use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class GuiProfiledPrincipalManagerImpl method getLocalLoggedInPrincipals.
@Override
public List<UserSessionManagementType> getLocalLoggedInPrincipals() {
String currentNodeId = taskManager.getNodeId();
if (sessionRegistry != null) {
List<Object> loggedInUsers = sessionRegistry.getAllPrincipals();
List<UserSessionManagementType> loggedPrincipals = new ArrayList<>();
for (Object principal : loggedInUsers) {
if (!(principal instanceof GuiProfiledPrincipal)) {
continue;
}
List<SessionInformation> sessionInfos = sessionRegistry.getAllSessions(principal, false);
if (sessionInfos == null || sessionInfos.isEmpty()) {
continue;
}
GuiProfiledPrincipal midPointPrincipal = (GuiProfiledPrincipal) principal;
UserSessionManagementType userSessionManagementType = new UserSessionManagementType();
userSessionManagementType.setFocus(midPointPrincipal.getFocus());
userSessionManagementType.setActiveSessions(sessionInfos.size());
userSessionManagementType.getNode().add(currentNodeId);
loggedPrincipals.add(userSessionManagementType);
}
return loggedPrincipals;
} else {
return emptyList();
}
}
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class GuiProfiledPrincipalManagerImpl method getPrincipal.
@Override
public GuiProfiledPrincipal getPrincipal(PrismObject<? extends FocusType> focus, AuthorizationTransformer authorizationTransformer, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
if (focus == null) {
return null;
}
securityContextManager.setTemporaryPrincipalOid(focus.getOid());
try {
PrismObject<SystemConfigurationType> systemConfiguration = getSystemConfiguration(result);
LifecycleStateModelType lifecycleModel = getLifecycleModel(focus, systemConfiguration);
focusComputer.recompute(focus, lifecycleModel);
GuiProfiledPrincipal principal = new GuiProfiledPrincipal(focus.asObjectable());
initializePrincipalFromAssignments(principal, systemConfiguration, authorizationTransformer);
return principal;
} finally {
securityContextManager.clearTemporaryPrincipalOid();
}
}
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class AbstractModelIntegrationTest method assertCompiledGuiProfile.
protected CompiledGuiProfileAsserter<Void> assertCompiledGuiProfile(MidPointPrincipal principal) {
if (!(principal instanceof GuiProfiledPrincipal)) {
fail("Expected GuiProfiledPrincipal, but got " + principal.getClass());
}
CompiledGuiProfile compiledGuiProfile = ((GuiProfiledPrincipal) principal).getCompiledGuiProfile();
CompiledGuiProfileAsserter<Void> asserter = new CompiledGuiProfileAsserter<>(compiledGuiProfile, null, "in principal " + principal);
initializeAsserter(asserter);
return asserter;
}
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class MailNonceProvider method internalAuthentication.
@Override
protected Authentication internalAuthentication(Authentication authentication, List<ObjectReferenceType> requireAssignment, AuthenticationChannel channel, Class<? extends FocusType> focusType) throws AuthenticationException {
if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof GuiProfiledPrincipal) {
return authentication;
}
String enteredUsername = (String) authentication.getPrincipal();
LOGGER.trace("Authenticating username '{}'", enteredUsername);
ConnectionEnvironment connEnv = createEnvironment(channel);
try {
Authentication token;
if (authentication instanceof MailNonceAuthenticationToken) {
String nonce = (String) authentication.getCredentials();
NonceAuthenticationContext authContext = new NonceAuthenticationContext(enteredUsername, focusType, nonce, getNoncePolicy(enteredUsername), requireAssignment);
if (channel != null) {
authContext.setSupportActivationByChannel(channel.isSupportActivationByChannel());
}
token = getEvaluator().authenticate(connEnv, authContext);
} else {
LOGGER.error("Unsupported authentication {}", authentication);
throw new AuthenticationServiceException("web.security.provider.unavailable");
}
MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
return token;
} catch (AuthenticationException e) {
LOGGER.info("Authentication failed for {}: {}", enteredUsername, e.getMessage());
throw e;
}
}
use of com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal in project midpoint by Evolveum.
the class TestAbstractAuthenticationEvaluator method initSystem.
@Override
public void initSystem(Task initTask, OperationResult initResult) throws Exception {
super.initSystem(initTask, initResult);
modelService.postInit(initResult);
// System Configuration
try {
repoAddObjectFromFile(SYSTEM_CONFIGURATION_FILE, initResult);
} catch (ObjectAlreadyExistsException e) {
throw new ObjectAlreadyExistsException("System configuration already exists in repository;" + "looks like the previous test haven't cleaned it up", e);
}
repoAddObjectFromFile(SECURITY_POLICY_FILE, initResult);
// Administrator
repoAddObjectFromFile(ROLE_SUPERUSER_FILE, initResult);
PrismObject<UserType> userAdministrator = repoAddObjectFromFile(USER_ADMINISTRATOR_FILE, initResult);
login(userAdministrator);
// Users
repoAddObjectFromFile(USER_JACK_FILE, UserType.class, initResult).asObjectable();
repoAddObjectFromFile(USER_GUYBRUSH_FILE, UserType.class, initResult).asObjectable();
messages = new MessageSourceAccessor(messageSource);
((AuthenticationEvaluatorImpl) getAuthenticationEvaluator()).setPrincipalManager(new GuiProfiledPrincipalManager() {
@Override
public <F extends FocusType, O extends ObjectType> PrismObject<F> resolveOwner(PrismObject<O> object) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
return focusProfileService.resolveOwner(object);
}
@Override
public void updateFocus(MidPointPrincipal principal, Collection<? extends ItemDelta<?, ?>> itemDeltas) {
focusProfileService.updateFocus(principal, itemDeltas);
}
@Override
public GuiProfiledPrincipal getPrincipal(PrismObject<? extends FocusType> user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
return getPrincipal(user, null, null);
}
@Override
public GuiProfiledPrincipal getPrincipal(PrismObject<? extends FocusType> user, AuthorizationTransformer authorizationLimiter, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
GuiProfiledPrincipal principal = focusProfileService.getPrincipal(user);
addFakeAuthorization(principal);
return principal;
}
@Override
public GuiProfiledPrincipal getPrincipal(String username, Class<? extends FocusType> clazz) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
GuiProfiledPrincipal principal = focusProfileService.getPrincipal(username, clazz);
addFakeAuthorization(principal);
return principal;
}
@Override
public GuiProfiledPrincipal getPrincipalByOid(String oid, Class<? extends FocusType> clazz) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
GuiProfiledPrincipal principal = focusProfileService.getPrincipalByOid(oid, clazz);
addFakeAuthorization(principal);
return principal;
}
// TODO test maybe later?
@Override
public List<UserSessionManagementType> getLocalLoggedInPrincipals() {
return null;
}
@Override
public void terminateLocalSessions(TerminateSessionEvent terminateSessionEvent) {
// TOTO test it
}
});
}
Aggregations