Example 56 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class ListFileUser method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("list.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("list.file.user.keyfilenotfound", "There is no physical file associated with this file realm {0} ", authRealmName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
boolean exists = (new File(keyFile)).exists();
if (!exists) {
report.setMessage(localStrings.getLocalString("file.realm.keyfilenonexistent", "The specified physical file {0} associated with the file realm {1} does not exist.", new Object[] { keyFile, authRealmName }));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// We have the right impl so let's try to remove one
FileRealm fr = null;
try {
realmsManager.createRealms(config);
// account for updates to realms from outside this config sharing
// same keyfile
CreateFileUser.refreshRealm(config.getName(), authRealmName);
fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
if (fr == null) {
throw new NoSuchRealmException(authRealmName);
}
} catch (NoSuchRealmException e) {
report.setMessage(localStrings.getLocalString("list.file.user.realmnotsupported", "Configured file realm {0} is not supported.", authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
try {
Enumeration users = fr.getUserNames();
List userList = new ArrayList();
while (users.hasMoreElements()) {
final ActionReport.MessagePart part = report.getTopMessagePart().addChild();
String userName = (String) users.nextElement();
part.setMessage(userName);
Map userMap = new HashMap();
userMap.put("name", userName);
try {
userMap.put("groups", Collections.list(fr.getGroupNames(userName)));
} catch (NoSuchUserException ex) {
// This should never be thrown since we just got the user name from the realm
}
userList.add(userMap);
}
Properties extraProperties = new Properties();
extraProperties.put("users", userList);
report.setExtraProperties(extraProperties);
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (BadRealmException e) {
report.setMessage(localStrings.getLocalString("list.file.user.realmcorrupted", "Configured file realm {0} is corrupted.", authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
Also used :
Enumeration(java.util.Enumeration)
HashMap(java.util.HashMap)
NoSuchUserException(com.sun.enterprise.security.auth.realm.NoSuchUserException)
ArrayList(java.util.ArrayList)
ActionReport(org.glassfish.api.ActionReport)
FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm)
Properties(java.util.Properties)
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
BadRealmException(com.sun.enterprise.security.auth.realm.BadRealmException)
ArrayList(java.util.ArrayList)
List(java.util.List)
Property(org.jvnet.hk2.config.types.Property)
File(java.io.File)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 57 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class SecurityConfigUpgradeService method addLoginModule.
private LoginModuleConfig addLoginModule(final SecurityProvider sp_w, final String name, final String className) throws TransactionFailure, PropertyVetoException {
final LoginModuleConfig lm_w = sp_w.createChild(LoginModuleConfig.class);
sp_w.getSecurityProviderConfig().add(lm_w);
lm_w.setName(name);
lm_w.setModuleClass(className);
lm_w.setControlFlag("sufficient");
final Property configProp = lm_w.createChild(Property.class);
configProp.setName("config");
configProp.setValue("server-config");
final Property realmProp = lm_w.createChild(Property.class);
realmProp.setName("auth-realm");
realmProp.setValue("admin-realm");
lm_w.getProperty().add(configProp);
lm_w.getProperty().add(realmProp);
return lm_w;
}
Also used :
Property(org.jvnet.hk2.config.types.Property)
Example 58 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class ChangeAdminPassword method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotsupported", "Configured admin realm is not supported."));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("change.admin.password.keyfilenotfound", "There is no physical file associated with admin realm"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// We have the right impl so let's get to updating existing user
FileRealm fr = null;
try {
realmsManager.createRealms(config);
fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), fileAuthRealm.getName());
if (fr == null) {
throw new NoSuchRealmException(fileAuthRealm.getName());
}
} catch (NoSuchRealmException e) {
report.setMessage(localStrings.getLocalString("change.admin.password.realmnotsupported", "Configured admin realm does not exist.") + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
return;
}
// now updating admin user password
try {
Enumeration en = fr.getGroupNames(userName);
int size = 0;
while (en.hasMoreElements()) {
size++;
en.nextElement();
}
String[] groups = new String[size];
en = fr.getGroupNames(userName);
for (int i = 0; i < size; i++) {
groups[i] = (String) en.nextElement();
}
fr.updateUser(userName, userName, newpassword.toCharArray(), groups);
fr.persist();
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("change.admin.password.userupdatefailed", "Password change failed for user named {0}", userName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
Also used :
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
Enumeration(java.util.Enumeration)
ActionReport(org.glassfish.api.ActionReport)
FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm)
Property(org.jvnet.hk2.config.types.Property)
NoSuchRealmException(com.sun.enterprise.security.auth.realm.NoSuchRealmException)
Example 59 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class CreateFileUser method execute.
/**
* Executes the command with the command parameters passed as Properties
* where the keys are the paramter names and the values the parameter values
*
* @param context information
*/
public void execute(AdminCommandContext context) {
final ActionReport report = context.getActionReport();
// Get FileRealm class name, match it with what is expected.
String fileRealmClassName = fileAuthRealm.getClassname();
// Report error if provided impl is not the one expected
if (fileRealmClassName != null && !fileRealmClassName.equals("com.sun.enterprise.security.auth.realm.file.FileRealm")) {
report.setMessage(localStrings.getLocalString("create.file.user.realmnotsupported", "Configured file realm {0} is not supported.", fileRealmClassName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// ensure we have the file associated with the authrealm
String keyFile = null;
for (Property fileProp : fileAuthRealm.getProperty()) {
if (fileProp.getName().equals("file"))
keyFile = fileProp.getValue();
}
final String kf = keyFile;
if (keyFile == null) {
report.setMessage(localStrings.getLocalString("create.file.user.keyfilenotfound", "There is no physical file associated with this file realm {0} ", authRealmName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
boolean exists = (new File(kf)).exists();
if (!exists) {
report.setMessage(localStrings.getLocalString("file.realm.keyfilenonexistent", "The specified physical file {0} associated with the file realm {1} does not exist.", new Object[] { kf, authRealmName }));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// Now get all inputs ready. userid and groups are straightforward but
// password is tricky. It is stored in the file passwordfile passed
// through the CLI options. It is stored under the name
// AS_ADMIN_USERPASSWORD. Fetch it from there.
// fetchPassword(report);
final String password = userpassword;
if (password == null) {
report.setMessage(localStrings.getLocalString("create.file.user.keyfilenotreadable", "Password for user {0} " + "has to be specified in --userpassword option or supplied " + "through AS_ADMIN_USERPASSWORD property in the file specified " + "in --passwordfile option", userName));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
// Issue 17525 Fix - Check for null passwords for admin-realm if secureadmin is enabled
secureAdmin = domain.getSecureAdmin();
if ((SecureAdmin.Util.isEnabled(secureAdmin)) && (authRealmName.equals(adminService.getAuthRealmName()))) {
if (password.isEmpty()) {
report.setMessage(localStrings.getLocalString("null_empty_password", "The admin user password is null or empty"));
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
return;
}
}
// now adding user
try {
// even though create-file-user is not an update to the security-service
// do we need to make it transactional by referncing the securityservice
// hypothetically ?.
ConfigSupport.apply(new SingleConfigCode<SecurityService>() {
public Object run(SecurityService param) throws PropertyVetoException, TransactionFailure {
try {
realmsManager.createRealms(config);
// If the (shared) keyfile is updated by an external process, load the users first
refreshRealm(config.getName(), authRealmName);
final FileRealm fr = (FileRealm) realmsManager.getFromLoadedRealms(config.getName(), authRealmName);
CreateFileUser.handleAdminGroup(authRealmName, groups);
String[] groups1 = groups.toArray(new String[groups.size()]);
try {
fr.addUser(userName, password.toCharArray(), groups1);
} catch (BadRealmException br) {
if (se != null && se.isDas()) {
throw new BadRealmException(br);
}
}
fr.persist();
report.setActionExitCode(ActionReport.ExitCode.SUCCESS);
} catch (Exception e) {
String localalizedErrorMsg = (e.getLocalizedMessage() == null) ? "" : e.getLocalizedMessage();
report.setMessage(localStrings.getLocalString("create.file.user.useraddfailed", "Adding User {0} to the file realm {1} failed", userName, authRealmName) + " " + localalizedErrorMsg);
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
return null;
}
}, securityService);
} catch (Exception e) {
report.setMessage(localStrings.getLocalString("create.file.user.useraddfailed", "Adding User {0} to the file realm {1} failed", userName, authRealmName) + " " + e.getLocalizedMessage());
report.setActionExitCode(ActionReport.ExitCode.FAILURE);
report.setFailureCause(e);
}
}
Also used :
TransactionFailure(org.jvnet.hk2.config.TransactionFailure)
ActionReport(org.glassfish.api.ActionReport)
FileRealm(com.sun.enterprise.security.auth.realm.file.FileRealm)
BadRealmException(com.sun.enterprise.security.auth.realm.BadRealmException)
PropertyVetoException(java.beans.PropertyVetoException)
PropertyVetoException(java.beans.PropertyVetoException)
BadRealmException(com.sun.enterprise.security.auth.realm.BadRealmException)
SecurityService(com.sun.enterprise.config.serverbeans.SecurityService)
Property(org.jvnet.hk2.config.types.Property)
File(java.io.File)
Example 60 with org.jvnet.hk2.config
use of org.jvnet.hk2.config in project Payara by payara.
the class ApplicationLifecycle method prepareAppConfigChanges.
// prepare application config change for later registering
// in the domain.xml
@Override
public Transaction prepareAppConfigChanges(final DeploymentContext context) throws TransactionFailure {
final Properties appProps = context.getAppProps();
final DeployCommandParameters deployParams = context.getCommandParameters(DeployCommandParameters.class);
Transaction t = new Transaction();
try {
// prepare the application element
ConfigBean newBean = ((ConfigBean) ConfigBean.unwrap(applications)).allocate(Application.class);
Application app = newBean.createProxy();
Application app_w = t.enroll(app);
setInitialAppAttributes(app_w, deployParams, appProps, context);
context.addTransientAppMetaData(ServerTags.APPLICATION, app_w);
} catch (TransactionFailure e) {
t.rollback();
throw e;
} catch (Exception e) {
t.rollback();
throw new TransactionFailure(e.getMessage(), e);
}
return t;
}
Also used :
TransactionFailure(org.jvnet.hk2.config.TransactionFailure)
Transaction(org.jvnet.hk2.config.Transaction)
ConfigBean(org.jvnet.hk2.config.ConfigBean)
PropertyVetoException(java.beans.PropertyVetoException)
RetryableException(org.jvnet.hk2.config.RetryableException)
MultiException(org.glassfish.hk2.api.MultiException)
VersioningSyntaxException(org.glassfish.deployment.versioning.VersioningSyntaxException)
IOException(java.io.IOException)
Aggregations
TransactionFailure (org.jvnet.hk2.config.TransactionFailure)81
Config (com.sun.enterprise.config.serverbeans.Config)69
ActionReport (org.glassfish.api.ActionReport)60
PropertyVetoException (java.beans.PropertyVetoException)59
Property (org.jvnet.hk2.config.types.Property)50
CommandTarget (org.glassfish.config.support.CommandTarget)24
Target (org.glassfish.internal.api.Target)23
Properties (java.util.Properties)21
HashMap (java.util.HashMap)18
ArrayList (java.util.ArrayList)17
ConfigBeanProxy (org.jvnet.hk2.config.ConfigBeanProxy)17
NetworkConfig (org.glassfish.grizzly.config.dom.NetworkConfig)15
Protocol (org.glassfish.grizzly.config.dom.Protocol)15
Server (com.sun.enterprise.config.serverbeans.Server)14
List (java.util.List)14
NetworkListener (org.glassfish.grizzly.config.dom.NetworkListener)14
Protocols (org.glassfish.grizzly.config.dom.Protocols)12
IOException (java.io.IOException)10
Map (java.util.Map)10
Cluster (com.sun.enterprise.config.serverbeans.Cluster)9
