use of org.codice.ddf.security.policy.context.ContextPolicy in project ddf by codice.
the class WebSSOFilter method getHandlerList.
private List<AuthenticationHandler> getHandlerList(String path) {
List<AuthenticationHandler> handlers = new ArrayList<>();
String handlerAuthMethod;
if (contextPolicyManager != null) {
ContextPolicy policy = contextPolicyManager.getContextPolicy(path);
if (policy != null) {
Collection<String> authMethods = policy.getAuthenticationMethods();
for (String authMethod : authMethods) {
for (AuthenticationHandler handler : this.handlerList) {
handlerAuthMethod = handler.getAuthenticationType();
LOGGER.trace("Handler auth method: {} - desired auth method {}", handlerAuthMethod, authMethod);
if (handler.getAuthenticationType().equalsIgnoreCase(authMethod)) {
handlers.add(handler);
}
}
}
}
} else {
// if no manager, get a list of all the handlers.
handlers.addAll(this.handlerList);
}
LOGGER.trace("Returning {} handlers that support desired auth methods for path {}", handlers.size(), path);
return handlers;
}
use of org.codice.ddf.security.policy.context.ContextPolicy in project ddf by codice.
the class PolicyManager method getContextPolicy.
private ContextPolicy getContextPolicy(String path, Map<String, ContextPolicy> policyStore, List<String> whiteListContexts, int depth) {
ContextPolicy entry;
entry = policyStore.get(path);
if (entry != null) {
return entry;
} else if (whiteListContexts.contains(path)) {
return null;
} else {
String pathFragment = rollbackPath(path);
if (StringUtils.isNotEmpty(pathFragment) && depth <= traversalDepth) {
return getContextPolicy(pathFragment, policyStore, whiteListContexts, ++depth);
} else {
// if we get down to the point where we can never get an entry, return the default
return policyStore.get(ROOT_CONTEXT);
}
}
}
use of org.codice.ddf.security.policy.context.ContextPolicy in project ddf by codice.
the class PolicyManager method setContextPolicy.
@Override
public void setContextPolicy(String path, ContextPolicy newContextPolicy) {
if (path == null) {
throw new IllegalArgumentException("Context path cannot be null.");
}
if (!path.startsWith(ROOT_CONTEXT)) {
throw new IllegalArgumentException("Context path must start with /");
}
if (newContextPolicy == null) {
throw new IllegalArgumentException("Context policy cannot be null.");
}
LOGGER.debug("setContextPolicy called with path = {}", path);
// gather all authorization types & required attributes
Map<String, List<ContextAttributeMapping>> contextsToAttrs = new HashMap<>();
Map<String, List<String>> contextsToAuths = new HashMap<>();
for (ContextPolicy contextPolicy : getPolicyStore().values()) {
contextsToAttrs.put(contextPolicy.getContextPath(), new ArrayList<>(contextPolicy.getAllowedAttributes()));
contextsToAuths.put(contextPolicy.getContextPath(), new ArrayList<>(contextPolicy.getAuthenticationMethods()));
}
// duplicate and add the new context policy
List<ContextAttributeMapping> newContextAttrs = newContextPolicy.getAllowedAttributes().stream().map(contextAttribute -> new DefaultContextAttributeMapping(contextAttribute.getContext(), contextAttribute.getAttributeName(), contextAttribute.getAttributeValue())).collect(Collectors.toList());
Collection<String> newContextAuths = new ArrayList<>();
newContextAuths.addAll(newContextPolicy.getAuthenticationMethods());
if (newContextAttrs != null) {
contextsToAttrs.put(path, new ArrayList<>(newContextAttrs));
}
contextsToAuths.put(path, new ArrayList<>(newContextAuths));
setPolicyStore(contextsToAuths, contextsToAttrs);
}
use of org.codice.ddf.security.policy.context.ContextPolicy in project admin-console-beta by connexta.
the class PolicyManagerServiceProperties method contextPolicyServiceToContextPolicyFields.
public ContextPolicyBin.ListImpl contextPolicyServiceToContextPolicyFields(ServiceReader serviceReader) {
ContextPolicyManager policyManager = serviceReader.getServiceReference(ContextPolicyManager.class);
List<ContextPolicyBin> policies = new ArrayList<>();
Collection<ContextPolicy> allPolicies = policyManager.getAllContextPolicies();
for (ContextPolicy policy : allPolicies) {
Map<String, String> policyRequiredAttributes = policy.getAllowedAttributes().stream().collect(Collectors.toMap(ContextAttributeMapping::getAttributeName, ContextAttributeMapping::getAttributeValue));
policies.add(new ContextPolicyBin(serviceReader).addClaimsMap(policyRequiredAttributes).authTypes(policy.getAuthenticationMethods()).addContextPath(policy.getContextPath()));
}
// Check if bin containing an identical context policy exists already, if so add the context
// path to it
// Do this after pulling the configuration so that values are matched to their appropriate enums
List<ContextPolicyBin> collapsedBins = new ArrayList<>();
for (ContextPolicyBin bin : policies) {
boolean foundBin = false;
for (ContextPolicyBin collapsedBin : collapsedBins) {
if (ListUtils.isEqualList(bin.authTypes(), collapsedBin.authTypes()) && bin.claimsMapping().equals(collapsedBin.claimsMapping())) {
for (ContextPath contextPath : bin.contextFields().getList()) {
collapsedBin.addContextPath(contextPath);
}
foundBin = true;
break;
}
}
if (!foundBin) {
collapsedBins.add(bin);
}
}
return new ContextPolicyBin.ListImpl(serviceReader).addAll(collapsedBins);
}
Aggregations