Example 11 with SecurityQuestionAnswerDTO
use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.
the class UserMenuPanel method createUsersSecurityQuestionsList.
public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> user) {
SecurityQuestionsCredentialsType credentialsPolicyType = user.asObjectable().getCredentials().getSecurityQuestions();
if (credentialsPolicyType == null) {
return null;
}
List<SecurityQuestionAnswerType> secQuestAnsList = credentialsPolicyType.getQuestionAnswer();
if (secQuestAnsList != null) {
List<SecurityQuestionAnswerDTO> secQuestAnswListDTO = new ArrayList<SecurityQuestionAnswerDTO>();
for (Iterator iterator = secQuestAnsList.iterator(); iterator.hasNext(); ) {
SecurityQuestionAnswerType securityQuestionAnswerType = (SecurityQuestionAnswerType) iterator.next();
Protector protector = ((PageBase) getPage()).getPrismContext().getDefaultProtector();
if (securityQuestionAnswerType.getQuestionAnswer() != null && securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
try {
String decoded = protector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
secQuestAnswListDTO.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), decoded));
} catch (EncryptionException e) {
// TODO do we need to thrown exception here?
LOGGER.error("Could not get security questions. Error: " + e.getMessage(), e);
continue;
}
}
}
return secQuestAnswListDTO;
} else {
return null;
}
}
Also used :
SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)
EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException)
Protector(com.evolveum.midpoint.prism.crypto.Protector)
Example 12 with SecurityQuestionAnswerDTO
use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.
the class PageSecurityQuestions method initLayout.
public void initLayout() {
Form mainForm = new MidpointForm(ID_MAIN_FORM);
pqPanels = new ArrayList<>();
PrismObject<SecurityPolicyType> securityPolicy = getGlobalSecurityPolicy();
LOGGER.trace("Found security policy: {}", securityPolicy);
if (securityPolicy == null) {
LOGGER.error("No security policy, cannot process security questions");
// we do not want to provide any information to the attacker.
throw new RestartResponseException(PageError.class);
}
SecurityQuestionsCredentialsPolicyType secQuestionsPolicy = securityPolicy.asObjectable().getCredentials() != null ? securityPolicy.asObjectable().getCredentials().getSecurityQuestions() : null;
questionNumber = secQuestionsPolicy != null ? secQuestionsPolicy.getQuestionNumber() : 1;
questionList = secQuestionsPolicy != null ? secQuestionsPolicy.getQuestion() : new ArrayList<>();
List<SecurityQuestionAnswerDTO> userQuestionAnswerList = questions.getUserQuestionAnswers();
if (userQuestionAnswerList == null) {
getSession().error(getString("pageForgetPassword.message.ContactAdminQuestionsNotSet"));
SecurityContext securityContext = SecurityContextHolder.getContext();
securityContext.setAuthentication(null);
throw new RestartResponseException(PageForgotPassword.class);
}
int panelNumber = 0;
// Loop for finding the preset questions from the Policy Questions
for (SecurityQuestionDefinitionType question : questionList) {
// user's question List loop to match the questions
for (SecurityQuestionAnswerDTO questionAnswer : userQuestionAnswerList) {
// if the question is in the policy check
if (questionAnswer.getPwdQuestionIdentifier().equalsIgnoreCase(question.getIdentifier())) {
LoadableModel<SecurityQuestionAnswerDTO> model = new LoadableModel<SecurityQuestionAnswerDTO>() {
@Override
protected SecurityQuestionAnswerDTO load() {
SecurityQuestionAnswerDTO a = new SecurityQuestionAnswerDTO(questionAnswer.getPwdQuestionIdentifier(), "", questionAnswer.getPwdQuestion());
a = checkIfQuestionIsValid(a, questionList);
return a;
}
};
MyPasswordQuestionsPanel panel = new MyPasswordQuestionsPanel(ID_QUESTION_ANSWER_PANEL, model);
panel.getBaseFormComponent().setRequired(true);
pqPanels.add(panel);
panelNumber++;
}
}
if (panelNumber == questionNumber) {
// we have enough
break;
}
}
if (panelNumber < questionNumber) {
getSession().error(getString("pageForgetPassword.message.ContactAdminQuestionsNotSetEnough"));
SecurityContext securityContext = SecurityContextHolder.getContext();
securityContext.setAuthentication(null);
throw new RestartResponseException(PageForgotPassword.class);
}
add(mainForm);
mainForm.add(getPanels(pqPanels));
initButtons(mainForm);
}
Also used :
MidpointForm(com.evolveum.midpoint.web.component.form.MidpointForm)
Form(org.apache.wicket.markup.html.form.Form)
ArrayList(java.util.ArrayList)
MidpointForm(com.evolveum.midpoint.web.component.form.MidpointForm)
RestartResponseException(org.apache.wicket.RestartResponseException)
SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)
SecurityContext(org.springframework.security.core.context.SecurityContext)
LoadableModel(com.evolveum.midpoint.gui.api.model.LoadableModel)
MyPasswordQuestionsPanel(com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel)
Example 13 with SecurityQuestionAnswerDTO
use of com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO in project midpoint by Evolveum.
the class SecurityQuestionsPanel method loadPageModel.
private PasswordQuestionsDto loadPageModel() {
LOGGER.debug("Loading user for Security Question Page.");
GuiProfiledPrincipal principalUser = AuthUtil.getPrincipalUser();
PasswordQuestionsDto dto = new PasswordQuestionsDto(principalUser.getOid());
OperationResult result = new OperationResult(OPERATION_LOAD_USER);
try {
Task task = getPageBase().createSimpleTask(OPERATION_LOAD_USER);
OperationResult subResult = result.createSubresult(OPERATION_LOAD_USER);
PrismObject<UserType> user = getPageBase().getModelService().getObject(UserType.class, principalUser.getOid(), null, task, subResult);
dto.setUserQuestionAnswers(createUsersSecurityQuestionsList(user));
subResult.recordSuccessIfUnknown();
} catch (Exception ex) {
LoggingUtils.logExceptionOnDebugLevel(LOGGER, "Couldn't get user Questions, Probably not set yet", ex);
} finally {
result.recomputeStatus();
}
CredentialsPolicyType credPolicy = principalUser.getApplicableSecurityPolicy().getCredentials();
List<SecurityQuestionDefinitionType> questionsDef = new ArrayList<>();
// Security Policy set question numbers
if (credPolicy != null && credPolicy.getSecurityQuestions() != null) {
// Actual Policy Question List
questionsDef = getEnabledSecurityQuestions(credPolicy);
} else {
LOGGER.debug("Couldn't load credentials for security questions");
}
result = new OperationResult(OPERATION_LOAD_QUESTION_POLICY);
try {
/*User's Pre-Set Question List*/
List<SecurityQuestionAnswerDTO> userQuestionList = dto.getUserQuestionAnswers();
/* check if user's set number of
* questions matches the policy or not*/
// Case that policy have more than users's number of numbers
int questionSize = questionsDef.size();
if (userQuestionList == null) {
dto.getActualQuestionAnswers().addAll(executeAddingQuestions(questionSize, 0, questionsDef));
// TODO same questions check should be implemented
} else if (questionSize > userQuestionList.size()) {
dto.getActualQuestionAnswers().addAll(executePasswordQuestionsAndAnswers(userQuestionList, questionsDef, userQuestionList.size()));
// QUESTION NUMBER BIGGER THAN QUESTION LIST
// rest of the questions
int difference = questionSize - userQuestionList.size();
dto.getActualQuestionAnswers().addAll(executeAddingQuestions(difference, userQuestionList.size(), questionsDef));
} else if (questionSize <= userQuestionList.size()) {
// QUESTION NUMBER SMALLER THAN QUESTION LIST OR EQUALS TO QUESTION LIST
dto.getActualQuestionAnswers().addAll(executePasswordQuestionsAndAnswers(userQuestionList, questionsDef, 0));
}
} catch (Exception ex) {
result.recordFatalError(getString("PageMyPasswordQuestions.message.couldNotLoadSysConfig"), ex);
}
return dto;
}
Also used :
Task(com.evolveum.midpoint.task.api.Task)
ArrayList(java.util.ArrayList)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException)
GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)
SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)
PasswordQuestionsDto(com.evolveum.midpoint.web.page.admin.home.dto.PasswordQuestionsDto)
Aggregations
SecurityQuestionAnswerDTO (com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)13
ArrayList (java.util.ArrayList)8
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)7
MyPasswordQuestionsPanel (com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel)5
Protector (com.evolveum.midpoint.prism.crypto.Protector)4
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)3
Task (com.evolveum.midpoint.task.api.Task)3
SecurityQuestionDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType)2
Iterator (java.util.Iterator)2
RestartResponseException (org.apache.wicket.RestartResponseException)2
Form (org.apache.wicket.markup.html.form.Form)2
LoadableModel (com.evolveum.midpoint.gui.api.model.LoadableModel)1
GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)1
PrismObject (com.evolveum.midpoint.prism.PrismObject)1
ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)1
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)1
MidpointForm (com.evolveum.midpoint.web.component.form.MidpointForm)1
PasswordQuestionsDto (com.evolveum.midpoint.web.page.admin.home.dto.PasswordQuestionsDto)1
CredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)1
SecurityQuestionAnswerType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType)1
