Example 51 with AuthInfo
use of com.tremolosecurity.proxy.auth.AuthInfo in project OpenUnison by TremoloSecurity.
the class AppConfig method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
synchronized (this.appConfig) {
if (this.appConfig.cookieName == null) {
this.loadConfigData(this.filterConfig);
}
if (this.appConfig.cookieName == null) {
response.sendError(401);
return;
}
}
request.setAttribute("com.tremolosecurity.unison.proxy.noRedirectOnError", "com.tremolosecurity.unison.proxy.noRedirectOnError");
ArrayList<Cookie> sessionCookies = request.getCookies(this.appConfig.cookieName);
if (sessionCookies == null || sessionCookies.isEmpty()) {
response.sendError(401);
} else {
for (Cookie cookie : sessionCookies) {
TremoloHttpSession session = SessionManagerImpl.findSessionFromCookie(cookie, this.appConfig.secretKey, (SessionManagerImpl) GlobalEntries.getGlobalEntries().get(ProxyConstants.TREMOLO_SESSION_MANAGER));
if (session == null) {
response.sendError(401);
} else {
AuthInfo userData = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
if (userData == null || !userData.isAuthComplete() || userData.getAuthLevel() == 0) {
response.sendError(401);
} else {
SessionInfo si = new SessionInfo();
if (this.appConfig.timeoutSeconds > 0) {
ExternalSessionExpires extSession = (ExternalSessionExpires) session.getAttribute(SessionManagerImpl.TREMOLO_EXTERNAL_SESSION);
int extMinLeft = -1;
int stdMinLeft = -1;
if (extSession != null) {
long expires = extSession.getExpires();
if (expires <= 0) {
extMinLeft = -1;
} else {
extMinLeft = (int) ((expires - System.currentTimeMillis()) / 1000 / 60);
}
}
DateTime lastAccessed = (DateTime) session.getAttribute(SessionManagerImpl.TREMOLO_SESSION_LAST_ACCESSED);
DateTime now = new DateTime();
DateTime expires = lastAccessed.plusSeconds(this.appConfig.timeoutSeconds);
stdMinLeft = (int) ((expires.getMillis() - System.currentTimeMillis()) / 1000 / 60);
if (extMinLeft > stdMinLeft) {
si.setMinsLeft(extMinLeft);
} else {
si.setMinsLeft(stdMinLeft);
}
} else {
si.setMinsLeft(-1);
}
String json = gson.toJson(si);
response.setContentType("application/json");
response.getWriter().println(json.trim());
response.sendError(200);
}
}
}
}
}
Also used :
Cookie(javax.servlet.http.Cookie)
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
ExternalSessionExpires(com.tremolosecurity.proxy.ExternalSessionExpires)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
TremoloHttpSession(com.tremolosecurity.proxy.TremoloHttpSession)
DateTime(org.joda.time.DateTime)
Example 52 with AuthInfo
use of com.tremolosecurity.proxy.auth.AuthInfo in project OpenUnison by TremoloSecurity.
the class ExecuteWorkflow method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
if (request.getSession().getAttribute("TREMOLO_WF_EXEC") == null) {
AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
holder.getConfig().getProvisioningEngine().getWorkFlow(workFlowName).executeWorkflow(userData, uidAttrName);
request.getSession().setAttribute("TREMOLO_WF_EXEC", "FALSE");
}
chain.nextFilter(request, response, chain);
}
Also used :
UrlHolder(com.tremolosecurity.config.util.UrlHolder)
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
Example 53 with AuthInfo
use of com.tremolosecurity.proxy.auth.AuthInfo in project OpenUnison by TremoloSecurity.
the class ListOrgs method doGet.
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String userID = req.getParameter("uid");
String uidAttr = req.getParameter("uidAttr");
try {
StringBuffer b = new StringBuffer();
b.append("(").append(uidAttr).append("=").append(userID).append(")");
LDAPSearchResults res = GlobalEntries.getGlobalEntries().getConfigManager().getMyVD().search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, equal(uidAttr, userID).toString(), new ArrayList<String>());
if (!res.hasMore()) {
throw new ProvisioningException("Could not locate user '" + userID + "'");
}
LDAPEntry entry = res.next();
AuthInfo auinfo = new AuthInfo();
auinfo.setUserDN(entry.getDN());
LDAPAttributeSet attrs = entry.getAttributeSet();
for (Object obj : attrs) {
LDAPAttribute attr = (LDAPAttribute) obj;
Attribute attrib = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (String val : vals) {
attrib.getValues().add(val);
}
auinfo.getAttribs().put(attrib.getName(), attrib);
}
AzSys az = new AzSys();
OrgType ot = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getOrg();
Organization org = new Organization();
copyOrg(org, ot, az, auinfo);
Gson gson = new Gson();
ProvisioningResult pres = new ProvisioningResult();
pres.setSuccess(true);
pres.setOrg(org);
resp.getOutputStream().print(gson.toJson(pres));
} catch (Exception e) {
ProvisioningError pe = new ProvisioningError();
pe.setError("Could not load orgs : " + e.getMessage());
ProvisioningResult res = new ProvisioningResult();
res.setSuccess(false);
res.setError(pe);
Gson gson = new Gson();
resp.getWriter().write(gson.toJson(res));
logger.error("Could not load orgs", e);
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
Organization(com.tremolosecurity.provisioning.service.util.Organization)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
LDAPAttributeSet(com.novell.ldap.LDAPAttributeSet)
ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult)
Gson(com.google.gson.Gson)
LDAPException(com.novell.ldap.LDAPException)
ServletException(javax.servlet.ServletException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
ProvisioningError(com.tremolosecurity.provisioning.service.util.ProvisioningError)
OrgType(com.tremolosecurity.config.xml.OrgType)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
AzSys(com.tremolosecurity.proxy.auth.AzSys)
Example 54 with AuthInfo
use of com.tremolosecurity.proxy.auth.AuthInfo in project OpenUnison by TremoloSecurity.
the class ListPortalURLs method doGet.
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String userID = req.getParameter("uid");
String uidAttr = req.getParameter("uidAttr");
ConfigManager cfgMgr = GlobalEntries.getGlobalEntries().getConfigManager();
try {
StringBuffer b = new StringBuffer();
LDAPSearchResults res = cfgMgr.getMyVD().search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, equal(uidAttr, userID).toString(), new ArrayList<String>());
if (!res.hasMore()) {
throw new ProvisioningException("Could not locate user '" + userID + "'");
}
LDAPEntry entry = res.next();
AuthInfo auinfo = new AuthInfo();
auinfo.setUserDN(entry.getDN());
LDAPAttributeSet attrs = entry.getAttributeSet();
for (Object obj : attrs) {
LDAPAttribute attr = (LDAPAttribute) obj;
Attribute attrib = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (String val : vals) {
attrib.getValues().add(val);
}
auinfo.getAttribs().put(attrib.getName(), attrib);
}
AzSys az = new AzSys();
PortalUrlsType pt = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getPortal();
PortalURLs urls = new PortalURLs();
for (PortalUrlType url : pt.getUrls()) {
if (url.getAzRules() != null && url.getAzRules().getRule().size() > 0) {
ArrayList<AzRule> rules = new ArrayList<AzRule>();
for (AzRuleType art : url.getAzRules().getRule()) {
rules.add(new AzRule(art.getScope(), art.getConstraint(), art.getClassName(), cfgMgr, null));
}
if (!az.checkRules(auinfo, GlobalEntries.getGlobalEntries().getConfigManager(), rules, null)) {
continue;
}
}
PortalURL purl = new PortalURL();
purl.setName(url.getName());
purl.setLabel(url.getLabel());
purl.setOrg(url.getOrg());
purl.setUrl(url.getUrl());
purl.setIcon(url.getIcon());
urls.getUrls().add(purl);
}
Gson gson = new Gson();
ProvisioningResult pres = new ProvisioningResult();
pres.setSuccess(true);
pres.setPortalURLs(urls);
resp.getOutputStream().print(gson.toJson(pres));
} catch (Exception e) {
ProvisioningError pe = new ProvisioningError();
pe.setError("Could not load urls : " + e.getMessage());
ProvisioningResult res = new ProvisioningResult();
res.setSuccess(false);
res.setError(pe);
Gson gson = new Gson();
resp.getWriter().write(gson.toJson(res));
logger.error("Could not load urls", e);
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
PortalUrlType(com.tremolosecurity.config.xml.PortalUrlType)
PortalURL(com.tremolosecurity.provisioning.service.util.PortalURL)
PortalURLs(com.tremolosecurity.provisioning.service.util.PortalURLs)
ArrayList(java.util.ArrayList)
Gson(com.google.gson.Gson)
PortalUrlsType(com.tremolosecurity.config.xml.PortalUrlsType)
AzRuleType(com.tremolosecurity.config.xml.AzRuleType)
LDAPEntry(com.novell.ldap.LDAPEntry)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
LDAPAttributeSet(com.novell.ldap.LDAPAttributeSet)
ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult)
ConfigManager(com.tremolosecurity.config.util.ConfigManager)
ServletException(javax.servlet.ServletException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
ProvisioningError(com.tremolosecurity.provisioning.service.util.ProvisioningError)
AzSys(com.tremolosecurity.proxy.auth.AzSys)
AzRule(com.tremolosecurity.proxy.az.AzRule)
Example 55 with AuthInfo
use of com.tremolosecurity.proxy.auth.AuthInfo in project OpenUnison by TremoloSecurity.
the class ListReports method doGet.
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String userID = req.getParameter("uid");
String uidAttr = req.getParameter("uidAttr");
try {
StringBuffer b = new StringBuffer();
LDAPSearchResults res = GlobalEntries.getGlobalEntries().getConfigManager().getMyVD().search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, equal(uidAttr, userID).toString(), new ArrayList<String>());
if (!res.hasMore()) {
throw new ProvisioningException("Could not locate user '" + userID + "'");
}
LDAPEntry entry = res.next();
AuthInfo auinfo = new AuthInfo();
auinfo.setUserDN(entry.getDN());
LDAPAttributeSet attrs = entry.getAttributeSet();
for (Object obj : attrs) {
LDAPAttribute attr = (LDAPAttribute) obj;
Attribute attrib = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (String val : vals) {
attrib.getValues().add(val);
}
auinfo.getAttribs().put(attrib.getName(), attrib);
}
AzSys az = new AzSys();
HashSet<String> allowedOrgs = new HashSet<String>();
OrgType root = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getOrg();
this.checkOrg(allowedOrgs, root, az, auinfo);
ReportsType reports = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getReports();
ReportsList reportsList = new ReportsList();
reportsList.setReports(new ArrayList<ReportInformation>());
for (ReportType report : reports.getReport()) {
if (allowedOrgs.contains(report.getOrgID())) {
ReportInformation ri = new ReportInformation();
ri.setName(report.getName());
ri.setDescription(report.getDescription());
ri.setOrgID(report.getOrgID());
ri.setParameters(new ArrayList<String>());
ri.getParameters().addAll(report.getParamater());
reportsList.getReports().add(ri);
}
}
Gson gson = new Gson();
ProvisioningResult pres = new ProvisioningResult();
pres.setSuccess(true);
pres.setReportsList(reportsList);
resp.getOutputStream().print(gson.toJson(pres));
} catch (Exception e) {
ProvisioningError pe = new ProvisioningError();
pe.setError("Could not load urls : " + e.getMessage());
ProvisioningResult res = new ProvisioningResult();
res.setSuccess(false);
res.setError(pe);
Gson gson = new Gson();
resp.getWriter().write(gson.toJson(res));
logger.error("Could not load urls", e);
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
Gson(com.google.gson.Gson)
ReportInformation(com.tremolosecurity.provisioning.service.util.ReportInformation)
LDAPEntry(com.novell.ldap.LDAPEntry)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
ReportType(com.tremolosecurity.config.xml.ReportType)
HashSet(java.util.HashSet)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
ReportsList(com.tremolosecurity.provisioning.service.util.ReportsList)
LDAPAttributeSet(com.novell.ldap.LDAPAttributeSet)
ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult)
ServletException(javax.servlet.ServletException)
MalformedURLException(java.net.MalformedURLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
ProvisioningError(com.tremolosecurity.provisioning.service.util.ProvisioningError)
OrgType(com.tremolosecurity.config.xml.OrgType)
AzSys(com.tremolosecurity.proxy.auth.AzSys)
ReportsType(com.tremolosecurity.config.xml.ReportsType)
Aggregations
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)71
AuthController (com.tremolosecurity.proxy.auth.AuthController)59
Attribute (com.tremolosecurity.saml.Attribute)46
LDAPAttribute (com.novell.ldap.LDAPAttribute)27
IOException (java.io.IOException)25
ServletException (javax.servlet.ServletException)24
HttpSession (javax.servlet.http.HttpSession)23
Gson (com.google.gson.Gson)22
LDAPException (com.novell.ldap.LDAPException)22
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)22
LDAPEntry (com.novell.ldap.LDAPEntry)19
HashMap (java.util.HashMap)19
UrlHolder (com.tremolosecurity.config.util.UrlHolder)18
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)18
MalformedURLException (java.net.MalformedURLException)15
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)14
ArrayList (java.util.ArrayList)14
AzSys (com.tremolosecurity.proxy.auth.AzSys)12
UnsupportedEncodingException (java.io.UnsupportedEncodingException)11
HttpServletRequest (javax.servlet.http.HttpServletRequest)11
