Examples with Expansion - ddf.security.expansion.Expansion

Example 6 with Expansion

use of ddf.security.expansion.Expansion in project ddf by codice.

the class ExpansionsCommand method execute.

/**
     * Called to execute the security:encrypt console command.
     */
@Override
public Object execute() throws Exception {
    if ((expansionList != null) && (!expansionList.isEmpty())) {
        for (Expansion expansion : expansionList) {
            Map<String, List<String[]>> map = expansion.getExpansionMap();
            System.out.print(Ansi.ansi().fg(Ansi.Color.YELLOW).toString());
            if ((map != null) && (!map.isEmpty())) {
                for (Map.Entry<String, List<String[]>> entry : map.entrySet()) {
                    for (String[] mapping : entry.getValue()) {
                        System.out.printf("%s : %s : %s%n", entry.getKey(), mapping[0], mapping[1]);
                    }
                }
            }
            System.out.print(Ansi.ansi().reset().toString());
        }
    } else {
        System.out.println("No expansion services currently available.");
    }
    return null;
}

Also used : List(java.util.List) Expansion(ddf.security.expansion.Expansion) Map(java.util.Map)

Example 7 with Expansion

use of ddf.security.expansion.Expansion in project ddf by codice.

the class AbstractAuthorizingRealm method expandAttributes.

/**
     * Takes an {@link org.opensaml.saml.saml2.core.Attribute} and utilizes the
     * {@link ddf.security.expansion.Expansion} service to potentially expand it to a
     * different/enhanced set of attributes. This expansion is controlled by the configuration of
     * the expansion service but relies on the name of this attribute as a key. The returned set of
     * Strings represent the possibly expanded set of attributes to be added to the current
     * permissions.
     *
     * @param attribute current attribute whose values are to be potentially expanded
     * @return a set of potentially expanded values
     */
private Set<String> expandAttributes(Attribute attribute, Collection<Expansion> expansions) {
    Set<String> attributeSet = new HashSet<>();
    String attributeName = attribute.getName();
    for (XMLObject curValue : attribute.getAttributeValues()) {
        if (curValue instanceof XSString) {
            attributeSet.add(((XSString) curValue).getValue());
        } else {
            LOGGER.debug("Unexpected attribute type (non-string) for attribute named {} - ignored", attributeName);
        }
    }
    for (Expansion expansionService : expansions) {
        LOGGER.debug("Expanding attributes for {} - original values: {}", attributeName, attributeSet);
        attributeSet = expansionService.expand(attributeName, attributeSet);
    }
    LOGGER.debug("Expanded attributes for {} - values: {}", attributeName, attributeSet);
    return attributeSet;
}

Also used : XMLObject(org.opensaml.core.xml.XMLObject) XSString(org.opensaml.core.xml.schema.XSString) XSString(org.opensaml.core.xml.schema.XSString) Expansion(ddf.security.expansion.Expansion) HashSet(java.util.HashSet)

Aggregations

Expansion (ddf.security.expansion.Expansion)7 XSString (org.opensaml.core.xml.schema.XSString)3 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)2 KeyValuePermission (ddf.security.permission.KeyValuePermission)2 HashSet (java.util.HashSet)2 List (java.util.List)2 Map (java.util.Map)2 Permission (org.apache.shiro.authz.Permission)2 Bundle (org.osgi.framework.Bundle)2 SecurityAssertion (ddf.security.assertion.SecurityAssertion)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 Set (java.util.Set)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 AuthorizationException (org.apache.shiro.authz.AuthorizationException)1 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1 XMLObject (org.opensaml.core.xml.XMLObject)1 AttributeStatement (org.opensaml.saml.saml2.core.AttributeStatement)1