Examples with AuthRealm com.sun.enterprise.config.serverbeans.AuthRealm used on opensource projects

Example 11 with AuthRealm

use of com.sun.enterprise.config.serverbeans.AuthRealm in project Payara by payara.

the class ListAuthRealm method execute.

/**
 * Executes the command with the command parameters passed as Properties
 * where the keys are the paramter names and the values the parameter values
 *
 * @param context information
 */
public void execute(AdminCommandContext context) {
    final ActionReport report = context.getActionReport();
    for (AuthRealm authRealm : securityService.getAuthRealm()) {
        ActionReport.MessagePart part = report.getTopMessagePart().addChild();
        part.setMessage(authRealm.getName());
    }
    report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
}

Example 12 with AuthRealm

use of com.sun.enterprise.config.serverbeans.AuthRealm in project Payara by payara.

the class FileRealm method getRealmFileNames.

/**
 * Return a list of the file names used by all file realms
 * defined for the specified config.
 *
 * @param   config  the config object
 * @return          a list of the file names for all files realms in the
 *                  config
 */
public static List<String> getRealmFileNames(Config config) {
    List<String> files = new ArrayList<String>();
    SecurityService securityService = config.getSecurityService();
    for (AuthRealm authRealm : securityService.getAuthRealm()) {
        String fileRealmClassName = authRealm.getClassname();
        // skip it if it's not a file realm
        if (fileRealmClassName == null || !fileRealmClassName.equals(FileRealm.class.getName()))
            continue;
        String file = authRealm.getPropertyValue("file");
        if (// skip if no "file" property
        file == null)
            continue;
        if (file.contains("$")) {
            file = RelativePathResolver.resolvePath(file);
        }
        files.add(file);
    }
    return files;
}

Example 13 with AuthRealm

use of com.sun.enterprise.config.serverbeans.AuthRealm in project Payara by payara.

the class ChangeAdminPassword method preAuthorization.

@Override
public boolean preAuthorization(AdminCommandContext context) {
    final ActionReport report = context.getActionReport();
    // Issue 17513 Fix - Check for null passwords if secureadmin is enabled
    secureAdmin = domain.getSecureAdmin();
    if (SecureAdmin.Util.isEnabled(secureAdmin)) {
        if ((newpassword == null) || (newpassword.isEmpty())) {
            report.setMessage(localStrings.getLocalString("null_empty_password", "The new password is null or empty"));
            report.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return false;
        }
    }
    final List<Config> configList = configs.getConfig();
    config = configList.get(0);
    SecurityService securityService = config.getSecurityService();
    fileAuthRealm = null;
    for (AuthRealm authRealm : securityService.getAuthRealm()) {
        if (authRealm.getName().equals(adminService.getAuthRealmName())) {
            fileAuthRealm = authRealm;
            break;
        }
    }
    if (fileAuthRealm == null) {
        report.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotfound", "Server " + "Error: There is no admin realm to perform this operation"));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return false;
    }
    return true;
}

Example 14 with AuthRealm

use of com.sun.enterprise.config.serverbeans.AuthRealm in project Payara by payara.

the class CreateAuthRealm method execute.

/**
 * Executes the command with the command parameters passed as Properties
 * where the keys are the paramter names and the values the parameter values
 *
 * @param context information
 */
public void execute(AdminCommandContext context) {
    final ActionReport report = context.getActionReport();
    // No duplicate auth realms found. So add one.
    try {
        ConfigSupport.apply(new SingleConfigCode<SecurityService>() {

            public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
                AuthRealm newAuthRealm = param.createChild(AuthRealm.class);
                populateAuthRealmElement(newAuthRealm);
                param.getAuthRealm().add(newAuthRealm);
                // In case of cluster instances, this is required to
                // avoid issues with the listener's callback method
                SecurityConfigListener.authRealmCreated(config, newAuthRealm);
                return newAuthRealm;
            }
        }, securityService);
    } catch (TransactionFailure e) {
        report.setMessage(localStrings.getLocalString("create.auth.realm.fail", "Creation of Authrealm {0} failed", authRealmName) + "  " + e.getLocalizedMessage());
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        report.setFailureCause(e);
        return;
    }
    report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
}

Example 15 with AuthRealm

use of com.sun.enterprise.config.serverbeans.AuthRealm in project Payara by payara.

the class GenericAdminAuthenticator method getDefaultAdminUser.

/**
 * Return the default admin user.  A default admin user only
 * exists if the admin realm is a file realm and the admin file
 * realm contains exactly one user in the admin group.  If so, that's the default
 * admin user.
 */
private String getDefaultAdminUser() {
    AuthRealm realm = as.getAssociatedAuthRealm();
    if (realm == null) {
        /*
             * If for some reason there is no admin realm available return null
             * (instead of throwing an exception).
             */
        return null;
    }
    if (!FileRealm.class.getName().equals(realm.getClassname())) {
        ADMSEC_LOGGER.fine("CAN'T FIND DEFAULT ADMIN USER: IT'S NOT A FILE REALM");
        // can only find default admin user in file realm
        return null;
    }
    // the property named "file"
    String pv = realm.getPropertyValue("file");
    File rf = null;
    if (pv == null || !(rf = new File(pv)).exists()) {
        // an incompletely formed file property or the file property points to a non-existent file, can't allow access
        ADMSEC_LOGGER.fine("CAN'T FIND DEFAULT ADMIN USER: THE KEYFILE DOES NOT EXIST");
        return null;
    }
    try {
        FileRealm fr = new FileRealm(rf.getAbsolutePath());
        String candidateDefaultAdminUser = null;
        for (Enumeration users = fr.getUserNames(); users.hasMoreElements(); ) {
            String au = (String) users.nextElement();
            FileRealmUser fru = (FileRealmUser) fr.getUser(au);
            for (String group : fru.getGroups()) {
                if (group.equals(AdminConstants.DOMAIN_ADMIN_GROUP_NAME)) {
                    if (candidateDefaultAdminUser != null) {
                        ADMSEC_LOGGER.log(Level.FINE, "There are multiple admin users so we cannot use any as a default");
                        return null;
                    }
                    candidateDefaultAdminUser = au;
                }
            }
        }
        if (candidateDefaultAdminUser == null) {
            ADMSEC_LOGGER.log(Level.FINE, "There are no admin users so we cannot use any as a default");
        } else {
            // there is only one admin user, in the right group, default to it
            ADMSEC_LOGGER.log(Level.FINE, "Will use \"{0}\", if needed, for a default admin user", candidateDefaultAdminUser);
        }
        return candidateDefaultAdminUser;
    } catch (Exception e) {
        ADMSEC_LOGGER.log(Level.WARNING, AdminLoggerInfo.mAdminUserSearchError, e);
        return null;
    }
}