Example 1 with RootDirectory
use of org.dcache.auth.attributes.RootDirectory in project dcache by dCache.
the class Nis method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
Principal principal = find(authorizedPrincipals, instanceOf(UserNamePrincipal.class), null);
checkAuthentication(principal != null, "no username principal");
try {
Attributes userAttr = _ctx.getAttributes(NISMAP_PASSWORD_BY_NAME + "/" + principal.getName());
attrib.add(new HomeDirectory((String) userAttr.get(HOME_DIR_ATTRIBUTE).get()));
attrib.add(new RootDirectory("/"));
} catch (NamingException e) {
throw new AuthenticationException("no mapping: " + e.getMessage(), e);
}
}
Also used :
UserNamePrincipal(org.dcache.auth.UserNamePrincipal)
HomeDirectory(org.dcache.auth.attributes.HomeDirectory)
AuthenticationException(org.dcache.gplazma.AuthenticationException)
BasicAttributes(javax.naming.directory.BasicAttributes)
Attributes(javax.naming.directory.Attributes)
RootDirectory(org.dcache.auth.attributes.RootDirectory)
NamingException(javax.naming.NamingException)
GroupNamePrincipal(org.dcache.auth.GroupNamePrincipal)
GidPrincipal(org.dcache.auth.GidPrincipal)
UserNamePrincipal(org.dcache.auth.UserNamePrincipal)
Principal(java.security.Principal)
UidPrincipal(org.dcache.auth.UidPrincipal)
Example 2 with RootDirectory
use of org.dcache.auth.attributes.RootDirectory in project dcache by dCache.
the class Nsswitch method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
attrib.add(new HomeDirectory("/"));
attrib.add(new RootDirectory("/"));
}
Also used :
HomeDirectory(org.dcache.auth.attributes.HomeDirectory)
RootDirectory(org.dcache.auth.attributes.RootDirectory)
Example 3 with RootDirectory
use of org.dcache.auth.attributes.RootDirectory in project dcache by dCache.
the class AuthzDbPlugin method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
Principal principal = find(authorizedPrincipals, instanceOf(UserNamePrincipal.class), null);
checkAuthentication(principal != null, "no username principal");
Collection<UserAuthzInformation> mappings = _map.getValuesForPredicatesMatching(principal.getName());
checkAuthentication(!mappings.isEmpty(), "no mapping found for " + principal);
for (UserAuthzInformation mapping : mappings) {
attrib.add(new HomeDirectory(mapping.getHome()));
attrib.add(new RootDirectory(mapping.getRoot()));
if (mapping.isReadOnly()) {
attrib.add(Restrictions.readOnly());
}
mapping.getMaxUpload().ifPresent(s -> {
attrib.add(new MaxUploadSize(s));
});
}
}
Also used :
UserNamePrincipal(org.dcache.auth.UserNamePrincipal)
HomeDirectory(org.dcache.auth.attributes.HomeDirectory)
MaxUploadSize(org.dcache.auth.attributes.MaxUploadSize)
UserAuthzInformation(org.dcache.gplazma.plugins.AuthzMapLineParser.UserAuthzInformation)
RootDirectory(org.dcache.auth.attributes.RootDirectory)
LoginUidPrincipal(org.dcache.auth.LoginUidPrincipal)
LoginGidPrincipal(org.dcache.auth.LoginGidPrincipal)
GroupNamePrincipal(org.dcache.auth.GroupNamePrincipal)
GidPrincipal(org.dcache.auth.GidPrincipal)
UserNamePrincipal(org.dcache.auth.UserNamePrincipal)
LoginNamePrincipal(org.dcache.auth.LoginNamePrincipal)
Principal(java.security.Principal)
UidPrincipal(org.dcache.auth.UidPrincipal)
Example 4 with RootDirectory
use of org.dcache.auth.attributes.RootDirectory in project dcache by dCache.
the class Ldap method session.
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
Optional<Principal> principal = findFirst(authorizedPrincipals, UserNamePrincipal.class::isInstance);
if (principal.isPresent()) {
// shortcut: no path transitions are required. Use provided values.
if (userHomeTransformation == RETURN_ORIGINAL_STRING && userRootTransformation == RETURN_ORIGINAL_STRING) {
attrib.add(new HomeDirectory(userHome));
attrib.add(new RootDirectory(userRoot));
return;
}
try (AutoCloseableLdapContext ctx = new AutoCloseableLdapContext()) {
NamingEnumeration<SearchResult> sResult = ctx.search(peopleOU, String.format(userFilter, principal.get().getName()), SC_ALL);
try {
if (sResult.hasMore()) {
SearchResult rs = sResult.next();
Attributes attrs = rs.getAttributes();
attrib.add(new HomeDirectory(userHomeTransformation.transform(userHome, attrs)));
attrib.add(new RootDirectory(userRootTransformation.transform(userRoot, attrs)));
} else {
throw new AuthenticationException("no mapping for " + principal.get());
}
} finally {
sResult.close();
}
} catch (NamingException e) {
throw new AuthenticationException("no mapping: " + e.getMessage(), e);
}
}
}
Also used :
UserNamePrincipal(org.dcache.auth.UserNamePrincipal)
HomeDirectory(org.dcache.auth.attributes.HomeDirectory)
AuthenticationException(org.dcache.gplazma.AuthenticationException)
BasicAttributes(javax.naming.directory.BasicAttributes)
Attributes(javax.naming.directory.Attributes)
RootDirectory(org.dcache.auth.attributes.RootDirectory)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
UserPrincipal(com.sun.security.auth.UserPrincipal)
GroupNamePrincipal(org.dcache.auth.GroupNamePrincipal)
GidPrincipal(org.dcache.auth.GidPrincipal)
UserNamePrincipal(org.dcache.auth.UserNamePrincipal)
Principal(java.security.Principal)
UidPrincipal(org.dcache.auth.UidPrincipal)
Example 5 with RootDirectory
use of org.dcache.auth.attributes.RootDirectory in project dcache by dCache.
the class KpwdPlugin method session.
/**
* Assigns home, root and read only attributes from KpwdPrincipal.
*/
@SuppressWarnings("null")
@Override
public void session(Set<Principal> authorizedPrincipals, Set<Object> attrib) throws AuthenticationException {
KpwdPrincipal kpwd = getFirst(filter(authorizedPrincipals, KpwdPrincipal.class), null);
checkAuthentication(kpwd != null, "no record found");
attrib.add(new HomeDirectory(kpwd.home));
attrib.add(new RootDirectory(kpwd.root));
if (kpwd.isReadOnly) {
attrib.add(Restrictions.readOnly());
}
}
Also used :
HomeDirectory(org.dcache.auth.attributes.HomeDirectory)
RootDirectory(org.dcache.auth.attributes.RootDirectory)
Aggregations
HomeDirectory (org.dcache.auth.attributes.HomeDirectory)14
RootDirectory (org.dcache.auth.attributes.RootDirectory)14
LoginAttribute (org.dcache.auth.attributes.LoginAttribute)7
Principal (java.security.Principal)5
MaxUploadSize (org.dcache.auth.attributes.MaxUploadSize)5
FsPath (diskCacheV111.util.FsPath)4
GidPrincipal (org.dcache.auth.GidPrincipal)4
UidPrincipal (org.dcache.auth.UidPrincipal)4
UserNamePrincipal (org.dcache.auth.UserNamePrincipal)4
HashSet (java.util.HashSet)3
GroupNamePrincipal (org.dcache.auth.GroupNamePrincipal)3
ArrayList (java.util.ArrayList)2
NamingException (javax.naming.NamingException)2
Attributes (javax.naming.directory.Attributes)2
BasicAttributes (javax.naming.directory.BasicAttributes)2
Subject (javax.security.auth.Subject)2
PrefixRestriction (org.dcache.auth.attributes.PrefixRestriction)2
AuthenticationException (org.dcache.gplazma.AuthenticationException)2
MacaroonContext (org.dcache.macaroons.MacaroonContext)2
UserPrincipal (com.sun.security.auth.UserPrincipal)1
