Example 1 with PasswordPolicyTO
use of org.apache.syncope.common.lib.policy.PasswordPolicyTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE626.
@Test
public void issueSYNCOPE626() {
DefaultPasswordRuleConf ruleConf = new DefaultPasswordRuleConf();
ruleConf.setUsernameAllowed(false);
ImplementationTO rule = new ImplementationTO();
rule.setKey("DefaultPasswordRuleConf" + getUUIDString());
rule.setEngine(ImplementationEngine.JAVA);
rule.setType(ImplementationType.PASSWORD_RULE);
rule.setBody(POJOHelper.serialize(ruleConf));
Response response = implementationService.create(rule);
rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
passwordPolicy.setDescription("Password Policy for SYNCOPE-626");
passwordPolicy.getRules().add(rule.getKey());
passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
assertNotNull(passwordPolicy);
RealmTO realm = realmService.list("/even/two").get(0);
String oldPasswordPolicy = realm.getPasswordPolicy();
realm.setPasswordPolicy(passwordPolicy.getKey());
realmService.update(realm);
try {
UserTO user = UserITCase.getUniqueSampleTO("syncope626@syncope.apache.org");
user.setRealm(realm.getFullPath());
user.setPassword(user.getUsername());
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
}
user.setPassword("password123");
user = createUser(user).getEntity();
assertNotNull(user);
} finally {
realm.setPasswordPolicy(oldPasswordPolicy);
realmService.update(realm);
policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
}
}
Also used :
ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO)
Response(javax.ws.rs.core.Response)
DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf)
UserTO(org.apache.syncope.common.lib.to.UserTO)
RealmTO(org.apache.syncope.common.lib.to.RealmTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Test(org.junit.jupiter.api.Test)
Example 2 with PasswordPolicyTO
use of org.apache.syncope.common.lib.policy.PasswordPolicyTO in project syncope by apache.
the class UserITCase method customPolicyRules.
@Test
public void customPolicyRules() {
// Using custom policy rules with application/xml requires to overwrite
// org.apache.syncope.common.lib.policy.AbstractAccountRuleConf's and / or
// org.apache.syncope.common.lib.policy.AbstractPasswordRuleConf's
// @XmlSeeAlso - the power of JAXB :-/
assumeTrue(MediaType.APPLICATION_JSON_TYPE.equals(clientFactory.getContentType().getMediaType()));
ImplementationTO implementationTO = new ImplementationTO();
implementationTO.setKey("TestAccountRuleConf" + UUID.randomUUID().toString());
implementationTO.setEngine(ImplementationEngine.JAVA);
implementationTO.setType(ImplementationType.ACCOUNT_RULE);
implementationTO.setBody(POJOHelper.serialize(new TestAccountRuleConf()));
Response response = implementationService.create(implementationTO);
implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
AccountPolicyTO accountPolicy = new AccountPolicyTO();
accountPolicy.setDescription("Account Policy with custom rules");
accountPolicy.getRules().add(implementationTO.getKey());
accountPolicy = createPolicy(PolicyType.ACCOUNT, accountPolicy);
assertNotNull(accountPolicy);
implementationTO = new ImplementationTO();
implementationTO.setKey("TestPasswordRuleConf" + UUID.randomUUID().toString());
implementationTO.setEngine(ImplementationEngine.JAVA);
implementationTO.setType(ImplementationType.PASSWORD_RULE);
implementationTO.setBody(POJOHelper.serialize(new TestPasswordRuleConf()));
response = implementationService.create(implementationTO);
implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
passwordPolicy.setDescription("Password Policy with custom rules");
passwordPolicy.getRules().add(implementationTO.getKey());
passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
assertNotNull(passwordPolicy);
RealmTO realm = realmService.list("/even/two").get(0);
String oldAccountPolicy = realm.getAccountPolicy();
realm.setAccountPolicy(accountPolicy.getKey());
String oldPasswordPolicy = realm.getPasswordPolicy();
realm.setPasswordPolicy(passwordPolicy.getKey());
realmService.update(realm);
try {
UserTO user = getUniqueSampleTO("custompolicyrules@syncope.apache.org");
user.setRealm(realm.getFullPath());
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
}
user.setPassword(user.getPassword() + "XXX");
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidUsername"));
}
user.setUsername("YYY" + user.getUsername());
user = createUser(user).getEntity();
assertNotNull(user);
} finally {
realm.setAccountPolicy(oldAccountPolicy);
realm.setPasswordPolicy(oldPasswordPolicy);
realmService.update(realm);
policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
policyService.delete(PolicyType.ACCOUNT, accountPolicy.getKey());
}
}
Also used :
ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO)
Response(javax.ws.rs.core.Response)
TestPasswordRuleConf(org.apache.syncope.fit.core.reference.TestPasswordRuleConf)
UserTO(org.apache.syncope.common.lib.to.UserTO)
RealmTO(org.apache.syncope.common.lib.to.RealmTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
TestAccountRuleConf(org.apache.syncope.fit.core.reference.TestAccountRuleConf)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Test(org.junit.jupiter.api.Test)
Example 3 with PasswordPolicyTO
use of org.apache.syncope.common.lib.policy.PasswordPolicyTO in project syncope by apache.
the class PolicyITCase method update.
@Test
public void update() {
PasswordPolicyTO globalPolicy = policyService.read(PolicyType.PASSWORD, "ce93fcda-dc3a-4369-a7b0-a6108c261c85");
PasswordPolicyTO policy = SerializationUtils.clone(globalPolicy);
policy.setDescription("A simple password policy");
// create a new password policy using the former as a template
policy = createPolicy(PolicyType.PASSWORD, policy);
assertNotNull(policy);
assertNotEquals("ce93fcda-dc3a-4369-a7b0-a6108c261c85", policy.getKey());
ImplementationTO rule = implementationService.read(ImplementationType.PASSWORD_RULE, policy.getRules().get(0));
assertNotNull(rule);
DefaultPasswordRuleConf ruleConf = POJOHelper.deserialize(rule.getBody(), DefaultPasswordRuleConf.class);
ruleConf.setMaxLength(22);
rule.setBody(POJOHelper.serialize(ruleConf));
// update new password policy
policyService.update(PolicyType.PASSWORD, policy);
policy = policyService.read(PolicyType.PASSWORD, policy.getKey());
assertNotNull(policy);
ruleConf = POJOHelper.deserialize(rule.getBody(), DefaultPasswordRuleConf.class);
assertEquals(22, ruleConf.getMaxLength());
assertEquals(8, ruleConf.getMinLength());
}
Also used :
ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO)
DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Test(org.junit.jupiter.api.Test)
Example 4 with PasswordPolicyTO
use of org.apache.syncope.common.lib.policy.PasswordPolicyTO in project syncope by apache.
the class PolicyDataBinderImpl method getPolicy.
@SuppressWarnings("unchecked")
private <T extends Policy> T getPolicy(final T policy, final PolicyTO policyTO) {
T result = policy;
if (policyTO instanceof PasswordPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PasswordPolicy.class);
}
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(result);
PasswordPolicyTO passwordPolicyTO = PasswordPolicyTO.class.cast(policyTO);
passwordPolicy.setAllowNullPassword(passwordPolicyTO.isAllowNullPassword());
passwordPolicy.setHistoryLength(passwordPolicyTO.getHistoryLength());
passwordPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
passwordPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
passwordPolicy.getRules().removeIf(implementation -> !passwordPolicyTO.getRules().contains(implementation.getKey()));
} else if (policyTO instanceof AccountPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(AccountPolicy.class);
}
AccountPolicy accountPolicy = AccountPolicy.class.cast(result);
AccountPolicyTO accountPolicyTO = AccountPolicyTO.class.cast(policyTO);
accountPolicy.setMaxAuthenticationAttempts(accountPolicyTO.getMaxAuthenticationAttempts());
accountPolicy.setPropagateSuspension(accountPolicyTO.isPropagateSuspension());
accountPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
accountPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
accountPolicy.getRules().removeIf(implementation -> !accountPolicyTO.getRules().contains(implementation.getKey()));
accountPolicy.getResources().clear();
accountPolicyTO.getPassthroughResources().forEach(resourceName -> {
ExternalResource resource = resourceDAO.find(resourceName);
if (resource == null) {
LOG.debug("Ignoring invalid resource {} ", resourceName);
} else {
accountPolicy.add(resource);
}
});
} else if (policyTO instanceof PullPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PullPolicy.class);
}
PullPolicy pullPolicy = PullPolicy.class.cast(result);
PullPolicyTO pullPolicyTO = PullPolicyTO.class.cast(policyTO);
pullPolicy.setConflictResolutionAction(pullPolicyTO.getConflictResolutionAction());
pullPolicyTO.getCorrelationRules().forEach((type, impl) -> {
AnyType anyType = anyTypeDAO.find(type);
if (anyType == null) {
LOG.debug("Invalid AnyType {} specified, ignoring...", type);
} else {
CorrelationRule correlationRule = pullPolicy.getCorrelationRule(anyType).orElse(null);
if (correlationRule == null) {
correlationRule = entityFactory.newEntity(CorrelationRule.class);
correlationRule.setAnyType(anyType);
correlationRule.setPullPolicy(pullPolicy);
pullPolicy.add(correlationRule);
}
Implementation rule = implementationDAO.find(impl);
if (rule == null) {
throw new NotFoundException("Implementation " + type);
}
correlationRule.setImplementation(rule);
}
});
// remove all rules not contained in the TO
pullPolicy.getCorrelationRules().removeIf(anyFilter -> !pullPolicyTO.getCorrelationRules().containsKey(anyFilter.getAnyType().getKey()));
}
if (result != null) {
result.setDescription(policyTO.getDescription());
}
return result;
}
Also used :
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
LoggerFactory(org.slf4j.LoggerFactory)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
PolicyDataBinder(org.apache.syncope.core.provisioning.api.data.PolicyDataBinder)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
RealmDAO(org.apache.syncope.core.persistence.api.dao.RealmDAO)
ImplementationDAO(org.apache.syncope.core.persistence.api.dao.ImplementationDAO)
PolicyTO(org.apache.syncope.common.lib.policy.PolicyTO)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Logger(org.slf4j.Logger)
Policy(org.apache.syncope.core.persistence.api.entity.policy.Policy)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
Collectors(java.util.stream.Collectors)
AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
EntityFactory(org.apache.syncope.core.persistence.api.entity.EntityFactory)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
Component(org.springframework.stereotype.Component)
CorrelationRule(org.apache.syncope.core.persistence.api.entity.policy.CorrelationRule)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
ExternalResourceDAO(org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
CorrelationRule(org.apache.syncope.core.persistence.api.entity.policy.CorrelationRule)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Example 5 with PasswordPolicyTO
use of org.apache.syncope.common.lib.policy.PasswordPolicyTO in project syncope by apache.
the class PolicyDataBinderImpl method getPolicyTO.
@SuppressWarnings("unchecked")
@Override
public <T extends PolicyTO> T getPolicyTO(final Policy policy) {
T policyTO = null;
if (policy instanceof PasswordPolicy) {
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(policy);
PasswordPolicyTO passwordPolicyTO = new PasswordPolicyTO();
policyTO = (T) passwordPolicyTO;
passwordPolicyTO.setAllowNullPassword(passwordPolicy.isAllowNullPassword());
passwordPolicyTO.setHistoryLength(passwordPolicy.getHistoryLength());
passwordPolicyTO.getRules().addAll(passwordPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof AccountPolicy) {
AccountPolicy accountPolicy = AccountPolicy.class.cast(policy);
AccountPolicyTO accountPolicyTO = new AccountPolicyTO();
policyTO = (T) accountPolicyTO;
accountPolicyTO.setMaxAuthenticationAttempts(accountPolicy.getMaxAuthenticationAttempts());
accountPolicyTO.setPropagateSuspension(accountPolicy.isPropagateSuspension());
accountPolicyTO.getRules().addAll(accountPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
accountPolicyTO.getPassthroughResources().addAll(accountPolicy.getResources().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof PullPolicy) {
PullPolicy pullPolicy = PullPolicy.class.cast(policy);
PullPolicyTO pullPolicyTO = new PullPolicyTO();
policyTO = (T) pullPolicyTO;
pullPolicyTO.setConflictResolutionAction(((PullPolicy) policy).getConflictResolutionAction());
pullPolicy.getCorrelationRules().forEach(rule -> {
pullPolicyTO.getCorrelationRules().put(rule.getAnyType().getKey(), rule.getImplementation().getKey());
});
}
if (policyTO != null) {
policyTO.setKey(policy.getKey());
policyTO.setDescription(policy.getDescription());
for (ExternalResource resource : resourceDAO.findByPolicy(policy)) {
policyTO.getUsedByResources().add(resource.getKey());
}
for (Realm realm : realmDAO.findByPolicy(policy)) {
policyTO.getUsedByRealms().add(realm.getFullPath());
}
}
return policyTO;
}
Also used :
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Aggregations
PasswordPolicyTO (org.apache.syncope.common.lib.policy.PasswordPolicyTO)6
Test (org.junit.jupiter.api.Test)4
AccountPolicyTO (org.apache.syncope.common.lib.policy.AccountPolicyTO)3
ImplementationTO (org.apache.syncope.common.lib.to.ImplementationTO)3
Response (javax.ws.rs.core.Response)2
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)2
DefaultPasswordRuleConf (org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf)2
PullPolicyTO (org.apache.syncope.common.lib.policy.PullPolicyTO)2
RealmTO (org.apache.syncope.common.lib.to.RealmTO)2
UserTO (org.apache.syncope.common.lib.to.UserTO)2
Entity (org.apache.syncope.core.persistence.api.entity.Entity)2
Realm (org.apache.syncope.core.persistence.api.entity.Realm)2
AccountPolicy (org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)2
PasswordPolicy (org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)2
PullPolicy (org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)2
ExternalResource (org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)2
Collectors (java.util.stream.Collectors)1
PolicyTO (org.apache.syncope.common.lib.policy.PolicyTO)1
AnyTypeDAO (org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)1
ExternalResourceDAO (org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO)1
