Search in sources :

Example 6 with AccountSelector

use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.

the class TestCookieReuse method testLoginClearAuthTokensException.

/**
     * Verify that when an expired authtoken has been removed from LDAP, login still succeeds
     * @throws Exception
     */
@Test
public void testLoginClearAuthTokensException() throws Exception {
    Account a = TestUtil.getAccount(USER_NAME);
    ZimbraAuthToken at1 = new ZimbraAuthToken(a, System.currentTimeMillis() + 1000);
    Assert.assertFalse("token should not be expired yet", at1.isExpired());
    Thread.sleep(2000);
    Assert.assertTrue("token should have expired by now", at1.isExpired());
    //explicitely clean up expired auth tokens
    a.purgeAuthTokens();
    //verify that AuthRequest still works
    SoapHttpTransport transport = new SoapHttpTransport(TestUtil.getSoapUrl());
    AccountSelector acctSel = new AccountSelector(com.zimbra.soap.type.AccountBy.name, a.getName());
    AuthRequest req = new AuthRequest(acctSel, "test123");
    Element resp = transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
    AuthResponse authResp = JaxbUtil.elementToJaxb(resp);
    String newAuthToken = authResp.getAuthToken();
    Assert.assertNotNull("should have received a new authtoken", newAuthToken);
    AuthToken at = ZimbraAuthToken.getAuthToken(newAuthToken);
    Assert.assertTrue("new auth token should be registered", at.isRegistered());
    Assert.assertFalse("new auth token should not be expired yet", at.isExpired());
}
Also used : Account(com.zimbra.cs.account.Account) AuthRequest(com.zimbra.soap.account.message.AuthRequest) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) Element(com.zimbra.common.soap.Element) XMLElement(com.zimbra.common.soap.Element.XMLElement) JSONElement(com.zimbra.common.soap.Element.JSONElement) AccountSelector(com.zimbra.soap.type.AccountSelector) AuthToken(com.zimbra.cs.account.AuthToken) ZAuthToken(com.zimbra.common.auth.ZAuthToken) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) SoapHttpTransport(com.zimbra.common.soap.SoapHttpTransport) AuthResponse(com.zimbra.soap.account.message.AuthResponse) Test(org.junit.Test)

Example 7 with AccountSelector

use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.

the class CreateGalSyncAccount method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    CreateGalSyncAccountRequest cgaRequest = JaxbUtil.elementToJaxb(request);
    String name = cgaRequest.getName();
    String domainStr = cgaRequest.getDomain();
    GalMode type = cgaRequest.getType();
    AccountSelector acctSelector = cgaRequest.getAccount();
    AccountBy acctBy = acctSelector.getBy();
    String acctValue = acctSelector.getKey();
    String password = cgaRequest.getPassword();
    String folder = cgaRequest.getFolder();
    String mailHost = cgaRequest.getMailHost();
    Domain domain = prov.getDomainByName(domainStr);
    if (domain == null) {
        throw AccountServiceException.NO_SUCH_DOMAIN(domainStr);
    }
    Account account = null;
    try {
        account = prov.get(acctBy.toKeyAccountBy(), acctValue, zsc.getAuthToken());
    } catch (ServiceException se) {
        ZimbraLog.gal.warn("error checking GalSyncAccount", se);
    }
    // create the system account if not already exists.
    if (account == null) {
        if (acctBy != AccountBy.name) {
            throw AccountServiceException.NO_SUCH_ACCOUNT(acctValue);
        }
        // there should be one gal sync account per domain per mailhost
        for (String acctId : domain.getGalAccountId()) {
            Account acct = prov.getAccountById(acctId);
            if ((acct != null) && (acct.getMailHost().equals(mailHost))) {
                throw AccountServiceException.ACCOUNT_EXISTS(acct.getName());
            }
        }
        // XXX revisit
        checkDomainRightByEmail(zsc, acctValue, Admin.R_createAccount);
        Map<String, Object> accountAttrs = new HashMap<String, Object>();
        StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraIsSystemResource, LdapConstants.LDAP_TRUE);
        StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraIsSystemAccount, LdapConstants.LDAP_TRUE);
        StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraHideInGal, LdapConstants.LDAP_TRUE);
        StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraContactMaxNumEntries, "0");
        StringUtil.addToMultiMap(accountAttrs, Provisioning.A_zimbraMailHost, mailHost);
        checkSetAttrsOnCreate(zsc, TargetType.account, acctValue, accountAttrs);
        account = prov.createAccount(acctValue, password, accountAttrs);
    }
    if (!Provisioning.onLocalServer(account)) {
        String host = account.getMailHost();
        Server server = prov.getServerByName(host);
        return proxyRequest(request, context, server);
    }
    addDataSource(request, zsc, account, domain, folder, name, type);
    Element response = zsc.createElement(AdminConstants.CREATE_GAL_SYNC_ACCOUNT_RESPONSE);
    ToXML.encodeAccount(response, account, false, emptySet, null);
    return response;
}
Also used : Account(com.zimbra.cs.account.Account) GalMode(com.zimbra.soap.admin.type.GalMode) Server(com.zimbra.cs.account.Server) HashMap(java.util.HashMap) Element(com.zimbra.common.soap.Element) AccountSelector(com.zimbra.soap.type.AccountSelector) Provisioning(com.zimbra.cs.account.Provisioning) CreateGalSyncAccountRequest(com.zimbra.soap.admin.message.CreateGalSyncAccountRequest) AccountBy(com.zimbra.soap.type.AccountBy) AccountServiceException(com.zimbra.cs.account.AccountServiceException) ServiceException(com.zimbra.common.service.ServiceException) MailServiceException(com.zimbra.cs.mailbox.MailServiceException) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) Domain(com.zimbra.cs.account.Domain)

Example 8 with AccountSelector

use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.

the class TestAccess method ChangePassword.

@Test
public void ChangePassword() throws Exception {
    AccountSelector acct = new AccountSelector(com.zimbra.soap.type.AccountBy.name, ACCT_NAME);
    ChangePasswordRequest req = new ChangePasswordRequest(acct, PASSWORD, PASSWORD);
    accessTest(Perm.PERM_AUTH_TOKEN_IGNORED, req);
    // urg, need to re-auth after changing password, because we now
    // invalidate auth token after password change.
    ACCT = authUser(ACCT_NAME);
}
Also used : AccountSelector(com.zimbra.soap.type.AccountSelector) ChangePasswordRequest(com.zimbra.soap.account.message.ChangePasswordRequest) Test(org.junit.Test)

Example 9 with AccountSelector

use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.

the class TestAccess method Auth.

// ================= APIs ================
@Test
public void Auth() throws Exception {
    AccountSelector acct = new AccountSelector(com.zimbra.soap.type.AccountBy.name, OTHER_ACCT_NAME);
    AuthRequest req = new AuthRequest(acct, PASSWORD);
    accessTest(Perm.PERM_AUTH_TOKEN_IGNORED, req);
}
Also used : AuthRequest(com.zimbra.soap.account.message.AuthRequest) AccountSelector(com.zimbra.soap.type.AccountSelector) Test(org.junit.Test)

Example 10 with AccountSelector

use of com.zimbra.soap.type.AccountSelector in project zm-mailbox by Zimbra.

the class TestAuthentication method verifyLockedoutAndReactivateAccount.

static boolean verifyLockedoutAndReactivateAccount(Account acct, SoapHttpTransport transport) throws Exception {
    boolean isLockedOut = acct.getAccountStatus().equals(AccountStatus.lockout);
    if (isLockedOut) {
        acct.setAccountStatusAsString("active");
        AccountSelector acctSel = new AccountSelector(com.zimbra.soap.type.AccountBy.name, acct.getName());
        AuthRequest req = new AuthRequest(acctSel, "test123");
        transport.invoke(JaxbUtil.jaxbToElement(req, SoapProtocol.SoapJS.getFactory()));
    }
    return isLockedOut;
}
Also used : AuthRequest(com.zimbra.soap.account.message.AuthRequest) AccountSelector(com.zimbra.soap.type.AccountSelector)

Aggregations

AccountSelector (com.zimbra.soap.type.AccountSelector)14 Account (com.zimbra.cs.account.Account)9 Element (com.zimbra.common.soap.Element)8 AuthRequest (com.zimbra.soap.account.message.AuthRequest)7 Provisioning (com.zimbra.cs.account.Provisioning)5 SoapHttpTransport (com.zimbra.common.soap.SoapHttpTransport)4 ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)4 AuthResponse (com.zimbra.soap.account.message.AuthResponse)4 ServiceException (com.zimbra.common.service.ServiceException)3 AuthToken (com.zimbra.cs.account.AuthToken)3 ZimbraAuthToken (com.zimbra.cs.account.ZimbraAuthToken)3 Test (org.junit.Test)3 AccountBy (com.zimbra.common.account.Key.AccountBy)2 ZAuthToken (com.zimbra.common.auth.ZAuthToken)2 AccountServiceException (com.zimbra.cs.account.AccountServiceException)2 Domain (com.zimbra.cs.account.Domain)2 Server (com.zimbra.cs.account.Server)2 ChangePasswordRequest (com.zimbra.soap.account.message.ChangePasswordRequest)2 GalMode (com.zimbra.soap.admin.type.GalMode)2 AccountBy (com.zimbra.soap.type.AccountBy)2