Example 11 with ParamWithValueType
use of com.tremolosecurity.config.xml.ParamWithValueType in project OpenUnison by TremoloSecurity.
the class PersistentCookieResult method createResultCookie.
@Override
public void createResultCookie(Cookie cookie, HttpServletRequest request, HttpServletResponse response) throws ServletException {
UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
ConfigManager mgr = holder.getConfig();
HashSet<String> mechs = new HashSet<String>();
for (String mechName : mgr.getAuthMechs().keySet()) {
MechanismType mech = mgr.getAuthMechs().get(mechName);
if (mech.getClassName().equalsIgnoreCase("com.tremolosecurity.proxy.auth.persistentCookie.PersistentCookie")) {
mechs.add(mechName);
}
}
AuthController authCtl = (AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL);
String chainName = authCtl.getAuthInfo().getAuthChain();
AuthChainType chain = mgr.getAuthChains().get(chainName);
chain = AuthManagerImpl.buildACT(chain, mgr);
int millisToLive = 0;
String keyAlias = "";
boolean useSSLSession = false;
for (AuthMechType amt : chain.getAuthMech()) {
if (mechs.contains(amt.getName())) {
for (ParamWithValueType pt : amt.getParams().getParam()) {
String value = "";
if (pt.getValue() != null && !pt.getValue().isBlank()) {
value = pt.getValue();
} else {
value = pt.getValueAttribute();
}
if (pt.getName().equalsIgnoreCase("millisToLive")) {
millisToLive = Integer.parseInt(value);
}
if (pt.getName().equalsIgnoreCase("useSSLSessionID") && value.equalsIgnoreCase("true")) {
useSSLSession = true;
} else if (pt.getName().equalsIgnoreCase("keyAlias")) {
keyAlias = value;
}
}
}
}
DateTime now = new DateTime();
DateTime expires = now.plusMillis(millisToLive);
com.tremolosecurity.lastmile.LastMile lastmile = null;
try {
lastmile = new com.tremolosecurity.lastmile.LastMile("/", now, expires, 0, "NONE");
} catch (URISyntaxException e) {
// not possible
}
lastmile.getAttributes().add(new Attribute("DN", authCtl.getAuthInfo().getUserDN()));
lastmile.getAttributes().add(new Attribute("CLIENT_IP", request.getRemoteAddr()));
if (useSSLSession) {
Object sessionID = request.getAttribute("javax.servlet.request.ssl_session_id");
if (sessionID instanceof byte[]) {
sessionID = new String(Base64.encodeBase64((byte[]) sessionID));
}
lastmile.getAttributes().add(new Attribute("SSL_SESSION_ID", (String) sessionID));
}
try {
cookie.setValue(new StringBuilder().append('"').append(lastmile.generateLastMileToken(mgr.getSecretKey(keyAlias))).append('"').toString());
} catch (Exception e) {
throw new ServletException("Could not encrypt persistent cookie", e);
}
cookie.setMaxAge(millisToLive / 1000);
}
Also used :
Attribute(com.tremolosecurity.saml.Attribute)
AuthMechType(com.tremolosecurity.config.xml.AuthMechType)
URISyntaxException(java.net.URISyntaxException)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
ConfigManager(com.tremolosecurity.config.util.ConfigManager)
DateTime(org.joda.time.DateTime)
ServletException(javax.servlet.ServletException)
URISyntaxException(java.net.URISyntaxException)
UrlHolder(com.tremolosecurity.config.util.UrlHolder)
ServletException(javax.servlet.ServletException)
MechanismType(com.tremolosecurity.config.xml.MechanismType)
ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType)
AuthChainType(com.tremolosecurity.config.xml.AuthChainType)
HashSet(java.util.HashSet)
Example 12 with ParamWithValueType
use of com.tremolosecurity.config.xml.ParamWithValueType in project OpenUnison by TremoloSecurity.
the class CreateSecretQuestionsTask method init.
@Override
public void init(WorkflowTask task, Map<String, Attribute> params) throws ProvisioningException {
numQuestions = Integer.parseInt(params.get("numQuestions").getValues().get(0));
questionNamePrefix = params.get("questionNamePrefix").getValues().get(0);
questionValuePrefix = params.get("questionValuePrefix").getValues().get(0);
chainName = params.get("chainName").getValues().get(0);
if (params.get("mechName") != null) {
this.mechName = params.get("mechName").getValues().get(0);
} else {
this.mechName = "SecretQuestions";
}
for (AuthChainType act : task.getConfigManager().getCfg().getAuthChains().getChain()) {
if (act.getName().equalsIgnoreCase(chainName)) {
for (AuthMechType amt : act.getAuthMech()) {
if (amt.getName().equalsIgnoreCase(this.mechName)) {
for (ParamWithValueType pt : amt.getParams().getParam()) {
String value = "";
if (pt.getValue() != null && !pt.getValue().isBlank()) {
value = pt.getValue();
} else {
value = pt.getValueAttribute();
}
if (pt.getName().equalsIgnoreCase("alg")) {
this.alg = value;
}
if (pt.getName().equalsIgnoreCase("salt")) {
this.salt = value;
}
if (pt.getName().equalsIgnoreCase("questionAttr")) {
this.questionAttr = value;
}
}
}
}
}
}
}
Also used :
AuthMechType(com.tremolosecurity.config.xml.AuthMechType)
ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType)
AuthChainType(com.tremolosecurity.config.xml.AuthChainType)
Example 13 with ParamWithValueType
use of com.tremolosecurity.config.xml.ParamWithValueType in project OpenUnison by TremoloSecurity.
the class AuthManagerImpl method loadAmtParams.
/* (non-Javadoc)
* @see com.tremolosecurity.proxy.auth.sys.AuthManager#loadAmtParams(javax.servlet.http.HttpSession, com.tremolosecurity.config.xml.AuthMechType)
*/
@Override
public void loadAmtParams(HttpSession session, AuthMechType amt) {
HashMap<String, Attribute> authParams = new HashMap<String, Attribute>();
for (ParamWithValueType param : amt.getParams().getParam()) {
Attribute attrib = authParams.get(param.getName());
if (attrib == null) {
attrib = new Attribute(param.getName());
authParams.put(param.getName(), attrib);
}
if (param.getValue() != null && !param.getValue().isBlank()) {
attrib.getValues().add(param.getValue());
} else {
if (param.getValueAttribute() == null) {
attrib.getValues().add("");
} else {
attrib.getValues().add(param.getValueAttribute());
}
}
}
session.setAttribute(ProxyConstants.AUTH_MECH_PARAMS, authParams);
session.setAttribute(ProxyConstants.AUTH_MECH_NAME, amt.getName());
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
HashMap(java.util.HashMap)
ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType)
Example 14 with ParamWithValueType
use of com.tremolosecurity.config.xml.ParamWithValueType in project OpenUnison by TremoloSecurity.
the class CustomTask method init.
@Override
public void init(WorkflowTaskType taskConfig) throws ProvisioningException {
CustomTaskType taskCfg = (CustomTaskType) taskConfig;
this.className = taskCfg.getClassName();
params = new HashMap<String, Attribute>();
for (ParamWithValueType pt : taskCfg.getParam()) {
Attribute attr = params.get(pt.getName());
if (attr == null) {
attr = new Attribute(pt.getName());
params.put(pt.getName(), attr);
}
if (pt.getValueAttribute() != null) {
attr.getValues().add(pt.getValueAttribute());
} else {
attr.getValues().add(pt.getValue());
}
}
try {
this.task = (com.tremolosecurity.provisioning.util.CustomTask) Class.forName(this.className).newInstance();
this.task.init(this, params);
} catch (Exception e) {
throw new ProvisioningException("Could not initialize custom task", e);
}
}
Also used :
Attribute(com.tremolosecurity.saml.Attribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
CustomTaskType(com.tremolosecurity.config.xml.CustomTaskType)
Example 15 with ParamWithValueType
use of com.tremolosecurity.config.xml.ParamWithValueType in project OpenUnison by TremoloSecurity.
the class SendMessageThread method addNewJob.
@Override
public void addNewJob(HashSet<String> jobKeys, JobType jobType) throws SchedulerException, ProvisioningException, ClassNotFoundException {
jobKeys.add(jobType.getName() + "-" + jobType.getGroup());
JobKey jk = new JobKey(jobType.getName(), jobType.getGroup());
JobDetail jd = this.scheduler.getJobDetail(jk);
if (jd == null) {
logger.info("Adding new job '" + jobType.getName() + "' / '" + jobType.getGroup() + "'");
try {
addJob(jobType, jk);
} catch (ClassNotFoundException e) {
throw new ProvisioningException("Could not initialize job", e);
}
} else {
// check to see if we need to modify
StringBuffer cron = new StringBuffer();
cron.append(jobType.getCronSchedule().getSeconds()).append(' ').append(jobType.getCronSchedule().getMinutes()).append(' ').append(jobType.getCronSchedule().getHours()).append(' ').append(jobType.getCronSchedule().getDayOfMonth()).append(' ').append(jobType.getCronSchedule().getMonth()).append(' ').append(jobType.getCronSchedule().getDayOfWeek()).append(' ').append(jobType.getCronSchedule().getYear());
Properties configProps = new Properties();
for (ParamWithValueType pt : jobType.getParam()) {
if (pt.getValue() != null && !pt.getValue().isBlank()) {
configProps.setProperty(pt.getName(), pt.getValue());
} else {
configProps.setProperty(pt.getName(), pt.getValueAttribute());
}
}
Properties jobProps = new Properties();
for (String key : jd.getJobDataMap().getKeys()) {
jobProps.setProperty(key, (String) jd.getJobDataMap().getString(key));
}
List<Trigger> triggers = (List<Trigger>) scheduler.getTriggersOfJob(jd.getKey());
CronTrigger trigger = (CronTrigger) triggers.get(0);
if (!jobType.getClassName().equals(jd.getJobClass().getName())) {
logger.info("Reloading job '" + jobType.getName() + "' / '" + jobType.getGroup() + "' - change in class name");
reloadJob(jobType, jd);
} else if (!cron.toString().equalsIgnoreCase(trigger.getCronExpression())) {
logger.info("Reloading job '" + jobType.getName() + "' / '" + jobType.getGroup() + "' - change in schedule");
reloadJob(jobType, jd);
} else if (!configProps.equals(jobProps)) {
logger.info("Reloading job '" + jobType.getName() + "' / '" + jobType.getGroup() + "' - change in properties");
reloadJob(jobType, jd);
}
}
}
Also used :
JobKey(org.quartz.JobKey)
JobDetail(org.quartz.JobDetail)
CronTrigger(org.quartz.CronTrigger)
CronTrigger(org.quartz.CronTrigger)
Trigger(org.quartz.Trigger)
ArrayList(java.util.ArrayList)
List(java.util.List)
Properties(java.util.Properties)
ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType)
Aggregations
ParamWithValueType (com.tremolosecurity.config.xml.ParamWithValueType)18
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)8
AuthMechType (com.tremolosecurity.config.xml.AuthMechType)8
IOException (java.io.IOException)5
Attribute (com.tremolosecurity.saml.Attribute)4
ArrayList (java.util.ArrayList)4
ServletException (javax.servlet.ServletException)4
JSONArray (org.json.simple.JSONArray)4
JSONObject (org.json.simple.JSONObject)4
LDAPException (com.novell.ldap.LDAPException)3
ApplicationType (com.tremolosecurity.config.xml.ApplicationType)3
MechanismType (com.tremolosecurity.config.xml.MechanismType)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
CertificateEncodingException (java.security.cert.CertificateEncodingException)3
CertificateException (java.security.cert.CertificateException)3
X509Certificate (java.security.cert.X509Certificate)3
HashMap (java.util.HashMap)3
LDAPAttribute (com.novell.ldap.LDAPAttribute)2
AuthMechParamType (com.tremolosecurity.config.xml.AuthMechParamType)2
CustomTaskType (com.tremolosecurity.config.xml.CustomTaskType)2
