Example 11 with SecurityException
use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.
the class FortressAntTask method addContainers.
/**
* @throws BuildException An error occurred while building
*/
private void addContainers() throws BuildException {
if (addcontainers == null) {
return;
}
// Loop through the entityclass elements
for (Addcontainer addcontainer : addcontainers) {
List<OrganizationalUnit> containers = addcontainer.getContainers();
for (OrganizationalUnit ou : containers) {
LOG.info("addContainers tenant={} name={} description={}", getTenant(), ou.getName(), ou.getDescription());
try {
OrganizationalUnitP op = new OrganizationalUnitP();
// Normally this info would be passed in via a manager constructor. Since these methods aren't implemented by a manager, we must do this here:
if (!StringUtils.isEmpty(TENANT) && !TENANT.equals("${tenant}")) {
ou.setContextId(TENANT);
}
op.add(ou);
} catch (SecurityException se) {
LOG.warn("addContainers tenant={} name [{}] caught SecurityException={}", getTenant(), ou.getName(), se.getMessage());
}
}
}
}
Also used :
OrganizationalUnitP(org.apache.directory.fortress.core.impl.OrganizationalUnitP)
OrganizationalUnit(org.apache.directory.fortress.core.model.OrganizationalUnit)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Example 12 with SecurityException
use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.
the class CommandLineInterpreter method processSystemCommand.
/**
* @param commands
* @param options
*/
private void processSystemCommand(Set<String> commands, Options options) {
String command;
try {
if (commands.contains(CREATE_SESSION)) {
command = CREATE_SESSION;
LOG.info(READ_USER);
User inUser = options.getUser();
Session session = accessMgr.createSession(inUser, false);
printSession(session);
} else if (commands.contains(AUTHENTICATE)) {
command = AUTHENTICATE;
LOG.info(command);
User inUser = options.getUser();
Session session = accessMgr.authenticate(inUser.getUserId(), inUser.getPassword());
printSession(session);
} else if (commands.contains(ASSIGNED_ROLES)) {
command = ASSIGNED_ROLES;
LOG.info(command);
User inUser = options.getUser();
Session session = accessMgr.createSession(inUser, true);
List<UserRole> uRoles = accessMgr.sessionRoles(session);
if (uRoles != null) {
for (UserRole ur : uRoles) {
printTemporal("R", ur, "RBACROLE");
printSeparator();
}
}
} else if (commands.contains(CHECK_ACCESS)) {
command = CHECK_ACCESS;
LOG.info(command);
Permission inPerm = options.getPermission();
User inUser = options.getUser();
Session session = accessMgr.createSession(inUser, true);
boolean result = accessMgr.checkAccess(session, inPerm);
printRow("CA", "PERM", "" + result);
} else {
LOG.warn("unknown system operation detected");
return;
}
LOG.info("command:{} was successful", command);
} catch (SecurityException se) {
String error = "processSystemCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
LOG.error(error);
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Permission(org.apache.directory.fortress.core.model.Permission)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Session(org.apache.directory.fortress.core.model.Session)
Example 13 with SecurityException
use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.
the class CommandLineInterpreter method processGroupCommand.
/**
* @param commands
* @param options
*/
private void processGroupCommand(Set<String> commands, Options options) {
String command;
try {
if (commands.contains(ADD_GROUP)) {
command = ADD_GROUP;
LOG.info(command);
Group group = options.getGroup();
groupMgr.add(group);
} else if (commands.contains(UPDATE_GROUP)) {
command = UPDATE_GROUP;
LOG.info(command);
Group group = options.getGroup();
groupMgr.update(group);
} else if (commands.contains(DELETE_GROUP)) {
command = DELETE_GROUP;
LOG.info(command);
Group group = options.getGroup();
groupMgr.delete(group);
} else if (commands.contains(READ_GROUP)) {
command = READ_GROUP;
LOG.info(command);
Group group = options.getGroup();
Group outGroup = groupMgr.read(group);
printGroup(outGroup);
} else if (commands.contains(FIND_GROUP)) {
command = FIND_GROUP;
LOG.info(command);
Group inGroup = options.getGroup();
List<Group> groups = groupMgr.find(inGroup);
if (CollectionUtils.isNotEmpty(groups)) {
for (Group outGroup : groups) {
printGroup(outGroup);
}
}
} else if (commands.contains(ASSIGN_GROUP)) {
command = ASSIGN_GROUP;
LOG.info(command);
Group group = options.getGroup();
if (CollectionUtils.isNotEmpty(group.getMembers())) {
for (String member : group.getMembers()) {
groupMgr.assign(group, member);
}
}
} else if (commands.contains(DEASSIGN_GROUP)) {
command = DEASSIGN_GROUP;
LOG.info(command);
Group group = options.getGroup();
if (CollectionUtils.isNotEmpty(group.getMembers())) {
for (String member : group.getMembers()) {
groupMgr.deassign(group, member);
}
}
} else if (commands.contains(ADD_GROUP_PROP)) {
command = ADD_GROUP_PROP;
LOG.info(command);
Group group = options.getGroup();
if (PropUtil.isNotEmpty(group.getProperties())) {
for (Enumeration<?> e = group.getProperties().propertyNames(); e.hasMoreElements(); ) {
String key = (String) e.nextElement();
String val = group.getProperty(key);
groupMgr.add(group, key, val);
}
}
} else if (commands.contains(DELETE_GROUP_PROP)) {
command = DELETE_GROUP_PROP;
LOG.info(command);
Group group = options.getGroup();
if (PropUtil.isNotEmpty(group.getProperties())) {
for (Enumeration<?> e = group.getProperties().propertyNames(); e.hasMoreElements(); ) {
String key = (String) e.nextElement();
String val = group.getProperty(key);
groupMgr.delete(group, key, val);
}
}
} else {
LOG.warn("unknown group operation detected");
return;
}
LOG.info("command:{} was successful", command);
} catch (SecurityException se) {
String error = "processGroupCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
LOG.error(error);
}
}
Also used :
Group(org.apache.directory.fortress.core.model.Group)
Enumeration(java.util.Enumeration)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Example 14 with SecurityException
use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.
the class CommandLineInterpreter method processAdminCommand.
/**
* @param commands
* @param options
*/
private void processAdminCommand(Set<String> commands, Options options) {
String command;
try {
if (commands.contains(ADD_USER)) {
command = ADD_USER;
LOG.info(command);
User user = options.getUser();
adminMgr.addUser(user);
} else if (commands.contains(UPDATE_USER)) {
command = UPDATE_USER;
LOG.info(command);
User user = options.getUser();
adminMgr.updateUser(user);
} else if (commands.contains(DELETE_USER)) {
command = DELETE_USER;
LOG.info(command);
User user = options.getUser();
adminMgr.deleteUser(user);
} else if (commands.contains(ADD_ROLE)) {
command = ADD_ROLE;
LOG.info(command);
Role role = options.getRole();
adminMgr.addRole(role);
} else if (commands.contains(UPDATE_ROLE)) {
command = UPDATE_ROLE;
LOG.info(command);
Role role = options.getRole();
adminMgr.updateRole(role);
} else if (commands.contains(DELETE_ROLE)) {
command = DELETE_ROLE;
LOG.info(command);
Role role = options.getRole();
adminMgr.deleteRole(role);
} else if (commands.contains(ASSIGN_ROLE)) {
command = ASSIGN_ROLE;
LOG.info(command);
Role role = options.getRole();
String userId = options.getUserId();
adminMgr.assignUser(new UserRole(userId, role));
} else if (commands.contains(DEASSIGN_ROLE)) {
command = DEASSIGN_ROLE;
LOG.info(command);
Role role = options.getRole();
String userId = options.getUserId();
adminMgr.deassignUser(new UserRole(userId, role));
} else if (commands.contains(ADD_ROLE_INHERITANCE)) {
command = ADD_ROLE_INHERITANCE;
LOG.info(command);
Relationship relationship = options.getRelationship();
adminMgr.addInheritance(new Role(relationship.getParent()), new Role(relationship.getChild()));
} else if (commands.contains(DELETE_ROLE_INHERITANCE)) {
command = DELETE_ROLE_INHERITANCE;
LOG.info(command);
Relationship relationship = options.getRelationship();
adminMgr.deleteInheritance(new Role(relationship.getParent()), new Role(relationship.getChild()));
} else if (commands.contains(ADD_POBJ)) {
command = ADD_POBJ;
LOG.info(command);
PermObj permObj = options.getPermObj();
adminMgr.addPermObj(permObj);
} else if (commands.contains(UPDATE_POBJ)) {
command = UPDATE_POBJ;
LOG.info(command);
PermObj permObj = options.getPermObj();
adminMgr.updatePermObj(permObj);
} else if (commands.contains(DELETE_POBJ)) {
command = DELETE_POBJ;
LOG.info(command);
PermObj permObj = options.getPermObj();
adminMgr.deletePermObj(permObj);
} else if (commands.contains(ADD_PERM)) {
command = ADD_PERM;
LOG.info(command);
Permission perm = options.getPermission();
adminMgr.addPermission(perm);
} else if (commands.contains(UPDATE_PERM)) {
command = UPDATE_PERM;
LOG.info(command);
Permission perm = options.getPermission();
adminMgr.updatePermission(perm);
} else if (commands.contains(DELETE_PERM)) {
command = DELETE_PERM;
LOG.info(command);
Permission permObj = options.getPermission();
adminMgr.deletePermission(permObj);
} else if (commands.contains(GRANT)) {
command = GRANT;
LOG.info(command);
Permission perm = options.getPermission();
Role role = options.getRole();
role.setName(options.getRoleNm());
adminMgr.grantPermission(perm, role);
} else if (commands.contains(REVOKE)) {
command = REVOKE;
LOG.info(command);
Permission perm = options.getPermission();
Role role = options.getRole();
role.setName(options.getRoleNm());
adminMgr.revokePermission(perm, role);
} else if (commands.contains(CREATE_SSD_SET)) {
command = CREATE_SSD_SET;
LOG.info(command);
SDSet ssd = options.getSdSet();
ssd.setType(SDSet.SDType.STATIC);
adminMgr.createSsdSet(ssd);
} else if (commands.contains(DELETE_SSD_SET)) {
command = DELETE_SSD_SET;
LOG.info(command);
SDSet ssd = options.getSdSet();
ssd.setType(SDSet.SDType.STATIC);
adminMgr.deleteSsdSet(ssd);
} else if (commands.contains(CREATE_DSD_SET)) {
command = CREATE_DSD_SET;
LOG.info(command);
SDSet ssd = options.getSdSet();
ssd.setType(SDSet.SDType.DYNAMIC);
adminMgr.createDsdSet(ssd);
} else if (commands.contains(DELETE_DSD_SET)) {
command = DELETE_DSD_SET;
LOG.info(command);
SDSet ssd = options.getSdSet();
ssd.setType(SDSet.SDType.DYNAMIC);
adminMgr.deleteDsdSet(ssd);
} else if (commands.contains(CHANGE_PASSWORD)) {
command = CHANGE_PASSWORD;
LOG.info(command);
User user = options.getUser();
String newPassword = options.getNewPassword();
adminMgr.changePassword(user, newPassword);
} else if (commands.contains(RESET_PASSWORD)) {
command = RESET_PASSWORD;
LOG.info(command);
User user = options.getUser();
String newPassword = options.getNewPassword();
adminMgr.resetPassword(user, newPassword);
} else if (commands.contains(LOCK_USER_ACCOUNT)) {
command = LOCK_USER_ACCOUNT;
LOG.info(command);
User user = options.getUser();
adminMgr.lockUserAccount(user);
} else if (commands.contains(UNLOCK_USER_ACCOUNT)) {
command = UNLOCK_USER_ACCOUNT;
LOG.info(command);
User user = options.getUser();
adminMgr.unlockUserAccount(user);
} else {
LOG.warn("unknown admin operation detected");
return;
}
LOG.info("command:{} was successful", command);
} catch (SecurityException se) {
String error = "processAdminCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
LOG.error(error);
}
}
Also used :
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
UserRole(org.apache.directory.fortress.core.model.UserRole)
SDSet(org.apache.directory.fortress.core.model.SDSet)
PermObj(org.apache.directory.fortress.core.model.PermObj)
User(org.apache.directory.fortress.core.model.User)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Relationship(org.apache.directory.fortress.core.model.Relationship)
Permission(org.apache.directory.fortress.core.model.Permission)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Example 15 with SecurityException
use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.
the class CommandLineInterpreter method processReviewCommand.
/**
* @param commands
* @param options
*/
private void processReviewCommand(Set<String> commands, Options options) {
String command;
try {
if (commands.contains(READ_USER)) {
command = READ_USER;
LOG.info(READ_USER);
User inUser = options.getUser();
User outUser = reviewMgr.readUser(inUser);
printUser(outUser);
} else if (commands.contains(FIND_USERS)) {
command = FIND_USERS;
LOG.info(command);
User user = options.getUser();
List<User> outUsers = reviewMgr.findUsers(user);
if (CollectionUtils.isNotEmpty(outUsers)) {
int ctr = 0;
for (User outUser : outUsers) {
printRow("U", "CTR ", "" + ctr++);
printUser(outUser);
}
}
} else if (commands.contains(ASSIGNED_USERS)) {
command = ASSIGNED_USERS;
LOG.info(command);
Role inRole = options.getRole();
List<User> outUsers = reviewMgr.assignedUsers(inRole);
if (CollectionUtils.isNotEmpty(outUsers)) {
for (User outUser : outUsers) {
printUser(outUser);
}
}
} else if (commands.contains(READ_ROLE)) {
command = READ_ROLE;
LOG.info(command);
Role inRole = options.getRole();
Role outRole = reviewMgr.readRole(inRole);
printRole(outRole);
} else if (commands.contains(FIND_ROLES)) {
command = FIND_ROLES;
LOG.info(command);
String inRoleNm = options.getName();
List<Role> outRoles = reviewMgr.findRoles(inRoleNm);
if (CollectionUtils.isNotEmpty(outRoles)) {
int ctr = 0;
for (Role outRole : outRoles) {
printSeparator();
printRow("R", "ROLE[" + ++ctr + "]", outRole.getName());
printRole(outRole);
}
}
} else if (commands.contains(ASSIGNED_ROLES)) {
command = ASSIGNED_ROLES;
LOG.info(command);
String userId = options.getUserId();
List<UserRole> uRoles = reviewMgr.assignedRoles(new User(userId));
if (uRoles != null) {
for (UserRole ur : uRoles) {
printTemporal("R", ur, "RBACROLE");
printSeparator();
}
}
} else if (commands.contains(READ_POBJ)) {
command = READ_POBJ;
LOG.info(command);
PermObj inPermObj = options.getPermObj();
PermObj outPermObj = reviewMgr.readPermObj(inPermObj);
printPermObj(outPermObj);
} else if (commands.contains(FIND_POBJS)) {
command = FIND_POBJS;
LOG.info(command);
PermObj inPermObj = options.getPermObj();
List<PermObj> outPermObjs = reviewMgr.findPermObjs(inPermObj);
if (CollectionUtils.isNotEmpty(outPermObjs)) {
int ctr = 0;
for (PermObj outPermObj : outPermObjs) {
printSeparator();
printRow("PO", "POBJ[" + ++ctr + "]", outPermObj.getObjName());
printPermObj(outPermObj);
}
}
} else if (commands.contains(READ_PERM)) {
command = READ_PERM;
LOG.info(command);
Permission inPerm = options.getPermission();
Permission outPerm = reviewMgr.readPermission(inPerm);
printPermission(outPerm);
} else if (commands.contains(FIND_PERMS)) {
command = FIND_PERMS;
LOG.info(command);
Permission inPerm = options.getPermission();
List<Permission> outPerms = reviewMgr.findPermissions(inPerm);
if (CollectionUtils.isNotEmpty(outPerms)) {
int ctr = 0;
for (Permission outPerm : outPerms) {
printSeparator();
printRow("P", "PERM[" + ++ctr + "]", outPerm.getAbstractName());
printPermission(outPerm);
}
}
} else {
LOG.warn("unknown review operation detected");
return;
}
LOG.info("command:{} was successful", command);
} catch (SecurityException se) {
String error = "processReviewCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
LOG.error(error);
}
}
Also used :
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
UserRole(org.apache.directory.fortress.core.model.UserRole)
PermObj(org.apache.directory.fortress.core.model.PermObj)
User(org.apache.directory.fortress.core.model.User)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Permission(org.apache.directory.fortress.core.model.Permission)
ArrayList(java.util.ArrayList)
List(java.util.List)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Constraint(org.apache.directory.fortress.core.model.Constraint)
Aggregations
SecurityException (org.apache.directory.fortress.core.SecurityException)441
FortRequest (org.apache.directory.fortress.core.model.FortRequest)152
FortResponse (org.apache.directory.fortress.core.model.FortResponse)152
User (org.apache.directory.fortress.core.model.User)125
AdminMgr (org.apache.directory.fortress.core.AdminMgr)89
UserRole (org.apache.directory.fortress.core.model.UserRole)88
Role (org.apache.directory.fortress.core.model.Role)66
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)65
Session (org.apache.directory.fortress.core.model.Session)59
Permission (org.apache.directory.fortress.core.model.Permission)56
AccessMgr (org.apache.directory.fortress.core.AccessMgr)41
DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)39
SDSet (org.apache.directory.fortress.core.model.SDSet)37
OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)36
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)34
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)33
AdminRole (org.apache.directory.fortress.core.model.AdminRole)25
PermObj (org.apache.directory.fortress.core.model.PermObj)22
Group (org.apache.directory.fortress.core.model.Group)19
PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)17
