Examples with SecurityService com.sun.enterprise.config.serverbeans.SecurityService used on opensource projects

Example 6 with SecurityService

use of com.sun.enterprise.config.serverbeans.SecurityService in project Payara by payara.

the class CreateFileUser method execute.

/**
 * Executes the command with the command parameters passed as Properties
 * where the keys are the paramter names and the values the parameter values
 *
 * @param context information
 */
public void execute(AdminCommandContext context) {
    final ActionReport report = context.getActionReport();
    // Get FileRealm class name, match it with what is expected.
    String fileRealmClassName = fileAuthRealm.getClassname();
    // Report error if provided impl is not the one expected
    if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
        report.setMessage(localStrings.getLocalString("create.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return;
    }
    // ensure we have the file associated with the authrealm
    String keyFile = null;
    for (Property fileProp : fileAuthRealm.getProperty()) {
        if (fileProp.getName().equals("file"))
            keyFile = fileProp.getValue();
    }
    final String kf = keyFile;
    if (keyFile == null) {
        report.setMessage(localStrings.getLocalString("create.file.user.keyfilenotfound", "There is no physical file associated with this file realm {0} ", authRealmName));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return;
    }
    boolean exists = (new File(kf)).exists();
    if (!exists) {
        report.setMessage(localStrings.getLocalString("file.realm.keyfilenonexistent", "The specified physical file {0} associated with the file realm {1} does not exist.", new Object[] { kf, authRealmName }));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return;
    }
    // Now get all inputs ready. userid and groups are straightforward but
    // password is tricky. It is stored in the file passwordfile passed
    // through the CLI options. It is stored under the name
    // AS_ADMIN_USERPASSWORD. Fetch it from there.
    // fetchPassword(report);
    final String password = userpassword;
    if (password == null) {
        report.setMessage(localStrings.getLocalString("create.file.user.keyfilenotreadable", "Password for user {0} " + "has to be specified in --userpassword option or supplied " + "through AS_ADMIN_USERPASSWORD property in the file specified " + "in --passwordfile option", userName));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return;
    }
    // Issue 17525 Fix - Check for null passwords for admin-realm if secureadmin is enabled
    secureAdmin = domain.getSecureAdmin();
    if ((SecureAdmin.Util.isEnabled(secureAdmin)) && (authRealmName.equals(adminService.getAuthRealmName()))) {
        if (password.isEmpty()) {
            report.setMessage(localStrings.getLocalString("null_empty_password", "The admin user password is null or empty"));
            report.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
    }
    // now adding user
    try {
        // even though create-file-user is not an update to the security-service
        // do we need to make it transactional by referncing the securityservice
        // hypothetically ?.
        ConfigSupport.apply(new SingleConfigCode<SecurityService>() {

            public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
                try {
                    realmsManager.createRealms(config);
                    // If the (shared) keyfile is updated by an external process, load the users first
                    refreshRealm(config.getName(), authRealmName);
                    final FileRealm fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
                    CreateFileUser.handleAdminGroup(authRealmName, groups);
                    String[] groups1 = groups.toArray(new String[groups.size()]);
                    try {
                        fr.addUser(userName, password.toCharArray(), groups1);
                    } catch (BadRealmException br) {
                        if (se != null && se.isDas()) {
                            throw new BadRealmException(br);
                        }
                    }
                    fr.persist();
                    report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
                } catch (Exception e) {
                    String localalizedErrorMsg = (e.getLocalizedMessage() == null) ? "" : e.getLocalizedMessage();
                    report.setMessage(localStrings.getLocalString("create.file.user.useraddfailed", "Adding User {0} to the file realm {1} failed", userName, authRealmName) + "  " + localalizedErrorMsg);
                    report.setActionExitCode(ActionReport.ExitCode.FAILURE);
                    report.setFailureCause(e);
                }
                return null;
            }
        }, securityService);
    } catch (Exception e) {
        report.setMessage(localStrings.getLocalString("create.file.user.useraddfailed", "Adding User {0} to the file realm {1} failed", userName, authRealmName) + "  " + e.getLocalizedMessage());
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        report.setFailureCause(e);
    }
}

Example 7 with SecurityService

use of com.sun.enterprise.config.serverbeans.SecurityService in project Payara by payara.

the class DeleteAuditModule method execute.

/**
 * Executes the command with the command parameters passed as Properties
 * where the keys are the paramter names and the values the parameter values
 *
 * @param context information
 */
public void execute(AdminCommandContext context) {
    ActionReport report = context.getActionReport();
    try {
        if (auditModule == null) {
            report.setMessage(localStrings.getLocalString("delete.audit.module.notfound", "Specified Audit Module {0} not found", auditModuleName));
            report.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        ConfigSupport.apply(new SingleConfigCode<SecurityService>() {

            public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
                param.getAuditModule().remove(auditModule);
                return null;
            }
        }, securityService);
    } catch (TransactionFailure e) {
        report.setMessage(localStrings.getLocalString("delete.audit.module.fail", "Deletion of Audit Module {0} failed", auditModuleName));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        report.setFailureCause(e);
    }
    /*report.setMessage(localStrings.getLocalString("delete.audit.module.success",
            "Deletion of Audit Module {0} completed successfully", auditModuleName));*/
    report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
}

Example 8 with SecurityService

use of com.sun.enterprise.config.serverbeans.SecurityService in project Payara by payara.

the class BaseAuditManager method loadAuditModules.

/**
 * This method initializes BaseAuditManager which load audit modules and
 * audit enabled flag
 */
@Override
public void loadAuditModules() {
    try {
        SecurityService securityBean = serverContext.getDefaultServices().getService(SecurityService.class, ServerEnvironment.DEFAULT_INSTANCE_NAME);
        assert (securityBean != null);
        // @todo will be removed to incorporate the new structure.
        // v3:Commented boolean auditFlag = securityBean.isAuditEnabled();
        boolean auditFlag = Boolean.parseBoolean(securityBean.getAuditEnabled());
        setAuditOn(auditFlag);
        /*V3:Commented
            com.sun.enterprise.config.serverbeans.AuditModule[] am =
                    securityBean.getAuditModule();*/
        List<com.sun.enterprise.config.serverbeans.AuditModule> am = securityBean.getAuditModule();
        for (com.sun.enterprise.config.serverbeans.AuditModule it : am) {
            // V3:Commented for (int i = 0; i < am.length; i++){
            try {
                // V3:Commented String name = am[i].getName();
                // V3:Commented String classname = am[i].getClassname();
                String name = it.getName();
                String classname = it.getClassname();
                Properties p = new Properties();
                // XXX should we remove this two extra properties
                p.setProperty(NAME, name);
                p.setProperty(CLASSNAME, classname);
                List<Property> ep = it.getProperty();
                /*V3:Commented
                    ElementProperty[] ep = am[i].getElementProperty();
                    int epsize = am[i].sizeElementProperty();
                    for (int j = 0; j < epsize; j++){
                        String nme = ep[j].getName();
                        String val = ep[j].getValue();
                        p.setProperty(nme, val);
                    }*/
                for (Property prop : ep) {
                    p.setProperty(prop.getName(), prop.getValue());
                }
                BaseAuditModule auditModule = loadAuditModule(classname, p);
                instances.add(auditModule);
                moduleToNameMap.put(auditModule, name);
                nameToModuleMap.put(name, auditModule);
                if (isAuditModuleOfParameterizedType(auditModule)) {
                    typedModules.add((T) auditModule);
                }
            } catch (Exception ex) {
                String msg = _localStrings.getLocalString("auditmgr.loaderror", "Audit: Cannot load AuditModule = {0}", // V3:Commented new Object[]{ am[i].getName() });
                new Object[] { it.getName() });
                _logger.log(Level.WARNING, msg, ex);
            }
        }
    } catch (Exception e) {
        String msg = _localStrings.getLocalString("auditmgr.badinit", "Audit: Cannot load Audit Module Initialization information. AuditModules will not be loaded.");
        _logger.log(Level.WARNING, msg, e);
    }
}

Example 9 with SecurityService

use of com.sun.enterprise.config.serverbeans.SecurityService in project Payara by payara.

the class RealmsManager method setDefaultDigestAlgorithm.

private void setDefaultDigestAlgorithm() {
    SecurityService service = config.getSecurityService();
    if (service == null) {
        return;
    }
    List<Property> props = service.getProperty();
    if (props == null) {
        return;
    }
    Iterator<Property> propsIterator = props.iterator();
    while (propsIterator != null && propsIterator.hasNext()) {
        Property prop = propsIterator.next();
        if (prop != null && DEFAULT_DIGEST_ALGORITHM.equals(prop.getName())) {
            this.defaultDigestAlgorithm = prop.getValue();
            break;
        }
    }
}

Example 10 with SecurityService

use of com.sun.enterprise.config.serverbeans.SecurityService in project Payara by payara.

the class FileRealm method getRealmFileNames.

/**
 * Return a list of the file names used by all file realms
 * defined for the specified config.
 *
 * @param   config  the config object
 * @return          a list of the file names for all files realms in the
 *                  config
 */
public static List<String> getRealmFileNames(Config config) {
    List<String> files = new ArrayList<String>();
    SecurityService securityService = config.getSecurityService();
    for (AuthRealm authRealm : securityService.getAuthRealm()) {
        String fileRealmClassName = authRealm.getClassname();
        // skip it if it's not a file realm
        if (fileRealmClassName == null || !fileRealmClassName.equals(FileRealm.class.getName()))
            continue;
        String file = authRealm.getPropertyValue("file");
        if (// skip if no "file" property
        file == null)
            continue;
        if (file.contains("$")) {
            file = RelativePathResolver.resolvePath(file);
        }
        files.add(file);
    }
    return files;
}