Example 1 with ClaimsMapEntry
use of org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry in project admin-console-beta by connexta.
the class ITAdminSecurity method createSampleLdapConfiguration.
public LdapConfigurationField createSampleLdapConfiguration(EnumValue<String> ldapUseCase) {
LdapConfigurationField newConfig = new LdapConfigurationField();
CredentialsField creds = new CredentialsField().username(TEST_USERNAME).password(TEST_PASSWORD);
LdapBindUserInfo bindUserInfo = new LdapBindUserInfo().bindMethod(SimpleEnumValue.SIMPLE).credentialsField(creds);
LdapConnectionField connection = new LdapConnectionField().encryptionMethod(LdapEncryptionMethodField.NoEncryption.NONE).hostname("testHostName").port(666);
LdapConnectionField.ListImpl connections = new LdapConnectionField.ListImpl();
connections.add(connection);
LdapDirectorySettingsField dirSettings = new LdapDirectorySettingsField().baseUserDn(TEST_DN).loginUserAttribute(TEST_ATTRIBUTE).memberAttributeReferencedInGroup(TEST_ATTRIBUTE).baseGroupDn(TEST_DN).groupAttributeHoldingMember(TEST_ATTRIBUTE).useCase(ldapUseCase.getValue());
if (ldapUseCase.getValue().equals(LdapUseCase.ATTRIBUTE_STORE.getValue()) || ldapUseCase.getValue().equals(LdapUseCase.AUTHENTICATION_AND_ATTRIBUTE_STORE.getValue())) {
dirSettings.groupObjectClass(TEST_ATTRIBUTE);
newConfig.claimMappingsField(new ClaimsMapEntry.ListImpl().add(new ClaimsMapEntry().key(TEST_CLAIM_KEY).value(TEST_CLAIM_VALUE)));
}
return newConfig.connections(connections).bindUserInfo(bindUserInfo).settings(dirSettings);
}
Also used :
ClaimsMapEntry(org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry)
LdapConfigurationField(org.codice.ddf.admin.ldap.fields.config.LdapConfigurationField)
LdapConnectionField(org.codice.ddf.admin.ldap.fields.connection.LdapConnectionField)
LdapBindUserInfo(org.codice.ddf.admin.ldap.fields.connection.LdapBindUserInfo)
LdapDirectorySettingsField(org.codice.ddf.admin.ldap.fields.config.LdapDirectorySettingsField)
CredentialsField(org.codice.ddf.admin.common.fields.common.CredentialsField)
Example 2 with ClaimsMapEntry
use of org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry in project admin-console-beta by connexta.
the class LdapTestClaimMappings method performFunction.
@Override
public BooleanField performFunction() {
try (LdapConnectionAttempt connectionAttempt = utils.bindUserToLdapConnection(conn, bindInfo)) {
addErrorMessages(connectionAttempt);
if (containsErrorMsgs()) {
return new BooleanField(false);
}
Connection ldapConnection = connectionAttempt.getResult();
addErrorMessages(utils.checkDirExists(baseUserDn, ldapConnection));
// Short-circuit return here, if either the user or group directory does not exist
if (containsErrorMsgs()) {
return new BooleanField(false);
}
claimMappings.getList().stream().map(ClaimsMapEntry::claimValueField).filter(claim -> !mappingAttributeFound(ldapConnection, claim.getValue())).forEach(claim -> addErrorMessage(userAttributeNotFoundError(claim.getPath())));
} catch (IOException e) {
LOGGER.warn("Error closing LDAP connection", e);
}
return new BooleanField(!containsErrorMsgs());
}
Also used :
Connection(org.forgerock.opendj.ldap.Connection)
LdapBindUserInfo(org.codice.ddf.admin.ldap.fields.connection.LdapBindUserInfo)
Filter(org.forgerock.opendj.ldap.Filter)
LoggerFactory(org.slf4j.LoggerFactory)
SearchScope(org.forgerock.opendj.ldap.SearchScope)
TestFunctionField(org.codice.ddf.admin.common.fields.base.function.TestFunctionField)
LdapConnectionAttempt(org.codice.ddf.admin.ldap.commons.LdapConnectionAttempt)
ImmutableList(com.google.common.collect.ImmutableList)
BooleanField(org.codice.ddf.admin.common.fields.base.scalar.BooleanField)
LdapDistinguishedName(org.codice.ddf.admin.ldap.fields.LdapDistinguishedName)
LdapTestingUtils(org.codice.ddf.admin.ldap.commons.LdapTestingUtils)
FunctionField(org.codice.ddf.admin.api.fields.FunctionField)
LdapConnectionField(org.codice.ddf.admin.ldap.fields.connection.LdapConnectionField)
Field(org.codice.ddf.admin.api.Field)
ImmutableSet(com.google.common.collect.ImmutableSet)
ClaimsMapEntry(org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry)
Logger(org.slf4j.Logger)
LdapAttributeName(org.codice.ddf.admin.ldap.fields.LdapAttributeName)
Set(java.util.Set)
StringField(org.codice.ddf.admin.common.fields.base.scalar.StringField)
StsServiceProperties(org.codice.ddf.admin.security.common.services.StsServiceProperties)
IOException(java.io.IOException)
ConfiguratorSuite(org.codice.ddf.internal.admin.configurator.actions.ConfiguratorSuite)
LdapMessages(org.codice.ddf.admin.ldap.commons.LdapMessages)
Collectors(java.util.stream.Collectors)
SecurityMessages(org.codice.ddf.admin.security.common.SecurityMessages)
List(java.util.List)
LdapMessages.userAttributeNotFoundError(org.codice.ddf.admin.ldap.commons.LdapMessages.userAttributeNotFoundError)
DefaultMessages(org.codice.ddf.admin.common.report.message.DefaultMessages)
SecurityValidation(org.codice.ddf.admin.security.common.SecurityValidation)
BooleanField(org.codice.ddf.admin.common.fields.base.scalar.BooleanField)
ClaimsMapEntry(org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry)
Connection(org.forgerock.opendj.ldap.Connection)
IOException(java.io.IOException)
LdapConnectionAttempt(org.codice.ddf.admin.ldap.commons.LdapConnectionAttempt)
Example 3 with ClaimsMapEntry
use of org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry in project admin-console-beta by connexta.
the class SaveContextPolices method validate.
@Override
public void validate() {
super.validate();
checkForTrailingSlashes();
checkRootPathExists();
if (containsErrorMsgs()) {
return;
}
List<StringField> claimArgs = new ArrayList<>();
for (ContextPolicyBin bin : contextPolicies.getList()) {
claimArgs.addAll(bin.claimsMappingField().getList().stream().map(ClaimsMapEntry::claimField).collect(Collectors.toList()));
}
addErrorMessages(SecurityValidation.validateStsClaimsExist(claimArgs, configuratorSuite.getServiceActions(), stsServiceProps));
}
Also used :
ClaimsMapEntry(org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry)
StringField(org.codice.ddf.admin.common.fields.base.scalar.StringField)
ArrayList(java.util.ArrayList)
ContextPolicyBin(org.codice.ddf.admin.security.common.fields.wcpm.ContextPolicyBin)
Aggregations
ClaimsMapEntry (org.codice.ddf.admin.security.common.fields.wcpm.ClaimsMapEntry)3
StringField (org.codice.ddf.admin.common.fields.base.scalar.StringField)2
LdapBindUserInfo (org.codice.ddf.admin.ldap.fields.connection.LdapBindUserInfo)2
LdapConnectionField (org.codice.ddf.admin.ldap.fields.connection.LdapConnectionField)2
ImmutableList (com.google.common.collect.ImmutableList)1
ImmutableSet (com.google.common.collect.ImmutableSet)1
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
Set (java.util.Set)1
Collectors (java.util.stream.Collectors)1
Field (org.codice.ddf.admin.api.Field)1
FunctionField (org.codice.ddf.admin.api.fields.FunctionField)1
TestFunctionField (org.codice.ddf.admin.common.fields.base.function.TestFunctionField)1
BooleanField (org.codice.ddf.admin.common.fields.base.scalar.BooleanField)1
CredentialsField (org.codice.ddf.admin.common.fields.common.CredentialsField)1
DefaultMessages (org.codice.ddf.admin.common.report.message.DefaultMessages)1
LdapConnectionAttempt (org.codice.ddf.admin.ldap.commons.LdapConnectionAttempt)1
LdapMessages (org.codice.ddf.admin.ldap.commons.LdapMessages)1
LdapMessages.userAttributeNotFoundError (org.codice.ddf.admin.ldap.commons.LdapMessages.userAttributeNotFoundError)1
