Examples with OSecurityAccessException com.orientechnologies.orient.core.exception.OSecurityAccessException used on opensource projects

Search in sources :

Example 6 with OSecurityAccessException

use of com.orientechnologies.orient.core.exception.OSecurityAccessException in project orientdb by orientechnologies.

the class OServerCommandAuthenticatedDbAbstract method authenticate.

protected boolean authenticate(final OHttpRequest iRequest, final OHttpResponse iResponse, final List<String> iAuthenticationParts, final String iDatabaseName) throws IOException {
    ODatabaseDocument db = null;
    try {
        db = (ODatabaseDocument) server.openDatabase(iDatabaseName, iAuthenticationParts.get(0), iAuthenticationParts.get(1));
        // if (db.getUser() == null)
        // // MAYBE A PREVIOUS ROOT REALM? UN AUTHORIZE
        // return false;
        // Set user rid after authentication
        iRequest.data.currentUserId = db.getUser() == null ? "<server user>" : db.getUser().getIdentity().toString();
        // AUTHENTICATED: CREATE THE SESSION
        iRequest.sessionId = OHttpSessionManager.getInstance().createSession(iDatabaseName, iAuthenticationParts.get(0), iAuthenticationParts.get(1));
        iResponse.sessionId = iRequest.sessionId;
        return true;
    } catch (OSecurityAccessException e) {
    // WRONG USER/PASSWD
    } catch (OLockException e) {
        OLogManager.instance().error(this, "Cannot access to the database '" + iDatabaseName + "'", ODatabaseException.class, e);
    } finally {
        if (db == null) {
            // WRONG USER/PASSWD
            sendAuthorizationRequest(iRequest, iResponse, iDatabaseName);
        } else {
            db.close();
        }
    }
    return false;
}
Also used : OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) ODatabaseDocument(com.orientechnologies.orient.core.db.document.ODatabaseDocument) OLockException(com.orientechnologies.common.concur.lock.OLockException) ODatabaseException(com.orientechnologies.orient.core.exception.ODatabaseException)

Example 7 with OSecurityAccessException

use of com.orientechnologies.orient.core.exception.OSecurityAccessException in project orientdb by orientechnologies.

the class OServerCommandPostDatabase method exportClass.

protected void exportClass(final ODatabaseDocument db, final OJSONWriter json, final OClass cls) throws IOException {
    json.beginObject(2, true, null);
    json.writeAttribute(3, true, "name", cls.getName());
    json.writeAttribute(3, true, "superClass", cls.getSuperClass() != null ? cls.getSuperClass().getName() : "");
    json.writeAttribute(3, true, "alias", cls.getShortName());
    json.writeAttribute(3, true, "clusters", cls.getClusterIds());
    json.writeAttribute(3, true, "defaultCluster", cls.getDefaultClusterId());
    json.writeAttribute(3, true, "clusterSelection", cls.getClusterSelection().getName());
    try {
        json.writeAttribute(3, false, "records", db.countClass(cls.getName()));
    } catch (OSecurityAccessException e) {
        json.writeAttribute(3, false, "records", "? (Unauthorized)");
    }
    if (cls.properties() != null && cls.properties().size() > 0) {
        json.beginCollection(3, true, "properties");
        for (final OProperty prop : cls.properties()) {
            json.beginObject(4, true, null);
            json.writeAttribute(4, true, "name", prop.getName());
            if (prop.getLinkedClass() != null)
                json.writeAttribute(4, true, "linkedClass", prop.getLinkedClass().getName());
            if (prop.getLinkedType() != null)
                json.writeAttribute(4, true, "linkedType", prop.getLinkedType().toString());
            json.writeAttribute(4, true, "type", prop.getType().toString());
            json.writeAttribute(4, true, "mandatory", prop.isMandatory());
            json.writeAttribute(4, true, "readonly", prop.isReadonly());
            json.writeAttribute(4, true, "notNull", prop.isNotNull());
            json.writeAttribute(4, true, "min", prop.getMin());
            json.writeAttribute(4, true, "max", prop.getMax());
            json.endObject(3, true);
        }
        json.endCollection(1, true);
    }
    final Set<OIndex<?>> indexes = cls.getIndexes();
    if (!indexes.isEmpty()) {
        json.beginCollection(3, true, "indexes");
        for (final OIndex<?> index : indexes) {
            json.beginObject(4, true, null);
            json.writeAttribute(4, true, "name", index.getName());
            json.writeAttribute(4, true, "type", index.getType());
            final OIndexDefinition indexDefinition = index.getDefinition();
            if (indexDefinition != null && !indexDefinition.getFields().isEmpty())
                json.writeAttribute(4, true, "fields", indexDefinition.getFields());
            json.endObject(3, true);
        }
        json.endCollection(1, true);
    }
    json.endObject(1, false);
}
Also used : OProperty(com.orientechnologies.orient.core.metadata.schema.OProperty) OIndexDefinition(com.orientechnologies.orient.core.index.OIndexDefinition) OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) OIndex(com.orientechnologies.orient.core.index.OIndex)

Example 8 with OSecurityAccessException

use of com.orientechnologies.orient.core.exception.OSecurityAccessException in project orientdb by orientechnologies.

the class OSecurityExternal method authenticate.

@Override
public OUser authenticate(final String iUsername, final String iUserPassword) {
    OUser user = null;
    final String dbName = getDatabase().getName();
    if (!(getDatabase().getStorage() instanceof OStorageProxy)) {
        if (Orient.instance().getSecurity() == null)
            throw new OSecurityAccessException(dbName, "External Security System is null!");
        // Uses the external authenticator.
        // username is returned if authentication is successful, otherwise null.
        String username = Orient.instance().getSecurity().authenticate(iUsername, iUserPassword);
        if (username != null) {
            user = getUser(username);
            if (user == null)
                throw new OSecurityAccessException(dbName, "User or password not valid for username: " + username + ", database: '" + dbName + "'");
            if (user.getAccountStatus() != OSecurityUser.STATUSES.ACTIVE)
                throw new OSecurityAccessException(dbName, "User '" + username + "' is not active");
        } else {
            // Will use the local database to authenticate.
            if (Orient.instance().getSecurity().isDefaultAllowed()) {
                user = super.authenticate(iUsername, iUserPassword);
            } else {
                // WAIT A BIT TO AVOID BRUTE FORCE
                try {
                    Thread.sleep(200);
                } catch (InterruptedException e) {
                    Thread.currentThread().interrupt();
                }
                throw new OSecurityAccessException(dbName, "User or password not valid for username: " + iUsername + ", database: '" + dbName + "'");
            }
        }
    }
    return user;
}
Also used : OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) OStorageProxy(com.orientechnologies.orient.core.storage.OStorageProxy)

Example 9 with OSecurityAccessException

use of com.orientechnologies.orient.core.exception.OSecurityAccessException in project orientdb by orientechnologies.

the class TestReaderDropClass method testReaderDropClass.

@Test()
public void testReaderDropClass() {
    ODatabaseDocument db = new ODatabaseDocumentTx("memory:" + TestReaderDropClass.class.getSimpleName());
    db.create();
    try {
        db.getMetadata().getSchema().createClass("Test");
        db.close();
        db.open("reader", "reader");
        try {
            db.getMetadata().getSchema().dropClass("Test");
            Assert.fail("reader should not be able to drop a class");
        } catch (OSecurityAccessException ex) {
        }
        Assert.assertTrue(db.getMetadata().getSchema().existsClass("Test"), "reader should not be able to drop a class");
    } finally {
        db.close();
        db.open("admin", "admin");
        db.drop();
    }
}
Also used : OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) ODatabaseDocument(com.orientechnologies.orient.core.db.document.ODatabaseDocument) ODatabaseDocumentTx(com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx) Test(org.testng.annotations.Test)

Example 10 with OSecurityAccessException

use of com.orientechnologies.orient.core.exception.OSecurityAccessException in project orientdb by orientechnologies.

the class OServerCommandAuthenticatedDbAbstract method getProfiledDatabaseInstanceBasic.

protected ODatabaseDocumentInternal getProfiledDatabaseInstanceBasic(final OHttpRequest iRequest) throws InterruptedException {
    final OHttpSession session = OHttpSessionManager.getInstance().getSession(iRequest.sessionId);
    if (session == null)
        throw new OSecurityAccessException(iRequest.databaseName, "No session active");
    // after authentication, if current login user is different compare with current DB user, reset DB user to login user
    ODatabaseDocumentInternal localDatabase = ODatabaseRecordThreadLocal.INSTANCE.getIfDefined();
    if (localDatabase == null) {
        localDatabase = (ODatabaseDocumentTx) server.openDatabase(iRequest.databaseName, session.getUserName(), session.getUserPassword());
    } else {
        String currentUserId = iRequest.data.currentUserId;
        if (currentUserId != null && currentUserId.length() > 0 && localDatabase != null && localDatabase.getUser() != null) {
            if (!currentUserId.equals(localDatabase.getUser().getIdentity().toString())) {
                ODocument userDoc = localDatabase.load(new ORecordId(currentUserId));
                localDatabase.setUser(new OUser(userDoc));
            }
        }
    }
    iRequest.data.lastDatabase = localDatabase.getName();
    iRequest.data.lastUser = localDatabase.getUser() != null ? localDatabase.getUser().getName() : null;
    return (ODatabaseDocumentTx) localDatabase.getDatabaseOwner();
}
Also used : OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) ODatabaseDocumentTx(com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx) OUser(com.orientechnologies.orient.core.metadata.security.OUser) ODatabaseDocumentInternal(com.orientechnologies.orient.core.db.ODatabaseDocumentInternal) ORecordId(com.orientechnologies.orient.core.id.ORecordId) ODocument(com.orientechnologies.orient.core.record.impl.ODocument)

Aggregations

OSecurityAccessException (com.orientechnologies.orient.core.exception.OSecurityAccessException)14 ODatabaseDocument (com.orientechnologies.orient.core.db.document.ODatabaseDocument)4 ODocument (com.orientechnologies.orient.core.record.impl.ODocument)4 OLockException (com.orientechnologies.common.concur.lock.OLockException)3 ODatabaseDocumentTx (com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx)2 ODatabaseException (com.orientechnologies.orient.core.exception.ODatabaseException)2 OIndex (com.orientechnologies.orient.core.index.OIndex)2 OIndexDefinition (com.orientechnologies.orient.core.index.OIndexDefinition)2 OProperty (com.orientechnologies.orient.core.metadata.schema.OProperty)2 OUser (com.orientechnologies.orient.core.metadata.security.OUser)2 OStorageProxy (com.orientechnologies.orient.core.storage.OStorageProxy)2 IOException (java.io.IOException)2 OOfflineNodeException (com.orientechnologies.common.concur.OOfflineNodeException)1 OException (com.orientechnologies.common.exception.OException)1 ODatabaseDocumentInternal (com.orientechnologies.orient.core.db.ODatabaseDocumentInternal)1 OConfigurationException (com.orientechnologies.orient.core.exception.OConfigurationException)1 ORecordId (com.orientechnologies.orient.core.id.ORecordId)1 OClass (com.orientechnologies.orient.core.metadata.schema.OClass)1 OClassImpl (com.orientechnologies.orient.core.metadata.schema.OClassImpl)1 OPropertyImpl (com.orientechnologies.orient.core.metadata.schema.OPropertyImpl)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial