Example 1 with FileRealmUser
use of com.sun.enterprise.security.auth.realm.file.FileRealmUser in project Payara by payara.
the class GenericAdminAuthenticator method getDefaultAdminUser.
/**
* Return the default admin user. A default admin user only
* exists if the admin realm is a file realm and the admin file
* realm contains exactly one user in the admin group. If so, that's the default
* admin user.
*/
private String getDefaultAdminUser() {
AuthRealm realm = as.getAssociatedAuthRealm();
if (realm == null) {
/*
* If for some reason there is no admin realm available return null
* (instead of throwing an exception).
*/
return null;
}
if (!FileRealm.class.getName().equals(realm.getClassname())) {
ADMSEC_LOGGER.fine("CAN'T FIND DEFAULT ADMIN USER: IT'S NOT A FILE REALM");
// can only find default admin user in file realm
return null;
}
// the property named "file"
String pv = realm.getPropertyValue("file");
File rf = null;
if (pv == null || !(rf = new File(pv)).exists()) {
// an incompletely formed file property or the file property points to a non-existent file, can't allow access
ADMSEC_LOGGER.fine("CAN'T FIND DEFAULT ADMIN USER: THE KEYFILE DOES NOT EXIST");
return null;
}
try {
FileRealm fr = new FileRealm(rf.getAbsolutePath());
String candidateDefaultAdminUser = null;
for (Enumeration users = fr.getUserNames(); users.hasMoreElements(); ) {
String au = (String) users.nextElement();
FileRealmUser fru = (FileRealmUser) fr.getUser(au);
for (String group : fru.getGroups()) {
if (group.equals(AdminConstants.DOMAIN_ADMIN_GROUP_NAME)) {
if (candidateDefaultAdminUser != null) {
ADMSEC_LOGGER.log(Level.FINE, "There are multiple admin users so we cannot use any as a default");
return null;
}
candidateDefaultAdminUser = au;
}
}
}
if (candidateDefaultAdminUser == null) {
ADMSEC_LOGGER.log(Level.FINE, "There are no admin users so we cannot use any as a default");
} else {
// there is only one admin user, in the right group, default to it
ADMSEC_LOGGER.log(Level.FINE, "Will use \"{0}\", if needed, for a default admin user", candidateDefaultAdminUser);
}
return candidateDefaultAdminUser;
} catch (Exception e) {
ADMSEC_LOGGER.log(Level.WARNING, AdminLoggerInfo.mAdminUserSearchError, e);
return null;
}
}
Also used :
AuthRealm(com.sun.enterprise.config.serverbeans.AuthRealm)
Enumeration(java.util.Enumeration)
FileRealmUser(com.sun.enterprise.security.auth.realm.file.FileRealmUser)
FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm)
File(java.io.File)
LoginException(javax.security.auth.login.LoginException)
ServerNotActiveException(java.rmi.server.ServerNotActiveException)
RemoteAdminAccessException(org.glassfish.internal.api.RemoteAdminAccessException)
IOException(java.io.IOException)
Aggregations
AuthRealm (com.sun.enterprise.config.serverbeans.AuthRealm)1
FileRealm (com.sun.enterprise.security.auth.realm.file.FileRealm)1
FileRealmUser (com.sun.enterprise.security.auth.realm.file.FileRealmUser)1
File (java.io.File)1
IOException (java.io.IOException)1
ServerNotActiveException (java.rmi.server.ServerNotActiveException)1
Enumeration (java.util.Enumeration)1
LoginException (javax.security.auth.login.LoginException)1
RemoteAdminAccessException (org.glassfish.internal.api.RemoteAdminAccessException)1
