use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.
the class TestCookieReuse method testLoginClearAuthTokensException.
/**
* Verify that when an expired authtoken has been removed from LDAP, login still succeeds
* @throws Exception
*/
@Test
public void testLoginClearAuthTokensException() throws Exception {
Account a = TestUtil.getAccount(USER_NAME);
ZimbraAuthToken at1 = new ZimbraAuthToken(a, System.currentTimeMillis() + 1000);
Assert.assertFalse("token should not be expired yet", at1.isExpired());
Thread.sleep(2000);
Assert.assertTrue("token should have expired by now", at1.isExpired());
//explicitely clean up expired auth tokens
a.purgeAuthTokens();
//verify that AuthRequest still works
SoapHttpTransport transport = new SoapHttpTransport(TestUtil.getSoapUrl());
AccountSelector acctSel = new AccountSelector(com.zimbra.soap.type.AccountBy.name, a.getName());
AuthRequest req = new AuthRequest(acctSel, "test123");
Element resp = transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
AuthResponse authResp = JaxbUtil.elementToJaxb(resp);
String newAuthToken = authResp.getAuthToken();
Assert.assertNotNull("should have received a new authtoken", newAuthToken);
AuthToken at = ZimbraAuthToken.getAuthToken(newAuthToken);
Assert.assertTrue("new auth token should be registered", at.isRegistered());
Assert.assertFalse("new auth token should not be expired yet", at.isExpired());
}
use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.
the class CreateGalSyncAccount method handle.
@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
Provisioning prov = Provisioning.getInstance();
CreateGalSyncAccountRequest cgaRequest = JaxbUtil.elementToJaxb(request);
String name = cgaRequest.getName();
String domainStr = cgaRequest.getDomain();
GalMode type = cgaRequest.getType();
AccountSelector acctSelector = cgaRequest.getAccount();
AccountBy acctBy = acctSelector.getBy();
String acctValue = acctSelector.getKey();
String password = cgaRequest.getPassword();
String folder = cgaRequest.getFolder();
String mailHost = cgaRequest.getMailHost();
Domain domain = prov.getDomainByName(domainStr);
if (domain == null) {
throw AccountServiceException.NO_SUCH_DOMAIN(domainStr);
}
Account account = null;
try {
account = prov.get(acctBy.toKeyAccountBy(), acctValue, zsc.getAuthToken());
} catch (ServiceException se) {
ZimbraLog.gal.warn("error checking GalSyncAccount", se);
}
// create the system account if not already exists.
if (account == null) {
if (acctBy != AccountBy.name) {
throw AccountServiceException.NO_SUCH_ACCOUNT(acctValue);
}
// there should be one gal sync account per domain per mailhost
for (String acctId : domain.getGalAccountId()) {
Account acct = prov.getAccountById(acctId);
if ((acct != null) && (acct.getMailHost().equals(mailHost))) {
throw AccountServiceException.ACCOUNT_EXISTS(acct.getName());
}
}
// XXX revisit
checkDomainRightByEmail(zsc, acctValue, Admin.R_createAccount);
Map<String, Object> accountAttrs = new HashMap<String, Object>();
StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraIsSystemResource, LdapConstants.LDAP_TRUE);
StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraIsSystemAccount, LdapConstants.LDAP_TRUE);
StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraHideInGal, LdapConstants.LDAP_TRUE);
StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraContactMaxNumEntries, "0");
StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraMailHost, mailHost);
checkSetAttrsOnCreate(zsc, TargetType.account, acctValue, accountAttrs);
account = prov.createAccount(acctValue, password, accountAttrs);
}
if (!Provisioning.onLocalServer(account)) {
String host = account.getMailHost();
Server server = prov.getServerByName(host);
return proxyRequest(request, context, server);
}
addDataSource(request, zsc, account, domain, folder, name, type);
Element response = zsc.createElement(AdminConstants.CREATE_GAL_SYNC_ACCOUNT_RESPONSE);
ToXML.encodeAccount(response, account, false, emptySet, null);
return response;
}
use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.
the class TestAccess method ChangePassword.
@Test
public void ChangePassword() throws Exception {
AccountSelector acct = new AccountSelector(com.zimbra.soap.type.AccountBy.name, ACCT_NAME);
ChangePasswordRequest req = new ChangePasswordRequest(acct, PASSWORD, PASSWORD);
accessTest(Perm.PERM_AUTH_TOKEN_IGNORED, req);
// urg, need to re-auth after changing password, because we now
// invalidate auth token after password change.
ACCT = authUser(ACCT_NAME);
}
use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.
the class TestAccess method Auth.
// ================= APIs ================
@Test
public void Auth() throws Exception {
AccountSelector acct = new AccountSelector(com.zimbra.soap.type.AccountBy.name, OTHER_ACCT_NAME);
AuthRequest req = new AuthRequest(acct, PASSWORD);
accessTest(Perm.PERM_AUTH_TOKEN_IGNORED, req);
}
use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.
the class TestAuthentication method verifyLockedoutAndReactivateAccount.
static boolean verifyLockedoutAndReactivateAccount(Account acct, SoapHttpTransport transport) throws Exception {
boolean isLockedOut = acct.getAccountStatus().equals(AccountStatus.lockout);
if (isLockedOut) {
acct.setAccountStatusAsString("active");
AccountSelector acctSel = new AccountSelector(com.zimbra.soap.type.AccountBy.name, acct.getName());
AuthRequest req = new AuthRequest(acctSel, "test123");
transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
}
return isLockedOut;
}
Aggregations