Examples with SecurityConfig com.thoughtworks.go.config.SecurityConfig used on opensource projects

Search in sources :

Example 1 with SecurityConfig

use of com.thoughtworks.go.config.SecurityConfig in project gocd by gocd.

the class LdapContextFactory method initializeDelegator.

void initializeDelegator() {
    //LdapAuthenticationProvider has checked that LDAP config directoryExists
    SecurityConfig securityConfig = goConfigService.security();
    LdapConfig ldapConfig = securityConfig.ldapConfig();
    if (ldapConfig.isEnabled()) {
        try {
            delegate = new DefaultSpringSecurityContextSource(ldapConfig.uri());
            //so user can define the variable java.naming.referral=follow in the server.sh
            delegate.setBaseEnvironmentProperties(System.getProperties());
            new LdapContextSourceConfigurator(ldapConfig).configure(delegate);
            delegate.afterPropertiesSet();
        } catch (Exception e) {
            throw bomb("Invalid or empty ldap config, Error creating DefaultSpringSecurityContextSource", e);
        }
    }
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) SecurityConfig(com.thoughtworks.go.config.SecurityConfig) NamingException(org.springframework.ldap.NamingException)

Example 2 with SecurityConfig

use of com.thoughtworks.go.config.SecurityConfig in project gocd by gocd.

the class LdapUserSearch method searchForUser.

public DirContextOperations searchForUser(String username) {
    SecurityConfig securityConfig = goConfigService.security();
    if (!securityConfig.isSecurityEnabled()) {
        return null;
    }
    LdapConfig ldapConfig = securityConfig.ldapConfig();
    RuntimeException lastFoundException = null;
    BaseConfig failedBaseConfig = null;
    for (BaseConfig baseConfig : ldapConfig.getBasesConfig()) {
        if (lastFoundException != null && !(lastFoundException instanceof BadCredentialsException)) {
            logger.warn(String.format("The ldap configuration for search base '%s' is invalid", failedBaseConfig.getValue()), lastFoundException);
        }
        FilterBasedLdapUserSearch search = getFilterBasedLdapUserSearch(baseConfig.getValue(), ldapConfig.searchFilter());
        search.setSearchSubtree(true);
        // timeout after five seconds
        search.setSearchTimeLimit(5000);
        try {
            return search.searchForUser(username);
        } catch (UsernameNotFoundException e) {
            failedBaseConfig = baseConfig;
            lastFoundException = new BadCredentialsException("Bad credentials");
        } catch (RuntimeException e) {
            failedBaseConfig = baseConfig;
            lastFoundException = e;
        }
    }
    if (lastFoundException != null) {
        throw lastFoundException;
    }
    throw new RuntimeException("No LDAP Search Bases are configured.");
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) SecurityConfig(com.thoughtworks.go.config.SecurityConfig) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BadCredentialsException(org.springframework.security.BadCredentialsException) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig)

Example 3 with SecurityConfig

use of com.thoughtworks.go.config.SecurityConfig in project gocd by gocd.

the class OauthTokenSweeper method securityChanged.

private boolean securityChanged(CruiseConfig newConfig) {
    SecurityConfig currentSecurity = currentConfig.server().security();
    SecurityConfig newSecurity = newConfig.server().security();
    return (currentSecurity == null && newSecurity != null) || (currentSecurity != null && currentSecurity.hasSecurityMethodChanged(newSecurity));
}
Also used : SecurityConfig(com.thoughtworks.go.config.SecurityConfig)

Example 4 with SecurityConfig

use of com.thoughtworks.go.config.SecurityConfig in project gocd by gocd.

the class LdapContextFactoryTest method shouldNotInitializeDelegatorWhenAnLDAPConfigurationIsRemovedFromOurConfig.

@Test
public void shouldNotInitializeDelegatorWhenAnLDAPConfigurationIsRemovedFromOurConfig() {
    LdapContextFactory factory = new LdapContextFactory(goConfigService);
    when(goConfigService.security()).thenReturn(new SecurityConfig(new LdapConfig(goCipher), new PasswordFileConfig(), true));
    try {
        factory.initializeDelegator();
    } catch (Exception e) {
        e.printStackTrace();
        fail("should not have thrown an execption");
    }
    verify(goConfigService).security();
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) SecurityConfig(com.thoughtworks.go.config.SecurityConfig) PasswordFileConfig(com.thoughtworks.go.config.PasswordFileConfig) Test(org.junit.Test)

Example 5 with SecurityConfig

use of com.thoughtworks.go.config.SecurityConfig in project gocd by gocd.

the class LdapUserSearchTest method setUp.

@Before
public void setUp() {
    goConfigService = mock(GoConfigService.class);
    contextFactory = mock(SpringSecurityContextSource.class);
    securityConfig = mock(SecurityConfig.class);
    ldapTemplate = mock(LdapTemplate.class);
    logger = mock(Logger.class);
    ldapUserSearch = new LdapUserSearch(goConfigService, contextFactory, ldapTemplate, logger);
    when(goConfigService.security()).thenReturn(securityConfig);
    spy = spy(ldapUserSearch);
}
Also used : SpringSecurityContextSource(org.springframework.security.ldap.SpringSecurityContextSource) SecurityConfig(com.thoughtworks.go.config.SecurityConfig) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) Logger(org.apache.log4j.Logger) LdapTemplate(org.springframework.ldap.core.LdapTemplate) GoConfigService(com.thoughtworks.go.server.service.GoConfigService) Before(org.junit.Before)

Aggregations

SecurityConfig (com.thoughtworks.go.config.SecurityConfig)28 Test (org.junit.jupiter.api.Test)9 GoConfigService (com.thoughtworks.go.server.service.GoConfigService)6 LdapConfig (com.thoughtworks.go.config.LdapConfig)5 SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)5 Before (org.junit.Before)5 BasicCruiseConfig (com.thoughtworks.go.config.BasicCruiseConfig)4 CruiseConfig (com.thoughtworks.go.config.CruiseConfig)4 PasswordFileConfig (com.thoughtworks.go.config.PasswordFileConfig)4 ServerConfig (com.thoughtworks.go.config.ServerConfig)4 AuthorizationExtension (com.thoughtworks.go.plugin.access.authorization.AuthorizationExtension)4 Test (org.junit.Test)4 AuthorityGranter (com.thoughtworks.go.server.security.AuthorityGranter)3 SystemEnvironment (com.thoughtworks.go.util.SystemEnvironment)3 UserSearchModel (com.thoughtworks.go.presentation.UserSearchModel)2 GoCipher (com.thoughtworks.go.security.GoCipher)2 PluginRoleService (com.thoughtworks.go.server.service.PluginRoleService)2 UserService (com.thoughtworks.go.server.service.UserService)2 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)2 FilterChain (javax.servlet.FilterChain)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial