use of com.sun.enterprise.security.auth.realm.file.FileRealm in project Payara by payara.
the class SecureAdminHelperImpl method adminRealm.
private FileRealm adminRealm() throws BadRealmException, NoSuchRealmException {
final AuthRealm ar = as.getAssociatedAuthRealm();
if (FileRealm.class.getName().equals(ar.getClassname())) {
String adminKeyFilePath = ar.getPropertyValue("file");
FileRealm fr = new FileRealm(adminKeyFilePath);
return fr;
}
return null;
}
use of com.sun.enterprise.security.auth.realm.file.FileRealm in project Payara by payara.
the class FileLoginModule method authenticate.
/**
* Perform file authentication. Delegates to FileRealm.
*
* @throws LoginException If login fails (JAAS login() behavior).
*/
protected void authenticate() throws LoginException {
if (!(_currentRealm instanceof FileRealm)) {
String msg = sm.getString("filelm.badrealm");
throw new LoginException(msg);
}
FileRealm fileRealm = (FileRealm) _currentRealm;
String[] grpList = fileRealm.authenticate(_username, getPasswordChar());
if (grpList == null) {
// JAAS behavior
String msg = sm.getString("filelm.faillogin", _username);
throw new LoginException(msg);
}
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "File login succeeded for: " + _username);
}
commitAuthentication(_username, getPasswordChar(), _currentRealm, grpList);
}
use of com.sun.enterprise.security.auth.realm.file.FileRealm in project Payara by payara.
the class ChangeAdminPassword method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotsupported", "Configured admin realm is not supported."));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("change.admin.password.keyfilenotfound", "There is no physical file associated with admin realm"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// We have the right impl so let's get to updating existing user
FileRealm fr = null;
try {
realmsManager.createRealms(config);
fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), fileAuthRealm.getName());
if (fr == null) {
throw new NoSuchRealmException(fileAuthRealm.getName());
}
} catch (NoSuchRealmException e) {
report.setMessage(localStrings.getLocalString("change.admin.password.realmnotsupported", "Configured admin realm does not exist.") + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
// now updating admin user password
try {
Enumeration en = fr.getGroupNames(userName);
int size = 0;
while (en.hasMoreElements()) {
size++;
en.nextElement();
}
String[] groups = new String[size];
en = fr.getGroupNames(userName);
for (int i = 0; i < size; i++) {
groups[i] = (String) en.nextElement();
}
fr.updateUser(userName, userName, newpassword.toCharArray(), groups);
fr.persist();
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("change.admin.password.userupdatefailed", "Password change failed for user named {0}", userName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
use of com.sun.enterprise.security.auth.realm.file.FileRealm in project Payara by payara.
the class CreateFileUser method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("create.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
final String kf = keyFile;
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("create.file.user.keyfilenotfound", "There is no physical file associated with this file realm {0} ", authRealmName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
boolean exists = (new File(kf)).exists();
if (!exists) {
report.setMessage(localStrings.getLocalString("file.realm.keyfilenonexistent", "The specified physical file {0} associated with the file realm {1} does not exist.", new Object[] { kf, authRealmName }));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// Now get all inputs ready. userid and groups are straightforward but
// password is tricky. It is stored in the file passwordfile passed
// through the CLI options. It is stored under the name
// AS_ADMIN_USERPASSWORD. Fetch it from there.
// fetchPassword(report);
final String password = userpassword;
if (password == null) {
report.setMessage(localStrings.getLocalString("create.file.user.keyfilenotreadable", "Password for user {0} " + "has to be specified in --userpassword option or supplied " + "through AS_ADMIN_USERPASSWORD property in the file specified " + "in --passwordfile option", userName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// Issue 17525 Fix - Check for null passwords for admin-realm if secureadmin is enabled
secureAdmin = domain.getSecureAdmin();
if ((SecureAdmin.Util.isEnabled(secureAdmin)) && (authRealmName.equals(adminService.getAuthRealmName()))) {
if (password.isEmpty()) {
report.setMessage(localStrings.getLocalString("null_empty_password", "The admin user password is null or empty"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
// now adding user
try {
// even though create-file-user is not an update to the security-service
// do we need to make it transactional by referncing the securityservice
// hypothetically ?.
ConfigSupport.apply(new SingleConfigCode<SecurityService>() {
public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
try {
realmsManager.createRealms(config);
// If the (shared) keyfile is updated by an external process, load the users first
refreshRealm(config.getName(), authRealmName);
final FileRealm fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
CreateFileUser.handleAdminGroup(authRealmName, groups);
String[] groups1 = groups.toArray(new String[groups.size()]);
try {
fr.addUser(userName, password.toCharArray(), groups1);
} catch (BadRealmException br) {
if (se != null && se.isDas()) {
throw new BadRealmException(br);
}
}
fr.persist();
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (Exception e) {
String localalizedErrorMsg = (e.getLocalizedMessage() == null) ? "" : e.getLocalizedMessage();
report.setMessage(localStrings.getLocalString("create.file.user.useraddfailed", "Adding User {0} to the file realm {1} failed", userName, authRealmName) + " " + localalizedErrorMsg);
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
return null;
}
}, securityService);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("create.file.user.useraddfailed", "Adding User {0} to the file realm {1} failed", userName, authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
use of com.sun.enterprise.security.auth.realm.file.FileRealm in project Payara by payara.
the class ListFileGroup method getFileRealm.
private FileRealm getFileRealm(final SecurityService securityService, AuthRealm fileAuthRealm, ActionReport report) {
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("list.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return null;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("list.file.user.keyfilenotfound", "There is no physical file associated with this file realm {0} ", authRealmName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return null;
}
// We have the right impl so let's try to remove one
FileRealm fr = null;
try {
realmsManager.createRealms(config);
fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
if (fr == null) {
throw new NoSuchRealmException(authRealmName);
}
} catch (NoSuchRealmException e) {
report.setMessage(localStrings.getLocalString("list.file.user.realmnotsupported", "Configured file realm {0} is not supported.", authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
return fr;
}
Aggregations