Examples with SecurityQuestionsCredentialsType com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType used on opensource projects

Search in sources :

Example 1 with SecurityQuestionsCredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType in project midpoint by Evolveum.

the class SecurityQuestionsPolicyEvaluator method validateCredentialContainerValues.

@Override
protected void validateCredentialContainerValues(PrismContainerValue<SecurityQuestionsCredentialsType> cVal) throws PolicyViolationException, SchemaException, ObjectNotFoundException, ExpressionEvaluationException {
    SecurityQuestionsCredentialsType securityQuestions = cVal.asContainerable();
    if (securityQuestions != null) {
        List<SecurityQuestionAnswerType> questionAnswers = securityQuestions.getQuestionAnswer();
        for (SecurityQuestionAnswerType questionAnswer : questionAnswers) {
            ProtectedStringType answer = questionAnswer.getQuestionAnswer();
            validateProtectedStringValue(answer);
        }
    }
}
Also used : SecurityQuestionsCredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 2 with SecurityQuestionsCredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType in project midpoint by Evolveum.

the class PageSecurityQuestions method createUsersSecurityQuestionsList.

public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> user) {
    SecurityQuestionsCredentialsType credentialsPolicyType = user.asObjectable().getCredentials().getSecurityQuestions();
    if (credentialsPolicyType == null) {
        return null;
    }
    List<SecurityQuestionAnswerType> secQuestAnsList = credentialsPolicyType.getQuestionAnswer();
    if (secQuestAnsList != null) {
        List<SecurityQuestionAnswerDTO> secQuestAnswListDTO = new ArrayList<SecurityQuestionAnswerDTO>();
        for (Iterator iterator = secQuestAnsList.iterator(); iterator.hasNext(); ) {
            SecurityQuestionAnswerType securityQuestionAnswerType = (SecurityQuestionAnswerType) iterator.next();
            Protector protector = getPrismContext().getDefaultProtector();
            String decoded = "";
            if (securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
                try {
                    decoded = protector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
                } catch (EncryptionException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }
            }
            secQuestAnswListDTO.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), decoded));
        }
        return secQuestAnswListDTO;
    } else {
        return null;
    }
}
Also used : SecurityQuestionsCredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType) SecurityQuestionAnswerDTO(com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO) ArrayList(java.util.ArrayList) Iterator(java.util.Iterator) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType) Protector(com.evolveum.midpoint.prism.crypto.Protector)

Example 3 with SecurityQuestionsCredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType in project midpoint by Evolveum.

the class TestAbstractRestService method test600modifySecurityQuestionAnswer.

@Test
public void test600modifySecurityQuestionAnswer() throws Exception {
    final String TEST_NAME = "test600modifySecurityQuestionAnswer";
    displayTestTile(this, TEST_NAME);
    WebClient client = prepareClient();
    client.path("/users/" + USER_DARTHADDER_OID);
    getDummyAuditService().clear();
    TestUtil.displayWhen(TEST_NAME);
    Response response = client.post(getRequestFile(MODIFICATION_REPLACE_ANSWER));
    TestUtil.displayThen(TEST_NAME);
    displayResponse(response);
    traceResponse(response);
    assertEquals("Expected 204 but got " + response.getStatus(), 204, response.getStatus());
    IntegrationTestTools.display("Audit", getDummyAuditService());
    getDummyAuditService().assertRecords(4);
    getDummyAuditService().assertLoginLogout(SchemaConstants.CHANNEL_REST_URI);
    getDummyAuditService().assertHasDelta(1, ChangeType.MODIFY, UserType.class);
    TestUtil.displayWhen(TEST_NAME);
    response = client.get();
    TestUtil.displayThen(TEST_NAME);
    displayResponse(response);
    assertEquals("Expected 200 but got " + response.getStatus(), 200, response.getStatus());
    UserType userDarthadder = response.readEntity(UserType.class);
    CredentialsType credentials = userDarthadder.getCredentials();
    assertNotNull("No credentials in user. Something is wrong.", credentials);
    SecurityQuestionsCredentialsType securityQuestions = credentials.getSecurityQuestions();
    assertNotNull("No security questions defined for user. Something is wrong.", securityQuestions);
    List<SecurityQuestionAnswerType> secQuestionAnswers = securityQuestions.getQuestionAnswer();
    assertEquals("Expected just one question-answer couple, but found " + secQuestionAnswers.size(), 1, secQuestionAnswers.size());
    SecurityQuestionAnswerType secQuestionAnswer = secQuestionAnswers.iterator().next();
    String decrypted = getPrismContext().getDefaultProtector().decryptString(secQuestionAnswer.getQuestionAnswer());
    assertEquals("Unexpected answer " + decrypted + ". Expected 'newAnswer'.", "newAnswer", decrypted);
}
Also used : Response(javax.ws.rs.core.Response) SecurityQuestionsCredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType) CredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType) SecurityQuestionsCredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType) WebClient(org.apache.cxf.jaxrs.client.WebClient) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType) Test(org.testng.annotations.Test)

Example 4 with SecurityQuestionsCredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType in project midpoint by Evolveum.

the class SecurityQuestionAuthneticationEvaluatorImpl method passwordMatches.

@Override
protected boolean passwordMatches(ConnectionEnvironment connEnv, MidPointPrincipal principal, SecurityQuestionsCredentialsType passwordType, SecurityQuestionsAuthenticationContext authCtx) {
    SecurityQuestionsCredentialsPolicyType policy = authCtx.getPolicy();
    Integer iNumberOfQuestions = policy.getQuestionNumber();
    int numberOfQuestions = 0;
    if (iNumberOfQuestions != null) {
        numberOfQuestions = iNumberOfQuestions.intValue();
    }
    Map<String, String> enteredQuestionsAnswers = authCtx.getQuestionAnswerMap();
    if (numberOfQuestions > enteredQuestionsAnswers.size()) {
        return false;
    }
    List<SecurityQuestionAnswerType> quetionsAnswers = passwordType.getQuestionAnswer();
    int matched = 0;
    for (SecurityQuestionAnswerType questionAnswer : quetionsAnswers) {
        String enteredAnswer = enteredQuestionsAnswers.get(questionAnswer.getQuestionIdentifier());
        if (StringUtils.isNotBlank(enteredAnswer)) {
            if (decryptAndMatch(connEnv, principal, questionAnswer.getQuestionAnswer(), enteredAnswer)) {
                matched++;
            }
        }
    }
    return matched > 0 && matched >= numberOfQuestions;
}
Also used : SecurityQuestionsCredentialsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType) SecurityQuestionAnswerType(com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType)

Aggregations

SecurityQuestionAnswerType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType)4 SecurityQuestionsCredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType)3 EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)1 Protector (com.evolveum.midpoint.prism.crypto.Protector)1 SecurityQuestionAnswerDTO (com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO)1 CredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType)1 SecurityQuestionsCredentialsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType)1 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)1 ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)1 ArrayList (java.util.ArrayList)1 Iterator (java.util.Iterator)1 Response (javax.ws.rs.core.Response)1 WebClient (org.apache.cxf.jaxrs.client.WebClient)1 Test (org.testng.annotations.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial