Search in sources :

Example 56 with Property

use of org.jvnet.hk2.config.ConfigModel.Property in project Payara by payara.

the class LDAPAdminAccessConfigurator method createLDAPRealm.

// this had been called renameRealm, but in the SecurityConfigListener, the method authRealmUpdated actually does a create...
/*    private void createBackupRealm(final StringBuilder sb, AuthRealm realm, final String to) throws PropertyVetoException, TransactionFailure {
        SingleConfigCode<AuthRealm> scc = new SingleConfigCode<AuthRealm>() {
            @Override
            public Object run(AuthRealm realm) throws PropertyVetoException, TransactionFailure {
                appendNL(sb, lsm.getString("config.to.ldap", FIXED_ADMIN_REALM_NAME, to));
                realm.setName(to);
                return realm;
            }
        };
        ConfigSupport.apply(scc, realm);
    }*/
private AuthRealm createLDAPRealm(SecurityService ss) throws TransactionFailure, PropertyVetoException {
    AuthRealm ar = ss.createChild(AuthRealm.class);
    ar.setClassname(LDAPRealm.class.getName());
    ar.setName(FIXED_ADMIN_REALM_NAME);
    List<Property> props = ar.getProperty();
    Property p = ar.createChild(Property.class);
    p.setName(DIR_P);
    p.setValue(url);
    props.add(p);
    p = ar.createChild(Property.class);
    p.setName(BASEDN_P);
    p.setValue(basedn);
    props.add(p);
    p = ar.createChild(Property.class);
    p.setName(JAAS_P);
    p.setValue(JAAS_V);
    props.add(p);
    if (ldapGroupName != null) {
        p = ar.createChild(Property.class);
        p.setName(Realm.PARAM_GROUP_MAPPING);
        // appears as gfdomain1->asadmin in domain.xml
        p.setValue(ldapGroupName + "->asadmin");
        props.add(p);
    }
    return ar;
}
Also used : LDAPRealm(com.sun.enterprise.security.auth.realm.ldap.LDAPRealm) Property(org.jvnet.hk2.config.types.Property)

Example 57 with Property

use of org.jvnet.hk2.config.ConfigModel.Property in project Payara by payara.

the class SecurityConfigUpgradeService method addLoginModule.

private LoginModuleConfig addLoginModule(final SecurityProvider sp_w, final String name, final String className) throws TransactionFailure, PropertyVetoException {
    final LoginModuleConfig lm_w = sp_w.createChild(LoginModuleConfig.class);
    sp_w.getSecurityProviderConfig().add(lm_w);
    lm_w.setName(name);
    lm_w.setModuleClass(className);
    lm_w.setControlFlag("sufficient");
    final Property configProp = lm_w.createChild(Property.class);
    configProp.setName("config");
    configProp.setValue("server-config");
    final Property realmProp = lm_w.createChild(Property.class);
    realmProp.setName("auth-realm");
    realmProp.setValue("admin-realm");
    lm_w.getProperty().add(configProp);
    lm_w.getProperty().add(realmProp);
    return lm_w;
}
Also used : Property(org.jvnet.hk2.config.types.Property)

Example 58 with Property

use of org.jvnet.hk2.config.ConfigModel.Property in project Payara by payara.

the class PolicyLoader method setPolicyConfigurationFactory.

/**
 * Set internal properties based on domain.xml configuration.
 *
 * <P>The POLICY_CONF_FACTORY property is consumed by the jacc-api
 * as documented in JACC specification. It's value is set here to the
 * value given in domain.xml <i>unless</i> it is already set in which
 * case the value is not modified.
 *
 * <P>Then and properties associated with this jacc provider from
 * domain.xml are set as internal properties prefixed with
 * POLICY_PROP_PREFIX. This is currently a workaround for bug 4846938.
 * A cleaner interface should be adopted.
 */
private void setPolicyConfigurationFactory(JaccProvider jacc) {
    if (jacc == null) {
        return;
    }
    // Handle JACC-specified property for factory
    // TODO:V3 system property being read here
    String prop = System.getProperty(POLICY_CONF_FACTORY);
    if (prop != null) {
        // warn user of override
        _logger.log(Level.WARNING, SecurityLoggerInfo.policyFactoryOverride, new String[] { POLICY_CONF_FACTORY, prop });
    } else {
        // use domain.xml value by setting the property to it
        String factory = jacc.getPolicyConfigurationFactoryProvider();
        if (factory == null) {
            _logger.log(Level.WARNING, SecurityLoggerInfo.policyConfigFactoryNotDefined);
        } else {
            System.setProperty(POLICY_CONF_FACTORY, factory);
        }
    }
    // Next, make properties of this jacc provider available to provider
    List<Property> props = jacc.getProperty();
    for (Property p : props) {
        String name = POLICY_PROP_PREFIX + p.getName();
        String value = p.getValue();
        _logger.finest("PolicyLoader set [" + name + "] to [" + value + "]");
        System.setProperty(name, value);
    }
}
Also used : Property(org.jvnet.hk2.config.types.Property)

Example 59 with Property

use of org.jvnet.hk2.config.ConfigModel.Property in project Payara by payara.

the class RealmConfig method createRealms.

public static void createRealms(String defaultRealm, List<AuthRealm> realms, String configName) {
    assert (realms != null);
    // need at least one good realm
    String goodRealm = null;
    for (AuthRealm aRealm : realms) {
        String realmName = aRealm.getName();
        String realmClass = aRealm.getClassname();
        assert (realmName != null);
        assert (realmClass != null);
        try {
            List<Property> realmProps = aRealm.getProperty();
            /*V3 Commented ElementProperty[] realmProps =
                    aRealm.getElementProperty();*/
            Properties props = new Properties();
            for (Property realmProp : realmProps) {
                props.setProperty(realmProp.getName(), realmProp.getValue());
            }
            Realm.instantiate(realmName, realmClass, props, configName);
            if (logger.isLoggable(Level.FINE)) {
                logger.fine("Configured realm: " + realmName);
            }
            if (goodRealm == null) {
                goodRealm = realmName;
            }
        } catch (Exception e) {
            logger.log(Level.WARNING, SecurityLoggerInfo.realmConfigDisabledError, realmName);
            logger.log(Level.WARNING, SecurityLoggerInfo.securityExceptionError, e);
        }
    }
    if (goodRealm == null) {
        logger.severe(SecurityLoggerInfo.noRealmsError);
    } else {
        try {
            Realm.getInstance(defaultRealm);
        } catch (Exception e) {
            defaultRealm = goodRealm;
        }
        Realm.setDefaultRealm(defaultRealm);
        if (logger.isLoggable(Level.FINE)) {
            logger.fine("Default realm is set to: " + defaultRealm);
        }
    }
}
Also used : AuthRealm(com.sun.enterprise.config.serverbeans.AuthRealm) Properties(java.util.Properties) Property(org.jvnet.hk2.config.types.Property)

Example 60 with Property

use of org.jvnet.hk2.config.ConfigModel.Property in project Payara by payara.

the class ChangeAdminPassword method execute.

/**
 * Executes the command with the command parameters passed as Properties
 * where the keys are the paramter names and the values the parameter values
 *
 * @param context information
 */
public void execute(AdminCommandContext context) {
    final ActionReport report = context.getActionReport();
    // Get FileRealm class name, match it with what is expected.
    String fileRealmClassName = fileAuthRealm.getClassname();
    // Report error if provided impl is not the one expected
    if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
        report.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotsupported", "Configured admin realm is not supported."));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return;
    }
    // ensure we have the file associated with the authrealm
    String keyFile = null;
    for (Property fileProp : fileAuthRealm.getProperty()) {
        if (fileProp.getName().equals("file"))
            keyFile = fileProp.getValue();
    }
    if (keyFile == null) {
        report.setMessage(localStrings.getLocalString("change.admin.password.keyfilenotfound", "There is no physical file associated with admin realm"));
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        return;
    }
    // We have the right impl so let's get to updating existing user
    FileRealm fr = null;
    try {
        realmsManager.createRealms(config);
        fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), fileAuthRealm.getName());
        if (fr == null) {
            throw new NoSuchRealmException(fileAuthRealm.getName());
        }
    } catch (NoSuchRealmException e) {
        report.setMessage(localStrings.getLocalString("change.admin.password.realmnotsupported", "Configured admin realm does not exist.") + "  " + e.getLocalizedMessage());
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        report.setFailureCause(e);
        return;
    }
    // now updating admin user password
    try {
        Enumeration en = fr.getGroupNames(userName);
        int size = 0;
        while (en.hasMoreElements()) {
            size++;
            en.nextElement();
        }
        String[] groups = new String[size];
        en = fr.getGroupNames(userName);
        for (int i = 0; i < size; i++) {
            groups[i] = (String) en.nextElement();
        }
        fr.updateUser(userName, userName, newpassword.toCharArray(), groups);
        fr.persist();
        report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
    } catch (Exception e) {
        report.setMessage(localStrings.getLocalString("change.admin.password.userupdatefailed", "Password change failed for user named {0}", userName) + "  " + e.getLocalizedMessage());
        report.setActionExitCode(ActionReport.ExitCode.FAILURE);
        report.setFailureCause(e);
    }
}
Also used : NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException) Enumeration(java.util.Enumeration) ActionReport(org.glassfish.api.ActionReport) FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm) Property(org.jvnet.hk2.config.types.Property) NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)

Aggregations

Property (org.jvnet.hk2.config.types.Property)149 PropertyVetoException (java.beans.PropertyVetoException)30 HashMap (java.util.HashMap)27 Properties (java.util.Properties)22 TransactionFailure (org.jvnet.hk2.config.TransactionFailure)22 ArrayList (java.util.ArrayList)18 ActionReport (org.glassfish.api.ActionReport)17 Map (java.util.Map)15 File (java.io.File)13 ConnectorConfigProperty (com.sun.enterprise.deployment.ConnectorConfigProperty)12 Config (com.sun.enterprise.config.serverbeans.Config)11 List (java.util.List)11 AuthRealm (com.sun.enterprise.config.serverbeans.AuthRealm)10 HttpService (com.sun.enterprise.config.serverbeans.HttpService)9 NoSuchRealmException (com.sun.enterprise.security.auth.realm.NoSuchRealmException)9 Server (com.sun.enterprise.config.serverbeans.Server)8 SystemProperty (com.sun.enterprise.config.serverbeans.SystemProperty)8 VirtualServer (com.sun.enterprise.config.serverbeans.VirtualServer)8 Application (com.sun.enterprise.config.serverbeans.Application)7 EnvironmentProperty (com.sun.enterprise.deployment.EnvironmentProperty)7