Example 51 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class GetGroupNamesCommand method getGroupNames.
private String[] getGroupNames(String realmName, String userName) throws NoSuchRealmException, BadRealmException, InvalidOperationException, NoSuchUserException {
// account for updates to file-realm contents from outside this config
// which are sharing the same keyfile
realmsManager.refreshRealm(config.getName(), realmName);
Realm r = realmsManager.getFromLoadedRealms(config.getName(), realmName);
if (r != null) {
return getGroupNames(r, userName);
}
List<AuthRealm> authRealmConfigs = config.getSecurityService().getAuthRealm();
for (AuthRealm authRealm : authRealmConfigs) {
if (realmName.equals(authRealm.getName())) {
List<Property> propConfigs = authRealm.getProperty();
Properties props = new Properties();
for (Property p : propConfigs) {
String value = p.getValue();
props.setProperty(p.getName(), value);
}
r = Realm.instantiate(authRealm.getName(), authRealm.getClassname(), props, config.getName());
return getGroupNames(r, userName);
}
}
throw new NoSuchRealmException(_localStrings.getLocalString("NO_SUCH_REALM", "No Such Realm: {0}", new Object[] { realmName }));
}
Also used :
AuthRealm(com.sun.enterprise.config.serverbeans.AuthRealm)
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
Properties(java.util.Properties)
AuthRealm(com.sun.enterprise.config.serverbeans.AuthRealm)
Realm(com.sun.enterprise.security.auth.realm.Realm)
Property(org.jvnet.hk2.config.types.Property)
Example 52 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class SynchronizeRealmFromConfig method instantiateRealm.
private boolean instantiateRealm(Config cfg, String realmName) throws BadRealmException, NoSuchRealmException {
List<AuthRealm> authRealmConfigs = cfg.getSecurityService().getAuthRealm();
for (AuthRealm authRealm : authRealmConfigs) {
if (realmName.equals(authRealm.getName())) {
List<Property> propConfigs = authRealm.getProperty();
Properties props = new Properties();
for (Property p : propConfigs) {
String value = p.getValue();
props.setProperty(p.getName(), value);
}
Realm.instantiate(authRealm.getName(), authRealm.getClassname(), props, cfg.getName());
return true;
}
}
throw new NoSuchRealmException(_localStrings.getLocalString("NO_SUCH_REALM", "No Such Realm: {0}", new Object[] { realmName }));
}
Also used :
AuthRealm(com.sun.enterprise.config.serverbeans.AuthRealm)
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
Properties(java.util.Properties)
Property(org.jvnet.hk2.config.types.Property)
Example 53 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class CreateMessageSecurityProvider method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are parameter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
List<MessageSecurityConfig> mscs = secService.getMessageSecurityConfig();
// Let's find the correct MessageSecurityConfig. As of now,
// there can be only two of them - one for SOAP and one for
// HttpServlet
MessageSecurityConfig msgSecCfg = null;
for (MessageSecurityConfig msc : mscs) {
if (msc.getAuthLayer().equals(authLayer)) {
msgSecCfg = msc;
}
}
// then, add a new provider config under it provided it is not duplicate
if (msgSecCfg != null) {
// check if there exists a provider config by the
// specified provider name; if so return failure.
List<ProviderConfig> pcs = msgSecCfg.getProviderConfig();
for (ProviderConfig pc : pcs) {
if (pc.getProviderId().equals(providerId)) {
report.setMessage(localStrings.getLocalString("create.message.security.provider.duplicatefound", "Message security provider named {0} exists. " + "Cannot add duplicate.", providerId));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
// No duplicate message security providers found. So add one.
try {
ConfigSupport.apply(new SingleConfigCode<MessageSecurityConfig>() {
public Object run(MessageSecurityConfig param) throws PropertyVetoException, TransactionFailure {
ProviderConfig newPC = param.createChild(ProviderConfig.class);
populateProviderConfigElement(newPC);
param.getProviderConfig().add(newPC);
// security config object
if (isDefaultProvider) {
if (providerType.equals(SERVER) || providerType.equals(CLIENT_SERVER))
param.setDefaultProvider(providerId);
if (providerType.equals(CLIENT) || providerType.equals(CLIENT_SERVER))
param.setDefaultClientProvider(providerId);
}
return newPC;
}
}, msgSecCfg);
} catch (TransactionFailure e) {
report.setMessage(localStrings.getLocalString("create.message.security.provider.fail", "Creation of message security provider named {0} failed", providerId));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
report.setMessage(localStrings.getLocalString("create.message.security.provider.success", "Creation of message security provider named {0} completed " + "successfully", providerId));
} else // Now if there is NO message security config for this type of layer
// then, first add a message security config for the layer and then
// add a provider config under this message security config
{
try {
ConfigSupport.apply(new SingleConfigCode<SecurityService>() {
public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
MessageSecurityConfig newMSC = param.createChild(MessageSecurityConfig.class);
newMSC.setAuthLayer(authLayer);
param.getMessageSecurityConfig().add(newMSC);
ProviderConfig newPC = newMSC.createChild(ProviderConfig.class);
populateProviderConfigElement(newPC);
newMSC.getProviderConfig().add(newPC);
// security config object
if (isDefaultProvider) {
if (providerType.equals(SERVER) || providerType.equals(CLIENT_SERVER))
newMSC.setDefaultProvider(providerId);
if (providerType.equals(CLIENT) || providerType.equals(CLIENT_SERVER))
newMSC.setDefaultClientProvider(providerId);
}
return newMSC;
}
}, secService);
} catch (TransactionFailure e) {
report.setMessage(localStrings.getLocalString("create.message.security.provider.fail", "Creation of message security provider named {0} failed", providerId));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
/* report.setMessage(localStrings.getLocalString(
"create.message.security.provider.success",
"Creation of message security provider named {0} completed " +
"successfully", providerId)); */
}
}
Also used :
PropertyVetoException(java.beans.PropertyVetoException)
TransactionFailure(org.jvnet.hk2.config.TransactionFailure)
ProviderConfig(com.sun.enterprise.config.serverbeans.ProviderConfig)
SecurityService(com.sun.enterprise.config.serverbeans.SecurityService)
MessageSecurityConfig(com.sun.enterprise.config.serverbeans.MessageSecurityConfig)
ActionReport(org.glassfish.api.ActionReport)
Example 54 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class DeleteFileUser method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("delete.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
final String kFile = keyFile;
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("delete.file.user.keyfilenotfound", "There is no physical file associated with this file realm {0} ", authRealmName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
boolean exists = (new File(kFile)).exists();
if (!exists) {
report.setMessage(localStrings.getLocalString("file.realm.keyfilenonexistent", "The specified physical file {0} associated with the file realm {1} does not exist.", new Object[] { kFile, authRealmName }));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// hypothetically ?.
try {
ConfigSupport.apply(new SingleConfigCode<SecurityService>() {
public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
try {
realmsManager.createRealms(config);
final FileRealm fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
fr.removeUser(userName);
fr.persist();
CreateFileUser.refreshRealm(config.getName(), authRealmName);
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (NoSuchUserException e) {
report.setMessage(localStrings.getLocalString("delete.file.user.usernotfound", "There is no such existing user {0} in the file realm {1}.", userName, authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
} catch (BadRealmException e) {
report.setMessage(localStrings.getLocalString("delete.file.user.realmcorrupted", "Configured file realm {0} is corrupted.", authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
} catch (Exception e) {
e.printStackTrace();
report.setMessage(localStrings.getLocalString("delete.file.user.userdeletefailed", "Removing User {0} from file realm {1} failed", userName, authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
return null;
}
}, securityService);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("delete.file.user.userdeletefailed", "Removing User {0} from file realm {1} failed", userName, authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
Also used :
TransactionFailure(org.jvnet.hk2.config.TransactionFailure)
NoSuchUserException(com.sun.enterprise.security.auth.realm.NoSuchUserException)
ActionReport(org.glassfish.api.ActionReport)
FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm)
BadRealmException(com.sun.enterprise.security.auth.realm.BadRealmException)
PropertyVetoException(java.beans.PropertyVetoException)
NoSuchUserException(com.sun.enterprise.security.auth.realm.NoSuchUserException)
PropertyVetoException(java.beans.PropertyVetoException)
BadRealmException(com.sun.enterprise.security.auth.realm.BadRealmException)
SecurityService(com.sun.enterprise.config.serverbeans.SecurityService)
Property(org.jvnet.hk2.config.types.Property)
File(java.io.File)
Example 55 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class UpdateFileUser method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("update.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("update.file.user.keyfilenotfound", "There is no physical file associated with file realm {0}", authRealmName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
boolean exists = (new File(keyFile)).exists();
if (!exists) {
report.setMessage(localStrings.getLocalString("file.realm.keyfilenonexistent", "The specified physical file {0} associated with the file realm {1} does not exist.", new Object[] { keyFile, authRealmName }));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// Now get all inputs ready. userid and groups are straightforward but
// password is tricky. It is stored in the file passwordfile passed
// through the CLI options. It is stored under the name
// AS_ADMIN_USERPASSWORD. Fetch it from there.
// fetchPassword(report);
String password = userpassword;
if (password == null && groups == null) {
report.setMessage(localStrings.getLocalString("update.file.user.keyfilenotreadable", "None of password or groups have been specified for update," + "Password for user {0} has to be specified" + "through AS_ADMIN_USERPASSWORD property in the file specified " + "in --passwordfile option", userName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// Issue 17525 Fix - Check for null passwords for admin-realm if secureadmin is enabled
if (password != null) {
secureAdmin = domain.getSecureAdmin();
if ((SecureAdmin.Util.isEnabled(secureAdmin)) && (adminService.getAuthRealmName().equals(authRealmName))) {
if ((password.isEmpty())) {
report.setMessage(localStrings.getLocalString("null_empty_password", "The admin user password is empty"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
}
// even though update-file-user is not an update to the security-service
// do we need to make it transactional by referncing the securityservice
// hypothetically ?.
// TODO: check and enclose the code below inside ConfigSupport.apply(...)
FileRealm fr = null;
try {
realmsManager.createRealms(config);
fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
if (fr == null) {
throw new NoSuchRealmException(authRealmName);
}
} catch (NoSuchRealmException e) {
report.setMessage(localStrings.getLocalString("update.file.user.realmnotsupported", "Configured file realm {0} does not exist.", authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
// now updating user
try {
CreateFileUser.handleAdminGroup(authRealmName, groups);
String[] groups1 = (groups == null) ? null : groups.toArray(new String[groups.size()]);
fr.updateUser(userName, userName, password, groups1);
fr.persist();
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("update.file.user.userupdatefailed", "Updating user {0} in file realm {1} failed", userName, authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
Also used :
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
ActionReport(org.glassfish.api.ActionReport)
FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm)
Property(org.jvnet.hk2.config.types.Property)
File(java.io.File)
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
Aggregations
TransactionFailure (org.jvnet.hk2.config.TransactionFailure)81
Config (com.sun.enterprise.config.serverbeans.Config)69
ActionReport (org.glassfish.api.ActionReport)60
PropertyVetoException (java.beans.PropertyVetoException)59
Property (org.jvnet.hk2.config.types.Property)50
CommandTarget (org.glassfish.config.support.CommandTarget)24
Target (org.glassfish.internal.api.Target)23
Properties (java.util.Properties)21
HashMap (java.util.HashMap)18
ArrayList (java.util.ArrayList)17
ConfigBeanProxy (org.jvnet.hk2.config.ConfigBeanProxy)17
NetworkConfig (org.glassfish.grizzly.config.dom.NetworkConfig)15
Protocol (org.glassfish.grizzly.config.dom.Protocol)15
Server (com.sun.enterprise.config.serverbeans.Server)14
List (java.util.List)14
NetworkListener (org.glassfish.grizzly.config.dom.NetworkListener)14
Protocols (org.glassfish.grizzly.config.dom.Protocols)12
IOException (java.io.IOException)10
Map (java.util.Map)10
Cluster (com.sun.enterprise.config.serverbeans.Cluster)9
