use of org.jvnet.hk2.config.types.Property in project Payara by payara.
the class LDAPAdminAccessConfigurator method createLDAPRealm.
// this had been called renameRealm, but in the SecurityConfigListener, the method authRealmUpdated actually does a create...
/* private void createBackupRealm(final StringBuilder sb, AuthRealm realm, final String to) throws PropertyVetoException, TransactionFailure {
SingleConfigCode<AuthRealm> scc = new SingleConfigCode<AuthRealm>() {
@Override
public Object run(AuthRealm realm) throws PropertyVetoException, TransactionFailure {
appendNL(sb, lsm.getString("config.to.ldap", FIXED_ADMIN_REALM_NAME, to));
realm.setName(to);
return realm;
}
};
ConfigSupport.apply(scc, realm);
}*/
private AuthRealm createLDAPRealm(SecurityService ss) throws TransactionFailure, PropertyVetoException {
AuthRealm ar = ss.createChild(AuthRealm.class);
ar.setClassname(LDAPRealm.class.getName());
ar.setName(FIXED_ADMIN_REALM_NAME);
List<Property> props = ar.getProperty();
Property p = ar.createChild(Property.class);
p.setName(DIR_P);
p.setValue(url);
props.add(p);
p = ar.createChild(Property.class);
p.setName(BASEDN_P);
p.setValue(basedn);
props.add(p);
p = ar.createChild(Property.class);
p.setName(JAAS_P);
p.setValue(JAAS_V);
props.add(p);
if (ldapGroupName != null) {
p = ar.createChild(Property.class);
p.setName(Realm.PARAM_GROUP_MAPPING);
// appears as gfdomain1->asadmin in domain.xml
p.setValue(ldapGroupName + "->asadmin");
props.add(p);
}
return ar;
}
use of org.jvnet.hk2.config.types.Property in project Payara by payara.
the class SecurityConfigUpgradeService method addLoginModule.
private LoginModuleConfig addLoginModule(final SecurityProvider sp_w, final String name, final String className) throws TransactionFailure, PropertyVetoException {
final LoginModuleConfig lm_w = sp_w.createChild(LoginModuleConfig.class);
sp_w.getSecurityProviderConfig().add(lm_w);
lm_w.setName(name);
lm_w.setModuleClass(className);
lm_w.setControlFlag("sufficient");
final Property configProp = lm_w.createChild(Property.class);
configProp.setName("config");
configProp.setValue("server-config");
final Property realmProp = lm_w.createChild(Property.class);
realmProp.setName("auth-realm");
realmProp.setValue("admin-realm");
lm_w.getProperty().add(configProp);
lm_w.getProperty().add(realmProp);
return lm_w;
}
use of org.jvnet.hk2.config.types.Property in project Payara by payara.
the class PolicyLoader method setPolicyConfigurationFactory.
/**
* Set internal properties based on domain.xml configuration.
*
* <P>The POLICY_CONF_FACTORY property is consumed by the jacc-api
* as documented in JACC specification. It's value is set here to the
* value given in domain.xml <i>unless</i> it is already set in which
* case the value is not modified.
*
* <P>Then and properties associated with this jacc provider from
* domain.xml are set as internal properties prefixed with
* POLICY_PROP_PREFIX. This is currently a workaround for bug 4846938.
* A cleaner interface should be adopted.
*/
private void setPolicyConfigurationFactory(JaccProvider jacc) {
if (jacc == null) {
return;
}
// Handle JACC-specified property for factory
// TODO:V3 system property being read here
String prop = System.getProperty(POLICY_CONF_FACTORY);
if (prop != null) {
// warn user of override
_logger.log(Level.WARNING, SecurityLoggerInfo.policyFactoryOverride, new String[] { POLICY_CONF_FACTORY, prop });
} else {
// use domain.xml value by setting the property to it
String factory = jacc.getPolicyConfigurationFactoryProvider();
if (factory == null) {
_logger.log(Level.WARNING, SecurityLoggerInfo.policyConfigFactoryNotDefined);
} else {
System.setProperty(POLICY_CONF_FACTORY, factory);
}
}
// Next, make properties of this jacc provider available to provider
List<Property> props = jacc.getProperty();
for (Property p : props) {
String name = POLICY_PROP_PREFIX + p.getName();
String value = p.getValue();
_logger.finest("PolicyLoader set [" + name + "] to [" + value + "]");
System.setProperty(name, value);
}
}
use of org.jvnet.hk2.config.types.Property in project Payara by payara.
the class RealmConfig method createRealms.
public static void createRealms(String defaultRealm, List<AuthRealm> realms, String configName) {
assert (realms != null);
// need at least one good realm
String goodRealm = null;
for (AuthRealm aRealm : realms) {
String realmName = aRealm.getName();
String realmClass = aRealm.getClassname();
assert (realmName != null);
assert (realmClass != null);
try {
List<Property> realmProps = aRealm.getProperty();
/*V3 Commented ElementProperty[] realmProps =
aRealm.getElementProperty();*/
Properties props = new Properties();
for (Property realmProp : realmProps) {
props.setProperty(realmProp.getName(), realmProp.getValue());
}
Realm.instantiate(realmName, realmClass, props, configName);
if (logger.isLoggable(Level.FINE)) {
logger.fine("Configured realm: " + realmName);
}
if (goodRealm == null) {
goodRealm = realmName;
}
} catch (Exception e) {
logger.log(Level.WARNING, SecurityLoggerInfo.realmConfigDisabledError, realmName);
logger.log(Level.WARNING, SecurityLoggerInfo.securityExceptionError, e);
}
}
if (goodRealm == null) {
logger.severe(SecurityLoggerInfo.noRealmsError);
} else {
try {
Realm.getInstance(defaultRealm);
} catch (Exception e) {
defaultRealm = goodRealm;
}
Realm.setDefaultRealm(defaultRealm);
if (logger.isLoggable(Level.FINE)) {
logger.fine("Default realm is set to: " + defaultRealm);
}
}
}
use of org.jvnet.hk2.config.types.Property in project Payara by payara.
the class ChangeAdminPassword method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotsupported", "Configured admin realm is not supported."));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("change.admin.password.keyfilenotfound", "There is no physical file associated with admin realm"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// We have the right impl so let's get to updating existing user
FileRealm fr = null;
try {
realmsManager.createRealms(config);
fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), fileAuthRealm.getName());
if (fr == null) {
throw new NoSuchRealmException(fileAuthRealm.getName());
}
} catch (NoSuchRealmException e) {
report.setMessage(localStrings.getLocalString("change.admin.password.realmnotsupported", "Configured admin realm does not exist.") + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
// now updating admin user password
try {
Enumeration en = fr.getGroupNames(userName);
int size = 0;
while (en.hasMoreElements()) {
size++;
en.nextElement();
}
String[] groups = new String[size];
en = fr.getGroupNames(userName);
for (int i = 0; i < size; i++) {
groups[i] = (String) en.nextElement();
}
fr.updateUser(userName, userName, newpassword.toCharArray(), groups);
fr.persist();
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("change.admin.password.userupdatefailed", "Password change failed for user named {0}", userName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
Aggregations