Example 1 with CredentialPolicyType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType in project midpoint by Evolveum.
the class SecurityHelper method postProcessCredentialPolicy.
private ValuePolicyType postProcessCredentialPolicy(SecurityPolicyType securityPolicyType, CredentialPolicyType credPolicy, String credShortDesc, Task task, OperationResult result) {
ObjectReferenceType valuePolicyRef = credPolicy.getValuePolicyRef();
if (valuePolicyRef == null) {
return null;
}
ValuePolicyType valuePolicyType;
try {
valuePolicyType = objectResolver.resolve(valuePolicyRef, ValuePolicyType.class, null, credShortDesc + " in " + securityPolicyType, task, result);
} catch (ObjectNotFoundException | SchemaException e) {
LOGGER.warn("{} {} referenced from {} was not found", credShortDesc, valuePolicyRef.getOid(), securityPolicyType);
return null;
}
valuePolicyRef.asReferenceValue().setObject(valuePolicyType.asPrismObject());
return valuePolicyType;
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)
ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Example 2 with CredentialPolicyType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType in project midpoint by Evolveum.
the class SecurityQuestionAuthneticationEvaluatorImpl method getEffectiveCredentialPolicy.
@Override
protected CredentialPolicyType getEffectiveCredentialPolicy(SecurityPolicyType securityPolicy, SecurityQuestionsAuthenticationContext authnCtx) throws SchemaException {
SecurityQuestionsCredentialsPolicyType policy = authnCtx.getPolicy();
if (policy == null) {
policy = SecurityUtil.getEffectiveSecurityQuestionsCredentialsPolicy(securityPolicy);
}
authnCtx.setPolicy(policy);
return policy;
}
Also used :
SecurityQuestionsCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)
Example 3 with CredentialPolicyType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType in project midpoint by Evolveum.
the class CredentialsProcessor method transformFocusExectionDeltaCredential.
private <O extends ObjectType> void transformFocusExectionDeltaCredential(LensContext<O> context, CredentialsPolicyType credsType, CredentialPolicyType credPolicyType, ItemPath valuePropertyPath, ObjectDelta<O> delta) throws SchemaException, EncryptionException {
if (delta.isDelete()) {
return;
}
CredentialPolicyType defaltCredPolicyType = credsType.getDefault();
CredentialsStorageMethodType storageMethod = SecurityUtil.getCredPolicyItem(defaltCredPolicyType, credPolicyType, pol -> pol.getStorageMethod());
if (storageMethod == null) {
return;
}
CredentialsStorageTypeType storageType = storageMethod.getStorageType();
if (storageType == null || storageType == CredentialsStorageTypeType.ENCRYPTION) {
return;
} else if (storageType == CredentialsStorageTypeType.HASHING) {
PrismPropertyValue<ProtectedStringType> pval = null;
if (delta.isAdd()) {
PrismProperty<ProtectedStringType> prop = delta.getObjectToAdd().findProperty(valuePropertyPath);
hashValues(prop.getValues(), storageMethod);
} else {
PropertyDelta<ProtectedStringType> propDelta = delta.findPropertyDelta(valuePropertyPath);
if (propDelta != null) {
hashValues(propDelta.getValuesToAdd(), storageMethod);
hashValues(propDelta.getValuesToReplace(), storageMethod);
hashValues(propDelta.getValuesToDelete(), storageMethod);
}
}
} else if (storageType == CredentialsStorageTypeType.NONE) {
if (delta.isAdd()) {
delta.getObjectToAdd().removeProperty(valuePropertyPath);
} else {
PropertyDelta<ProtectedStringType> propDelta = delta.findPropertyDelta(valuePropertyPath);
if (propDelta != null) {
// Replace with nothing. We need this to clear any existing value that there might be.
propDelta.setValueToReplace();
}
}
} else {
throw new SchemaException("Unkwnon storage type " + storageType);
}
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
PrismProperty(com.evolveum.midpoint.prism.PrismProperty)
CredentialsStorageTypeType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageTypeType)
CredentialsStorageMethodType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageMethodType)
PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
CredentialPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
Aggregations
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)2
PrismProperty (com.evolveum.midpoint.prism.PrismProperty)1
PrismPropertyValue (com.evolveum.midpoint.prism.PrismPropertyValue)1
PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)1
ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)1
CredentialPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType)1
CredentialsStorageMethodType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageMethodType)1
CredentialsStorageTypeType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageTypeType)1
ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)1
SecurityQuestionsCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)1
ValuePolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)1
ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)1
