Examples with SecurityException org.apache.directory.fortress.core.SecurityException used on opensource projects

Search in sources :

Example 16 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class CommandLineInterpreter method processDelegatedAdminCommand.

private void processDelegatedAdminCommand(Set<String> commands, Options options) {
    String command;
    try {
        if (commands.contains(ADD_ROLE)) {
            command = ADD_ROLE;
            LOG.info(command);
            AdminRole role = options.getAdminRole();
            delAdminMgr.addRole(role);
        } else if (commands.contains(UPDATE_ROLE)) {
            command = UPDATE_ROLE;
            LOG.info(command);
            AdminRole role = options.getAdminRole();
            delAdminMgr.updateRole(role);
        } else if (commands.contains(DELETE_ROLE)) {
            command = DELETE_ROLE;
            LOG.info(command);
            AdminRole role = options.getAdminRole();
            delAdminMgr.deleteRole(role);
        } else if (commands.contains(ASSIGN_ROLE)) {
            command = ASSIGN_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            String userId = options.getUserId();
            delAdminMgr.assignUser(new UserAdminRole(userId, role));
        } else if (commands.contains(DEASSIGN_ROLE)) {
            command = DEASSIGN_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            String userId = options.getUserId();
            delAdminMgr.deassignUser(new UserAdminRole(userId, role));
        } else if (commands.contains(ADD_ROLE_INHERITANCE)) {
            command = ADD_ROLE_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            delAdminMgr.addInheritance(new AdminRole(relationship.getParent()), new AdminRole(relationship.getChild()));
        } else if (commands.contains(DELETE_ROLE_INHERITANCE)) {
            command = DELETE_ROLE_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            delAdminMgr.deleteInheritance(new AdminRole(relationship.getParent()), new AdminRole(relationship.getChild()));
        } else if (commands.contains(ADD_POBJ)) {
            command = ADD_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            delAdminMgr.addPermObj(permObj);
        } else if (commands.contains(UPDATE_POBJ)) {
            command = UPDATE_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            delAdminMgr.updatePermObj(permObj);
        } else if (commands.contains(DELETE_POBJ)) {
            command = DELETE_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            delAdminMgr.deletePermObj(permObj);
        } else if (commands.contains(ADD_PERM)) {
            command = ADD_PERM;
            LOG.info(command);
            Permission perm = options.getPermission();
            delAdminMgr.addPermission(perm);
        } else if (commands.contains(UPDATE_PERM)) {
            command = UPDATE_PERM;
            LOG.info(command);
            Permission perm = options.getPermission();
            delAdminMgr.updatePermission(perm);
        } else if (commands.contains(DELETE_PERM)) {
            command = DELETE_PERM;
            LOG.info(command);
            Permission permObj = options.getPermission();
            delAdminMgr.deletePermission(permObj);
        } else if (commands.contains(GRANT)) {
            command = GRANT;
            LOG.info(command);
            Permission perm = options.getPermission();
            AdminRole role = options.getAdminRole();
            role.setName(options.getRoleNm());
            delAdminMgr.grantPermission(perm, role);
        } else if (commands.contains(REVOKE)) {
            command = REVOKE;
            LOG.info(command);
            Permission perm = options.getPermission();
            AdminRole role = options.getAdminRole();
            role.setName(options.getRoleNm());
            delAdminMgr.revokePermission(perm, role);
        } else if (commands.contains(ADD_USERORG)) {
            command = ADD_USERORG;
            LOG.info(command);
            OrgUnit orgUnit = options.getOrgUnit();
            orgUnit.setType(OrgUnit.Type.USER);
            delAdminMgr.add(orgUnit);
        } else if (commands.contains(UPDATE_USERORG)) {
            command = UPDATE_USERORG;
            LOG.info(command);
            OrgUnit orgUnit = options.getOrgUnit();
            orgUnit.setType(OrgUnit.Type.USER);
            delAdminMgr.update(orgUnit);
        } else if (commands.contains(DELETE_USERORG)) {
            command = DELETE_USERORG;
            LOG.info(command);
            OrgUnit orgUnit = options.getOrgUnit();
            orgUnit.setType(OrgUnit.Type.USER);
            delAdminMgr.delete(orgUnit);
        } else if (commands.contains(ADD_USERORG_INHERITANCE)) {
            command = ADD_USERORG_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            delAdminMgr.addInheritance(new OrgUnit(relationship.getParent(), OrgUnit.Type.USER), new OrgUnit(relationship.getChild(), OrgUnit.Type.USER));
        } else if (commands.contains(DELETE_USERORG_INHERITANCE)) {
            command = DELETE_USERORG_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            delAdminMgr.deleteInheritance(new OrgUnit(relationship.getParent(), OrgUnit.Type.USER), new OrgUnit(relationship.getChild(), OrgUnit.Type.USER));
        } else if (commands.contains(ADD_PERMORG)) {
            command = ADD_PERMORG;
            LOG.info(command);
            OrgUnit orgUnit = options.getOrgUnit();
            orgUnit.setType(OrgUnit.Type.PERM);
            delAdminMgr.add(orgUnit);
        } else if (commands.contains(UPDATE_PERMORG)) {
            command = UPDATE_PERMORG;
            LOG.info(command);
            OrgUnit orgUnit = options.getOrgUnit();
            orgUnit.setType(OrgUnit.Type.PERM);
            delAdminMgr.update(orgUnit);
        } else if (commands.contains(DELETE_PERMORG)) {
            command = DELETE_PERMORG;
            LOG.info(command);
            OrgUnit orgUnit = options.getOrgUnit();
            orgUnit.setType(OrgUnit.Type.PERM);
            delAdminMgr.delete(orgUnit);
        } else if (commands.contains(ADD_PERMORG_INHERITANCE)) {
            command = ADD_PERMORG_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            delAdminMgr.addInheritance(new OrgUnit(relationship.getParent(), OrgUnit.Type.PERM), new OrgUnit(relationship.getChild(), OrgUnit.Type.PERM));
        } else if (commands.contains(DELETE_PERMORG_INHERITANCE)) {
            command = DELETE_PERMORG_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            delAdminMgr.deleteInheritance(new OrgUnit(relationship.getParent(), OrgUnit.Type.PERM), new OrgUnit(relationship.getChild(), OrgUnit.Type.PERM));
        } else {
            LOG.warn("unknown delegated admin operation detected");
            return;
        }
        LOG.info("command:{} was successful", command);
    } catch (org.apache.directory.fortress.core.SecurityException se) {
        String error = "processDelegatedAdminCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
        LOG.error(error);
    }
}
Also used : AdminRole(org.apache.directory.fortress.core.model.AdminRole) Role(org.apache.directory.fortress.core.model.Role) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) UserRole(org.apache.directory.fortress.core.model.UserRole) OrgUnit(org.apache.directory.fortress.core.model.OrgUnit) org.apache.directory.fortress.core(org.apache.directory.fortress.core) PermObj(org.apache.directory.fortress.core.model.PermObj) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) Relationship(org.apache.directory.fortress.core.model.Relationship) Permission(org.apache.directory.fortress.core.model.Permission) SecurityException(org.apache.directory.fortress.core.SecurityException) AdminRole(org.apache.directory.fortress.core.model.AdminRole) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)

Example 17 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class FortressAntTask method deletePermGrants.

/**
 * @throws BuildException An error occurred while building
 */
private void deletePermGrants() throws BuildException {
    if (delpermGrants == null) {
        return;
    }
    // Loop through the entityclass elements
    for (DelpermGrant delpermGrant : delpermGrants) {
        List<PermGrant> permGrants = delpermGrant.getPermGrants();
        for (PermGrant permGrant : permGrants) {
            try {
                Permission perm = new Permission(permGrant.getObjName(), permGrant.getOpName(), permGrant.isAdmin());
                perm.setOpName(permGrant.getOpName());
                perm.setObjId(permGrant.getObjId());
                if (permGrant.getRoleNm() != null && permGrant.getRoleNm().length() > 0) {
                    LOG.info("deletePermGrants tenant={} roleName={} objName={} opName={} objId={}", getTenant(), permGrant.getRoleNm(), permGrant.getObjName(), permGrant.getOpName(), permGrant.getObjId());
                    adminMgr.revokePermission(perm, new Role(permGrant.getRoleNm()));
                } else if (permGrant.getUserId() != null && permGrant.getUserId().length() > 0) {
                    LOG.info("deletePermGrants tenant={} userId={} objName={} opName={} objId={}", getTenant(), permGrant.getUserId(), permGrant.getObjName(), permGrant.getOpName(), permGrant.getObjId());
                    adminMgr.revokePermission(perm, new User(permGrant.getUserId()));
                } else {
                    String warning = "deletePermGrants called without user or role set in xml";
                    LOG.warn(warning);
                }
            } catch (SecurityException se) {
                LOG.warn("deletePermGrants tenant={} roleName={} objName={} opName={} objId={} caught SecurityException={}", getTenant(), permGrant.getRoleNm(), permGrant.getObjName(), permGrant.getOpName(), permGrant.getObjId(), se);
            }
        }
    }
}
Also used : AdminRole(org.apache.directory.fortress.core.model.AdminRole) Role(org.apache.directory.fortress.core.model.Role) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) UserRole(org.apache.directory.fortress.core.model.UserRole) PermGrant(org.apache.directory.fortress.core.model.PermGrant) User(org.apache.directory.fortress.core.model.User) Permission(org.apache.directory.fortress.core.model.Permission) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 18 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class FortressAntTask method addPermGrants.

/**
 * @throws BuildException An error occurred while building
 */
private void addPermGrants() throws BuildException {
    if (addpermGrants == null) {
        return;
    }
    // Loop through the entityclass elements
    for (AddpermGrant addpermGrant : addpermGrants) {
        List<PermGrant> permGrants = addpermGrant.getPermGrants();
        for (PermGrant permGrant : permGrants) {
            try {
                Permission perm = new Permission(permGrant.getObjName(), permGrant.getOpName(), permGrant.isAdmin());
                perm.setOpName(permGrant.getOpName());
                perm.setObjId(permGrant.getObjId());
                if (permGrant.getRoleNm() != null && permGrant.getRoleNm().length() > 0) {
                    LOG.info("addPermGrants tenant={} roleName={} objName={} opName={} objId={}", getTenant(), permGrant.getRoleNm(), permGrant.getObjName(), permGrant.getOpName(), permGrant.getObjId());
                    adminMgr.grantPermission(perm, new Role(permGrant.getRoleNm()));
                } else if (permGrant.getUserId() != null && permGrant.getUserId().length() > 0) {
                    LOG.info("addPermGrants tenant={} userId={} objName={} opName={} objId={}", getTenant(), permGrant.getUserId(), permGrant.getObjName(), permGrant.getOpName(), permGrant.getObjId());
                    adminMgr.grantPermission(perm, new User(permGrant.getUserId()));
                } else {
                    String warning = "addPermGrants called without user or role set in xml";
                    LOG.warn(warning);
                }
            } catch (SecurityException se) {
                LOG.warn("addPermGrants tenant={} roleName={} objName={} opName={} objId={} caught SecurityException={}", getTenant(), permGrant.getRoleNm(), permGrant.getObjName(), permGrant.getOpName(), permGrant.getObjId(), se);
            }
        }
    }
}
Also used : AdminRole(org.apache.directory.fortress.core.model.AdminRole) Role(org.apache.directory.fortress.core.model.Role) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) UserRole(org.apache.directory.fortress.core.model.UserRole) PermGrant(org.apache.directory.fortress.core.model.PermGrant) User(org.apache.directory.fortress.core.model.User) Permission(org.apache.directory.fortress.core.model.Permission) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 19 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class FortressAntTask method addGroupProperties.

/**
 * @throws BuildException An error occurred while building
 */
private void addGroupProperties() {
    if (addgroupproperties == null) {
        return;
    }
    // Loop through the entityclass elements
    for (Addgroupproperty addgroupproperty : addgroupproperties) {
        List<Group> groups = addgroupproperty.getGroups();
        for (Group group : groups) {
            if (PropUtil.isNotEmpty(group.getProperties())) {
                for (Enumeration<?> e = group.getProperties().propertyNames(); e.hasMoreElements(); ) {
                    // This LDAP attr is stored as a name-value pair separated by a ':'.
                    String key = (String) e.nextElement();
                    String val = group.getProperties().getProperty(key);
                    try {
                        groupMgr.add(group, key, val);
                    } catch (SecurityException se) {
                        LOG.warn("addGroupProperties tenant={} name [{}], key [{}], value [{}] caught SecurityException={}", getTenant(), group.getName(), key, val, se);
                    }
                }
            } else {
                LOG.info("addGroupProperties tenant={} name={}, no properties found", getTenant(), group.getName());
            }
        }
    }
}
Also used : Group(org.apache.directory.fortress.core.model.Group) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 20 with SecurityException

use of org.apache.directory.fortress.core.SecurityException in project directory-fortress-core by apache.

the class UserP method createSessionTrusted.

/**
 * Trusted session creation method called internal to this class only.  Will do all of the session activations of the public method
 *
 * @param inUser Contains userId that represents rDn of node in ldap directory.
 * @return Session object will contain authentication result code, RBAC and Admin role activations, OpenLDAP pw policy output and more.
 * @throws SecurityException in the event of data validation failure, security policy violation or DAO error.
 */
private Session createSessionTrusted(User inUser) throws SecurityException {
    User user = read(inUser, true);
    user.setContextId(inUser.getContextId());
    if (user.isLocked()) {
        String warning = "createSession failed for userId [" + inUser.getUserId() + "] reason user is locked";
        LOG.warn(warning);
        throw new SecurityException(GlobalErrIds.USER_LOCKED_BY_CONST, warning);
    }
    Session session = new ObjectFactory().createSession();
    session.setUserId(inUser.getUserId());
    // Set this flag to false because user's password was not authenticated.
    session.setAuthenticated(false);
    session.setUser(user);
    return session;
}
Also used : User(org.apache.directory.fortress.core.model.User) ObjectFactory(org.apache.directory.fortress.core.model.ObjectFactory) SecurityException(org.apache.directory.fortress.core.SecurityException) Session(org.apache.directory.fortress.core.model.Session)

Aggregations

SecurityException (org.apache.directory.fortress.core.SecurityException)441 FortRequest (org.apache.directory.fortress.core.model.FortRequest)152 FortResponse (org.apache.directory.fortress.core.model.FortResponse)152 User (org.apache.directory.fortress.core.model.User)125 AdminMgr (org.apache.directory.fortress.core.AdminMgr)89 UserRole (org.apache.directory.fortress.core.model.UserRole)88 Role (org.apache.directory.fortress.core.model.Role)66 ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)65 Session (org.apache.directory.fortress.core.model.Session)59 Permission (org.apache.directory.fortress.core.model.Permission)56 AccessMgr (org.apache.directory.fortress.core.AccessMgr)41 DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)39 SDSet (org.apache.directory.fortress.core.model.SDSet)37 OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)36 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)34 UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)33 AdminRole (org.apache.directory.fortress.core.model.AdminRole)25 PermObj (org.apache.directory.fortress.core.model.PermObj)22 Group (org.apache.directory.fortress.core.model.Group)19 PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)17
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial