use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.
the class Nis method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
Principal principal = find(authorizedPrincipals, instanceOf(UserNamePrincipal.class), null);
checkAuthentication(principal != null, "no username principal");
try {
Attributes userAttr = _ctx.getAttributes(NISMAP_PASSWORD_BY_NAME + "/" + principal.getName());
attrib.add(new HomeDirectory((String) userAttr.get(HOME_DIR_ATTRIBUTE).get()));
attrib.add(new RootDirectory("/"));
} catch (NamingException e) {
throw new AuthenticationException("no mapping: " + e.getMessage(), e);
}
}
use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.
the class Nsswitch method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
attrib.add(new HomeDirectory("/"));
attrib.add(new RootDirectory("/"));
}
use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.
the class AuthzDbPlugin method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
Principal principal = find(authorizedPrincipals, instanceOf(UserNamePrincipal.class), null);
checkAuthentication(principal != null, "no username principal");
Collection<UserAuthzInformation> mappings = _map.getValuesForPredicatesMatching(principal.getName());
checkAuthentication(!mappings.isEmpty(), "no mapping found for " + principal);
for (UserAuthzInformation mapping : mappings) {
attrib.add(new HomeDirectory(mapping.getHome()));
attrib.add(new RootDirectory(mapping.getRoot()));
if (mapping.isReadOnly()) {
attrib.add(Restrictions.readOnly());
}
mapping.getMaxUpload().ifPresent(s -> {
attrib.add(new MaxUploadSize(s));
});
}
}
use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.
the class Ldap method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
Optional<Principal> principal = findFirst(authorizedPrincipals, UserNamePrincipal.class::isInstance);
if (principal.isPresent()) {
// shortcut: no path transitions are required. Use provided values.
if (userHomeTransformation == RETURN_ORIGINAL_STRING && userRootTransformation == RETURN_ORIGINAL_STRING) {
attrib.add(new HomeDirectory(userHome));
attrib.add(new RootDirectory(userRoot));
return;
}
try (AutoCloseableLdapContext ctx = new AutoCloseableLdapContext()) {
NamingEnumeration<SearchResult> sResult = ctx.search(peopleOU, String.format(userFilter, principal.get().getName()), SC_ALL);
try {
if (sResult.hasMore()) {
SearchResult rs = sResult.next();
Attributes attrs = rs.getAttributes();
attrib.add(new HomeDirectory(userHomeTransformation.transform(userHome, attrs)));
attrib.add(new RootDirectory(userRootTransformation.transform(userRoot, attrs)));
} else {
throw new AuthenticationException("no mapping for " + principal.get());
}
} finally {
sResult.close();
}
} catch (NamingException e) {
throw new AuthenticationException("no mapping: " + e.getMessage(), e);
}
}
}
use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.
the class KpwdPlugin method session.
/**
* Assigns home, root and read only attributes from KpwdPrincipal.
*/
@SuppressWarnings("null")
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
KpwdPrincipal kpwd = getFirst(filter(authorizedPrincipals, KpwdPrincipal.class), null);
checkAuthentication(kpwd != null, "no record found");
attrib.add(new HomeDirectory(kpwd.home));
attrib.add(new RootDirectory(kpwd.root));
if (kpwd.isReadOnly) {
attrib.add(Restrictions.readOnly());
}
}
Aggregations