Example 11 with GuiProfiledPrincipal
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class GuiProfiledPrincipalManagerImpl method getLocalLoggedInPrincipals.
@Override
public List<UserSessionManagementType> getLocalLoggedInPrincipals() {
String currentNodeId = taskManager.getNodeId();
if (sessionRegistry != null) {
List<Object> loggedInUsers = sessionRegistry.getAllPrincipals();
List<UserSessionManagementType> loggedPrincipals = new ArrayList<>();
for (Object principal : loggedInUsers) {
if (!(principal instanceof GuiProfiledPrincipal)) {
continue;
}
List<SessionInformation> sessionInfos = sessionRegistry.getAllSessions(principal, false);
if (sessionInfos == null || sessionInfos.isEmpty()) {
continue;
}
GuiProfiledPrincipal midPointPrincipal = (GuiProfiledPrincipal) principal;
UserSessionManagementType userSessionManagementType = new UserSessionManagementType();
userSessionManagementType.setFocus(midPointPrincipal.getFocus());
userSessionManagementType.setActiveSessions(sessionInfos.size());
userSessionManagementType.getNode().add(currentNodeId);
loggedPrincipals.add(userSessionManagementType);
}
return loggedPrincipals;
} else {
return emptyList();
}
}
Also used :
SessionInformation(org.springframework.security.core.session.SessionInformation)
UserSessionManagementType(com.evolveum.midpoint.xml.ns._public.common.api_types_3.UserSessionManagementType)
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
ArrayList(java.util.ArrayList)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Example 12 with GuiProfiledPrincipal
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class GuiProfiledPrincipalManagerImpl method getPrincipal.
@Override
public GuiProfiledPrincipal getPrincipal(PrismObject<? extends FocusType> focus, AuthorizationTransformer authorizationTransformer, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
if (focus == null) {
return null;
}
securityContextManager.setTemporaryPrincipalOid(focus.getOid());
try {
PrismObject<SystemConfigurationType> systemConfiguration = getSystemConfiguration(result);
LifecycleStateModelType lifecycleModel = getLifecycleModel(focus, systemConfiguration);
focusComputer.recompute(focus, lifecycleModel);
GuiProfiledPrincipal principal = new GuiProfiledPrincipal(focus.asObjectable());
initializePrincipalFromAssignments(principal, systemConfiguration, authorizationTransformer);
return principal;
} finally {
securityContextManager.clearTemporaryPrincipalOid();
}
}
Also used :
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
Example 13 with GuiProfiledPrincipal
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class AbstractModelIntegrationTest method assertCompiledGuiProfile.
protected CompiledGuiProfileAsserter<Void> assertCompiledGuiProfile(MidPointPrincipal principal) {
if (!(principal instanceof GuiProfiledPrincipal)) {
fail("Expected GuiProfiledPrincipal, but got " + principal.getClass());
}
CompiledGuiProfile compiledGuiProfile = ((GuiProfiledPrincipal) principal).getCompiledGuiProfile();
CompiledGuiProfileAsserter<Void> asserter = new CompiledGuiProfileAsserter<>(compiledGuiProfile, null, "in principal " + principal);
initializeAsserter(asserter);
return asserter;
}
Also used :
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
CompiledGuiProfile(com.evolveum.midpoint.model.api.authentication.CompiledGuiProfile)
Example 14 with GuiProfiledPrincipal
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class MailNonceProvider method internalAuthentication.
@Override
protected Authentication internalAuthentication(Authentication authentication, List<ObjectReferenceType> requireAssignment, AuthenticationChannel channel, Class<? extends FocusType> focusType) throws AuthenticationException {
if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof GuiProfiledPrincipal) {
return authentication;
}
String enteredUsername = (String) authentication.getPrincipal();
LOGGER.trace("Authenticating username '{}'", enteredUsername);
ConnectionEnvironment connEnv = createEnvironment(channel);
try {
Authentication token;
if (authentication instanceof MailNonceAuthenticationToken) {
String nonce = (String) authentication.getCredentials();
NonceAuthenticationContext authContext = new NonceAuthenticationContext(enteredUsername, focusType, nonce, getNoncePolicy(enteredUsername), requireAssignment);
if (channel != null) {
authContext.setSupportActivationByChannel(channel.isSupportActivationByChannel());
}
token = getEvaluator().authenticate(connEnv, authContext);
} else {
LOGGER.error("Unsupported authentication {}", authentication);
throw new AuthenticationServiceException("web.security.provider.unavailable");
}
MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
return token;
} catch (AuthenticationException e) {
LOGGER.info("Authentication failed for {}: {}", enteredUsername, e.getMessage());
throw e;
}
}
Also used :
NonceAuthenticationContext(com.evolveum.midpoint.model.api.context.NonceAuthenticationContext)
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
AuthenticationException(org.springframework.security.core.AuthenticationException)
ModuleAuthentication(com.evolveum.midpoint.authentication.api.config.ModuleAuthentication)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Authentication(org.springframework.security.core.Authentication)
MailNonceAuthenticationToken(com.evolveum.midpoint.authentication.impl.module.authentication.token.MailNonceAuthenticationToken)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
ConnectionEnvironment(com.evolveum.midpoint.security.api.ConnectionEnvironment)
MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)
Example 15 with GuiProfiledPrincipal
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class TestAbstractAuthenticationEvaluator method initSystem.
@Override
public void initSystem(Task initTask, OperationResult initResult) throws Exception {
super.initSystem(initTask, initResult);
modelService.postInit(initResult);
// System Configuration
try {
repoAddObjectFromFile(SYSTEM_CONFIGURATION_FILE, initResult);
} catch (ObjectAlreadyExistsException e) {
throw new ObjectAlreadyExistsException("System configuration already exists in repository;" + "looks like the previous test haven't cleaned it up", e);
}
repoAddObjectFromFile(SECURITY_POLICY_FILE, initResult);
// Administrator
repoAddObjectFromFile(ROLE_SUPERUSER_FILE, initResult);
PrismObject<UserType> userAdministrator = repoAddObjectFromFile(USER_ADMINISTRATOR_FILE, initResult);
login(userAdministrator);
// Users
repoAddObjectFromFile(USER_JACK_FILE, UserType.class, initResult).asObjectable();
repoAddObjectFromFile(USER_GUYBRUSH_FILE, UserType.class, initResult).asObjectable();
messages = new MessageSourceAccessor(messageSource);
((AuthenticationEvaluatorImpl) getAuthenticationEvaluator()).setPrincipalManager(new GuiProfiledPrincipalManager() {
@Override
public <F extends FocusType, O extends ObjectType> PrismObject<F> resolveOwner(PrismObject<O> object) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
return focusProfileService.resolveOwner(object);
}
@Override
public void updateFocus(MidPointPrincipal principal, Collection<? extends ItemDelta<?, ?>> itemDeltas) {
focusProfileService.updateFocus(principal, itemDeltas);
}
@Override
public GuiProfiledPrincipal getPrincipal(PrismObject<? extends FocusType> user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
return getPrincipal(user, null, null);
}
@Override
public GuiProfiledPrincipal getPrincipal(PrismObject<? extends FocusType> user, AuthorizationTransformer authorizationLimiter, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
GuiProfiledPrincipal principal = focusProfileService.getPrincipal(user);
addFakeAuthorization(principal);
return principal;
}
@Override
public GuiProfiledPrincipal getPrincipal(String username, Class<? extends FocusType> clazz) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
GuiProfiledPrincipal principal = focusProfileService.getPrincipal(username, clazz);
addFakeAuthorization(principal);
return principal;
}
@Override
public GuiProfiledPrincipal getPrincipalByOid(String oid, Class<? extends FocusType> clazz) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
GuiProfiledPrincipal principal = focusProfileService.getPrincipalByOid(oid, clazz);
addFakeAuthorization(principal);
return principal;
}
// TODO test maybe later?
@Override
public List<UserSessionManagementType> getLocalLoggedInPrincipals() {
return null;
}
@Override
public void terminateLocalSessions(TerminateSessionEvent terminateSessionEvent) {
// TOTO test it
}
});
}
Also used :
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
MessageSourceAccessor(org.springframework.context.support.MessageSourceAccessor)
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
AuthenticationEvaluatorImpl(com.evolveum.midpoint.authentication.impl.evaluator.AuthenticationEvaluatorImpl)
List(java.util.List)
TerminateSessionEvent(com.evolveum.midpoint.TerminateSessionEvent)
GuiProfiledPrincipalManager(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipalManager)
Aggregations
GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)17
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)4
MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)4
PrismObject (com.evolveum.midpoint.prism.PrismObject)3
ConnectionEnvironment (com.evolveum.midpoint.security.api.ConnectionEnvironment)3
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)3
Authentication (org.springframework.security.core.Authentication)3
AuthenticationException (org.springframework.security.core.AuthenticationException)3
CompiledGuiProfile (com.evolveum.midpoint.model.api.authentication.CompiledGuiProfile)2
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)2
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)2
ArrayList (java.util.ArrayList)2
SessionInformation (org.springframework.security.core.session.SessionInformation)2
TerminateSessionEvent (com.evolveum.midpoint.TerminateSessionEvent)1
MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)1
ModuleAuthentication (com.evolveum.midpoint.authentication.api.config.ModuleAuthentication)1
AuthenticationEvaluatorImpl (com.evolveum.midpoint.authentication.impl.evaluator.AuthenticationEvaluatorImpl)1
MailNonceAuthenticationToken (com.evolveum.midpoint.authentication.impl.module.authentication.token.MailNonceAuthenticationToken)1
SecurityQuestionsAuthenticationToken (com.evolveum.midpoint.authentication.impl.module.authentication.token.SecurityQuestionsAuthenticationToken)1
ReadOnlyModel (com.evolveum.midpoint.gui.api.model.ReadOnlyModel)1
