Examples with LoginAttribute org.dcache.auth.attributes.LoginAttribute used on opensource projects

Search in sources :

Example 1 with LoginAttribute

use of org.dcache.auth.attributes.LoginAttribute in project dcache by dCache.

the class UserResource method getUserAttributes.

@GET
@ApiOperation(value = "Provide information about the current user.", notes = "An introspection endpoint to allow the client to discover " + "information about the current user.")
@Produces(MediaType.APPLICATION_JSON)
public UserAttributes getUserAttributes(@Context HttpServletRequest request) {
    UserAttributes user = new UserAttributes();
    Subject subject = RequestUser.getSubject();
    if (Subjects.isNobody(subject)) {
        user.setStatus(UserAttributes.AuthenticationStatus.ANONYMOUS);
        user.setUid(null);
        user.setGids(null);
        user.setRoles(null);
    } else {
        user.setStatus(UserAttributes.AuthenticationStatus.AUTHENTICATED);
        user.setUid(Subjects.getUid(subject));
        user.setUsername(Subjects.getUserName(subject));
        List<Long> gids = Arrays.stream(Subjects.getGids(subject)).boxed().collect(Collectors.toList());
        user.setGids(gids);
        List<String> emails = Subjects.getEmailAddresses(subject);
        user.setEmail(emails.isEmpty() ? null : emails);
        for (LoginAttribute attribute : getLoginAttributes(request)) {
            if (attribute instanceof HomeDirectory) {
                user.setHomeDirectory(((HomeDirectory) attribute).getHome());
            } else if (attribute instanceof RootDirectory) {
                user.setRootDirectory(((RootDirectory) attribute).getRoot());
            } else if (attribute instanceof Role) {
                if (user.getRoles() == null) {
                    user.setRoles(new ArrayList<>());
                }
                user.getRoles().add(((Role) attribute).getRole());
            } else if (attribute instanceof UnassertedRole) {
                if (user.getUnassertedRoles() == null) {
                    user.setUnassertedRoles(new ArrayList<>());
                }
                user.getUnassertedRoles().add(((UnassertedRole) attribute).getRole());
            }
        }
    }
    return user;
}
Also used : UnassertedRole(org.dcache.auth.attributes.UnassertedRole) HomeDirectory(org.dcache.auth.attributes.HomeDirectory) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) ArrayList(java.util.ArrayList) RootDirectory(org.dcache.auth.attributes.RootDirectory) Subject(javax.security.auth.Subject) UserAttributes(org.dcache.restful.providers.UserAttributes) Role(org.dcache.auth.attributes.Role) UnassertedRole(org.dcache.auth.attributes.UnassertedRole) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation)

Example 2 with LoginAttribute

use of org.dcache.auth.attributes.LoginAttribute in project dcache by dCache.

the class OmniSessionPlugin method session.

@Override
public void session(Set<Principal> principals, Set<Object> sessionAttributes) throws AuthenticationException {
    Configuration config = file.get().orElseThrow(() -> new AuthenticationException("bad config file"));
    List<LoginAttribute> attributes = config.attributesFor(principals);
    Set<Class> existingSessionAttributes = sessionAttributes.stream().map(Object::getClass).collect(Collectors.toSet());
    attributes.stream().filter(a -> !existingSessionAttributes.contains(a.getClass())).forEach(sessionAttributes::add);
}
Also used : GPlazmaSessionPlugin(org.dcache.gplazma.plugins.GPlazmaSessionPlugin) Properties(java.util.Properties) Set(java.util.Set) Supplier(java.util.function.Supplier) Collectors(java.util.stream.Collectors) AuthenticationException(org.dcache.gplazma.AuthenticationException) Strings(com.google.common.base.Strings) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) List(java.util.List) Principal(java.security.Principal) Optional(java.util.Optional) VisibleForTesting(com.google.common.annotations.VisibleForTesting) FileSystems(java.nio.file.FileSystems) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) AuthenticationException(org.dcache.gplazma.AuthenticationException) LoginAttribute(org.dcache.auth.attributes.LoginAttribute)

Example 3 with LoginAttribute

use of org.dcache.auth.attributes.LoginAttribute in project dcache by dCache.

the class ParsedConfiguration method attributesFor.

@Override
public List<LoginAttribute> attributesFor(Set<Principal> principals) throws AuthenticationException {
    Set<Class<? extends LoginAttribute>> addedAttributes = new HashSet<>();
    List<LoginAttribute> attributesToAdd = new ArrayList<>();
    StringBuilder errorLineNumbers = new StringBuilder();
    int errorLineNumberToAdd = -1;
    for (ParsedLine line : configLines) {
        if (!principals.stream().anyMatch(p -> line.predicate.test(p))) {
            continue;
        }
        if (line.isFailure()) {
            if (errorLineNumberToAdd != -1) {
                if (errorLineNumbers.length() != 0) {
                    errorLineNumbers.append(", ");
                }
                errorLineNumbers.append(errorLineNumberToAdd);
            }
            errorLineNumberToAdd = line.lineNumber;
            LOGGER.debug("Login touched bad line {}: {}", line.lineNumber, line.error);
        } else {
            if (errorLineNumberToAdd == -1) {
                for (LoginAttribute attribute : line.attributes) {
                    if (!addedAttributes.contains(attribute.getClass())) {
                        addedAttributes.add(attribute.getClass());
                        attributesToAdd.add(attribute);
                        LOGGER.debug("Adding attribute from line {}: {}", line.lineNumber, attribute);
                    } else {
                        LOGGER.debug("Skipping attribute from line {}: {}", line.lineNumber, attribute);
                    }
                }
            }
        }
    }
    if (errorLineNumberToAdd != -1) {
        boolean moreThanOneErrorLine = errorLineNumbers.length() > 0;
        if (moreThanOneErrorLine) {
            errorLineNumbers.append(" and ");
        }
        errorLineNumbers.append(errorLineNumberToAdd);
        String msg = "Bad " + (moreThanOneErrorLine ? "lines" : "line") + ": " + errorLineNumbers;
        LOGGER.debug("Aborting login: {}", msg);
        throw new AuthenticationException(msg);
    }
    for (LoginAttribute attribute : defaultAttributes) {
        if (!addedAttributes.contains(attribute.getClass())) {
            addedAttributes.add(attribute.getClass());
            attributesToAdd.add(attribute);
            LOGGER.debug("Adding default attribute {}", attribute);
        } else {
            LOGGER.debug("Skipping default attribute {}, already applied", attribute);
        }
    }
    if (attributesToAdd.isEmpty()) {
        throw new AuthenticationException("Unknown user");
    }
    return attributesToAdd;
}
Also used : HashSet(java.util.HashSet) List(java.util.List) Principal(java.security.Principal) Logger(org.slf4j.Logger) Collections.unmodifiableList(java.util.Collections.unmodifiableList) List.copyOf(java.util.List.copyOf) Predicate(java.util.function.Predicate) LoggerFactory(org.slf4j.LoggerFactory) Set(java.util.Set) AuthenticationException(org.dcache.gplazma.AuthenticationException) ArrayList(java.util.ArrayList) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) AuthenticationException(org.dcache.gplazma.AuthenticationException) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet)

Example 4 with LoginAttribute

use of org.dcache.auth.attributes.LoginAttribute in project dcache by dCache.

the class SrmHandler method dispatch.

private Object dispatch(Subject subject, String requestName, Object request) throws CacheException, InterruptedException, SRMException, NoRouteToCellException {
    X509Credential credential = Axis.getDelegatedCredential().orElse(null);
    String remoteIP = Axis.getRemoteAddress();
    String remoteHost = isClientDNSLookup ? InetAddresses.forUriString(remoteIP).getCanonicalHostName() : remoteIP;
    Set<LoginAttribute> loginAttributes = AuthenticationHandler.getLoginAttributes(Axis.getHttpServletRequest());
    Function<Object, SrmRequest> toMessage = req -> new SrmRequest(subject, loginAttributes, credential, remoteHost, requestName, req);
    try {
        switch(requestName) {
            case "srmGetRequestTokens":
                return dispatch((SrmGetRequestTokensRequest) request, toMessage);
            case "srmGetRequestSummary":
                return dispatch((SrmGetRequestSummaryRequest) request, toMessage);
            case "srmReleaseFiles":
                return dispatch((SrmReleaseFilesRequest) request, toMessage);
            case "srmExtendFileLifeTime":
                // special processing.
                return dispatch(request, toMessage);
            default:
                return dispatch(request, toMessage);
        }
    } catch (ExecutionException e) {
        Throwables.propagateIfInstanceOf(e.getCause(), SRMException.class);
        Throwables.propagateIfInstanceOf(e.getCause(), CacheException.class);
        Throwables.propagateIfInstanceOf(e.getCause(), NoRouteToCellException.class);
        Throwables.throwIfUnchecked(e);
        throw new RuntimeException(e);
    }
}
Also used : SrmExtendFileLifeTimeRequest(org.dcache.srm.v2_2.SrmExtendFileLifeTimeRequest) TCopyFileRequest(org.dcache.srm.v2_2.TCopyFileRequest) SRM_PARTIAL_SUCCESS(org.dcache.srm.v2_2.TStatusCode.SRM_PARTIAL_SUCCESS) ArrayOfString(org.dcache.srm.v2_2.ArrayOfString) Map(java.util.Map) SrmStatusOfReserveSpaceRequestRequest(org.dcache.srm.v2_2.SrmStatusOfReserveSpaceRequestRequest) SrmExtendFileLifeTimeResponse(org.dcache.srm.v2_2.SrmExtendFileLifeTimeResponse) SRMException(org.dcache.srm.SRMException) OidcSubjectPrincipal(org.dcache.auth.OidcSubjectPrincipal) CellInfo(dmg.cells.nucleus.CellInfo) TPutRequestFileStatus(org.dcache.srm.v2_2.TPutRequestFileStatus) SrmGetRequestSummaryRequest(org.dcache.srm.v2_2.SrmGetRequestSummaryRequest) TPutFileRequest(org.dcache.srm.v2_2.TPutFileRequest) SrmRmRequest(org.dcache.srm.v2_2.SrmRmRequest) Stream(java.util.stream.Stream) NoRouteToCellException(dmg.cells.nucleus.NoRouteToCellException) SRM_AUTHENTICATION_FAILURE(org.dcache.srm.v2_2.TStatusCode.SRM_AUTHENTICATION_FAILURE) TStatusCode(org.dcache.srm.v2_2.TStatusCode) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) SrmBringOnlineResponse(org.dcache.srm.v2_2.SrmBringOnlineResponse) ArrayOfTCopyRequestFileStatus(org.dcache.srm.v2_2.ArrayOfTCopyRequestFileStatus) SrmPrepareToPutResponse(org.dcache.srm.v2_2.SrmPrepareToPutResponse) TReturnStatus(org.dcache.srm.v2_2.TReturnStatus) NetLoggerBuilder(org.dcache.util.NetLoggerBuilder) Constructor(java.lang.reflect.Constructor) SrmLsRequest(org.dcache.srm.v2_2.SrmLsRequest) Strings(com.google.common.base.Strings) CellStub(org.dcache.cells.CellStub) SrmReleaseSpaceResponse(org.dcache.srm.v2_2.SrmReleaseSpaceResponse) SrmResumeRequestRequest(org.dcache.srm.v2_2.SrmResumeRequestRequest) TRequestSummary(org.dcache.srm.v2_2.TRequestSummary) SrmGetSpaceMetaDataResponse(org.dcache.srm.v2_2.SrmGetSpaceMetaDataResponse) Throwables(com.google.common.base.Throwables) IOException(java.io.IOException) SRM_NON_EMPTY_DIRECTORY(org.dcache.srm.v2_2.TStatusCode.SRM_NON_EMPTY_DIRECTORY) Field(java.lang.reflect.Field) FutureCallback(com.google.common.util.concurrent.FutureCallback) ExecutionException(java.util.concurrent.ExecutionException) TBringOnlineRequestFileStatus(org.dcache.srm.v2_2.TBringOnlineRequestFileStatus) SrmMvResponse(org.dcache.srm.v2_2.SrmMvResponse) TSURLReturnStatus(org.dcache.srm.v2_2.TSURLReturnStatus) SrmExtendFileLifeTimeInSpaceResponse(org.dcache.srm.v2_2.SrmExtendFileLifeTimeInSpaceResponse) SrmAbortRequestResponse(org.dcache.srm.v2_2.SrmAbortRequestResponse) SrmStatusOfBringOnlineRequestRequest(org.dcache.srm.v2_2.SrmStatusOfBringOnlineRequestRequest) SrmSetPermissionResponse(org.dcache.srm.v2_2.SrmSetPermissionResponse) SRM_EXCEED_ALLOCATION(org.dcache.srm.v2_2.TStatusCode.SRM_EXCEED_ALLOCATION) SRM_FILE_BUSY(org.dcache.srm.v2_2.TStatusCode.SRM_FILE_BUSY) SrmRmResponse(org.dcache.srm.v2_2.SrmRmResponse) SrmStatusOfChangeSpaceForFilesRequestResponse(org.dcache.srm.v2_2.SrmStatusOfChangeSpaceForFilesRequestResponse) SrmAbortFilesResponse(org.dcache.srm.v2_2.SrmAbortFilesResponse) SrmCopyResponse(org.dcache.srm.v2_2.SrmCopyResponse) TExtraInfo(org.dcache.srm.v2_2.TExtraInfo) SettableFuture(com.google.common.util.concurrent.SettableFuture) ArrayOfTGetFileRequest(org.dcache.srm.v2_2.ArrayOfTGetFileRequest) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) Collectors.toMap(java.util.stream.Collectors.toMap) SRM_FILE_LIFETIME_EXPIRED(org.dcache.srm.v2_2.TStatusCode.SRM_FILE_LIFETIME_EXPIRED) SrmSetPermissionRequest(org.dcache.srm.v2_2.SrmSetPermissionRequest) RequestCounters(org.dcache.commons.stats.RequestCounters) Method(java.lang.reflect.Method) ImmutableSet(com.google.common.collect.ImmutableSet) Collection(java.util.Collection) SrmGetPermissionResponse(org.dcache.srm.v2_2.SrmGetPermissionResponse) SrmMkdirResponse(org.dcache.srm.v2_2.SrmMkdirResponse) JwtJtiPrincipal(org.dcache.auth.JwtJtiPrincipal) SrmGetPermissionRequest(org.dcache.srm.v2_2.SrmGetPermissionRequest) RemoteException(java.rmi.RemoteException) CacheLoader(com.google.common.cache.CacheLoader) TMetaDataPathDetail(org.dcache.srm.v2_2.TMetaDataPathDetail) ArrayOfTPutRequestFileStatus(org.dcache.srm.v2_2.ArrayOfTPutRequestFileStatus) SrmPrepareToGetRequest(org.dcache.srm.v2_2.SrmPrepareToGetRequest) CuratorFramework(org.apache.curator.framework.CuratorFramework) SrmMvRequest(org.dcache.srm.v2_2.SrmMvRequest) SrmReleaseSpaceRequest(org.dcache.srm.v2_2.SrmReleaseSpaceRequest) SRM_NO_FREE_SPACE(org.dcache.srm.v2_2.TStatusCode.SRM_NO_FREE_SPACE) SRM_INVALID_PATH(org.dcache.srm.v2_2.TStatusCode.SRM_INVALID_PATH) ListenableFuture(com.google.common.util.concurrent.ListenableFuture) SrmExtendFileLifeTimeInSpaceRequest(org.dcache.srm.v2_2.SrmExtendFileLifeTimeInSpaceRequest) Function(java.util.function.Function) SrmGetRequestTokensResponse(org.dcache.srm.v2_2.SrmGetRequestTokensResponse) SrmPutDoneRequest(org.dcache.srm.v2_2.SrmPutDoneRequest) SRMAuthenticationException(org.dcache.srm.SRMAuthenticationException) SrmResponse(org.dcache.srm.SrmResponse) ArrayOfTPutFileRequest(org.dcache.srm.v2_2.ArrayOfTPutFileRequest) SrmStatusOfLsRequestResponse(org.dcache.srm.v2_2.SrmStatusOfLsRequestResponse) SrmRmdirRequest(org.dcache.srm.v2_2.SrmRmdirRequest) SRMInvalidRequestException(org.dcache.srm.SRMInvalidRequestException) SrmStatusOfLsRequestRequest(org.dcache.srm.v2_2.SrmStatusOfLsRequestRequest) SRM_INTERNAL_ERROR(org.dcache.srm.v2_2.TStatusCode.SRM_INTERNAL_ERROR) SrmGetRequestSummaryResponse(org.dcache.srm.v2_2.SrmGetRequestSummaryResponse) Logger(org.slf4j.Logger) SrmResumeRequestResponse(org.dcache.srm.v2_2.SrmResumeRequestResponse) URI(org.apache.axis.types.URI) SrmStatusOfGetRequestResponse(org.dcache.srm.v2_2.SrmStatusOfGetRequestResponse) ArrayOfTSURLReturnStatus(org.dcache.srm.v2_2.ArrayOfTSURLReturnStatus) Subject(javax.security.auth.Subject) TGetRequestFileStatus(org.dcache.srm.v2_2.TGetRequestFileStatus) SRM_TOO_MANY_RESULTS(org.dcache.srm.v2_2.TStatusCode.SRM_TOO_MANY_RESULTS) Collectors.toList(java.util.stream.Collectors.toList) Required(org.springframework.beans.factory.annotation.Required) SrmSuspendRequestRequest(org.dcache.srm.v2_2.SrmSuspendRequestRequest) LoadingCache(com.google.common.cache.LoadingCache) SrmReserveSpaceResponse(org.dcache.srm.v2_2.SrmReserveSpaceResponse) Subjects(org.dcache.auth.Subjects) SRM_SPACE_LIFETIME_EXPIRED(org.dcache.srm.v2_2.TStatusCode.SRM_SPACE_LIFETIME_EXPIRED) SRM_AUTHORIZATION_FAILURE(org.dcache.srm.v2_2.TStatusCode.SRM_AUTHORIZATION_FAILURE) SrmPingRequest(org.dcache.srm.v2_2.SrmPingRequest) SrmAbortFilesRequest(org.dcache.srm.v2_2.SrmAbortFilesRequest) SRM_FAILURE(org.dcache.srm.v2_2.TStatusCode.SRM_FAILURE) SrmCheckPermissionRequest(org.dcache.srm.v2_2.SrmCheckPermissionRequest) ArrayOfTRequestSummary(org.dcache.srm.v2_2.ArrayOfTRequestSummary) CertificateFactories(org.dcache.util.CertificateFactories) SrmPurgeFromSpaceRequest(org.dcache.srm.v2_2.SrmPurgeFromSpaceRequest) PrintWriter(java.io.PrintWriter) SrmPurgeFromSpaceResponse(org.dcache.srm.v2_2.SrmPurgeFromSpaceResponse) TRequestTokenReturn(org.dcache.srm.v2_2.TRequestTokenReturn) TTransferParameters(org.dcache.srm.v2_2.TTransferParameters) SrmLsResponse(org.dcache.srm.v2_2.SrmLsResponse) Set(java.util.Set) SrmReserveSpaceRequest(org.dcache.srm.v2_2.SrmReserveSpaceRequest) InvocationTargetException(java.lang.reflect.InvocationTargetException) ChildData(org.apache.curator.framework.recipes.cache.ChildData) TCopyRequestFileStatus(org.dcache.srm.v2_2.TCopyRequestFileStatus) SrmSuspendRequestResponse(org.dcache.srm.v2_2.SrmSuspendRequestResponse) SrmStatusOfPutRequestRequest(org.dcache.srm.v2_2.SrmStatusOfPutRequestRequest) AccessController(java.security.AccessController) SrmUpdateSpaceResponse(org.dcache.srm.v2_2.SrmUpdateSpaceResponse) SRM_DUPLICATION_ERROR(org.dcache.srm.v2_2.TStatusCode.SRM_DUPLICATION_ERROR) SrmPingResponse(org.dcache.srm.v2_2.SrmPingResponse) SrmStatusOfReserveSpaceRequestResponse(org.dcache.srm.v2_2.SrmStatusOfReserveSpaceRequestResponse) ArrayOfAnyURI(org.dcache.srm.v2_2.ArrayOfAnyURI) Collectors.groupingBy(java.util.stream.Collectors.groupingBy) SRM_NOT_SUPPORTED(org.dcache.srm.v2_2.TStatusCode.SRM_NOT_SUPPORTED) SrmChangeSpaceForFilesResponse(org.dcache.srm.v2_2.SrmChangeSpaceForFilesResponse) ArrayList(java.util.ArrayList) SrmStatusOfCopyRequestRequest(org.dcache.srm.v2_2.SrmStatusOfCopyRequestRequest) SrmGetSpaceTokensResponse(org.dcache.srm.v2_2.SrmGetSpaceTokensResponse) BiConsumer(java.util.function.BiConsumer) SrmCopyRequest(org.dcache.srm.v2_2.SrmCopyRequest) ReturnStatuses.getSummaryReturnStatus(org.dcache.srm.handler.ReturnStatuses.getSummaryReturnStatus) ArrayOfTCopyFileRequest(org.dcache.srm.v2_2.ArrayOfTCopyFileRequest) SrmReleaseFilesResponse(org.dcache.srm.v2_2.SrmReleaseFilesResponse) SrmGetSpaceMetaDataRequest(org.dcache.srm.v2_2.SrmGetSpaceMetaDataRequest) SrmGetTransferProtocolsResponse(org.dcache.srm.v2_2.SrmGetTransferProtocolsResponse) SrmMkdirRequest(org.dcache.srm.v2_2.SrmMkdirRequest) Futures(com.google.common.util.concurrent.Futures) InetAddresses(com.google.common.net.InetAddresses) SrmBringOnlineRequest(org.dcache.srm.v2_2.SrmBringOnlineRequest) ArrayOfTExtraInfo(org.dcache.srm.v2_2.ArrayOfTExtraInfo) CertificateFactory(java.security.cert.CertificateFactory) SRM_FILE_UNAVAILABLE(org.dcache.srm.v2_2.TStatusCode.SRM_FILE_UNAVAILABLE) LoggerFactory(org.slf4j.LoggerFactory) SRM_CUSTOM_STATUS(org.dcache.srm.v2_2.TStatusCode.SRM_CUSTOM_STATUS) PreDestroy(javax.annotation.PreDestroy) AuthenticationHandler(org.dcache.http.AuthenticationHandler) SrmStatusOfUpdateSpaceRequestResponse(org.dcache.srm.v2_2.SrmStatusOfUpdateSpaceRequestResponse) Collectors.toSet(java.util.stream.Collectors.toSet) SRM_INVALID_REQUEST(org.dcache.srm.v2_2.TStatusCode.SRM_INVALID_REQUEST) SRM_NO_USER_SPACE(org.dcache.srm.v2_2.TStatusCode.SRM_NO_USER_SPACE) SrmPrepareToGetResponse(org.dcache.srm.v2_2.SrmPrepareToGetResponse) ImmutableMap(com.google.common.collect.ImmutableMap) SRM_FATAL_INTERNAL_ERROR(org.dcache.srm.v2_2.TStatusCode.SRM_FATAL_INTERNAL_ERROR) SrmGetRequestTokensRequest(org.dcache.srm.v2_2.SrmGetRequestTokensRequest) SrmStatusOfBringOnlineRequestResponse(org.dcache.srm.v2_2.SrmStatusOfBringOnlineRequestResponse) Axis(org.dcache.srm.util.Axis) List(java.util.List) SrmStatusOfChangeSpaceForFilesRequestRequest(org.dcache.srm.v2_2.SrmStatusOfChangeSpaceForFilesRequestRequest) PostConstruct(javax.annotation.PostConstruct) Optional(java.util.Optional) CacheBuilder(com.google.common.cache.CacheBuilder) CellPath(dmg.cells.nucleus.CellPath) X509Credential(eu.emi.security.authn.x509.X509Credential) SrmAbortRequestRequest(org.dcache.srm.v2_2.SrmAbortRequestRequest) SrmPrepareToPutRequest(org.dcache.srm.v2_2.SrmPrepareToPutRequest) CellInfoProvider(dmg.cells.nucleus.CellInfoProvider) ArrayOfTGetRequestFileStatus(org.dcache.srm.v2_2.ArrayOfTGetRequestFileStatus) SrmStatusOfPutRequestResponse(org.dcache.srm.v2_2.SrmStatusOfPutRequestResponse) SRMInternalErrorException(org.dcache.srm.SRMInternalErrorException) SrmStatusOfGetRequestRequest(org.dcache.srm.v2_2.SrmStatusOfGetRequestRequest) HashMap(java.util.HashMap) SrmStatusOfUpdateSpaceRequestRequest(org.dcache.srm.v2_2.SrmStatusOfUpdateSpaceRequestRequest) SrmCheckPermissionResponse(org.dcache.srm.v2_2.SrmCheckPermissionResponse) TGetFileRequest(org.dcache.srm.v2_2.TGetFileRequest) ArrayOfTBringOnlineRequestFileStatus(org.dcache.srm.v2_2.ArrayOfTBringOnlineRequestFileStatus) SrmStatusOfCopyRequestResponse(org.dcache.srm.v2_2.SrmStatusOfCopyRequestResponse) CacheException(diskCacheV111.util.CacheException) SRM_FILE_LOST(org.dcache.srm.v2_2.TStatusCode.SRM_FILE_LOST) SRM_REQUEST_TIMED_OUT(org.dcache.srm.v2_2.TStatusCode.SRM_REQUEST_TIMED_OUT) SrmPutDoneResponse(org.dcache.srm.v2_2.SrmPutDoneResponse) CuratorFrameworkAware(org.dcache.cells.CuratorFrameworkAware) JDC(org.dcache.srm.util.JDC) SrmChangeSpaceForFilesRequest(org.dcache.srm.v2_2.SrmChangeSpaceForFilesRequest) SrmReleaseFilesRequest(org.dcache.srm.v2_2.SrmReleaseFilesRequest) SrmUpdateSpaceRequest(org.dcache.srm.v2_2.SrmUpdateSpaceRequest) RequestExecutionTimeGauges(org.dcache.commons.stats.RequestExecutionTimeGauges) SRMAuthorizationException(org.dcache.srm.SRMAuthorizationException) SRM_ABORTED(org.dcache.srm.v2_2.TStatusCode.SRM_ABORTED) SRM_SUCCESS(org.dcache.srm.v2_2.TStatusCode.SRM_SUCCESS) ArrayOfTMetaDataPathDetail(org.dcache.srm.v2_2.ArrayOfTMetaDataPathDetail) US_ASCII(java.nio.charset.StandardCharsets.US_ASCII) PermissionDeniedCacheException(diskCacheV111.util.PermissionDeniedCacheException) SrmRmdirResponse(org.dcache.srm.v2_2.SrmRmdirResponse) SrmGetSpaceTokensRequest(org.dcache.srm.v2_2.SrmGetSpaceTokensRequest) SrmRequest(org.dcache.srm.SrmRequest) PathChildrenCache(org.apache.curator.framework.recipes.cache.PathChildrenCache) ArrayOfTRequestTokenReturn(org.dcache.srm.v2_2.ArrayOfTRequestTokenReturn) SrmGetTransferProtocolsRequest(org.dcache.srm.v2_2.SrmGetTransferProtocolsRequest) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) CacheException(diskCacheV111.util.CacheException) PermissionDeniedCacheException(diskCacheV111.util.PermissionDeniedCacheException) ArrayOfString(org.dcache.srm.v2_2.ArrayOfString) SrmRequest(org.dcache.srm.SrmRequest) X509Credential(eu.emi.security.authn.x509.X509Credential) SRMException(org.dcache.srm.SRMException) NoRouteToCellException(dmg.cells.nucleus.NoRouteToCellException) ExecutionException(java.util.concurrent.ExecutionException)

Example 5 with LoginAttribute

use of org.dcache.auth.attributes.LoginAttribute in project dcache by dCache.

the class Gplazma2LoginStrategy method convertLoginReply.

private LoginReply convertLoginReply(org.dcache.gplazma.LoginReply gPlazmaLoginReply) {
    Set<Object> sessionAttributes = gPlazmaLoginReply.getSessionAttributes();
    Set<LoginAttribute> loginAttributes = sessionAttributes.stream().filter(LoginAttribute.class::isInstance).map(LoginAttribute.class::cast).collect(Collectors.toSet());
    sessionAttributes.stream().filter(RootDirectory.class::isInstance).map(RootDirectory.class::cast).filter(att -> !att.getRoot().equals("/")).map(att -> FsPath.create(att.getRoot())).map(_createPrefixRestriction).forEach(loginAttributes::add);
    Subject replyUser = filterPrincipals(gPlazmaLoginReply.getSubject(), AUTHENTICATION_OUTPUT, "LoginReply");
    return new LoginReply(replyUser, loginAttributes);
}
Also used : PluginFactory(org.dcache.gplazma.loader.PluginFactory) FsPath(diskCacheV111.util.FsPath) Stopwatch(com.google.common.base.Stopwatch) GPlazma(org.dcache.gplazma.GPlazma) LoggerFactory(org.slf4j.LoggerFactory) Formats(dmg.util.Formats) Reflections(org.reflections.Reflections) Function(java.util.function.Function) NameSpaceProvider(diskCacheV111.namespace.NameSpaceProvider) ConfigurationLoadingStrategy(org.dcache.gplazma.configuration.ConfigurationLoadingStrategy) Strings(com.google.common.base.Strings) DcacheAwarePluginFactory(org.dcache.gplazma.loader.DcacheAwarePluginFactory) CacheException(diskCacheV111.util.CacheException) Map(java.util.Map) LoginResultPrinter(org.dcache.gplazma.monitor.LoginResultPrinter) LoginResult(org.dcache.gplazma.monitor.LoginResult) Properties(java.util.Properties) Logger(org.slf4j.Logger) PrefixRestriction(org.dcache.auth.attributes.PrefixRestriction) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) RecordingLoginMonitor(org.dcache.gplazma.monitor.RecordingLoginMonitor) Collection(java.util.Collection) NoSuchPrincipalException(org.dcache.gplazma.NoSuchPrincipalException) Set(java.util.Set) CellCommandListener(dmg.cells.nucleus.CellCommandListener) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) File(java.io.File) Subject(javax.security.auth.Subject) AuthenticationException(org.dcache.gplazma.AuthenticationException) PermissionDeniedCacheException(diskCacheV111.util.PermissionDeniedCacheException) EnvironmentAware(dmg.cells.nucleus.EnvironmentAware) Objects(java.util.Objects) Principal(java.security.Principal) RootDirectory(org.dcache.auth.attributes.RootDirectory) Args(org.dcache.util.Args) Required(org.springframework.beans.factory.annotation.Required) Replaceable(dmg.util.Replaceable) Collections(java.util.Collections) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) FromFileConfigurationLoadingStrategy(org.dcache.gplazma.configuration.FromFileConfigurationLoadingStrategy) LoginAttribute(org.dcache.auth.attributes.LoginAttribute) RootDirectory(org.dcache.auth.attributes.RootDirectory) Subject(javax.security.auth.Subject)

Aggregations

LoginAttribute (org.dcache.auth.attributes.LoginAttribute)15 RootDirectory (org.dcache.auth.attributes.RootDirectory)8 HomeDirectory (org.dcache.auth.attributes.HomeDirectory)7 Principal (java.security.Principal)6 FsPath (diskCacheV111.util.FsPath)5 Subject (javax.security.auth.Subject)5 ArrayList (java.util.ArrayList)4 Set (java.util.Set)4 Strings (com.google.common.base.Strings)3 PermissionDeniedCacheException (diskCacheV111.util.PermissionDeniedCacheException)3 HashSet (java.util.HashSet)3 List (java.util.List)3 MaxUploadSize (org.dcache.auth.attributes.MaxUploadSize)3 AuthenticationException (org.dcache.gplazma.AuthenticationException)3 Logger (org.slf4j.Logger)3 LoggerFactory (org.slf4j.LoggerFactory)3 Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)2 CacheException (diskCacheV111.util.CacheException)2 IOException (java.io.IOException)2 Collection (java.util.Collection)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial