Examples with PasswordHistoryEntryType com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType used on opensource projects

Search in sources :

Example 1 with PasswordHistoryEntryType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType in project midpoint by Evolveum.

the class ObjectValuePolicyEvaluator method getSortedHistoryList.

private List<PasswordHistoryEntryType> getSortedHistoryList(PrismContainer<PasswordHistoryEntryType> historyEntries, boolean ascending) {
    if (historyEntries == null || historyEntries.isEmpty()) {
        return new ArrayList<>();
    }
    List<PasswordHistoryEntryType> historyEntryValues = (List<PasswordHistoryEntryType>) historyEntries.getRealValues();
    Collections.sort(historyEntryValues, (o1, o2) -> {
        XMLGregorianCalendar changeTimestampFirst = o1.getChangeTimestamp();
        XMLGregorianCalendar changeTimestampSecond = o2.getChangeTimestamp();
        if (ascending) {
            return changeTimestampFirst.compare(changeTimestampSecond);
        } else {
            return changeTimestampSecond.compare(changeTimestampFirst);
        }
    });
    return historyEntryValues;
}
Also used : XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) PasswordHistoryEntryType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List)

Example 2 with PasswordHistoryEntryType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType in project midpoint by Evolveum.

the class TestPasswordPolicyProcessor method test203modifyUserJackPasswordNoPasswordHistory.

@Test
public void test203modifyUserJackPasswordNoPasswordHistory() throws Exception {
    final String TEST_NAME = "test203modifyUserJackPasswordNoPasswordHistory";
    TestUtil.displayTestTile(TEST_NAME);
    Task task = taskManager.createTaskInstance(TEST_NAME);
    OperationResult result = task.getResult();
    // WHEN
    ProtectedStringType newValue = new ProtectedStringType();
    newValue.setClearValue("n0Hist0ryEntr7");
    modifyObjectReplaceProperty(UserType.class, USER_JACK_OID, new ItemPath(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE), task, result, newValue);
    // THEN
    PrismObject<UserType> userJack = getObject(UserType.class, USER_JACK_OID);
    assertNotNull("Expected to find user Jack, but no one exists here", userJack);
    UserType userJackType = userJack.asObjectable();
    CredentialsType credentials = userJackType.getCredentials();
    assertNotNull("User Jack has no credentials", credentials);
    PasswordType password = credentials.getPassword();
    assertNotNull("User Jack has no password", password);
    List<PasswordHistoryEntryType> historyEntries = password.getHistoryEntry();
    assertEquals("Expected no history entries, but found: " + historyEntries.size(), 0, historyEntries.size());
}
Also used : Task(com.evolveum.midpoint.task.api.Task) CredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType) PasswordHistoryEntryType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) PasswordType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath) Test(org.testng.annotations.Test)

Example 3 with PasswordHistoryEntryType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType in project midpoint by Evolveum.

the class ObjectValuePolicyEvaluator method validateHistory.

private void validateHistory(String clearValue, StringBuilder messageBuilder, OperationResult result) throws SchemaException {
    if (!QNameUtil.match(CredentialsType.F_PASSWORD, credentialQName)) {
        LOGGER.trace("Skipping validating {} history, only passowrd history is supported", shortDesc);
        return;
    }
    int historyLegth = getHistoryLength();
    if (historyLegth == 0) {
        LOGGER.trace("Skipping validating {} history, because history length is set to zero", shortDesc);
        return;
    }
    PasswordType currentPasswordType = (PasswordType) oldCredentialType;
    if (currentPasswordType == null) {
        LOGGER.trace("Skipping validating {} history, because it is empty", shortDesc);
        return;
    }
    ProtectedStringType newPasswordPs = new ProtectedStringType();
    newPasswordPs.setClearValue(clearValue);
    if (passwordEquals(newPasswordPs, currentPasswordType.getValue())) {
        LOGGER.trace("{} matched current value", shortDesc);
        appendHistoryViolationMessage(messageBuilder, result);
        return;
    }
    List<PasswordHistoryEntryType> sortedHistoryList = getSortedHistoryList(currentPasswordType.asPrismContainerValue().findContainer(PasswordType.F_HISTORY_ENTRY), false);
    int i = 1;
    for (PasswordHistoryEntryType historyEntry : sortedHistoryList) {
        if (i >= historyLegth) {
            // success (history has more entries than needed)
            return;
        }
        if (passwordEquals(newPasswordPs, historyEntry.getValue())) {
            LOGGER.trace("Password history entry #{} matched (changed {})", i, historyEntry.getChangeTimestamp());
            appendHistoryViolationMessage(messageBuilder, result);
            return;
        }
        i++;
    }
}
Also used : PasswordHistoryEntryType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType) PasswordType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 4 with PasswordHistoryEntryType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType in project midpoint by Evolveum.

the class CredentialPolicyEvaluator method createDeleteHistoryDeltasIfNeeded.

// TODO: generalize for other credentials
private <F extends FocusType> void createDeleteHistoryDeltasIfNeeded(int historyLength, int addedValues, PrismContainer<R> currentCredentialContainer) throws SchemaException {
    PrismContainer<PasswordHistoryEntryType> historyEntries = currentCredentialContainer.findOrCreateContainer(PasswordType.F_HISTORY_ENTRY);
    List<PrismContainerValue<PasswordHistoryEntryType>> historyEntryValues = historyEntries.getValues();
    if (historyEntries.size() == 0) {
        return;
    }
    // We need to delete one more entry than intuitively expected - because we are computing from the history entries 
    // in the old object. In the new object there will be one new history entry for the changed password.
    int numberOfHistoryEntriesToDelete = historyEntries.size() - historyLength + addedValues + 1;
    for (int i = 0; i < numberOfHistoryEntriesToDelete; i++) {
        ContainerDelta<PasswordHistoryEntryType> deleteHistoryDelta = ContainerDelta.createModificationDelete(new ItemPath(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_HISTORY_ENTRY), UserType.class, prismContext, historyEntryValues.get(i).clone());
        context.getFocusContext().swallowToSecondaryDelta(deleteHistoryDelta);
    }
}
Also used : PrismContainerValue(com.evolveum.midpoint.prism.PrismContainerValue) PasswordHistoryEntryType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 5 with PasswordHistoryEntryType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType in project midpoint by Evolveum.

the class CredentialPolicyEvaluator method createAddHistoryDelta.

// TODO: generalize for other credentials
private <F extends FocusType> int createAddHistoryDelta(PrismContainer<R> oldCredentialContainer) throws SchemaException {
    R oldCredentialContainerType = oldCredentialContainer.getValue().asContainerable();
    MetadataType oldCredentialMetadata = oldCredentialContainerType.getMetadata();
    PrismProperty<ProtectedStringType> oldValueProperty = oldCredentialContainer.findProperty(getCredentialRelativeValuePath());
    if (oldValueProperty == null) {
        return 0;
    }
    ProtectedStringType newHistoryValue = oldValueProperty.getRealValue();
    ProtectedStringType passwordPsForStorage = newHistoryValue.clone();
    CredentialsStorageTypeType storageType = SecurityUtil.getCredentialStoragetTypeType(getCredentialPolicy().getHistoryStorageMethod());
    if (storageType == null) {
        storageType = CredentialsStorageTypeType.HASHING;
    }
    prepareProtectedStringForStorage(passwordPsForStorage, storageType);
    PrismContainerDefinition<PasswordHistoryEntryType> historyEntryDefinition = oldCredentialContainer.getDefinition().findContainerDefinition(PasswordType.F_HISTORY_ENTRY);
    PrismContainer<PasswordHistoryEntryType> historyEntry = historyEntryDefinition.instantiate();
    PrismContainerValue<PasswordHistoryEntryType> hisotryEntryValue = historyEntry.createNewValue();
    PasswordHistoryEntryType entryType = hisotryEntryValue.asContainerable();
    entryType.setValue(passwordPsForStorage);
    entryType.setMetadata(oldCredentialMetadata == null ? null : oldCredentialMetadata.clone());
    entryType.setChangeTimestamp(now);
    ContainerDelta<PasswordHistoryEntryType> addHisotryDelta = ContainerDelta.createModificationAdd(new ItemPath(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_HISTORY_ENTRY), UserType.class, prismContext, entryType.clone());
    context.getFocusContext().swallowToSecondaryDelta(addHisotryDelta);
    return 1;
}
Also used : CredentialsStorageTypeType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageTypeType) PasswordHistoryEntryType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType) MetadataType(com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Aggregations

PasswordHistoryEntryType (com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordHistoryEntryType)6 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)3 PasswordType (com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType)3 ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)3 CredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType)2 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)2 Test (org.testng.annotations.Test)2 PrismContainerValue (com.evolveum.midpoint.prism.PrismContainerValue)1 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)1 Task (com.evolveum.midpoint.task.api.Task)1 CredentialsStorageTypeType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsStorageTypeType)1 MetadataType (com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1 XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial