Search in sources :

Example 1 with ResultGroupType

use of com.tremolosecurity.config.xml.ResultGroupType in project OpenUnison by TremoloSecurity.

the class LoadResultGroupsFromK8s method modifyObject.

@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("modifying result group " + name);
        ResultGroupType rgt = this.createResultGroup(newRoot, name);
        ResultGroupType rgtToRemove = null;
        for (ResultGroupType rgtCheck : cfg.getResultGroups().getResultGroup()) {
            if (rgtCheck.getName().equalsIgnoreCase(name)) {
                rgtToRemove = rgtCheck;
                break;
            }
        }
        if (rgtToRemove != null) {
            cfg.getResultGroups().getResultGroup().remove(rgtToRemove);
        }
        cfg.getResultGroups().getResultGroup().add(rgt);
        GlobalEntries.getGlobalEntries().getConfigManager().addResultGroup(rgt);
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse resultgroup", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType) JSONParser(org.json.simple.parser.JSONParser) ParseException(org.json.simple.parser.ParseException)

Example 2 with ResultGroupType

use of com.tremolosecurity.config.xml.ResultGroupType in project OpenUnison by TremoloSecurity.

the class LoadResultGroupsFromK8s method deleteObject.

@Override
public void deleteObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    JSONObject metadata = (JSONObject) item.get("metadata");
    if (metadata == null) {
        throw new ProvisioningException("No metadata");
    }
    String name = (String) metadata.get("name");
    logger.info("Deleting result group " + name);
    ResultGroupType rgtToRemove = null;
    for (ResultGroupType rgtCheck : cfg.getResultGroups().getResultGroup()) {
        if (rgtCheck.getName().equalsIgnoreCase(name)) {
            rgtToRemove = rgtCheck;
            break;
        }
    }
    if (rgtToRemove != null) {
        cfg.getResultGroups().getResultGroup().remove(rgtToRemove);
        GlobalEntries.getGlobalEntries().getConfigManager().removeResultGroup(rgtToRemove);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType)

Example 3 with ResultGroupType

use of com.tremolosecurity.config.xml.ResultGroupType in project OpenUnison by TremoloSecurity.

the class AuthMgrSys method processAuthResp.

public void processAuthResp(HttpServletRequest request, HttpServletResponse response, UrlHolder holder, Boolean bool) throws IOException, InstantiationException, IllegalAccessException, ClassNotFoundException, ServletException {
    // authentication is required
    if (bool.booleanValue()) {
        // authentication succeeded
        String resGroup = getResponseSuccessGroup(holder);
        if (resGroup != null) {
            ResultGroupType resGrouping = holder.getConfig().getResultGroup(resGroup);
            proccessResponseResult(request, response, resGrouping, false, holder);
        }
    } else {
        // authentication failed
        String resGroup = getResponseFailGroup(holder);
        if (resGroup == null) {
            ((HttpServletResponse) response).sendError(401);
        } else {
            ResultGroupType resGrouping = holder.getConfig().getResultGroup(resGroup);
            proccessResponseResult(request, response, resGrouping, true, holder);
        }
    }
}
Also used : ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType) HttpServletResponse(javax.servlet.http.HttpServletResponse)

Example 4 with ResultGroupType

use of com.tremolosecurity.config.xml.ResultGroupType in project OpenUnison by TremoloSecurity.

the class UnisonConfigManagerImpl method initialize.

/* (non-Javadoc)
	 * @see com.tremolosecurity.config.util.ConfigManager#initialize()
	 */
/* (non-Javadoc)
	 * @see com.tremolosecurity.config.util.UnisonConfigManager#initialize()
	 */
@Override
public void initialize(String name) throws JAXBException, Exception, IOException, FileNotFoundException, InstantiationException, IllegalAccessException, ClassNotFoundException, LDAPException, KeyStoreException, NoSuchAlgorithmException, CertificateException, ProvisioningException {
    JAXBContext jc = JAXBContext.newInstance("com.tremolosecurity.config.xml");
    Unmarshaller unmarshaller = jc.createUnmarshaller();
    String path = configXML;
    this.threads = new ArrayList<StopableThread>();
    // path = path.substring(path.lastIndexOf('/') - 1);
    // path = path.substring(path.lastIndexOf('/') - 1);
    path = path.substring(0, path.lastIndexOf('/'));
    JAXBElement<TremoloType> autoidmcfg = this.loadUnisonConfiguration(unmarshaller);
    this.cfg = autoidmcfg.getValue();
    this.byHost = new HashMap<String, ArrayList<UrlHolder>>();
    this.cache = new HashMap<String, UrlHolder>();
    this.upgradeManager = (HttpUpgradeRequestManager) Class.forName(this.cfg.getUpgradeHandler()).newInstance();
    String myVdPath = cfg.getMyvdConfig();
    this.loadKeystore(path, myVdPath);
    this.initSSL();
    this.loadMyVD(path, myVdPath);
    if (cfg.getApplications().getErrorPage() != null) {
        for (ErrorPage ep : cfg.getApplications().getErrorPage()) {
            this.errorPages.put(ep.getCode(), ep.getLocation());
        }
    }
    this.customAzRules = new HashMap<String, CustomAuthorization>();
    if (this.cfg.getCustomAzRules() != null) {
        for (CustomAzRuleType azrule : this.cfg.getCustomAzRules().getAzRule()) {
            createCustomAuthorizationRule(azrule);
        }
    }
    loadApplicationObjects();
    this.authChains = new HashMap<String, AuthChainType>();
    if (cfg.getAuthChains() != null) {
        Iterator<AuthChainType> itac = cfg.getAuthChains().getChain().iterator();
        while (itac.hasNext()) {
            AuthChainType ac = itac.next();
            this.authChains.put(ac.getName(), ac);
        }
    }
    this.authMechs = new HashMap<String, MechanismType>();
    if (cfg.getAuthMechs() != null) {
        Iterator<MechanismType> itmt = cfg.getAuthMechs().getMechanism().iterator();
        while (itmt.hasNext()) {
            MechanismType mt = itmt.next();
            authMechs.put(mt.getName(), mt);
        }
    }
    this.resGroups = new HashMap<String, ResultGroupType>();
    if (cfg.getResultGroups() != null) {
        Iterator<ResultGroupType> itrgt = cfg.getResultGroups().getResultGroup().iterator();
        while (itrgt.hasNext()) {
            ResultGroupType rgt = itrgt.next();
            this.resGroups.put(rgt.getName(), rgt);
        }
    }
    this.apps = new HashMap<String, ApplicationType>();
    Iterator<ApplicationType> itApp = cfg.getApplications().getApplication().iterator();
    while (itApp.hasNext()) {
        ApplicationType app = itApp.next();
        this.apps.put(app.getName(), app);
    }
    this.provEnvgine = new ProvisioningEngineImpl(this);
    this.provEnvgine.initWorkFlows();
    this.provEnvgine.initMessageConsumers();
    this.provEnvgine.initScheduler();
    this.provEnvgine.initListeners();
    this.provEnvgine.initReports();
    try {
        if (this.getCfg().getResultGroups() != null && this.getCfg().getResultGroups().getDynamicResultGroups() != null && this.getCfg().getResultGroups().getDynamicResultGroups().isEnabled()) {
            DynamicPortalUrlsType dynamicResultGroups = this.getCfg().getResultGroups().getDynamicResultGroups();
            String className = dynamicResultGroups.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicResultGroups.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicResultGroups dynResGroups = (DynamicResultGroups) Class.forName(className).newInstance();
            dynResGroups.loadDynamicResultGroups(this, this.getProvisioningEngine(), cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    try {
        if (this.getCfg().getCustomAzRules() != null && this.getCfg().getCustomAzRules().getDynamicCustomAuthorizations() != null && this.getCfg().getCustomAzRules().getDynamicCustomAuthorizations().isEnabled()) {
            DynamicPortalUrlsType dynamicCustomAuthorization = this.getCfg().getCustomAzRules().getDynamicCustomAuthorizations();
            String className = dynamicCustomAuthorization.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicCustomAuthorization.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicAuthorizations dynCustomAz = (DynamicAuthorizations) Class.forName(className).newInstance();
            dynCustomAz.loadDynamicAuthorizations(this, this.getProvisioningEngine(), cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    try {
        if (this.getCfg().getAuthChains() != null && this.getCfg().getAuthChains().getDynamicAuthChains() != null && this.getCfg().getAuthChains().getDynamicAuthChains().isEnabled()) {
            DynamicPortalUrlsType dynamicAuthChains = this.getCfg().getAuthChains().getDynamicAuthChains();
            String className = dynamicAuthChains.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicAuthChains.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicAuthChains dynAuthChains = (DynamicAuthChains) Class.forName(className).newInstance();
            dynAuthChains.loadDynamicAuthChains(this, provEnvgine, cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    try {
        if (this.getCfg().getApplications() != null && this.getCfg().getApplications().getDynamicApplications() != null && this.getCfg().getApplications().getDynamicApplications().isEnabled()) {
            DynamicPortalUrlsType dynamicApps = this.getCfg().getApplications().getDynamicApplications();
            String className = dynamicApps.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicApps.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicApplications dynApps = (DynamicApplications) Class.forName(className).newInstance();
            dynApps.loadDynamicApplications(this, provEnvgine, cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    this.postInitialize();
}
Also used : ErrorPage(com.tremolosecurity.config.xml.ApplicationsType.ErrorPage) TremoloType(com.tremolosecurity.config.xml.TremoloType) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) JAXBContext(javax.xml.bind.JAXBContext) DynamicApplications(com.tremolosecurity.proxy.dynamicloaders.DynamicApplications) ProvisioningEngineImpl(com.tremolosecurity.provisioning.core.ProvisioningEngineImpl) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) StopableThread(com.tremolosecurity.server.StopableThread) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) MechanismType(com.tremolosecurity.config.xml.MechanismType) Unmarshaller(javax.xml.bind.Unmarshaller) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) DynamicAuthChains(com.tremolosecurity.proxy.dynamicloaders.DynamicAuthChains) CustomAuthorization(com.tremolosecurity.proxy.az.CustomAuthorization) AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType) ParamType(com.tremolosecurity.config.xml.ParamType) DynamicAuthorizations(com.tremolosecurity.proxy.dynamicloaders.DynamicAuthorizations) ApplicationType(com.tremolosecurity.config.xml.ApplicationType) DynamicResultGroups(com.tremolosecurity.proxy.dynamicloaders.DynamicResultGroups) DynamicPortalUrlsType(com.tremolosecurity.config.xml.DynamicPortalUrlsType) ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType)

Example 5 with ResultGroupType

use of com.tremolosecurity.config.xml.ResultGroupType in project OpenUnison by TremoloSecurity.

the class LoadResultGroupsFromK8s method addObject.

@Override
public void addObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Adding result group " + name);
        ResultGroupType rgt = this.createResultGroup(newRoot, name);
        ResultGroupType rgtToRemove = null;
        for (ResultGroupType rgtCheck : cfg.getResultGroups().getResultGroup()) {
            if (rgtCheck.getName().equalsIgnoreCase(name)) {
                rgtToRemove = rgtCheck;
                break;
            }
        }
        if (rgtToRemove != null) {
            cfg.getResultGroups().getResultGroup().remove(rgtToRemove);
        }
        cfg.getResultGroups().getResultGroup().add(rgt);
        GlobalEntries.getGlobalEntries().getConfigManager().addResultGroup(rgt);
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse resultgroup", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType) JSONParser(org.json.simple.parser.JSONParser) ParseException(org.json.simple.parser.ParseException)

Aggregations

ResultGroupType (com.tremolosecurity.config.xml.ResultGroupType)6 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)4 JSONObject (org.json.simple.JSONObject)4 JSONParser (org.json.simple.parser.JSONParser)2 ParseException (org.json.simple.parser.ParseException)2 ApplicationType (com.tremolosecurity.config.xml.ApplicationType)1 ErrorPage (com.tremolosecurity.config.xml.ApplicationsType.ErrorPage)1 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)1 AuthMechParamType (com.tremolosecurity.config.xml.AuthMechParamType)1 CustomAzRuleType (com.tremolosecurity.config.xml.CustomAzRuleType)1 DynamicPortalUrlsType (com.tremolosecurity.config.xml.DynamicPortalUrlsType)1 MechanismType (com.tremolosecurity.config.xml.MechanismType)1 ParamType (com.tremolosecurity.config.xml.ParamType)1 ResultType (com.tremolosecurity.config.xml.ResultType)1 TremoloType (com.tremolosecurity.config.xml.TremoloType)1 ProvisioningEngineImpl (com.tremolosecurity.provisioning.core.ProvisioningEngineImpl)1 CustomAuthorization (com.tremolosecurity.proxy.az.CustomAuthorization)1 DynamicApplications (com.tremolosecurity.proxy.dynamicloaders.DynamicApplications)1 DynamicAuthChains (com.tremolosecurity.proxy.dynamicloaders.DynamicAuthChains)1 DynamicAuthorizations (com.tremolosecurity.proxy.dynamicloaders.DynamicAuthorizations)1