Examples with PasswordPolicy org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy used on opensource projects

Search in sources :

Example 11 with PasswordPolicy

use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.

the class ConnObjectUtils method getAnyTO.

/**
 * Build a UserTO / GroupTO / AnyObjectTO out of connector object attributes and schema mapping.
 *
 * @param obj connector object
 * @param pullTask pull task
 * @param provision provision information
 * @param anyUtils utils
 * @param <T> any object
 * @return UserTO for the user to be created
 */
@Transactional(readOnly = true)
public <T extends AnyTO> T getAnyTO(final ConnectorObject obj, final PullTask pullTask, final Provision provision, final AnyUtils anyUtils) {
    T anyTO = getAnyTOFromConnObject(obj, pullTask, provision, anyUtils);
    // (for users) if password was not set above, generate if resource is configured for that
    if (anyTO instanceof UserTO && StringUtils.isBlank(((UserTO) anyTO).getPassword()) && provision.getResource().isRandomPwdIfNotProvided()) {
        UserTO userTO = (UserTO) anyTO;
        List<PasswordPolicy> passwordPolicies = new ArrayList<>();
        Realm realm = realmDAO.findByFullPath(userTO.getRealm());
        if (realm != null) {
            realmDAO.findAncestors(realm).stream().filter(ancestor -> ancestor.getPasswordPolicy() != null).forEach(ancestor -> {
                passwordPolicies.add(ancestor.getPasswordPolicy());
            });
        }
        userTO.getResources().stream().map(resource -> resourceDAO.find(resource)).filter(resource -> resource != null && resource.getPasswordPolicy() != null).forEach(resource -> {
            passwordPolicies.add(resource.getPasswordPolicy());
        });
        String password;
        try {
            password = passwordGenerator.generate(passwordPolicies);
        } catch (InvalidPasswordRuleConf e) {
            LOG.error("Could not generate policy-compliant random password for {}", userTO, e);
            password = SecureRandomUtils.generateRandomPassword(16);
        }
        userTO.setPassword(password);
    }
    return anyTO;
}
Also used : AttrTO(org.apache.syncope.common.lib.to.AttrTO) Realm(org.apache.syncope.core.persistence.api.entity.Realm) RealmTO(org.apache.syncope.common.lib.to.RealmTO) LoggerFactory(org.slf4j.LoggerFactory) AnyTO(org.apache.syncope.common.lib.to.AnyTO) Autowired(org.springframework.beans.factory.annotation.Autowired) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) PasswordGenerator(org.apache.syncope.core.spring.security.PasswordGenerator) InvalidPasswordRuleConf(org.apache.syncope.core.provisioning.api.utils.policy.InvalidPasswordRuleConf) StringUtils(org.apache.commons.lang3.StringUtils) ArrayList(java.util.ArrayList) PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy) GuardedString(org.identityconnectors.common.security.GuardedString) Attribute(org.identityconnectors.framework.common.objects.Attribute) PullTask(org.apache.syncope.core.persistence.api.entity.task.PullTask) Base64(org.identityconnectors.common.Base64) MappingManager(org.apache.syncope.core.provisioning.api.MappingManager) SecurityUtil(org.identityconnectors.common.security.SecurityUtil) RealmDAO(org.apache.syncope.core.persistence.api.dao.RealmDAO) OrgUnit(org.apache.syncope.core.persistence.api.entity.resource.OrgUnit) AnyPatch(org.apache.syncope.common.lib.patch.AnyPatch) Encryptor(org.apache.syncope.core.spring.security.Encryptor) Logger(org.slf4j.Logger) UserDAO(org.apache.syncope.core.persistence.api.dao.UserDAO) GuardedByteArray(org.identityconnectors.common.security.GuardedByteArray) Set(java.util.Set) User(org.apache.syncope.core.persistence.api.entity.user.User) GroupTO(org.apache.syncope.common.lib.to.GroupTO) SecureRandomUtils(org.apache.syncope.core.spring.security.SecureRandomUtils) ConnectorObject(org.identityconnectors.framework.common.objects.ConnectorObject) List(java.util.List) Provision(org.apache.syncope.core.persistence.api.entity.resource.Provision) Component(org.springframework.stereotype.Component) UserTO(org.apache.syncope.common.lib.to.UserTO) AnyUtils(org.apache.syncope.core.persistence.api.entity.AnyUtils) ExternalResourceDAO(org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO) AnyOperations(org.apache.syncope.common.lib.AnyOperations) AnyObjectTO(org.apache.syncope.common.lib.to.AnyObjectTO) Transactional(org.springframework.transaction.annotation.Transactional) InvalidPasswordRuleConf(org.apache.syncope.core.provisioning.api.utils.policy.InvalidPasswordRuleConf) UserTO(org.apache.syncope.common.lib.to.UserTO) PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy) ArrayList(java.util.ArrayList) GuardedString(org.identityconnectors.common.security.GuardedString) Realm(org.apache.syncope.core.persistence.api.entity.Realm) Transactional(org.springframework.transaction.annotation.Transactional)

Example 12 with PasswordPolicy

use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.

the class DefaultPasswordGenerator method generate.

@Override
public String generate(final List<PasswordPolicy> policies) throws InvalidPasswordRuleConf {
    List<DefaultPasswordRuleConf> defaultRuleConfs = new ArrayList<>();
    policies.stream().forEach(policy -> policy.getRules().forEach(impl -> {
        try {
            Optional<PasswordRule> rule = ImplementationManager.buildPasswordRule(impl);
            if (rule.isPresent() && rule.get().getConf() instanceof DefaultPasswordRuleConf) {
                defaultRuleConfs.add((DefaultPasswordRuleConf) rule.get().getConf());
            }
        } catch (Exception e) {
            LOG.error("Invalid {}, ignoring...", impl, e);
        }
    }));
    DefaultPasswordRuleConf ruleConf = merge(defaultRuleConfs);
    check(ruleConf);
    return generate(ruleConf);
}
Also used : Logger(org.slf4j.Logger) PolicyPattern(org.apache.syncope.core.provisioning.api.utils.policy.PolicyPattern) LoggerFactory(org.slf4j.LoggerFactory) InvalidPasswordRuleConf(org.apache.syncope.core.provisioning.api.utils.policy.InvalidPasswordRuleConf) StringUtils(org.apache.commons.lang3.StringUtils) PasswordRule(org.apache.syncope.core.persistence.api.dao.PasswordRule) ImplementationManager(org.apache.syncope.core.spring.ImplementationManager) ArrayList(java.util.ArrayList) PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy) ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource) List(java.util.List) DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) Optional(java.util.Optional) Transactional(org.springframework.transaction.annotation.Transactional) DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) Optional(java.util.Optional) ArrayList(java.util.ArrayList)

Example 13 with PasswordPolicy

use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.

the class PasswordGeneratorTest method startEndWithDigit.

@Test
public void startEndWithDigit() throws InvalidPasswordRuleConf {
    DefaultPasswordRuleConf pwdRuleConf1 = createBaseDefaultPasswordRuleConf();
    pwdRuleConf1.setMustStartWithDigit(true);
    TestImplementation passwordRule1 = new TestImplementation();
    passwordRule1.setBody(POJOHelper.serialize(pwdRuleConf1));
    TestPasswordPolicy policy1 = new TestPasswordPolicy();
    policy1.add(passwordRule1);
    DefaultPasswordRuleConf pwdRuleConf2 = createBaseDefaultPasswordRuleConf();
    pwdRuleConf2.setMustEndWithDigit(true);
    TestImplementation passwordRule2 = new TestImplementation();
    passwordRule2.setBody(POJOHelper.serialize(pwdRuleConf2));
    TestPasswordPolicy policy2 = new TestPasswordPolicy();
    policy2.add(passwordRule2);
    List<PasswordPolicy> policies = new ArrayList<>();
    policies.add(policy1);
    policies.add(policy2);
    String generatedPassword = passwordGenerator.generate(policies);
    assertTrue(Character.isDigit(generatedPassword.charAt(0)));
    assertTrue(Character.isDigit(generatedPassword.charAt(generatedPassword.length() - 1)));
}
Also used : DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy) ArrayList(java.util.ArrayList) Test(org.junit.jupiter.api.Test)

Example 14 with PasswordPolicy

use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.

the class PasswordGeneratorTest method passwordWithNonAlpha.

@Test
public void passwordWithNonAlpha() throws InvalidPasswordRuleConf {
    DefaultPasswordRuleConf pwdRuleConf1 = createBaseDefaultPasswordRuleConf();
    pwdRuleConf1.setNonAlphanumericRequired(true);
    TestImplementation passwordRule1 = new TestImplementation();
    passwordRule1.setBody(POJOHelper.serialize(pwdRuleConf1));
    TestPasswordPolicy policy1 = new TestPasswordPolicy();
    policy1.add(passwordRule1);
    DefaultPasswordRuleConf pwdRuleConf2 = createBaseDefaultPasswordRuleConf();
    pwdRuleConf2.setMustEndWithAlpha(true);
    TestImplementation passwordRule2 = new TestImplementation();
    passwordRule2.setBody(POJOHelper.serialize(pwdRuleConf2));
    TestPasswordPolicy policy2 = new TestPasswordPolicy();
    policy2.add(passwordRule2);
    List<PasswordPolicy> policies = new ArrayList<>();
    policies.add(policy1);
    policies.add(policy2);
    String generatedPassword = passwordGenerator.generate(policies);
    assertTrue(PolicyPattern.NON_ALPHANUMERIC.matcher(generatedPassword).matches());
    assertTrue(Character.isLetter(generatedPassword.charAt(generatedPassword.length() - 1)));
}
Also used : DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy) ArrayList(java.util.ArrayList) Test(org.junit.jupiter.api.Test)

Example 15 with PasswordPolicy

use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.

the class PasswordGeneratorTest method incopatiblePolicies.

@Test
public void incopatiblePolicies() {
    assertThrows(InvalidPasswordRuleConf.class, () -> {
        DefaultPasswordRuleConf pwdRuleConf1 = createBaseDefaultPasswordRuleConf();
        pwdRuleConf1.setMinLength(12);
        TestImplementation passwordRule1 = new TestImplementation();
        passwordRule1.setBody(POJOHelper.serialize(pwdRuleConf1));
        TestPasswordPolicy policy1 = new TestPasswordPolicy();
        policy1.add(passwordRule1);
        DefaultPasswordRuleConf pwdRuleConf2 = createBaseDefaultPasswordRuleConf();
        pwdRuleConf2.setMaxLength(10);
        TestImplementation passwordRule2 = new TestImplementation();
        passwordRule2.setBody(POJOHelper.serialize(pwdRuleConf2));
        TestPasswordPolicy policy2 = new TestPasswordPolicy();
        policy2.add(passwordRule2);
        List<PasswordPolicy> policies = new ArrayList<>();
        policies.add(policy1);
        policies.add(policy2);
        passwordGenerator.generate(policies);
    });
}
Also used : DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy) ArrayList(java.util.ArrayList) Test(org.junit.jupiter.api.Test)

Aggregations

PasswordPolicy (org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)17 ArrayList (java.util.ArrayList)8 DefaultPasswordRuleConf (org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf)7 AccountPolicy (org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)7 ExternalResource (org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)7 Test (org.junit.jupiter.api.Test)7 Implementation (org.apache.syncope.core.persistence.api.entity.Implementation)6 Realm (org.apache.syncope.core.persistence.api.entity.Realm)6 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)3 Policy (org.apache.syncope.core.persistence.api.entity.policy.Policy)3 PullPolicy (org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)3 InvalidPasswordRuleConf (org.apache.syncope.core.provisioning.api.utils.policy.InvalidPasswordRuleConf)3 List (java.util.List)2 StringUtils (org.apache.commons.lang3.StringUtils)2 AccountPolicyTO (org.apache.syncope.common.lib.policy.AccountPolicyTO)2 PasswordPolicyTO (org.apache.syncope.common.lib.policy.PasswordPolicyTO)2 PullPolicyTO (org.apache.syncope.common.lib.policy.PullPolicyTO)2 ExternalResourceDAO (org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO)2 OrgUnit (org.apache.syncope.core.persistence.api.entity.resource.OrgUnit)2 Provision (org.apache.syncope.core.persistence.api.entity.resource.Provision)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial