Example 11 with DecodeAction
use of com.sun.identity.security.DecodeAction in project OpenAM by OpenRock.
the class AMSetupServlet method getSMSPassword.
/**
* Gets clear password of SMS datastore
* @param ssg <code>ServerGroup</code> instance representing SMS
* or Configuration datastore.
* @return clear password
*/
private static String getSMSPassword(ServerGroup ssg) throws Exception {
DirUserObject sduo = (DirUserObject) ssg.dsUsers.get(0);
String epass = sduo.password;
return AccessController.doPrivileged(new DecodeAction(epass));
}
Also used :
DirUserObject(com.sun.identity.common.configuration.ServerConfigXML.DirUserObject)
DecodeAction(com.sun.identity.security.DecodeAction)
Example 12 with DecodeAction
use of com.sun.identity.security.DecodeAction in project OpenAM by OpenRock.
the class AttributeSchemaImpl method update.
/**
* Updates the attribute schema object based on information in the XML node
*/
void update(Node n) {
Node node;
// Copy the XML node
attrSchemaNode = n;
// Get attribute name
name = XMLUtils.getNodeAttributeValue(n, SMSUtils.NAME);
// Get json name
resourceName = XMLUtils.getNodeAttributeValue(n, SMSUtils.RESOURCE_NAME);
// Get I18N key
key = XMLUtils.getNodeAttributeValue(n, SMSUtils.I18N_KEY);
// Get Attribute type
String attrType = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_TYPE);
type = AttributeSchema.Type.LIST;
if (attrType != null) {
try {
Class attrClass = (AttributeSchema.Type.LIST).getClass();
type = (AttributeSchema.Type) (attrClass.getField(attrType.toUpperCase()).get(AttributeSchema.Type.LIST));
} catch (Exception e) {
// do nothing, use the default
}
}
// Get attribute UI type
String attrUIType = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_UITYPE);
uitype = null;
if (attrUIType != null) {
try {
Class attrClass = (AttributeSchema.UIType.LINK).getClass();
uitype = (AttributeSchema.UIType) (attrClass.getField(attrUIType.toUpperCase()).get(AttributeSchema.UIType.LINK));
} catch (Exception e) {
// do nothing, use the default
}
}
// Get attribute list order
String attrListOrder = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_LIST_ORDER);
listOrder = null;
if (attrListOrder != null) {
try {
listOrder = AttributeSchema.ListOrder.valueOf(attrListOrder.toUpperCase());
} catch (Exception e) {
// do nothing, use the default
}
}
// Get attribute syntax
String attrSyntax = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_SYNTAX);
syntax = AttributeSchema.Syntax.STRING;
if (attrSyntax != null) {
try {
Class syntaxClass = (AttributeSchema.Syntax.STRING).getClass();
syntax = (AttributeSchema.Syntax) (syntaxClass.getField(attrSyntax.toUpperCase()).get(AttributeSchema.Syntax.STRING));
} catch (Exception e) {
// do nothing, use the default setting
}
}
// If syntax is boolean, get the "true" & "false" values
Node booleanValue;
if ((syntax.equals(AttributeSchema.Syntax.BOOLEAN)) && ((booleanValue = XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_BOOLEAN_VALUES_ELEMENT)) != null)) {
// Get the True value
if ((node = XMLUtils.getChildNode(booleanValue, SMSUtils.ATTRIBUTE_TRUE_BOOLEAN_ELEMENT)) != null) {
trueBooleanValue = XMLUtils.getValueOfValueNode(node);
trueValueKey = XMLUtils.getNodeAttributeValue(node, SMSUtils.I18N_KEY);
} else {
trueBooleanValue = "true";
}
// Get the false value
if ((node = XMLUtils.getChildNode(booleanValue, SMSUtils.ATTRIBUTE_FALSE_BOOLEAN_ELEMENT)) != null) {
falseBooleanValue = XMLUtils.getValueOfValueNode(node);
falseValueKey = XMLUtils.getNodeAttributeValue(node, SMSUtils.I18N_KEY);
} else {
falseBooleanValue = "false";
}
} else {
trueBooleanValue = "true";
falseBooleanValue = "false";
}
// Get choice values, if applicable
if (type.equals(AttributeSchema.Type.SINGLE_CHOICE) || type.equals(AttributeSchema.Type.MULTIPLE_CHOICE) || type.equals(AttributeSchema.Type.LIST)) {
Node choiceValueNode = XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_CHOICE_VALUES_ELEMENT);
if (choiceValueNode != null) {
hasChoiceValues = true;
// If the sub-element ChoiceValuesClassName, use it
Node cvClassName = XMLUtils.getChildNode(choiceValueNode, SMSUtils.ATTRIBUTE_CHOICE_CLASS);
if (cvClassName != null) {
String className = XMLUtils.getNodeAttributeValue(cvClassName, SMSUtils.CLASS_NAME);
try {
Class c = Class.forName(className);
choiceObject = (ChoiceValues) c.newInstance();
choiceObject.setAttributeSchema(this);
choiceObject.setKeyValues(cvClassName);
choiceObject.setParentNode(n);
} catch (Exception e) {
SMSEntry.debug.error("SMS AttributeSchema: " + "Unable to load class: " + className, e);
choiceObject = null;
}
}
// If choice class not present, use ChoiceValues element
if (choiceObject == null) {
// Choice object was not configured or error in obtaining it
choiceValues = new LinkedHashMap();
Iterator cit = XMLUtils.getChildNodes(choiceValueNode, SMSUtils.ATTRIBUTE_CHOICE_VALUE_ELEMENT).iterator();
while (cit.hasNext()) {
Node cnode = (Node) cit.next();
String choiceValue = XMLUtils.getValueOfValueNode(cnode);
String i18nKey = XMLUtils.getNodeAttributeValue(cnode, SMSUtils.I18N_KEY);
choiceValues.put(choiceValue, i18nKey);
}
}
}
}
// Get default values
if ((node = XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT)) != null) {
// If the sub-element DefaultValuesClassName, use it
Node dvClassName = XMLUtils.getChildNode(node, SMSUtils.ATTRIBUTE_DEFAULT_CLASS);
if (dvClassName != null) {
String className = XMLUtils.getNodeAttributeValue(dvClassName, SMSUtils.CLASS_NAME);
try {
Class c = Class.forName(className);
defaultsObject = (DefaultValues) c.newInstance();
defaultsObject.setAttributeSchema(this);
defaultsObject.setKeyValues(dvClassName);
defaultsObject.setParentNode(n);
} catch (Exception e) {
SMSEntry.debug.error("SMS AttributeSchema: " + "Unable to load class: " + className, e);
// use default approach
defaultValues = getValues(node);
}
} else {
defaultValues = getValues(node);
}
}
// If syntax is password, decrypt the attribute values
if ((syntax.equals(AttributeSchema.Syntax.PASSWORD) || syntax.equals(AttributeSchema.Syntax.ENCRYPTED_PASSWORD)) && (defaultValues != null)) {
Iterator iter = defaultValues.iterator();
defaultValues = new HashSet();
while (iter.hasNext()) {
String value = (String) iter.next();
if (value != null) {
try {
value = (String) AccessController.doPrivileged(new DecodeAction(value));
} catch (Throwable e) {
SMSEntry.debug.error("AttributeSchemaImpl: Unable to decode", e);
}
}
defaultValues.add(value);
}
}
// Set the cosQualifier
if ((cosQualifier = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_COS_QUALIFIER)) == null) {
cosQualifier = "default";
}
// Get range start
rangeStart = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_RANGE_START);
// Get range end
rangeEnd = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_RANGE_END);
// Get minimum number of values
try {
minValue = Integer.parseInt(XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_MIN_VALUE));
} catch (NumberFormatException e) {
minValue = -1;
}
// Get maximum number of values
try {
maxValue = Integer.parseInt(XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_MAX_VALUE));
} catch (NumberFormatException e) {
maxValue = -1;
}
// get validator
validator = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_VALIDATOR);
// Check if the variable is optional
if (XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_OPTIONAL) != null) {
isOptional = true;
}
// COS identifer
isServiceIdentifier = false;
if (XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_SERVICE_ID) != null) {
isServiceIdentifier = true;
}
// Resource name allowed
isResourceNameAllowed = false;
if (XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_RESOURCE_NAME) != null) {
isResourceNameAllowed = true;
}
// Service Status attribute
isStatusAttribute = false;
if (XMLUtils.getChildNode(n, SMSUtils.ATTRIBUTE_STATUS_ATTR) != null) {
isStatusAttribute = true;
}
// Any attribute
any = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_ANY);
// Get view bean url
attributeViewBeanURL = XMLUtils.getNodeAttributeValue(n, SMSUtils.ATTRIBUTE_VIEW_BEAN_URL);
isSearchable = false;
String srch = XMLUtils.getNodeAttributeValue(n, SMSUtils.ISSEARCHABLE);
if ((srch != null) && (srch.equalsIgnoreCase("yes"))) {
isSearchable = true;
}
}
Also used :
Node(org.w3c.dom.Node)
Iterator(java.util.Iterator)
DecodeAction(com.sun.identity.security.DecodeAction)
LinkedHashMap(java.util.LinkedHashMap)
HashSet(java.util.HashSet)
LinkedHashSet(java.util.LinkedHashSet)
Example 13 with DecodeAction
use of com.sun.identity.security.DecodeAction in project OpenAM by OpenRock.
the class ServiceManager method checkAndEncryptPasswordSyntax.
protected static void checkAndEncryptPasswordSyntax(Document doc, boolean encrypt, AMEncryption encryptObj) throws SMSException {
// Get the node list of all AttributeSchema
NodeList nl = doc.getElementsByTagName(SMSUtils.SCHEMA_ATTRIBUTE);
for (int i = 0; i < nl.getLength(); i++) {
Node node = nl.item(i);
// Check if the "syntax" attribute is "password"
String syntax = XMLUtils.getNodeAttributeValue(node, SMSUtils.ATTRIBUTE_SYNTAX);
if (syntax.equals(AttributeSchema.Syntax.PASSWORD.toString())) {
if (debug.messageEnabled()) {
debug.message("ServiceManager: encrypting password syntax");
}
// Get the DefaultValues and encrypt then
Node defaultNode;
if ((defaultNode = XMLUtils.getChildNode(node, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT)) != null) {
// Get NodeList of "Value" nodes and encrypt them
for (Iterator items = XMLUtils.getChildNodes(defaultNode, SMSUtils.ATTRIBUTE_VALUE).iterator(); items.hasNext(); ) {
Node valueNode = (Node) items.next();
String value = XMLUtils.getValueOfValueNode(valueNode);
String encValue;
// skip empty passwords
if (value.equals("null")) {
continue;
}
if (encrypt) {
if (encryptObj != null) {
value = (String) AccessController.doPrivileged(new DecodeAction(value, encryptObj));
if (value.equals("&#160;")) {
try {
byte[] b = new byte[1];
b[0] = -96;
value = new String(b, "ISO-8859-1");
} catch (UnsupportedEncodingException e) {
//ignore
}
}
}
encValue = (String) AccessController.doPrivileged(new EncodeAction(value));
} else {
encValue = AccessController.doPrivileged(new DecodeAction(value));
if (encValue == null) {
encValue = "&#160;";
} else {
try {
//this is catch the whitespace for password
byte[] b = encValue.getBytes("ISO-8859-1");
if ((b.length == 1) && (b[0] == -96)) {
encValue = "&#160;";
}
} catch (UnsupportedEncodingException e) {
//ignore
}
}
if (encryptObj != null) {
encValue = (String) AccessController.doPrivileged(new EncodeAction(encValue, encryptObj));
}
}
// Construct the encrypted "Value" node
StringBuilder sb = new StringBuilder(100);
sb.append(AttributeSchema.VALUE_BEGIN).append(encValue).append(AttributeSchema.VALUE_END);
Document newDoc = SMSSchema.getXMLDocument(sb.toString(), false);
Node newValueNode = XMLUtils.getRootNode(newDoc, SMSUtils.ATTRIBUTE_VALUE);
// Replace the node
Node nValueNode = doc.importNode(newValueNode, true);
defaultNode.replaceChild(nValueNode, valueNode);
}
}
}
}
}
Also used :
EncodeAction(com.sun.identity.security.EncodeAction)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Iterator(java.util.Iterator)
DecodeAction(com.sun.identity.security.DecodeAction)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Document(org.w3c.dom.Document)
Example 14 with DecodeAction
use of com.sun.identity.security.DecodeAction in project OpenAM by OpenRock.
the class ServerCertReport method readPwdFile.
private String readPwdFile(String pfile) {
String pwdStr = null;
if (pfile != null) {
try {
FileInputStream fis = new FileInputStream(pfile);
InputStreamReader isr = new InputStreamReader(fis);
BufferedReader br = new BufferedReader(isr);
pwdStr = (String) AccessController.doPrivileged(new DecodeAction(br.readLine()));
fis.close();
} catch (Exception e) {
Debug.getInstance(DEBUG_NAME).error("ServerCertReport.readPwdFile: " + "Exception in reading password file information", e);
}
}
return pwdStr;
}
Also used :
InputStreamReader(java.io.InputStreamReader)
BufferedReader(java.io.BufferedReader)
DecodeAction(com.sun.identity.security.DecodeAction)
FileInputStream(java.io.FileInputStream)
Example 15 with DecodeAction
use of com.sun.identity.security.DecodeAction in project OpenAM by OpenRock.
the class GetHttpSession method validateRequest.
private boolean validateRequest(HttpServletRequest servletRequest) {
try {
String encryptedCookie = CookieUtils.getCookieValueFromReq(servletRequest, serviceConfig.getSecurityCookieName());
if (encryptedCookie == null) {
sessionDebug.error("GetHttpSession.validateRequest: no Security Cookie in the request");
return false;
}
String decryptedCookie = AccessController.doPrivileged(new DecodeAction(encryptedCookie));
StringTokenizer st = new StringTokenizer(decryptedCookie, "@");
String serverURL = st.nextToken();
long requestTimeStamp = Long.parseLong(st.nextToken());
long currentTime = System.currentTimeMillis();
if (Math.abs(currentTime - requestTimeStamp) > MAX_TIMESTAMP_DIFF) {
sessionDebug.error("GetHttpSession.validateRequest: Max time elapsed for the Request");
return false;
}
Set<String> platformServerList = WebtopNaming.getPlatformServerList();
if (!platformServerList.contains(serverURL)) {
sessionDebug.error("GetHttpSession.validateRequest: request host :" + serverURL + "was not part of the platformServerList");
}
return true;
} catch (Exception e) {
sessionDebug.error("GetHttpSession.validateRequest: Exception while validating the request ", e);
return false;
}
}
Also used :
StringTokenizer(java.util.StringTokenizer)
DecodeAction(com.sun.identity.security.DecodeAction)
IOException(java.io.IOException)
SessionException(com.iplanet.dpro.session.SessionException)
Aggregations
DecodeAction (com.sun.identity.security.DecodeAction)18
Iterator (java.util.Iterator)9
HashSet (java.util.HashSet)7
Set (java.util.Set)5
IOException (java.io.IOException)4
SSOException (com.iplanet.sso.SSOException)3
IdRepoException (com.sun.identity.idm.IdRepoException)3
BufferedReader (java.io.BufferedReader)3
HashMap (java.util.HashMap)3
Node (org.w3c.dom.Node)3
SessionException (com.iplanet.dpro.session.SessionException)2
EncodeAction (com.sun.identity.security.EncodeAction)2
AttributeSchema (com.sun.identity.sm.AttributeSchema)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
FileInputStream (java.io.FileInputStream)2
InputStreamReader (java.io.InputStreamReader)2
ObjectInputStream (java.io.ObjectInputStream)2
Map (java.util.Map)2
StringTokenizer (java.util.StringTokenizer)2
XMLException (com.iplanet.services.util.XMLException)1
