Search in sources :

Example 6 with XXAuthSession

use of org.apache.ranger.entity.XXAuthSession in project ranger by apache.

the class SessionMgr method processSuccessLogin.

public UserSessionBase processSuccessLogin(int authType, String userAgent, HttpServletRequest httpRequest) {
    boolean newSessionCreation = true;
    UserSessionBase userSession = null;
    RangerSecurityContext context = RangerContextHolder.getSecurityContext();
    if (context != null) {
        userSession = context.getUserSession();
    }
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    WebAuthenticationDetails details = (WebAuthenticationDetails) authentication.getDetails();
    String currentLoginId = authentication.getName();
    if (userSession != null) {
        if (validateUserSession(userSession, currentLoginId)) {
            newSessionCreation = false;
        }
    }
    if (newSessionCreation) {
        getSSOSpnegoAuthCheckForAPI(currentLoginId, httpRequest);
        // Need to build the UserSession
        XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
        if (gjUser == null) {
            logger.error("Error getting user for loginId=" + currentLoginId, new Exception());
            return null;
        }
        XXAuthSession gjAuthSession = new XXAuthSession();
        gjAuthSession.setLoginId(currentLoginId);
        gjAuthSession.setUserId(gjUser.getId());
        gjAuthSession.setAuthTime(DateUtil.getUTCDate());
        gjAuthSession.setAuthStatus(XXAuthSession.AUTH_STATUS_SUCCESS);
        gjAuthSession.setAuthType(authType);
        if (details != null) {
            gjAuthSession.setExtSessionId(details.getSessionId());
            gjAuthSession.setRequestIP(details.getRemoteAddress());
        }
        if (userAgent != null) {
            gjAuthSession.setRequestUserAgent(userAgent);
        }
        gjAuthSession.setDeviceType(httpUtil.getDeviceType(userAgent));
        HttpSession session = httpRequest.getSession();
        if (session != null) {
            if (session.getAttribute("auditLoginId") == null) {
                synchronized (session) {
                    if (session.getAttribute("auditLoginId") == null) {
                        boolean isDownloadLogEnabled = PropertiesUtil.getBooleanProperty("ranger.downloadpolicy.session.log.enabled", false);
                        if (isDownloadLogEnabled) {
                            gjAuthSession = storeAuthSession(gjAuthSession);
                            session.setAttribute("auditLoginId", gjAuthSession.getId());
                        } else if (!StringUtils.isEmpty(httpRequest.getRequestURI()) && !(httpRequest.getRequestURI().contains("/secure/policies/download/") || httpRequest.getRequestURI().contains("/secure/download/"))) {
                            gjAuthSession = storeAuthSession(gjAuthSession);
                            session.setAttribute("auditLoginId", gjAuthSession.getId());
                        } else if (StringUtils.isEmpty(httpRequest.getRequestURI())) {
                            gjAuthSession = storeAuthSession(gjAuthSession);
                            session.setAttribute("auditLoginId", gjAuthSession.getId());
                        } else {
                        // NOPMD
                        // do not log the details for download policy and tag
                        }
                    }
                }
            }
        }
        userSession = new UserSessionBase();
        userSession.setXXPortalUser(gjUser);
        userSession.setXXAuthSession(gjAuthSession);
        if (httpRequest.getAttribute("spnegoEnabled") != null && (boolean) httpRequest.getAttribute("spnegoEnabled")) {
            userSession.setSpnegoEnabled(true);
        }
        resetUserSessionForProfiles(userSession);
        resetUserModulePermission(userSession);
        Calendar cal = Calendar.getInstance();
        if (details != null) {
            logger.info("Login Success: loginId=" + currentLoginId + ", sessionId=" + gjAuthSession.getId() + ", sessionId=" + details.getSessionId() + ", requestId=" + details.getRemoteAddress() + ", epoch=" + cal.getTimeInMillis());
        } else {
            logger.info("Login Success: loginId=" + currentLoginId + ", sessionId=" + gjAuthSession.getId() + ", details is null" + ", epoch=" + cal.getTimeInMillis());
        }
    }
    return userSession;
}
Also used : XXPortalUser(org.apache.ranger.entity.XXPortalUser) RangerSecurityContext(org.apache.ranger.security.context.RangerSecurityContext) Authentication(org.springframework.security.core.Authentication) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) HttpSession(javax.servlet.http.HttpSession) Calendar(java.util.Calendar) XXAuthSession(org.apache.ranger.entity.XXAuthSession) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 7 with XXAuthSession

use of org.apache.ranger.entity.XXAuthSession in project ranger by apache.

the class TestXUserMgr method test28DeleteXUser.

@Test
public void test28DeleteXUser() {
    setup();
    boolean force = true;
    VXUser vXUser = vxUser();
    // XXUser
    XXUser xXUser = new XXUser();
    XXUserDao xXUserDao = Mockito.mock(XXUserDao.class);
    Mockito.when(daoManager.getXXUser()).thenReturn(xXUserDao);
    Mockito.when(xXUserDao.getById(vXUser.getId())).thenReturn(xXUser);
    Mockito.when(xUserService.populateViewBean(xXUser)).thenReturn(vXUser);
    // VXGroupUser
    VXGroupUserList vxGroupUserList = new VXGroupUserList();
    XXGroupUserDao xGroupUserDao = Mockito.mock(XXGroupUserDao.class);
    VXGroupUser vxGroupUser = new VXGroupUser();
    vxGroupUser.setId(userId);
    vxGroupUser.setName("group user test");
    vxGroupUser.setOwner("Admin");
    vxGroupUser.setUserId(vXUser.getId());
    vxGroupUser.setUpdatedBy("User");
    Mockito.when(xGroupUserService.searchXGroupUsers((SearchCriteria) Mockito.any())).thenReturn(vxGroupUserList);
    Mockito.when(daoManager.getXXGroupUser()).thenReturn(xGroupUserDao);
    // VXPermMap
    VXPermMapList vXPermMapList = new VXPermMapList();
    XXPermMapDao xXPermMapDao = Mockito.mock(XXPermMapDao.class);
    Mockito.when(xPermMapService.searchXPermMaps((SearchCriteria) Mockito.any())).thenReturn(vXPermMapList);
    Mockito.when(daoManager.getXXPermMap()).thenReturn(xXPermMapDao);
    // VXAuditMap
    VXAuditMapList vXAuditMapList = new VXAuditMapList();
    XXAuditMapDao xXAuditMapDao = Mockito.mock(XXAuditMapDao.class);
    Mockito.when(xAuditMapService.searchXAuditMaps((SearchCriteria) Mockito.any())).thenReturn(vXAuditMapList);
    Mockito.when(daoManager.getXXAuditMap()).thenReturn(xXAuditMapDao);
    // XXPortalUser
    VXPortalUser vXPortalUser = userProfile();
    XXPortalUser xXPortalUser = new XXPortalUser();
    XXPortalUserDao xXPortalUserDao = Mockito.mock(XXPortalUserDao.class);
    Mockito.when(daoManager.getXXPortalUser()).thenReturn(xXPortalUserDao);
    Mockito.when(xXPortalUserDao.findByLoginId(vXUser.getName().trim())).thenReturn(xXPortalUser);
    Mockito.when(xPortalUserService.populateViewBean(xXPortalUser)).thenReturn(vXPortalUser);
    XXAuthSessionDao xXAuthSessionDao = Mockito.mock(XXAuthSessionDao.class);
    XXUserPermissionDao xXUserPermissionDao = Mockito.mock(XXUserPermissionDao.class);
    XXPortalUserRoleDao xXPortalUserRoleDao = Mockito.mock(XXPortalUserRoleDao.class);
    Mockito.when(daoManager.getXXAuthSession()).thenReturn(xXAuthSessionDao);
    Mockito.when(daoManager.getXXUserPermission()).thenReturn(xXUserPermissionDao);
    Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(xXPortalUserRoleDao);
    List<XXAuthSession> xXAuthSessions = new ArrayList<XXAuthSession>();
    List<XXUserPermission> xXUserPermissions = new ArrayList<XXUserPermission>();
    List<XXPortalUserRole> xXPortalUserRoles = new ArrayList<XXPortalUserRole>();
    Mockito.when(xXAuthSessionDao.getAuthSessionByUserId(vXPortalUser.getId())).thenReturn(xXAuthSessions);
    Mockito.when(xXUserPermissionDao.findByUserPermissionId(vXPortalUser.getId())).thenReturn(xXUserPermissions);
    Mockito.when(xXPortalUserRoleDao.findByUserId(vXPortalUser.getId())).thenReturn(xXPortalUserRoles);
    // update XXPolicyItemUserPerm
    XXPolicyDao xXPolicyDao = Mockito.mock(XXPolicyDao.class);
    List<XXPolicy> xXPolicyList = new ArrayList<XXPolicy>();
    Mockito.when(daoManager.getXXPolicy()).thenReturn(xXPolicyDao);
    Mockito.when(xXPolicyDao.findByUserId(vXUser.getId())).thenReturn(xXPolicyList);
    xUserMgr.deleteXUser(vXUser.getId(), force);
    Mockito.verify(xGroupUserService).searchXGroupUsers((SearchCriteria) Mockito.any());
}
Also used : XXUser(org.apache.ranger.entity.XXUser) VXGroupUserList(org.apache.ranger.view.VXGroupUserList) XXUserDao(org.apache.ranger.db.XXUserDao) ArrayList(java.util.ArrayList) XXPolicy(org.apache.ranger.entity.XXPolicy) XXAuthSessionDao(org.apache.ranger.db.XXAuthSessionDao) XXGroupUserDao(org.apache.ranger.db.XXGroupUserDao) XXPortalUserRoleDao(org.apache.ranger.db.XXPortalUserRoleDao) XXPermMapDao(org.apache.ranger.db.XXPermMapDao) VXPortalUser(org.apache.ranger.view.VXPortalUser) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole) VXPermMapList(org.apache.ranger.view.VXPermMapList) XXAuditMapDao(org.apache.ranger.db.XXAuditMapDao) XXUserPermissionDao(org.apache.ranger.db.XXUserPermissionDao) VXGroupUser(org.apache.ranger.view.VXGroupUser) VXAuditMapList(org.apache.ranger.view.VXAuditMapList) VXUser(org.apache.ranger.view.VXUser) XXAuthSession(org.apache.ranger.entity.XXAuthSession) XXUserPermission(org.apache.ranger.entity.XXUserPermission) XXPortalUser(org.apache.ranger.entity.XXPortalUser) XXPortalUserDao(org.apache.ranger.db.XXPortalUserDao) XXPolicyDao(org.apache.ranger.db.XXPolicyDao) Test(org.junit.Test)

Aggregations

XXAuthSession (org.apache.ranger.entity.XXAuthSession)7 XXPortalUser (org.apache.ranger.entity.XXPortalUser)4 ArrayList (java.util.ArrayList)2 UserSessionBase (org.apache.ranger.common.UserSessionBase)2 XXAuditMapDao (org.apache.ranger.db.XXAuditMapDao)2 XXAuthSessionDao (org.apache.ranger.db.XXAuthSessionDao)2 XXGroupUserDao (org.apache.ranger.db.XXGroupUserDao)2 XXPermMapDao (org.apache.ranger.db.XXPermMapDao)2 XXPolicyDao (org.apache.ranger.db.XXPolicyDao)2 XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)2 XXPortalUserRoleDao (org.apache.ranger.db.XXPortalUserRoleDao)2 XXUserDao (org.apache.ranger.db.XXUserDao)2 XXUserPermissionDao (org.apache.ranger.db.XXUserPermissionDao)2 XXPolicy (org.apache.ranger.entity.XXPolicy)2 XXPortalUserRole (org.apache.ranger.entity.XXPortalUserRole)2 XXUser (org.apache.ranger.entity.XXUser)2 XXUserPermission (org.apache.ranger.entity.XXUserPermission)2 RangerSecurityContext (org.apache.ranger.security.context.RangerSecurityContext)2 VXAuthSession (org.apache.ranger.view.VXAuthSession)2 Authentication (org.springframework.security.core.Authentication)2