Example 6 with CredentialsPolicyType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType in project midpoint by Evolveum.
the class SecurityPolicyUtil method getCredentialPolicy.
public static NonceCredentialsPolicyType getCredentialPolicy(String policyName, SecurityPolicyType securityPolicy) throws SchemaException {
CredentialsPolicyType credentialsPolicy = securityPolicy.getCredentials();
if (credentialsPolicy == null) {
return null;
}
List<NonceCredentialsPolicyType> noncePolicies = credentialsPolicy.getNonce();
List<NonceCredentialsPolicyType> availableNoncePolicies = new ArrayList<>();
for (NonceCredentialsPolicyType noncePolicy : noncePolicies) {
if (noncePolicy.getName() == null && policyName == null) {
availableNoncePolicies.add(noncePolicy);
}
if (noncePolicy.getName() == null && policyName != null) {
continue;
}
if (noncePolicy.getName() != null && policyName == null) {
continue;
}
if (noncePolicy.getName().equals(policyName)) {
availableNoncePolicies.add(noncePolicy);
}
}
if (availableNoncePolicies.size() > 1) {
throw new SchemaException("Found more than one nonce credentials policy. Please review your configuration");
}
if (availableNoncePolicies.size() == 0) {
return null;
}
return availableNoncePolicies.iterator().next();
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
NonceCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType)
ArrayList(java.util.ArrayList)
CredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)
NonceCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType)
Example 7 with CredentialsPolicyType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType in project midpoint by Evolveum.
the class TestSecurityBasic method assertCredentialsPolicy.
private void assertCredentialsPolicy(PrismObject<UserType> user) throws ObjectNotFoundException, SchemaException {
OperationResult result = new OperationResult("assertCredentialsPolicy");
CredentialsPolicyType credentialsPolicy = modelInteractionService.getCredentialsPolicy(user, null, result);
result.computeStatus();
TestUtil.assertSuccess(result);
assertNotNull("No credentials policy for " + user, credentialsPolicy);
SecurityQuestionsCredentialsPolicyType securityQuestions = credentialsPolicy.getSecurityQuestions();
assertEquals("Unexepected number of security questions for " + user, 2, securityQuestions.getQuestion().size());
}
Also used :
SecurityQuestionsCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
SecurityQuestionsCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)
CredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)
Example 8 with CredentialsPolicyType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType in project midpoint by Evolveum.
the class CredentialsProcessor method transformFocusExectionDeltaCredential.
private <O extends ObjectType> void transformFocusExectionDeltaCredential(LensContext<O> context, CredentialsPolicyType credsType, CredentialPolicyType credPolicyType, ItemPath valuePropertyPath, ObjectDelta<O> delta) throws SchemaException, EncryptionException {
if (delta.isDelete()) {
return;
}
CredentialPolicyType defaltCredPolicyType = credsType.getDefault();
CredentialsStorageMethodType storageMethod = SecurityUtil.getCredPolicyItem(defaltCredPolicyType, credPolicyType, pol -> pol.getStorageMethod());
if (storageMethod == null) {
return;
}
CredentialsStorageTypeType storageType = storageMethod.getStorageType();
if (storageType == null || storageType == CredentialsStorageTypeType.ENCRYPTION) {
return;
} else if (storageType == CredentialsStorageTypeType.HASHING) {
PrismPropertyValue<ProtectedStringType> pval = null;
if (delta.isAdd()) {
PrismProperty<ProtectedStringType> prop = delta.getObjectToAdd().findProperty(valuePropertyPath);
hashValues(prop.getValues(), storageMethod);
} else {
PropertyDelta<ProtectedStringType> propDelta = delta.findPropertyDelta(valuePropertyPath);
if (propDelta != null) {
hashValues(propDelta.getValuesToAdd(), storageMethod);
hashValues(propDelta.getValuesToReplace(), storageMethod);
hashValues(propDelta.getValuesToDelete(), storageMethod);
}
}
} else if (storageType == CredentialsStorageTypeType.NONE) {
if (delta.isAdd()) {
delta.getObjectToAdd().removeProperty(valuePropertyPath);
} else {
PropertyDelta<ProtectedStringType> propDelta = delta.findPropertyDelta(valuePropertyPath);
if (propDelta != null) {
// Replace with nothing. We need this to clear any existing value that there might be.
propDelta.setValueToReplace();
}
}
} else {
throw new SchemaException("Unkwnon storage type " + storageType);
}
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
PrismProperty(com.evolveum.midpoint.prism.PrismProperty)
CredentialsStorageTypeType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageTypeType)
CredentialsStorageMethodType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageMethodType)
PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
CredentialPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
Aggregations
CredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType)6
NonceCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType)3
SecurityQuestionsCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)3
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)2
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)2
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)2
SecurityQuestionAnswerDTO (com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)2
PasswordCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordCredentialsPolicyType)2
SecurityPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType)2
ArrayList (java.util.ArrayList)2
PrismProperty (com.evolveum.midpoint.prism.PrismProperty)1
PrismPropertyValue (com.evolveum.midpoint.prism.PrismPropertyValue)1
Protector (com.evolveum.midpoint.prism.crypto.Protector)1
PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)1
Task (com.evolveum.midpoint.task.api.Task)1
MyPasswordQuestionsPanel (com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel)1
CredentialPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType)1
CredentialsStorageMethodType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageMethodType)1
CredentialsStorageTypeType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageTypeType)1
ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)1
