageos.security.authentication.TokenKeyGenerator.TokenKeysBundle) Token(com.emc.storageos.db.client.model.Token)

Example 17 with StorageOSUserDAO

use of com.emc.storageos.db.client.model.StorageOSUserDAO in project coprhd-controller by CoprHD.

the class InterVDCTokenCacheHelper method cacheForeignTokenArtifacts.

/**
 * Saves the token and user dao records to the db. Set the cache expiration time
 * to 10 minutes or time left on the token, whichever is sooner.
 * Note: this method assumes validity of the token (expiration) has been checked
 *
 * @param t
 * @param user
 * @param now current time in minutes
 */
private synchronized void cacheForeignTokenArtifacts(final Token token, final StorageOSUserDAO user) {
    long now = System.currentTimeMillis() / (MIN_TO_MSECS);
    InterProcessLock tokenLock = null;
    try {
        tokenLock = coordinator.getLock(token.getId().toString());
        if (tokenLock == null) {
            log.error("Could not acquire lock for token caching");
            throw SecurityException.fatals.couldNotAcquireLockTokenCaching();
        }
        tokenLock.acquire();
        StorageOSUserDAO userToPersist = dbClient.queryObject(StorageOSUserDAO.class, user.getId());
        userToPersist = (userToPersist == null) ? new StorageOSUserDAO() : userToPersist;
        userToPersist.setAttributes(user.getAttributes());
        userToPersist.setCreationTime(user.getCreationTime());
        userToPersist.setDistinguishedName(user.getDistinguishedName());
        userToPersist.setGroups(user.getGroups());
        userToPersist.setId(user.getId());
        userToPersist.setIsLocal(user.getIsLocal());
        userToPersist.setTenantId(user.getTenantId());
        userToPersist.setUserName(user.getUserName());
        dbClient.persistObject(userToPersist);
        Token tokenToPersist = dbClient.queryObject(Token.class, token.getId());
        tokenToPersist = (tokenToPersist == null) ? new Token() : tokenToPersist;
        if ((token.getExpirationTime() - now) > maxLifeValuesHolder.getForeignTokenCacheExpirationInMins()) {
            tokenToPersist.setCacheExpirationTime(now + maxLifeValuesHolder.getForeignTokenCacheExpirationInMins());
        } else {
            tokenToPersist.setCacheExpirationTime(token.getExpirationTime());
        }
        tokenToPersist.setId(token.getId());
        // relative index, Id of the userDAO record
        tokenToPersist.setUserId(user.getId());
        tokenToPersist.setIssuedTime(token.getIssuedTime());
        tokenToPersist.setLastAccessTime(now);
        tokenToPersist.setExpirationTime(token.getExpirationTime());
        tokenToPersist.setIndexed(true);
        tokenToPersist.setZoneId(token.getZoneId());
        dbClient.persistObject(tokenToPersist);
        log.info("Cached user {} and token", user.getUserName());
    } catch (Exception ex) {
        log.error("Could not acquire lock while trying to get a proxy token.", ex);
    } finally {
        try {
            if (tokenLock != null) {
                tokenLock.release();
            }
        } catch (Exception ex) {
            log.error("Unable to release token caching lock", ex);
        }
    }
}
Also used : StorageOSUserDAO(com.emc.storageos.db.client.model.StorageOSUserDAO) InterProcessLock(org.apache.curator.framework.recipes.locks.InterProcessLock) Token(com.emc.storageos.db.client.model.Token) SecurityException(com.emc.storageos.security.exceptions.SecurityException)

Example 18 with StorageOSUserDAO

use of com.emc.storageos.db.client.model.StorageOSUserDAO in project coprhd-controller by CoprHD.

the class TokenResponseBuilder method parseTokenResponse.

/**
 * Creates a TokenResponseArtifacts holder for items retrieved in a TokenResponse.
 * Today, Token and StorageOSUserDAO objects
 *
 * @param response
 * @return
 */
public static TokenResponseArtifacts parseTokenResponse(TokenResponse response) {
    String userEncoded = response.getUserDAO();
    String tokenEncoded = response.getToken();
    String tokenKeysBundleEncoded = response.getTokenKeysBundle();
    StorageOSUserDAO user = null;
    Token token = null;
    TokenKeysBundle tokenKeysBundle = null;
    if (StringUtils.isNotBlank(userEncoded)) {
        try {
            user = (StorageOSUserDAO) SerializerUtils.deserialize(userEncoded);
        } catch (UnsupportedEncodingException e) {
            log.error("Could not decode user: ", e);
        } catch (Exception e) {
            log.error("Could not deserialize user: ", e);
        }
    }
    if (StringUtils.isNotBlank(tokenEncoded)) {
        try {
            token = (Token) SerializerUtils.deserialize(tokenEncoded);
        } catch (UnsupportedEncodingException e) {
            log.error("Could not decode token: ", e);
        } catch (Exception e) {
            log.error("Could not deserialize token: ", e);
        }
    }
    if (StringUtils.isNotBlank(tokenKeysBundleEncoded)) {
        try {
            tokenKeysBundle = (TokenKeysBundle) SerializerUtils.deserialize(tokenKeysBundleEncoded);
        } catch (UnsupportedEncodingException e) {
            log.error("Could not decode token keys bundle: ", e);
        } catch (Exception e) {
            log.error("Could not deserialize token keys bundle: ", e);
        }
    }
    return new TokenResponseBuilder.TokenResponseArtifacts(user, token, tokenKeysBundle);
}
Also used : StorageOSUserDAO(com.emc.storageos.db.client.model.StorageOSUserDAO) TokenKeysBundle(com.emc.storageos.security.authentication.TokenKeyGenerator.TokenKeysBundle) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Token(com.emc.storageos.db.client.model.Token) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 19 with StorageOSUserDAO

use of com.emc.storageos.db.client.model.StorageOSUserDAO in project coprhd-controller by CoprHD.

the class CassandraTokenValidator method deleteTokenInternal.

/**
 * Delete the given token from db, if this is last token referring the userDAO,
 * and there are no proxy token associated, mark the userDAO for deletion
 *
 * @param token
 */
protected void deleteTokenInternal(Token token) {
    URI userId = token.getUserId();
    _dbClient.removeObject(token);
    List<Token> tokens = getTokensForUserId(userId);
    List<ProxyToken> pTokens = getProxyTokensForUserId(userId);
    if (CollectionUtils.isEmpty(tokens) && CollectionUtils.isEmpty(pTokens)) {
        _log.info("There are no more tokens referring to the user id {}, marking it inactive");
        StorageOSUserDAO userDAO = _dbClient.queryObject(StorageOSUserDAO.class, userId);
        _dbClient.markForDeletion(userDAO);
    }
}
Also used : ProxyToken(com.emc.storageos.db.client.model.ProxyToken) StorageOSUserDAO(com.emc.storageos.db.client.model.StorageOSUserDAO) ProxyToken(com.emc.storageos.db.client.model.ProxyToken) Token(com.emc.storageos.db.client.model.Token) BaseToken(com.emc.storageos.db.client.model.BaseToken) URI(java.net.URI)

Example 20 with StorageOSUserDAO

use of com.emc.storageos.db.client.model.StorageOSUserDAO in project coprhd-controller by CoprHD.

the class CassandraTokenValidator method getForeignToken.

/**
 * Queries the remote VDC for token and userdao objects
 *
 * @param tw TokenOnWire object
 * @param rawToken the rawToken to send to the remote vdc
 * @return
 */
private StorageOSUserDAO getForeignToken(TokenOnWire tw, String rawToken) {
    StorageOSUserDAO userFromCache = this.foreignTokenCacheLookup(tw);
    if (userFromCache != null) {
        return userFromCache;
    }
    try {
        String shortVDCid = URIUtil.parseVdcIdFromURI(tw.getTokenId());
        TokenResponse response = geoClientCacheMgt.getGeoClient(shortVDCid).getToken(rawToken, null, null);
        if (response != null) {
            TokenResponseArtifacts artifacts = TokenResponseBuilder.parseTokenResponse(response);
            _log.info("Got username for foreign token: {}", artifacts.getUser().getUserName());
            _log.debug("Got token object: {}", artifacts.getToken().getId().toString());
            interVDCTokenCacheHelper.cacheForeignTokenAndKeys(artifacts, shortVDCid);
            return artifacts.getUser();
        } else {
            _log.error("Null response from getForeignToken call.  It's possible remote vdc is not reachable.");
        }
    } catch (Exception e) {
        _log.error("Could not validate foreign token ", e);
    }
    return null;
}
Also used : StorageOSUserDAO(com.emc.storageos.db.client.model.StorageOSUserDAO) TokenResponse(com.emc.storageos.geomodel.TokenResponse) TokenResponseArtifacts(com.emc.storageos.security.geo.TokenResponseBuilder.TokenResponseArtifacts) APIException(com.emc.storageos.svcs.errorhandling.resources.APIException) DatabaseException(com.emc.storageos.db.exceptions.DatabaseException)

Aggregations

StorageOSUserDAO (com.emc.storageos.db.client.model.StorageOSUserDAO)37 Token (com.emc.storageos.db.client.model.Token)15 ProxyToken (com.emc.storageos.db.client.model.ProxyToken)12 Test (org.junit.Test)12 TokenOnWire (com.emc.storageos.security.authentication.TokenOnWire)11 URI (java.net.URI)10 BaseToken (com.emc.storageos.db.client.model.BaseToken)9 UsernamePasswordCredentials (org.apache.commons.httpclient.UsernamePasswordCredentials)9 SignedToken (com.emc.storageos.security.authentication.Base64TokenEncoder.SignedToken)8 CassandraTokenManager (com.emc.storageos.auth.impl.CassandraTokenManager)7 Base64TokenEncoder (com.emc.storageos.security.authentication.Base64TokenEncoder)7 TokenKeyGenerator (com.emc.storageos.security.authentication.TokenKeyGenerator)7 TokenMaxLifeValuesHolder (com.emc.storageos.security.authentication.TokenMaxLifeValuesHolder)7 CoordinatorClient (com.emc.storageos.coordinator.client.service.CoordinatorClient)6 DbClient (com.emc.storageos.db.client.DbClient)6 AlternateIdConstraint (com.emc.storageos.db.client.constraint.AlternateIdConstraint)5 ContainmentConstraint (com.emc.storageos.db.client.constraint.ContainmentConstraint)5 UnauthorizedException (com.emc.storageos.svcs.errorhandling.resources.UnauthorizedException)5 StringSet (com.emc.storageos.db.client.model.StringSet)4 DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial