Example 1 with BackendPrincipal
use of org.glassfish.connectors.config.BackendPrincipal in project Payara by payara.
the class CreateConnectorSecurityMap method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the parameter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
if (securityMapName == null) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.noSecurityMapName", "No security map name specified"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
if (principals == null && userGroups == null) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.noPrincipalsOrGroupsMap", "Either the principal or the user group has to be specified while creating a security map." + " Both cannot be null."));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
if (principals != null && userGroups != null) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.specifyPrincipalsOrGroupsMap", "A work-security-map can have either (any number of) group mapping or (any number of) principals" + " mapping but not both. Specify --principals or --usergroups."));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
Collection<ConnectorConnectionPool> ccPools = domain.getResources().getResources(ConnectorConnectionPool.class);
if (!doesPoolNameExist(poolName, ccPools)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.noSuchPoolFound", "Connector connection pool {0} does not exist. Please specify a valid pool name.", poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
if (doesMapNameExist(poolName, securityMapName, ccPools)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.duplicate", "A security map named {0} already exists for connector connection pool {1}. Please give a" + " different map name.", securityMapName, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// get all the security maps for this pool.....
List<SecurityMap> maps = getAllSecurityMapsForPool(poolName, ccPools);
if (principals != null) {
for (String principal : principals) {
if (isPrincipalExisting(principal, maps)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.principal_exists", "The principal {0} already exists in connector connection pool {1}. Please give a " + "different principal name.", principal, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
if (userGroups != null) {
for (String userGroup : userGroups) {
if (isUserGroupExisting(userGroup, maps)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.usergroup_exists", "The user-group {0} already exists in connector connection pool {1}. Please give a" + " different user-group name.", userGroup, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
ConnectorConnectionPool connPool = null;
for (ConnectorConnectionPool ccp : ccPools) {
if (ccp.getName().equals(poolName)) {
connPool = ccp;
}
}
try {
ConfigSupport.apply(new SingleConfigCode<ConnectorConnectionPool>() {
public Object run(ConnectorConnectionPool ccp) throws PropertyVetoException, TransactionFailure {
List<SecurityMap> securityMaps = ccp.getSecurityMap();
SecurityMap newResource = ccp.createChild(SecurityMap.class);
newResource.setName(securityMapName);
if (principals != null) {
for (String p : principals) {
newResource.getPrincipal().add(p);
}
}
if (userGroups != null) {
for (String u : userGroups) {
newResource.getUserGroup().add(u);
}
}
BackendPrincipal backendPrincipal = newResource.createChild(BackendPrincipal.class);
backendPrincipal.setUserName(mappedusername);
if (mappedpassword != null && !mappedpassword.isEmpty()) {
backendPrincipal.setPassword(mappedpassword);
}
newResource.setBackendPrincipal(backendPrincipal);
securityMaps.add(newResource);
return newResource;
}
}, connPool);
} catch (TransactionFailure tfe) {
Object[] params = { securityMapName, poolName };
report.setMessage(localStrings.getLocalString("create.connector.security.map.fail", "Unable to create connector security map {0} for connector connection pool {1} ", params) + " " + tfe.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(tfe);
return;
}
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
}
Also used :
PropertyVetoException(java.beans.PropertyVetoException)
TransactionFailure(org.jvnet.hk2.config.TransactionFailure)
ConnectorConnectionPool(org.glassfish.connectors.config.ConnectorConnectionPool)
SecurityMap(org.glassfish.connectors.config.SecurityMap)
BackendPrincipal(org.glassfish.connectors.config.BackendPrincipal)
List(java.util.List)
ActionReport(org.glassfish.api.ActionReport)
Example 2 with BackendPrincipal
use of org.glassfish.connectors.config.BackendPrincipal in project Payara by payara.
the class ListConnectorSecurityMaps method listSecurityMapDetails.
private void listSecurityMapDetails(SecurityMap sm, ActionReport.MessagePart mp) {
List<String> principalList = sm.getPrincipal();
List<String> groupList = sm.getUserGroup();
BackendPrincipal bp = sm.getBackendPrincipal();
final ActionReport.MessagePart partSM = mp.addChild();
partSM.setMessage(sm.getName());
final ActionReport.MessagePart partPG = partSM.addChild();
if (!principalList.isEmpty()) {
partPG.setMessage(localStrings.getLocalString("list.connector.security.maps.principals", "\tPrincipal(s)"));
}
if (!groupList.isEmpty()) {
partPG.setMessage(localStrings.getLocalString("list.connector.security.maps.groups", "\tUser Group(s)"));
}
for (String principal : principalList) {
final ActionReport.MessagePart partP = partPG.addChild();
partP.setMessage(localStrings.getLocalString("list.connector.security.maps.eisPrincipal", "\t\t" + principal, principal));
}
for (String group : groupList) {
final ActionReport.MessagePart partG = partPG.addChild();
partG.setMessage(localStrings.getLocalString("list.connector.security.maps.eisGroup", "\t\t" + group, group));
}
final ActionReport.MessagePart partBP = partPG.addChild();
partBP.setMessage(localStrings.getLocalString("list.connector.security.maps.backendPrincipal", "\t" + "Backend Principal"));
final ActionReport.MessagePart partBPU = partBP.addChild();
partBPU.setMessage(localStrings.getLocalString("list.connector.security.maps.username", "\t\t" + "User Name = " + bp.getUserName(), bp.getUserName()));
if (bp.getPassword() != null && !bp.getPassword().isEmpty()) {
final String rawPassword = ConfigBean.unwrap(bp).rawAttribute("password");
final String passwordOutput = RelativePathResolver.getAlias(rawPassword) == null ? "****" : rawPassword;
final ActionReport.MessagePart partBPP = partBP.addChild();
partBPP.setMessage(localStrings.getLocalString("list.connector.security.maps.password", "\t\t" + "Password = " + passwordOutput, passwordOutput));
}
}
Also used :
BackendPrincipal(org.glassfish.connectors.config.BackendPrincipal)
ActionReport(org.glassfish.api.ActionReport)
Example 3 with BackendPrincipal
use of org.glassfish.connectors.config.BackendPrincipal in project Payara by payara.
the class UpdateConnectorSecurityMap method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
if (securityMapName == null) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.noSecurityMapName", "No security map name specified"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
Collection<ConnectorConnectionPool> ccPools = domain.getResources().getResources(ConnectorConnectionPool.class);
if (!doesPoolNameExist(poolName, ccPools)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.noSuchPoolFound", "Connector connection pool {0} does not exist. Please specify a valid pool name.", poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
if (!doesMapNameExist(poolName, securityMapName, ccPools)) {
report.setMessage(localStrings.getLocalString("update.connector.security.map.map_does_not_exist", "Security map {0} does not exist for connector connection pool {1}. Please give a valid map name.", securityMapName, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// get all the security maps for this pool.....
List<SecurityMap> maps = getAllSecurityMapsForPool(poolName, ccPools);
// check if addPrincipals and removePrincipals have the same value
if (addPrincipals != null && removePrincipals != null) {
for (String ap : addPrincipals) {
for (String rp : removePrincipals) {
if (rp.equals(ap)) {
report.setMessage(localStrings.getLocalString("update.connector.security.map.same_principal_values", "This value {0} is given in both --addprincipals and --removeprincipals. The same value cannot given for these options.", ap));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
}
// check if addUserGroups and removeUserGroups have the same value
if (addUserGroups != null && removeUserGroups != null) {
for (String aug : addUserGroups) {
for (String rug : removeUserGroups) {
if (rug.equals(aug)) {
report.setMessage(localStrings.getLocalString("update.connector.security.map.same_usergroup_values", "This value {0} is given in both --addusergroups and --removeusergroups. The same value cannot given for these options.", aug));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
}
// make sure that the principals to be added are not existing in any map ...
if (addPrincipals != null) {
for (String principal : addPrincipals) {
if (isPrincipalExisting(principal, maps)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.principal_exists", "The principal {0} already exists in connector connection pool {1}. Please give a different principal name.", principal, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
// make sure that the user groups to be added are not existing in any map ...
if (addUserGroups != null) {
for (String userGroup : addUserGroups) {
if (isUserGroupExisting(userGroup, maps)) {
report.setMessage(localStrings.getLocalString("create.connector.security.map.usergroup_exists", "The user-group {0} already exists in connector connection pool {1}. Please give a different user-group name.", userGroup, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
SecurityMap map = getSecurityMap(securityMapName, poolName, ccPools);
final List<String> existingPrincipals = new ArrayList(map.getPrincipal());
final List<String> existingUserGroups = new ArrayList(map.getUserGroup());
// check if there is any invalid principal in removePrincipals.
if (removePrincipals != null) {
boolean principalExists = true;
String principal = null;
for (String p : removePrincipals) {
if (!existingPrincipals.contains(p)) {
principalExists = false;
principal = p;
break;
}
}
if (!principalExists) {
report.setMessage(localStrings.getLocalString("update.connector.security.map.principal_does_not_exists", "The principal {0} that you want to delete does not exist in connector connection pool {1}. Please give a valid principal name.", principal, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
// check if there is any invalid usergroup in removeUserGroups.
if (removeUserGroups != null) {
boolean userGroupExists = true;
String userGroup = null;
for (String ug : removeUserGroups) {
if (!existingUserGroups.contains(ug)) {
userGroupExists = false;
userGroup = ug;
break;
}
}
if (!userGroupExists) {
report.setMessage(localStrings.getLocalString("update.connector.security.map.usergroup_does_not_exists", "The usergroup {0} that you want to delete does not exist in connector connection pool {1}. Please give a valid user-group name.", userGroup, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
if (addPrincipals == null && addUserGroups == null) {
boolean principalsEmpty = false;
boolean userGroupsEmpty = false;
if (removePrincipals == null && existingPrincipals.isEmpty()) {
principalsEmpty = true;
}
if (removeUserGroups == null && existingUserGroups.isEmpty()) {
userGroupsEmpty = true;
}
if ((removePrincipals != null) && (removePrincipals.size() == existingPrincipals.size())) {
principalsEmpty = true;
}
if ((removeUserGroups != null) && (removeUserGroups.size() == existingUserGroups.size())) {
userGroupsEmpty = true;
}
if (userGroupsEmpty && principalsEmpty) {
report.setMessage(localStrings.getLocalString("update.connector.security.map.principals_usergroups_will_be_null", "The values in your command will delete all principals and usergroups. You cannot delete all principals and usergroups. Atleast one of them must exist."));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
// add principals to the existingPrincipals arraylist.
if (addPrincipals != null) {
for (String principal : addPrincipals) {
if (!existingPrincipals.contains(principal)) {
existingPrincipals.add(principal);
} else {
report.setMessage(localStrings.getLocalString("create.connector.security.map.principal_exists", "The principal {0} already exists in connector connection pool {1}. Please give a different principal name.", principal, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
// removing principals from existingPrincipals arraylist.
if (removePrincipals != null) {
for (String principal : removePrincipals) {
existingPrincipals.remove(principal);
}
}
// adding user-groups....
if (addUserGroups != null) {
for (String userGroup : addUserGroups) {
if (!existingUserGroups.contains(userGroup)) {
existingUserGroups.add(userGroup);
} else {
report.setMessage(localStrings.getLocalString("create.connector.security.map.usergroup_exists", "The user-group {0} already exists in connector connection pool {1}. Please give a different user-group name.", userGroup, poolName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
// removing user-groups....
if (removeUserGroups != null) {
for (String userGroup : removeUserGroups) {
existingUserGroups.remove(userGroup);
}
}
// the update-connector-security-map command.
if (!hasOnlyPrincipalsOrOnlyUserGroups(report, existingPrincipals, existingUserGroups)) {
return;
}
BackendPrincipal backendPrincipal = map.getBackendPrincipal();
try {
ConfigSupport.apply(new ConfigCode() {
public Object run(ConfigBeanProxy... params) throws PropertyVetoException, TransactionFailure {
SecurityMap sm = (SecurityMap) params[0];
BackendPrincipal bp = (BackendPrincipal) params[1];
// setting the updated principal user-group arrays....
if (existingPrincipals != null) {
sm.getPrincipal().clear();
for (String principal : existingPrincipals) {
sm.getPrincipal().add(principal);
}
}
if (existingUserGroups != null) {
sm.getUserGroup().clear();
for (String userGroup : existingUserGroups) {
sm.getUserGroup().add(userGroup);
}
}
// get the backend principal for the given security map and pool...
if (mappedusername != null && !mappedusername.isEmpty()) {
bp.setUserName(mappedusername);
}
if (mappedpassword != null) {
if (mappedpassword.isEmpty()) {
bp.setPassword(null);
} else {
bp.setPassword(mappedpassword);
}
}
return sm;
}
}, map, backendPrincipal);
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (TransactionFailure tfe) {
Object[] params = { securityMapName, poolName };
report.setMessage(localStrings.getLocalString("update.connector.security.map.fail", "Unable to update security map {0} for connector connection pool {1}.", params) + " " + tfe.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(tfe);
}
}
Also used :
TransactionFailure(org.jvnet.hk2.config.TransactionFailure)
ConnectorConnectionPool(org.glassfish.connectors.config.ConnectorConnectionPool)
ArrayList(java.util.ArrayList)
ActionReport(org.glassfish.api.ActionReport)
PropertyVetoException(java.beans.PropertyVetoException)
SecurityMap(org.glassfish.connectors.config.SecurityMap)
ConfigBeanProxy(org.jvnet.hk2.config.ConfigBeanProxy)
ConfigCode(org.jvnet.hk2.config.ConfigCode)
BackendPrincipal(org.glassfish.connectors.config.BackendPrincipal)
Aggregations
ActionReport (org.glassfish.api.ActionReport)3
BackendPrincipal (org.glassfish.connectors.config.BackendPrincipal)3
PropertyVetoException (java.beans.PropertyVetoException)2
ConnectorConnectionPool (org.glassfish.connectors.config.ConnectorConnectionPool)2
SecurityMap (org.glassfish.connectors.config.SecurityMap)2
TransactionFailure (org.jvnet.hk2.config.TransactionFailure)2
ArrayList (java.util.ArrayList)1
List (java.util.List)1
ConfigBeanProxy (org.jvnet.hk2.config.ConfigBeanProxy)1
ConfigCode (org.jvnet.hk2.config.ConfigCode)1
